237 lines
6.9 KiB
VB.net
237 lines
6.9 KiB
VB.net
Imports System.Security.Principal
|
|
Imports System.Threading
|
|
Imports GZTW.Profile
|
|
|
|
|
|
|
|
|
|
''' <summary>
|
|
'''
|
|
''' </summary>
|
|
Namespace Security
|
|
|
|
''' <summary>
|
|
''' Implements a custom Principal class that is used by
|
|
''' CSLA .NET for table-based security.
|
|
''' </summary>
|
|
<Serializable()> _
|
|
Public Class BusinessPrincipal
|
|
Implements IPrincipal
|
|
|
|
Private mIdentity As BusinessIdentity
|
|
#Region "AyaNova Specific"
|
|
'THE FOLLOWING IS A SECURITY LOOPHOLE
|
|
''' <summary>
|
|
''' /
|
|
''' </summary>
|
|
Public Function d2(ByVal d2d As Guid) As Hashtable
|
|
|
|
If d2d.Equals(New Guid("{E1E8AF23-9CAC-4333-A200-A0B2D906E62A}")) Then
|
|
Return mIdentity.UserRightsTable
|
|
Else
|
|
Return Nothing
|
|
End If
|
|
|
|
|
|
|
|
End Function
|
|
|
|
''' <summary>
|
|
''' Return a user's security access level
|
|
''' to given item referenced in passed in string
|
|
''' </summary>
|
|
Public Function Right(ByVal RightName As String) As Int32
|
|
Return mIdentity.UserRight(RightName)
|
|
End Function
|
|
|
|
|
|
|
|
''' <summary>
|
|
''' User ID property
|
|
''' </summary>
|
|
Public ReadOnly Property ID() As Guid
|
|
|
|
Get
|
|
Return mIdentity.ID
|
|
End Get
|
|
End Property
|
|
|
|
''' <summary>
|
|
''' IsGenerator property
|
|
''' </summary>
|
|
Public ReadOnly Property IsGenerator() As Boolean
|
|
Get
|
|
Return mIdentity.IsGenerator
|
|
End Get
|
|
End Property
|
|
|
|
|
|
|
|
''' <summary>
|
|
''' User Language property
|
|
''' </summary>
|
|
Public Property Language() As String
|
|
|
|
Get
|
|
Return mIdentity.Language
|
|
End Get
|
|
|
|
Set(ByVal Value As String)
|
|
mIdentity.Language = Value
|
|
End Set
|
|
End Property
|
|
|
|
''' <summary>
|
|
''' Index method property
|
|
''' </summary>
|
|
Public Property CJKIndex() As Boolean
|
|
|
|
Get
|
|
Return mIdentity.CJKIndex
|
|
End Get
|
|
Set(ByVal Value As Boolean)
|
|
mIdentity.CJKIndex = Value
|
|
End Set
|
|
End Property
|
|
|
|
''' <summary>
|
|
''' Use Notification property
|
|
''' </summary>
|
|
Public Property UseNotification() As Boolean
|
|
|
|
Get
|
|
Return mIdentity.UseNotification
|
|
End Get
|
|
Set(ByVal Value As Boolean)
|
|
mIdentity.UseNotification = Value
|
|
End Set
|
|
End Property
|
|
|
|
''' <summary>
|
|
''' Override time zone property
|
|
''' </summary>
|
|
Public Property OverrideTimeZone() As Boolean
|
|
'case 1163
|
|
Get
|
|
Return mIdentity.OverrideTimeZone
|
|
End Get
|
|
Set(ByVal Value As Boolean)
|
|
mIdentity.OverrideTimeZone = Value
|
|
End Set
|
|
End Property
|
|
''' <summary>
|
|
''' Time zone offset property
|
|
''' </summary>
|
|
Public Property TimeZoneOffset() As Double
|
|
'case 1163
|
|
Get
|
|
Return mIdentity.TimeZoneOffset
|
|
End Get
|
|
Set(ByVal Value As Double)
|
|
mIdentity.TimeZoneOffset = Value
|
|
End Set
|
|
End Property
|
|
|
|
''' <summary>
|
|
''' Flag - true = remote dataportal, false=direct db connection
|
|
''' Used for diagnostics purposes so any code remote
|
|
''' or local can know if a remote data portal is in use
|
|
''' or a direct database connection
|
|
''' </summary>
|
|
Public Property UsingRemoteDataPortal() As Boolean
|
|
Get
|
|
Return mIdentity.UsingRemoteDataPortal
|
|
End Get
|
|
|
|
Set(ByVal Value As Boolean)
|
|
mIdentity.UsingRemoteDataPortal = Value
|
|
End Set
|
|
End Property
|
|
|
|
#End Region
|
|
|
|
#Region " IPrincipal "
|
|
|
|
''' <summary>
|
|
''' Implements the Identity property defined by IPrincipal.
