/// <summary> /// Updates all accounts for role. /// </summary> /// <param name="roleId">The role ID.</param> /// <param name="securityEntitySeqId">The security entity Seq ID.</param> /// <param name="accounts">The accounts.</param> /// <param name="accountId">The account ID.</param> /// <returns><c>true</c> if no errors, <c>true</c> otherwise false</returns> public static bool UpdateAllAccountsForRole(int roleId, int securityEntitySeqId, string[] accounts, int accountId) { if (accounts == null) { throw new ArgumentNullException("accounts", "accounts cannot be blank or a null reference (Nothing in Visual Basic)"); } bool success = false; BRoles myBRoles = new BRoles(SecurityEntityUtility.CurrentProfile(), ConfigSettings.CentralManagement); try { success = myBRoles.UpdateAllAccountsForRole(roleId, securityEntitySeqId, accounts, accountId); } catch (DataAccessLayerException ex) { WebSupportException mEx = new WebSupportException("Could not save the information due to database error please have your administrator check the logs for details."); Logger mLog = Logger.Instance(); mLog.Error(ex); throw mEx; } return(success); }
/// <summary> /// Deletes the role. /// </summary> /// <param name="profile">The profile.</param> /// <returns><c>true</c> if XXXX, <c>false</c> otherwise</returns> public static void DeleteRole(MRoleProfile profile) { if (profile == null) { throw new ArgumentNullException("profile", "profile cannot be blank or a null reference (Nothing in Visual Basic)"); } BRoles myBRoles = new BRoles(SecurityEntityUtility.CurrentProfile(), ConfigSettings.CentralManagement); try { myBRoles.DeleteRole(profile); } catch (DataAccessLayerException ex) { WebSupportException mEx = new WebSupportException("Could not save the information due to database error please have your administrator check the logs for details."); Logger mLog = Logger.Instance(); mLog.Error(ex); throw mEx; } RemoveRoleCache(profile.SecurityEntityId); FunctionUtility.RemoveCachedFunctions(); }
/// <summary> /// Performs authentication give an account and password /// </summary> /// <param name="account"></param> /// <param name="password"></param> /// <returns>Boolean</returns> /// <remarks> /// Handles authentication methodology /// </remarks> public static Boolean Authenticated(String account, String password) { if (string.IsNullOrEmpty(account)) { throw new ArgumentNullException("account", "account cannot be a null reference (Nothing in VB) or empty!"); } if (string.IsNullOrEmpty(account)) { throw new ArgumentNullException("password", "password cannot be a null reference (Nothing in VB) or empty!"); } bool retVal = false; bool mDomainPassed = false; if (account.Contains(@"\")) { mDomainPassed = true; } MAccountProfile mAccountProfile = GetProfile(account); if (mDomainPassed && mAccountProfile == null) { int mDomainPos = account.IndexOf(@"\", StringComparison.OrdinalIgnoreCase); account = account.Substring(mDomainPos + 1, account.Length - mDomainPos - 1); mAccountProfile = GetProfile(account); } if (mAccountProfile != null) { if (ConfigSettings.AuthenticationType.ToUpper(CultureInfo.InvariantCulture) == "INTERNAL") { string profilePassword = string.Empty; if ((mAccountProfile != null)) { try { profilePassword = CryptoUtility.Decrypt(mAccountProfile.Password, SecurityEntityUtility.CurrentProfile().EncryptionType); } catch (CryptoUtilityException) { profilePassword = mAccountProfile.Password; } if (password == profilePassword && (mAccountProfile.Status != Convert.ToInt32(SystemStatus.Disabled, CultureInfo.InvariantCulture) || mAccountProfile.Status != Convert.ToInt32(SystemStatus.Inactive, CultureInfo.InvariantCulture))) { retVal = true; } if (!retVal) { mAccountProfile.FailedAttempts += 1; } if (mAccountProfile.FailedAttempts == Convert.ToInt32(ConfigSettings.FailedAttempts) && Convert.ToInt32(ConfigSettings.FailedAttempts, CultureInfo.InvariantCulture) != -1) { mAccountProfile.Status = Convert.ToInt32(SystemStatus.Disabled, CultureInfo.InvariantCulture); } AccountUtility.Save(mAccountProfile, false, false); } } else // LDAP authentication { string domainAndUsername = ConfigSettings.LdapDomain + "\\" + account; if (mDomainPassed) { domainAndUsername = account; } domainAndUsername = domainAndUsername.Trim(); DirectoryEntry entry = null; object obj = new object(); try { entry = new DirectoryEntry(ConfigSettings.LdapServer, domainAndUsername, password); //Bind to the native AdsObject to force authentication //if this does not work it will throw an exception. obj = entry.NativeObject; mAccountProfile.LastLogOn = DateTime.Now; AccountUtility.Save(mAccountProfile, false, false); retVal = true; } catch (Exception ex) { string mMessage = "Error Authenticating account " + domainAndUsername + " through LDAP."; WebSupportException mEx = new WebSupportException(mMessage, ex); Logger mLog = Logger.Instance(); mLog.Error(mEx); throw mEx; } finally { if ((obj != null)) { obj = null; } if ((entry != null)) { entry.Dispose(); } } } } return(retVal); }
