Imports System.Security.Principal
Imports System.Threading
'''
'''
'''
Namespace Security
'''
''' Implements a custom Principal class that is used by
''' CSLA .NET for table-based security.
'''
_
Public Class BusinessPrincipal
Implements IPrincipal
Private mIdentity As BusinessIdentity
#Region "AyaNova Specific"
'THE FOLLOWING IS A SECURITY LOOPHOLE
'''
''' /
'''
Public Function d2(ByVal d2d As Guid) As Hashtable
If d2d.Equals(New Guid("{E1E8AF23-9CAC-4333-A200-A0B2D906E62A}")) Then
Return mIdentity.UserRightsTable
Else
Return Nothing
End If
End Function
'''
''' Return a user's security access level
''' to given item referenced in passed in string
'''
Public Function Right(ByVal RightName As String) As Int32
Return mIdentity.UserRight(RightName)
End Function
'''
''' User ID property
'''
Public ReadOnly Property ID() As Guid
Get
Return mIdentity.ID
End Get
End Property
'''
''' IsGenerator property
'''
Public ReadOnly Property IsGenerator() As Boolean
Get
Return mIdentity.IsGenerator
End Get
End Property
'''
''' User Language property
'''
Public Property Language() As String
Get
Return mIdentity.Language
End Get
Set(ByVal Value As String)
mIdentity.Language = Value
End Set
End Property
'''
''' Index method property
'''
Public Property CJKIndex() As Boolean
Get
Return mIdentity.CJKIndex
End Get
Set(ByVal Value As Boolean)
mIdentity.CJKIndex = Value
End Set
End Property
'''
''' Use Notification property
'''
Public Property UseNotification() As Boolean
Get
Return mIdentity.UseNotification
End Get
Set(ByVal Value As Boolean)
mIdentity.UseNotification = Value
End Set
End Property
'''
''' Flag - true = remote dataportal, false=direct db connection
''' Used for diagnostics purposes so any code remote
''' or local can know if a remote data portal is in use
''' or a direct database connection
'''
Public Property UsingRemoteDataPortal() As Boolean
Get
Return mIdentity.UsingRemoteDataPortal
End Get
Set(ByVal Value As Boolean)
mIdentity.UsingRemoteDataPortal = Value
End Set
End Property
#End Region
#Region " IPrincipal "
'''
''' Implements the Identity property defined by IPrincipal.
'''
Public ReadOnly Property Identity() As IIdentity _
Implements IPrincipal.Identity
Get
Return mIdentity
End Get
End Property
'''
''' Implements the IsInRole property defined by IPrincipal.
''' ReWritten for AyaNova to not do anything
'''
Public Function IsInRole(ByVal Role As String) As Boolean _
Implements IPrincipal.IsInRole
Return False
End Function
#End Region
#Region " Login process "
'''
''' Initiates a login process using custom CSLA .NET security.
'''
'''
''' As described in the book, this invokes a login process using
''' a table-based authentication scheme and a list of roles in
''' the database tables. By replacing the code in
''' you can easily
''' adapt this scheme to authenticate the user against any database
''' or other scheme.
'''
''' The user's username.
''' The user's password.
Public Shared Sub Login(ByVal Username As String, ByVal Password As String)
Dim p As New BusinessPrincipal(Username, Password)
End Sub
Private Sub New(ByVal Username As String, ByVal Password As String)
Dim currentdomain As AppDomain = Thread.GetDomain
currentdomain.SetPrincipalPolicy(PrincipalPolicy.UnauthenticatedPrincipal)
Dim OldPrincipal As IPrincipal = Thread.CurrentPrincipal
Thread.CurrentPrincipal = Me
Try
If Not TypeOf OldPrincipal Is BusinessPrincipal Then
currentdomain.SetThreadPrincipal(Me)
End If
Catch
' failed, but we don't care because there's nothing
' we can do in this case
End Try
' load the underlying identity object that tells whether
' we are really logged in, and if so will contain the
' list of roles we belong to
mIdentity = BusinessIdentity.LoadIdentity(Username, Password)
End Sub
#End Region
End Class
End Namespace