bool CheckRemoteAccessPermissions(ClientCredentials clientCredentials)
{
if (CheckHostIps(clientCredentials, "localhost"))
return true;
if (CheckHostIps(clientCredentials, "127.0.0.1"))
return true;
var remoteAccessPermissions = ConfigurationCash.SecurityConfiguration.Users.FirstOrDefault(x => x.Login == clientCredentials.UserName).RemoreAccess;
if (remoteAccessPermissions == null)
return false;
switch (remoteAccessPermissions.RemoteAccessType)
{
case RemoteAccessType.RemoteAccessBanned:
return false;
case RemoteAccessType.RemoteAccessAllowed:
return true;
case RemoteAccessType.SelectivelyAllowed:
foreach (var hostNameOrIpAddress in remoteAccessPermissions.HostNameOrAddressList)
{
if (CheckHostIps(clientCredentials, hostNameOrIpAddress))
return true;
}
break;
}
return false;
}
public OperationResult<bool> Reconnect(Guid uid, string login, string password)
{
var clientCredentials = ClientsManager.GetClientCredentials(uid);
if (clientCredentials == null)
{
return new OperationResult<bool>("Не найден пользователь");
}
InitializeClientCredentials(clientCredentials);
var oldUserName = clientCredentials.FriendlyUserName;
var newClientCredentials = new ClientCredentials()
{
UserName = login,
Password = password,
ClientIpAddress = clientCredentials.ClientIpAddress
};
var operationResult = Authenticate(newClientCredentials);
if (operationResult.HasError)
return operationResult;
MainViewModel.Current.EditClient(uid, login);
AddInfoMessage(oldUserName, "Дежурство сдал(Firesec)");
clientCredentials.UserName = login;
SetUserFullName(clientCredentials);
AddInfoMessage(clientCredentials.FriendlyUserName, "Дежурство принял(Firesec)");
CurrentClientCredentials = clientCredentials;
operationResult.Result = true;
return operationResult;
}
public static string Connect(ClientType clientType, string serverAddress, string login, string password)
{
string clientCallbackAddress;
if (serverAddress.StartsWith("net.pipe:"))
{
clientCallbackAddress = "net.pipe://127.0.0.1/FiresecCallbackService_" + clientType.ToString() + "/";
}
else
{
clientCallbackAddress = CallbackAddressHelper.GetFreeClientCallbackAddress();
}
FiresecCallbackServiceManager.Open(clientCallbackAddress);
ClientCredentials = new ClientCredentials()
{
UserName = login,
Password = password,
ClientType = clientType,
ClientCallbackAddress = clientCallbackAddress,
ClientUID = Guid.NewGuid()
};
FiresecService = new SafeFiresecService(serverAddress);
var operationResult = FiresecService.Connect(ClientCredentials, true);
if (operationResult.HasError)
{
return operationResult.Error;
}
_userLogin = login;
OnUserChanged();
return null;
}
public ClientViewModel(ClientCredentials clientCredentials)
{
ClientCredentials = clientCredentials;
ClientType = clientCredentials.ClientType.ToDescription();
UID = ClientCredentials.ClientUID;
FriendlyUserName = clientCredentials.FriendlyUserName;
IpAddress = clientCredentials.ClientIpAddressAndPort;
if (IpAddress.StartsWith("127.0.0.1"))
IpAddress = "localhost";
}
public void AddClient(ClientCredentials clientCredentials)
{
Dispatcher.BeginInvoke(new Action(
delegate()
{
var connectionViewModel = new ClientViewModel(clientCredentials);
Clients.Add(connectionViewModel);
}
));
}
bool CheckHostIps(ClientCredentials clientCredentials, string hostNameOrIpAddress)
{
try
{
var addressList = Dns.GetHostEntry(hostNameOrIpAddress).AddressList;
return addressList.Any(ip => ip.ToString() == clientCredentials.ClientIpAddress);
}
catch (Exception e)
{
Logger.Error(e, "Исключение при вызове FiresecService.CheckHostIps");
return false;
}
}
bool CheckLogin(ClientCredentials clientCredentials)
{
var user = ConfigurationCash.SecurityConfiguration.Users.FirstOrDefault(x => x.Login == clientCredentials.UserName);
{
if (user == null)
{
return false;
}
if (!HashHelper.CheckPass(clientCredentials.Password, user.PasswordHash))
{
return false;
}
}
SetUserFullName(clientCredentials);
return true;
}
OperationResult<bool> Authenticate(ClientCredentials clientCredentials)
{
var operationResult = new OperationResult<bool>();
if (CheckLogin(clientCredentials) == false)
{
operationResult.HasError = true;
operationResult.Error = "Неверный логин или пароль";
return operationResult;
}
if (CheckRemoteAccessPermissions(clientCredentials) == false)