|
|
''' </summary>
|
|
Public ReadOnly Property Identity() As IIdentity _
|
|
Implements IPrincipal.Identity
|
|
Get
|
|
Return mIdentity
|
|
End Get
|
|
End Property
|
|
|
|
''' <summary>
|
|
''' Implements the IsInRole property defined by IPrincipal.
|
|
''' ReWritten for AyaNova to not do anything
|
|
''' </summary>
|
|
Public Function IsInRole(ByVal Role As String) As Boolean _
|
|
Implements IPrincipal.IsInRole
|
|
|
|
Return False
|
|
|
|
End Function
|
|
|
|
|
|
#End Region
|
|
|
|
#Region " Login process "
|
|
|
|
''' <summary>
|
|
''' Initiates a login process using custom CSLA .NET security.
|
|
''' </summary>
|
|
''' <remarks>
|
|
''' As described in the book, this invokes a login process using
|
|
''' a table-based authentication scheme and a list of roles in
|
|
''' the database tables. By replacing the code in
|
|
''' <see cref="T:CSLA.Security.BusinessIdentity" /> you can easily
|
|
''' adapt this scheme to authenticate the user against any database
|
|
''' or other scheme.
|
|
''' </remarks>
|
|
''' <param name="Username">The user's username.</param>
|
|
''' <param name="Password">The user's password.</param>
|
|
Public Shared Sub Login(ByVal Username As String, ByVal Password As String, ByVal AyaNovaConnectionSetting As AyaNovaConnectionSettings)
|
|
Dim p As New BusinessPrincipal(Username, Password, AyaNovaConnectionSetting)
|
|
End Sub
|
|
|
|
Public Shared Sub Login(ByVal Username As String, ByVal Password As String)
|
|
Throw New System.ApplicationException("BusinessPrincipal.Login has been deprecated as of version 4.x." + vbCrLf + "Use AyaBizUtils.Login in it's place.")
|
|
End Sub
|
|
|
|
Private Sub New(ByVal Username As String, ByVal Password As String, ByVal ACS As AyaNovaConnectionSettings)
|
|
Dim currentdomain As AppDomain = Thread.GetDomain
|
|
|
|
currentdomain.SetPrincipalPolicy(PrincipalPolicy.UnauthenticatedPrincipal)
|
|
|
|
|
|
Dim OldPrincipal As IPrincipal = Thread.CurrentPrincipal
|
|
|
|
|
|
|
|
Thread.CurrentPrincipal = Me
|
|
|
|
Try
|
|
If Not TypeOf OldPrincipal Is BusinessPrincipal Then
|
|
|
|
currentdomain.SetThreadPrincipal(Me)
|
|
End If
|
|
|
|
Catch
|
|
' failed, but we don't care because there's nothing
|
|
' we can do in this case
|
|
End Try
|
|
|
|
' load the underlying identity object that tells whether
|
|
' we are really logged in, and if so will contain the
|
|
' list of roles we belong to
|
|
mIdentity = BusinessIdentity.LoadIdentity(Username, Password, ACS)
|
|
|
|
End Sub
|
|
|
|
#End Region
|
|
|
|
End Class
|
|
|
|
End Namespace
|