示例#1
0
 public int?UpdateSecutity(SecutityEntity objSecutity)
 {
     return(Secutity.Edit(objSecutity));
 }
示例#2
0
 public int?DeleteSecutity(String BaseRemoteIp, int BaseIdUser, int?IdSecutity)
 {
     return(Secutity.Delete(IdSecutity));
 }
示例#3
0
 public SoftvList <SecutityEntity> GetSecutityPagedListXml(int page, int pageSize, String xml)
 {
     return(Secutity.GetPagedList(page, pageSize, xml));
 }
示例#4
0
 public int?AddSecutity(SecutityEntity objSecutity)
 {
     return(Secutity.Add(objSecutity));
 }
示例#5
0
 public SoftvList <SecutityEntity> GetSecutityPagedList(int page, int pageSize)
 {
     return(Secutity.GetPagedList(page, pageSize));
 }
示例#6
0
 public IEnumerable <SecutityEntity> GetSecutityList()
 {
     return(Secutity.GetAll());
 }
示例#7
0
 public SecutityEntity GetDeepSecutity(int?IdSecutity)
 {
     return(Secutity.GetOneDeep(IdSecutity));
 }
示例#8
0
 public SecutityEntity GetSecutity(int?IdSecutity)
 {
     return(Secutity.GetOne(IdSecutity));
 }
        public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
        {
            //
            List <String> lstUriAction = request.Headers.To.ToString().Split('/').ToList();
            String        Action       = lstUriAction.Last().ToUpper();
            String        Module       = lstUriAction[lstUriAction.Count() - 2].ToUpper();

            if (WebOperationContext.Current.IncomingRequest.Method == "OPTIONS")
            {
                WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.OK;
                return(null);
            }
            else
            {
                // Check to see if there is an Authorization in the header, otherwise throw a 401
                if (WebOperationContext.Current.IncomingRequest.Headers["Authorization"] == null)
                {
                    WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                    throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                }

                else // Decode the header, check password
                {
                    string encodedUnamePwd = "";
                    if (Module == "USUARIO" && Action == "LOGON")
                    {
                        encodedUnamePwd = GetEncodedCredentialsFromHeader();
                        if (!string.IsNullOrEmpty(encodedUnamePwd))
                        {
                            // Decode the credentials
                            byte[] decodedBytes = null;
                            try
                            {
                                decodedBytes = Convert.FromBase64String(encodedUnamePwd);
                            }
                            catch (FormatException)
                            {
                                return(false);
                            }

                            string credentials = ASCIIEncoding.ASCII.GetString(decodedBytes);

                            // Validate User and Password
                            string[]      authParts  = credentials.Split(':');
                            Usuario       objUsuario = new Usuario();
                            UsuarioEntity objUsr     = Usuario.GetusuarioByUserAndPass(authParts[0], authParts[1]);
                            if (objUsr == null)
                            {
                                WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                            }
                        }
                    }
                    else
                    {
                        encodedUnamePwd = GetTokenFromHeader();
                        if (!string.IsNullOrEmpty(encodedUnamePwd))
                        {
                            List <SessionEntity> objSessionEntity = Session.GetAll();
                            if (!objSessionEntity.Any(x => x.Token == encodedUnamePwd))
                            {
                                WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                            }
                            else
                            {
                                SessionEntity objSession = objSessionEntity.Where(x => x.Token == encodedUnamePwd).FirstOrDefault();
                                UsuarioEntity objUsr     = Usuario.GetOne(objSession.IdUsuario);
                                if (!(lstInvaliAction.Where(x => (Action.StartsWith(x) || lstInvaliAction.Contains(Action))).Any()))
                                {
                                    List <SecutityEntity> lstSecutityEntity = Secutity.GetPagedList(1, 99999, Globals.SerializeTool.Serialize <SecutityEntity>(new SecutityEntity()
                                    {
                                        Module = Module
                                    })).ToList();
                                    if (lstSecutityEntity.Any(x => x.Action == Action))
                                    {
                                        SecutityEntity objSecutity = lstSecutityEntity.Where(x => x.Action == Action).FirstOrDefault();
                                        if (objSecutity != null)
                                        {
                                            List <PermisoEntity> lstPermisos = Permiso.GetXml(Globals.SerializeTool.Serialize <PermisoEntity>(new PermisoEntity()
                                            {
                                                IdRol = objUsr.IdRol
                                            })).ToList();
                                            PermisoEntity objPermisos = lstPermisos.Where(x => x.Module.ModulePath.ToUpper() == Module.ToUpper()).ToList().FirstOrDefault();

                                            if (objPermisos != null)
                                            {
                                                switch (objSecutity.Permision)
                                                {
                                                case "S":
                                                {
                                                    return(null);
                                                }

                                                case "A":
                                                {
                                                    if (objPermisos.OptAdd == true)
                                                    {
                                                        return(null);
                                                    }
                                                    else
                                                    {
                                                        WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                                        throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                                                    }
                                                }

                                                case "D":
                                                {
                                                    if (objPermisos.OptDelete == true)
                                                    {
                                                        return(null);
                                                    }
                                                    else
                                                    {
                                                        WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                                        throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                                                    }
                                                }

                                                case "U":
                                                {
                                                    if (objPermisos.OptUpdate == true)
                                                    {
                                                        return(null);
                                                    }
                                                    else
                                                    {
                                                        WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                                        throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                                                    }
                                                }

                                                default:
                                                {
                                                    WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                                    throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                                                }
                                                }
                                            }
                                            else
                                            {
                                                WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                                throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                                            }
                                        }
                                    }
                                    else
                                    {
                                        WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
                                        throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
                                    }
                                }
                            }
                        }
                    }
                }
            }
            return(null);
        }