[1624] | 1 | using System;
|
---|
| 2 | using System.Collections.Generic;
|
---|
| 3 | using System.Text;
|
---|
| 4 | using System.Threading;
|
---|
| 5 | using HeuristicLab.Security.Contracts.Interfaces;
|
---|
| 6 | using HeuristicLab.Security.Contracts.BusinessObjects;
|
---|
| 7 | using HeuristicLab.Security.DataAccess;
|
---|
| 8 | using HeuristicLab.DataAccess.Interfaces;
|
---|
| 9 | using HeuristicLab.PluginInfrastructure;
|
---|
[1737] | 10 | using System.Security.Cryptography;
|
---|
[1738] | 11 | using System.ServiceModel;
|
---|
[1624] | 12 |
|
---|
| 13 | namespace HeuristicLab.Security.Core {
|
---|
| 14 | public class PermissionManager : IPermissionManager{
|
---|
| 15 |
|
---|
[2591] | 16 | private static ISessionFactory factory;
|
---|
| 17 | private static ISessionFactory Factory {
|
---|
| 18 | get {
|
---|
| 19 | // lazy initialization
|
---|
| 20 | if(factory==null)
|
---|
| 21 | factory = ServiceLocator.GetSessionFactory();
|
---|
| 22 | return factory;
|
---|
| 23 | }
|
---|
| 24 | }
|
---|
[1624] | 25 |
|
---|
| 26 | private static ISession session;
|
---|
| 27 |
|
---|
| 28 | private static IDictionary<Guid,string> currentSessions = new Dictionary<Guid, string>();
|
---|
| 29 | Object locker = new Object();
|
---|
| 30 |
|
---|
[1737] | 31 | private static string getMd5Hash(string input) {
|
---|
| 32 | // Create a new instance of the MD5CryptoServiceProvider object.
|
---|
| 33 | MD5 md5Hasher = MD5.Create();
|
---|
| 34 |
|
---|
| 35 | // Convert the input string to a byte array and compute the hash.
|
---|
| 36 | byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));
|
---|
| 37 |
|
---|
| 38 | // Create a new Stringbuilder to collect the bytes
|
---|
| 39 | // and create a string.
|
---|
| 40 | StringBuilder sBuilder = new StringBuilder();
|
---|
| 41 |
|
---|
| 42 | // Loop through each byte of the hashed data
|
---|
| 43 | // and format each one as a hexadecimal string.
|
---|
| 44 | for (int i = 0; i < data.Length; i++) {
|
---|
| 45 | sBuilder.Append(data[i].ToString("x2"));
|
---|
| 46 | }
|
---|
| 47 |
|
---|
| 48 | // Return the hexadecimal string.
|
---|
| 49 | return sBuilder.ToString();
|
---|
| 50 | }
|
---|
| 51 |
|
---|
[1624] | 52 | /// <summary>
|
---|
| 53 | /// If a session exists for this userName then it is returned, otherwise the given password
|
---|
| 54 | /// is checked and a new session is created.
|
---|
| 55 | /// </summary>
|
---|
| 56 | /// <param name="userName"></param>
|
---|
| 57 | /// <param name="password"></param>
|
---|
| 58 | /// <returns></returns>
|
---|
| 59 | public Guid Authenticate(String userName, String password) {
|
---|
| 60 | try {
|
---|
[2591] | 61 | session = Factory.GetSessionForCurrentThread();
|
---|
[1624] | 62 |
|
---|
[1737] | 63 | password = getMd5Hash(password);
|
---|
| 64 |
|
---|
[1624] | 65 | IUserAdapter userAdapter = session.GetDataAdapter<User, IUserAdapter>();
|
---|
[1729] | 66 | User user = userAdapter.GetByLogin(userName);
|
---|
[1624] | 67 |
|
---|
[1738] | 68 | if (user != null &&
|
---|
[1737] | 69 | user.Password.Equals(password)) {
|
---|
[1750] | 70 | Guid sessionId;
|
---|
| 71 |
|
---|
| 72 | lock (locker) {
|
---|
| 73 | if (currentSessions.Values.Contains(userName)) {
|
---|
[1751] | 74 | sessionId = GetGuid(userName);
|
---|
| 75 | } else {
|
---|
[1750] | 76 | sessionId = Guid.NewGuid();
|
---|
| 77 | currentSessions.Add(sessionId, userName);
|
---|
| 78 | }
|
---|
| 79 | }
|
---|
| 80 |
|
---|
| 81 | return sessionId;
|
---|
| 82 | } else
|
---|
| 83 | return Guid.Empty;
|
---|
[1624] | 84 | }
|
---|
[1738] | 85 | catch (Exception ex) { throw new FaultException("Server: " + ex.Message); }
|
---|
[1624] | 86 | finally {
|
---|
| 87 | if (session != null)
|
---|
| 88 | session.EndSession();
|
---|
| 89 | }
|
---|
| 90 | }
|
---|
| 91 |
|
---|
| 92 | /// <summary>
|
---|
| 93 | /// Checks if the owner of the given session has the given permission.