/// <summary> /// Ons the state of the acquire request. /// </summary> /// <param name="sender">The sender.</param> /// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param> private void onAcquireRequestState(object sender, EventArgs e) { Logger mLog = Logger.Instance(); string mAccountName = AccountUtility.HttpContextUserName(); mLog.Debug("Started"); mLog.Debug("CurrentExecutionFilePath " + HttpContext.Current.Request.CurrentExecutionFilePath); mLog.Debug("HttpContextUserName: "******"ANONYMOUS") { string mMessage = "Could not find account '" + mAccountName + "'"; mLog.Info(mMessage); if (ConfigSettings.AutoCreateAccount) { mMessage = "Creating new account for '" + mAccountName + "'"; mLog.Info(mMessage); AccountUtility.AutoCreateAccount(); } } if (mAccountName.ToUpper(CultureInfo.InvariantCulture) != "ANONYMOUS" & (mAccountProfile.LastLogOn.ToShortDateString() != DateTime.Now.ToShortDateString())) { mAccountProfile.LastLogOn = DateTime.Now; AccountUtility.Save(mAccountProfile, false, false); } if (HttpContext.Current.Session == null) { mLog.Debug("No Session!"); mLog.Debug("Ended"); return; } if (!processRequest()) { mLog.Debug("Request not for processing!"); mLog.Debug("Ended"); return; } if ((HttpContext.Current.Session["EditId"] != null)) { HttpContext.Current.Items["EditId"] = HttpContext.Current.Session["EditId"]; } MClientChoicesState mClientChoicesState = ClientChoicesUtility.GetClientChoicesState(mAccountName); HttpContext.Current.Items[MClientChoices.SessionName] = mClientChoicesState; string mAction = GWWebHelper.GetQueryValue(HttpContext.Current.Request, "Action"); if (string.IsNullOrEmpty(mAction)) { mLog.Debug("No Action!"); mLog.Debug("Ended"); return; } MFunctionProfile mFunctionProfile = FunctionUtility.CurrentProfile(); if (mFunctionProfile == null) { mFunctionProfile = FunctionUtility.GetProfile(mAction); } if (!mFunctionProfile.Source.ToUpper(CultureInfo.InvariantCulture).Contains("MENUS") && !(mAction.ToUpper(CultureInfo.InvariantCulture) == "LOGOFF" | mAction.ToUpper(CultureInfo.InvariantCulture) == "LOGON" | mAction.ToUpper(CultureInfo.InvariantCulture) == "CHANGEPASSWORD")) { FunctionUtility.SetCurrentProfile(mFunctionProfile); dynamic mSecurityInfo = new MSecurityInfo(mFunctionProfile, mAccountProfile); HttpContext.Current.Items["SecurityInfo"] = mSecurityInfo; switch (mAccountProfile.Status) { case (int)SystemStatus.ChangePassword: mException = new WebSupportException("Your password needs to be changed before any other action can be performed."); GWWebHelper.ExceptionError = mException; mFunctionProfile = FunctionUtility.GetProfile(ConfigSettings.GetAppSettingValue("Actions_ChangePassword", true)); string mChangePasswordPage = GWWebHelper.RootSite + ConfigSettings.AppName + mFunctionProfile.Source; HttpContext.Current.Response.Redirect(mChangePasswordPage + "?Action=" + mFunctionProfile.Action); break; case (int)SystemStatus.SetAccountDetails: if (HttpContext.Current.Request.Path.ToUpper(CultureInfo.InvariantCulture).IndexOf("/API/", StringComparison.OrdinalIgnoreCase) == -1) { mFunctionProfile = FunctionUtility.GetProfile(ConfigSettings.GetAppSettingValue("Actions_EditAccount", true)); if (mAction.ToUpper(CultureInfo.InvariantCulture) != mFunctionProfile.Action.ToUpper(CultureInfo.InvariantCulture)) { mException = new WebSupportException("Your account details need to be set."); GWWebHelper.ExceptionError = mException; string mEditAccountPage = GWWebHelper.RootSite + ConfigSettings.AppName + mFunctionProfile.Source; HttpContext.Current.Response.Redirect(mEditAccountPage + "?Action=" + mFunctionProfile.Action); } } break; default: string mPage = string.Empty; if (!mSecurityInfo.MayView) { if (mAccountProfile.Account.ToUpper(CultureInfo.InvariantCulture) == "ANONYMOUS") { mException = new WebSupportException("Your session has timed out.<br/>Please sign in."); GWWebHelper.ExceptionError = mException; mFunctionProfile = FunctionUtility.GetProfile(ConfigSettings.GetAppSettingValue("Actions_Logon", true)); mPage = GWWebHelper.RootSite + ConfigSettings.AppName + mFunctionProfile.Source; HttpContext.Current.Response.Redirect(mPage + "?Action=" + mFunctionProfile.Action); } mFunctionProfile = FunctionUtility.GetProfile(ConfigSettings.GetAppSettingValue("Actions_AccessDenied", true)); mLog.Warn("Access was denied to Account: " + mAccountProfile.Account + " for Action: " + mFunctionProfile.Action); mPage = GWWebHelper.RootSite + ConfigSettings.AppName + mFunctionProfile.Source; HttpContext.Current.Response.Redirect(mPage + "?Action=" + mFunctionProfile.Action); } break; } } else { mLog.Debug("Menu data or Logoff/Logon or ChangePassword requested"); } //processOverridePage(mFunctionProfile); }