This commit is contained in:
204
source/csla10/Backup/CSLA/BusinessPrincipal.vb
Normal file
204
source/csla10/Backup/CSLA/BusinessPrincipal.vb
Normal file
@@ -0,0 +1,204 @@
|
||||
Imports System.Security.Principal
|
||||
Imports System.Threading
|
||||
|
||||
|
||||
|
||||
|
||||
''' <summary>
|
||||
'''
|
||||
''' </summary>
|
||||
Namespace Security
|
||||
|
||||
''' <summary>
|
||||
''' Implements a custom Principal class that is used by
|
||||
''' CSLA .NET for table-based security.
|
||||
''' </summary>
|
||||
<Serializable()> _
|
||||
Public Class BusinessPrincipal
|
||||
Implements IPrincipal
|
||||
|
||||
Private mIdentity As BusinessIdentity
|
||||
#Region "AyaNova Specific"
|
||||
'THE FOLLOWING IS A SECURITY LOOPHOLE
|
||||
''' <summary>
|
||||
''' /
|
||||
''' </summary>
|
||||
Public Function d2(ByVal d2d As Guid) As Hashtable
|
||||
|
||||
If d2d.Equals(New Guid("{E1E8AF23-9CAC-4333-A200-A0B2D906E62A}")) Then
|
||||
Return mIdentity.UserRightsTable
|
||||
Else
|
||||
Return Nothing
|
||||
End If
|
||||
|
||||
|
||||
|
||||
End Function
|
||||
|
||||
''' <summary>
|
||||
''' Return a user's security access level
|
||||
''' to given item referenced in passed in string
|
||||
''' </summary>
|
||||
Public Function Right(ByVal RightName As String) As Int32
|
||||
Return mIdentity.UserRight(RightName)
|
||||
End Function
|
||||
|
||||
|
||||
|
||||
''' <summary>
|
||||
''' User ID property
|
||||
''' </summary>
|
||||
Public ReadOnly Property ID() As Guid
|
||||
|
||||
Get
|
||||
Return mIdentity.ID
|
||||
End Get
|
||||
End Property
|
||||
|
||||
''' <summary>
|
||||
''' IsGenerator property
|
||||
''' </summary>
|
||||
Public ReadOnly Property IsGenerator() As Boolean
|
||||
Get
|
||||
Return mIdentity.IsGenerator
|
||||
End Get
|
||||
End Property
|
||||
|
||||
|
||||
|
||||
''' <summary>
|
||||
''' User Language property
|
||||
''' </summary>
|
||||
Public Property Language() As String
|
||||
|
||||
Get
|
||||
Return mIdentity.Language
|
||||
End Get
|
||||
|
||||
Set(ByVal Value As String)
|
||||
mIdentity.Language = Value
|
||||
End Set
|
||||
End Property
|
||||
|
||||
''' <summary>
|
||||
''' Index method property
|
||||
''' </summary>
|
||||
Public Property CJKIndex() As Boolean
|
||||
|
||||
Get
|
||||
Return mIdentity.CJKIndex
|
||||
End Get
|
||||
Set(ByVal Value As Boolean)
|
||||
mIdentity.CJKIndex = Value
|
||||
End Set
|
||||
End Property
|
||||
|
||||
''' <summary>
|
||||
''' Use Notification property
|
||||
''' </summary>
|
||||
Public Property UseNotification() As Boolean
|
||||
|
||||
Get
|
||||
Return mIdentity.UseNotification
|
||||
End Get
|
||||
Set(ByVal Value As Boolean)
|
||||
mIdentity.UseNotification = Value
|
||||
End Set
|
||||
End Property
|
||||
|
||||
''' <summary>
|
||||
''' Flag - true = remote dataportal, false=direct db connection
|
||||
''' Used for diagnostics purposes so any code remote
|
||||
''' or local can know if a remote data portal is in use
|
||||
''' or a direct database connection
|
||||
''' </summary>
|
||||
Public Property UsingRemoteDataPortal() As Boolean
|
||||
Get
|
||||
Return mIdentity.UsingRemoteDataPortal
|
||||
End Get
|
||||
|
||||
Set(ByVal Value As Boolean)
|
||||
mIdentity.UsingRemoteDataPortal = Value
|
||||
End Set
|
||||
End Property
|
||||
|
||||
#End Region
|
||||
|
||||
#Region " IPrincipal "
|
||||
|
||||
''' <summary>
|
||||
''' Implements the Identity property defined by IPrincipal.
|
||||
''' </summary>
|
||||
Public ReadOnly Property Identity() As IIdentity _
|
||||
Implements IPrincipal.Identity
|
||||
Get
|
||||
Return mIdentity
|
||||
End Get
|
||||
End Property
|
||||
|
||||
''' <summary>
|
||||
''' Implements the IsInRole property defined by IPrincipal.
|
||||
''' ReWritten for AyaNova to not do anything
|
||||
''' </summary>
|
||||
Public Function IsInRole(ByVal Role As String) As Boolean _
|
||||
Implements IPrincipal.IsInRole
|
||||
|
||||
Return False
|
||||
|
||||
End Function
|
||||
|
||||
|
||||
#End Region
|
||||
|
||||
#Region " Login process "
|
||||
|
||||
''' <summary>
|
||||
''' Initiates a login process using custom CSLA .NET security.
|
||||
''' </summary>
|
||||
''' <remarks>
|
||||
''' As described in the book, this invokes a login process using
|
||||
''' a table-based authentication scheme and a list of roles in
|
||||
''' the database tables. By replacing the code in
|
||||
''' <see cref="T:CSLA.Security.BusinessIdentity" /> you can easily
|
||||
''' adapt this scheme to authenticate the user against any database
|
||||
''' or other scheme.
|
||||
''' </remarks>
|
||||
''' <param name="Username">The user's username.</param>
|
||||
''' <param name="Password">The user's password.</param>
|
||||
Public Shared Sub Login(ByVal Username As String, ByVal Password As String)
|
||||
Dim p As New BusinessPrincipal(Username, Password)
|
||||
End Sub
|
||||
|
||||
Private Sub New(ByVal Username As String, ByVal Password As String)
|
||||
Dim currentdomain As AppDomain = Thread.GetDomain
|
||||
|
||||
currentdomain.SetPrincipalPolicy(PrincipalPolicy.UnauthenticatedPrincipal)
|
||||
|
||||
|
||||
Dim OldPrincipal As IPrincipal = Thread.CurrentPrincipal
|
||||
|
||||
|
||||
Thread.CurrentPrincipal = Me
|
||||
|
||||
Try
|
||||
If Not TypeOf OldPrincipal Is BusinessPrincipal Then
|
||||
currentdomain.SetThreadPrincipal(Me)
|
||||
End If
|
||||
|
||||
Catch
|
||||
' failed, but we don't care because there's nothing
|
||||
' we can do in this case
|
||||
End Try
|
||||
|
||||
' load the underlying identity object that tells whether
|
||||
' we are really logged in, and if so will contain the
|
||||
' list of roles we belong to
|
||||
mIdentity = BusinessIdentity.LoadIdentity(Username, Password)
|
||||
|
||||
End Sub
|
||||
|
||||
#End Region
|
||||
|
||||
End Class
|
||||
|
||||
End Namespace
|
||||
Reference in New Issue
Block a user