[1624] | 1 | using System;
|
---|
| 2 | using System.Collections.Generic;
|
---|
| 3 | using System.Text;
|
---|
| 4 | using System.Threading;
|
---|
| 5 | using HeuristicLab.Security.Contracts.Interfaces;
|
---|
| 6 | using HeuristicLab.Security.Contracts.BusinessObjects;
|
---|
| 7 | using HeuristicLab.Security.DataAccess;
|
---|
| 8 | using HeuristicLab.DataAccess.Interfaces;
|
---|
| 9 | using HeuristicLab.PluginInfrastructure;
|
---|
[1737] | 10 | using System.Security.Cryptography;
|
---|
[1738] | 11 | using System.ServiceModel;
|
---|
[1624] | 12 |
|
---|
| 13 | namespace HeuristicLab.Security.Core {
|
---|
| 14 | public class PermissionManager : IPermissionManager{
|
---|
| 15 |
|
---|
[1724] | 16 | private static ISessionFactory factory = ServiceLocator.GetSessionFactory();
|
---|
[1624] | 17 |
|
---|
| 18 | private static ISession session;
|
---|
| 19 |
|
---|
| 20 | private static IDictionary<Guid,string> currentSessions = new Dictionary<Guid, string>();
|
---|
| 21 | Object locker = new Object();
|
---|
| 22 |
|
---|
[1737] | 23 | private static string getMd5Hash(string input) {
|
---|
| 24 | // Create a new instance of the MD5CryptoServiceProvider object.
|
---|
| 25 | MD5 md5Hasher = MD5.Create();
|
---|
| 26 |
|
---|
| 27 | // Convert the input string to a byte array and compute the hash.
|
---|
| 28 | byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));
|
---|
| 29 |
|
---|
| 30 | // Create a new Stringbuilder to collect the bytes
|
---|
| 31 | // and create a string.
|
---|
| 32 | StringBuilder sBuilder = new StringBuilder();
|
---|
| 33 |
|
---|
| 34 | // Loop through each byte of the hashed data
|
---|
| 35 | // and format each one as a hexadecimal string.
|
---|
| 36 | for (int i = 0; i < data.Length; i++) {
|
---|
| 37 | sBuilder.Append(data[i].ToString("x2"));
|
---|
| 38 | }
|
---|
| 39 |
|
---|
| 40 | // Return the hexadecimal string.
|
---|
| 41 | return sBuilder.ToString();
|
---|
| 42 | }
|
---|
| 43 |
|
---|
[1624] | 44 | /// <summary>
|
---|
| 45 | /// If a session exists for this userName then it is returned, otherwise the given password
|
---|
| 46 | /// is checked and a new session is created.
|
---|
| 47 | /// </summary>
|
---|
| 48 | /// <param name="userName"></param>
|
---|
| 49 | /// <param name="password"></param>
|
---|
| 50 | /// <returns></returns>
|
---|
| 51 | public Guid Authenticate(String userName, String password) {
|
---|
| 52 | lock (locker)
|
---|
| 53 | if (currentSessions.Values.Contains(userName))
|
---|
| 54 | return GetGuid(userName);
|
---|
| 55 | try {
|
---|
| 56 | session = factory.GetSessionForCurrentThread();
|
---|
| 57 |
|
---|
[1737] | 58 | password = getMd5Hash(password);
|
---|
| 59 |
|
---|
[1624] | 60 | IUserAdapter userAdapter = session.GetDataAdapter<User, IUserAdapter>();
|
---|
[1729] | 61 | User user = userAdapter.GetByLogin(userName);
|
---|
[1624] | 62 |
|
---|
[1738] | 63 | if (user != null &&
|
---|
[1737] | 64 | user.Password.Equals(password)) {
|
---|
[1624] | 65 | Guid newSessionId = Guid.NewGuid();
|
---|
| 66 | lock (locker)
|
---|
| 67 | currentSessions.Add(newSessionId, userName);
|
---|
| 68 | return newSessionId;
|
---|
| 69 | } else return Guid.Empty;
|
---|
| 70 | }
|
---|
[1738] | 71 | catch (Exception ex) { throw new FaultException("Server: " + ex.Message); }
|
---|
[1624] | 72 | finally {
|
---|
| 73 | if (session != null)
|
---|
| 74 | session.EndSession();
|
---|
| 75 | }
|
---|
| 76 | }
|
---|
| 77 |
|
---|
| 78 | /// <summary>
|
---|
| 79 | /// Checks if the owner of the given session has the given permission.
|
---|
| 80 | /// </summary>
|
---|
| 81 | /// <param name="sessionId"></param>
|
---|
| 82 | /// <param name="permissionId"></param>
|
---|
| 83 | /// <param name="entityId"></param>
|
---|
| 84 | /// <returns></returns>
|
---|
| 85 | public bool CheckPermission(Guid sessionId, Guid permissionId, Guid entityId) {
|
---|
| 86 | string userName;
|
---|
| 87 | bool existsSession;
|
---|
| 88 | lock (locker)
|
---|
| 89 | existsSession = currentSessions.TryGetValue(sessionId, out userName);
|
---|
| 90 | if (existsSession) {
|
---|
| 91 | try {
|
---|
| 92 | session = factory.GetSessionForCurrentThread();
|
---|
| 93 |
|
---|
| 94 | IPermissionOwnerAdapter permOwnerAdapter = session.GetDataAdapter<PermissionOwner, IPermissionOwnerAdapter>();
|
---|
| 95 | PermissionOwner permOwner = permOwnerAdapter.GetByName(userName);
|
---|
| 96 |
|
---|
| 97 | IPermissionAdapter permissionAdapter = session.GetDataAdapter<Permission, IPermissionAdapter>();
|
---|
| 98 | Permission permission = permissionAdapter.GetById(permissionId);
|
---|
| 99 |
|
---|
| 100 | if ((permission != null) && (permOwner != null))
|
---|
[1720] | 101 | return (permissionAdapter.getPermission(permOwner.Id, permission.Id, entityId) != null);
|
---|
[1624] | 102 | else return false;
|
---|
| 103 | }
|
---|
[1738] | 104 | catch (Exception ex) { throw new FaultException("Server: " + ex.Message); }
|
---|
[1624] | 105 | finally {
|
---|
| 106 | if (session != null)
|
---|
| 107 | session.EndSession();
|
---|
| 108 | }
|
---|
| 109 | } else return false;
|
---|
| 110 | }
|
---|
| 111 |
|
---|
| 112 | /// <summary>
|
---|
| 113 | /// Removes the given session.
|
---|
| 114 | /// </summary>
|
---|
| 115 | /// <param name="sessionId"></param>
|
---|
| 116 | public void EndSession(Guid sessionId) {
|
---|
| 117 | lock (locker) {
|
---|
| 118 | if (currentSessions.Keys.Contains(sessionId))
|
---|
| 119 | currentSessions.Remove(sessionId);
|
---|
| 120 | }
|
---|
| 121 | }
|
---|
| 122 |
|
---|
| 123 | /// <summary>
|
---|
| 124 | /// Gets the sessionId for a user.
|
---|
| 125 | /// </summary>
|
---|
| 126 | /// <param name="userName"></param>
|
---|
| 127 | /// <returns></returns>
|
---|
| 128 | public Guid GetGuid(string userName) {
|
---|
| 129 | foreach (Guid guid in currentSessions.Keys)
|
---|
| 130 | if (currentSessions[guid].CompareTo(userName) == 0)
|
---|
| 131 | return guid;
|
---|
| 132 | return Guid.Empty;
|
---|
| 133 | }
|
---|
| 134 | }
|
---|
| 135 | }
|
---|