|
---|
| 94 | /// </summary>
|
---|
| 95 | /// <param name="sessionId"></param>
|
---|
| 96 | /// <param name="permissionId"></param>
|
---|
| 97 | /// <param name="entityId"></param>
|
---|
| 98 | /// <returns></returns>
|
---|
| 99 | public bool CheckPermission(Guid sessionId, Guid permissionId, Guid entityId) {
|
---|
| 100 | string userName;
|
---|
| 101 | bool existsSession;
|
---|
| 102 | lock (locker)
|
---|
| 103 | existsSession = currentSessions.TryGetValue(sessionId, out userName);
|
---|
| 104 | if (existsSession) {
|
---|
| 105 | try {
|
---|
[2591] | 106 | session = Factory.GetSessionForCurrentThread();
|
---|
[1624] | 107 |
|
---|
| 108 | IPermissionOwnerAdapter permOwnerAdapter = session.GetDataAdapter<PermissionOwner, IPermissionOwnerAdapter>();
|
---|
| 109 | PermissionOwner permOwner = permOwnerAdapter.GetByName(userName);
|
---|
| 110 |
|
---|
| 111 | IPermissionAdapter permissionAdapter = session.GetDataAdapter<Permission, IPermissionAdapter>();
|
---|
| 112 | Permission permission = permissionAdapter.GetById(permissionId);
|
---|
| 113 |
|
---|
| 114 | if ((permission != null) && (permOwner != null))
|
---|
[1720] | 115 | return (permissionAdapter.getPermission(permOwner.Id, permission.Id, entityId) != null);
|
---|
[1624] | 116 | else return false;
|
---|
| 117 | }
|
---|
[1738] | 118 | catch (Exception ex) { throw new FaultException("Server: " + ex.Message); }
|
---|
[1624] | 119 | finally {
|
---|
| 120 | if (session != null)
|
---|
| 121 | session.EndSession();
|
---|
| 122 | }
|
---|
| 123 | } else return false;
|
---|
| 124 | }
|
---|
| 125 |
|
---|
| 126 | /// <summary>
|
---|
| 127 | /// Removes the given session.
|
---|
| 128 | /// </summary>
|
---|
| 129 | /// <param name="sessionId"></param>
|
---|
| 130 | public void EndSession(Guid sessionId) {
|
---|
| 131 | lock (locker) {
|
---|
| 132 | if (currentSessions.Keys.Contains(sessionId))
|
---|
| 133 | currentSessions.Remove(sessionId);
|
---|
| 134 | }
|
---|
| 135 | }
|
---|
| 136 |
|
---|
| 137 | /// <summary>
|
---|
| 138 | /// Gets the sessionId for a user.
|
---|
| 139 | /// </summary>
|
---|
| 140 | /// <param name="userName"></param>
|
---|
| 141 | /// <returns></returns>
|
---|
| 142 | public Guid GetGuid(string userName) {
|
---|
| 143 | foreach (Guid guid in currentSessions.Keys)
|
---|
| 144 | if (currentSessions[guid].CompareTo(userName) == 0)
|
---|
| 145 | return guid;
|
---|
| 146 | return Guid.Empty;
|
---|
| 147 | }
|
---|
| 148 | }
|
---|
| 149 | }
|
---|