{
operationResult.HasError = true;
operationResult.Error = "У пользователя " + clientCredentials.UserName + " нет прав на подкючение к удаленному серверу c хоста: " + clientCredentials.ClientIpAddressAndPort;
return operationResult;
}
return operationResult;
}
public OperationResult<bool> Connect(Guid uid, ClientCredentials clientCredentials, bool isNew)
{
ConfigurationCash.SecurityConfiguration = ZipConfigurationHelper.GetSecurityConfiguration();
clientCredentials.ClientUID = uid;
InitializeClientCredentials(clientCredentials);
var operationResult = Authenticate(clientCredentials);
if (operationResult.HasError)
return operationResult;
if (ClientsManager.Add(uid, clientCredentials))
{
AddInfoMessage(clientCredentials.FriendlyUserName, "Вход пользователя в систему(Firesec)");
}
CurrentClientCredentials = clientCredentials;
return operationResult;
}
void InitializeClientCredentials(ClientCredentials clientCredentials)
{
clientCredentials.ClientIpAddress = "127.0.0.1";
clientCredentials.ClientIpAddressAndPort = "127.0.0.1:0";
clientCredentials.UserName = clientCredentials.UserName;
try
{
if (OperationContext.Current.IncomingMessageProperties.Keys.Contains(RemoteEndpointMessageProperty.Name))
{
var endpoint = OperationContext.Current.IncomingMessageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
clientCredentials.ClientIpAddress = endpoint.Address;
clientCredentials.ClientIpAddressAndPort = endpoint.Address + ":" + endpoint.Port.ToString();
}
}
catch (Exception e)
{
Logger.Error(e, "FiresecService.InitializeClientCredentials");
}
}
public static bool Add(Guid uid, ClientCredentials clientCredentials)
{
if (ClientInfos.Any(x => x.UID == uid))
return false;
var result = true;
var existingClientInfo = ClientInfos.FirstOrDefault(x => x.ClientCredentials.UniqueId == clientCredentials.UniqueId);
if (existingClientInfo != null)
{
Remove(existingClientInfo.UID);
result = false;
}
var clientInfo = new ClientInfo();
clientInfo.UID = uid;
clientInfo.ClientCredentials = clientCredentials;
ClientInfos.Add(clientInfo);
MainViewModel.Current.AddClient(clientCredentials);
return result;
}
public OperationResult<bool> Connect(ClientCredentials clientCredentials, bool isNew)
{
ClientCredentials = clientCredentials;
ClientIpAddress = "127.0.0.1";
ClientIpAddressAndPort = "127.0.0.1:0";
try
{
if (OperationContext.Current.IncomingMessageProperties.Keys.Contains(RemoteEndpointMessageProperty.Name))
{
var endpoint = OperationContext.Current.IncomingMessageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
ClientIpAddress = endpoint.Address;
ClientIpAddressAndPort = endpoint.Address + ":" + endpoint.Port.ToString();
}
}
catch { }
var operationResult = Authenticate(clientCredentials.UserName, clientCredentials.Password);
if (operationResult.HasError)
return operationResult;
IsSubscribed = clientCredentials.ClientType != ClientType.Administrator;
FiresecCallbackService = FiresecCallbackServiceCreator.CreateClientCallback(ClientCredentials.ClientCallbackAddress);
Callback = OperationContext.Current.GetCallbackChannel<IFiresecCallback>();
CallbackWrapper = new CallbackWrapper(this);
if (ClientsCash.IsNew(this))
{
DatabaseHelper.AddInfoMessage(ClientCredentials.UserName, "Вход пользователя в систему(Firesec-2)");
}
ClientsCash.Add(this);
if (AppSettings.IsFSEnabled)
{
if (FiresecManager.IsConnectedToComServer)
{
operationResult.Result = true;
}
else
{
operationResult.HasError = false;
operationResult.Error = "Нет соединения с ядром Firesec";
return operationResult;
}
}
return operationResult;
}
void SetUserFullName(ClientCredentials clientCredentials)
{
string userIp = "127.0.0.1";
try
{
if (OperationContext.Current.IncomingMessageProperties.Keys.Contains(RemoteEndpointMessageProperty.Name))
{
var endpoint = OperationContext.Current.IncomingMessageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
userIp = endpoint.Address;
}
}
catch { }
var addressList = Dns.GetHostEntry("localhost").AddressList;
if (addressList.Any(ip => ip.ToString() == userIp))
userIp = "localhost";
var user = ConfigurationCash.SecurityConfiguration.Users.FirstOrDefault(x => x.Login == clientCredentials.UserName);
clientCredentials.FriendlyUserName = user.Name + " (" + userIp + ")";
}