Free cookie consent management tool by TermsFeed Policy Generator

Ignore:
Timestamp:
08/23/10 14:40:19 (14 years ago)
Author:
cneumuel
Message:

added role-permission checks, updated service reference (#1168)

Location:
branches/3.3-HiveMigration/sources/HeuristicLab.Hive/HeuristicLab.Hive.Server.Core/3.3/Facades
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • branches/3.3-HiveMigration/sources/HeuristicLab.Hive/HeuristicLab.Hive.Server.Core/3.3/Facades/ExecutionEngineFacade.cs

    r4263 r4289  
    7777    }
    7878
    79 
    8079    public ResponseObject<JobResultList> GetJobResults(IEnumerable<Guid> jobIds) {
    8180      using (contextFactory.GetContext(false)) {
     
    8382      }
    8483    }
     84
    8585    #endregion
    86 
    87 
    8886  }
    8987}

  • branches/3.3-HiveMigration/sources/HeuristicLab.Hive/HeuristicLab.Hive.Server.Core/3.3/Facades/ServerConsoleFacade.cs

    r4267 r4289  
    3232using HeuristicLab.Hive.Server.DataAccess;
    3333using HeuristicLab.Hive.Contracts.ResponseObjects;
    34 
     34using System.Security.Permissions;
     35
     36      //IIdentity id = ServiceSecurityContext.Current.PrimaryIdentity;
     37      //if (!Thread.CurrentPrincipal.IsInRole("Administrator")) {
     38
     39      //} else {
     40      //  // access denied
     41      //  throw new SecurityException();
     42      //}
    3543
    3644namespace HeuristicLab.Hive.Server.Core {
     
    4957    }
    5058
    51     public Response Login(string username, string password) {
     59    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
     60    public Response Login() {
    5261      Response resp = new Response();
    53 
    54       sessionID = secMan.Login(username, password);
    55       if (sessionID == Guid.Empty) {
    56         resp.StatusMessage = ResponseStatus.Login_LoginFaild;
    57       }
    5862      return resp;
    5963    }
    6064
    61 
     65    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    6266    public ResponseList<SlaveDto> GetAllSlaves() {
    6367      using (contextFactory.GetContext(false)) {
    64         secMan.Authorize("AccessSlaves", sessionID, Guid.Empty);
    6568        return slaveManager.GetAllSlaves();
    6669      }
    6770    }
    6871
     72    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    6973    public ResponseList<SlaveGroupDto> GetAllSlaveGroups() {
    7074      using (contextFactory.GetContext(false)) {
    71         //secMan.Authorize("AccessSlaveGroup", sessionID, Guid.Empty);
    7275        return slaveManager.GetAllSlaveGroups();
    7376      }
    7477    }
    7578
     79    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    7680    public ResponseList<UpTimeStatisticsDto> GetAllUpTimeStatistics() {
    7781      using (contextFactory.GetContext(false)) {
    78         secMan.Authorize("AccessStatistics", sessionID, Guid.Empty);
    7982        return slaveManager.GetAllUpTimeStatistics();
    8083      }
    8184    }
    8285
     86    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    8387    public ResponseObject<SlaveGroupDto> AddSlaveGroup(SlaveGroupDto slaveGroup) {
    8488      using (contextFactory.GetContext()) {
    85         secMan.Authorize("AddSlaveGroup", sessionID, Guid.Empty);
    8689        return slaveManager.AddSlaveGroup(slaveGroup);
    8790      }
    8891    }
    8992
     93    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    9094    public Response AddResourceToGroup(Guid slaveGroupId, ResourceDto resource) {
    9195      using (contextFactory.GetContext()) {
    92         secMan.Authorize("AddResource", sessionID, Guid.Empty);
    9396        return slaveManager.AddResourceToGroup(slaveGroupId, resource);
    9497      }
    9598    }
    9699
     100    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    97101    public Response DeleteResourceFromGroup(Guid slaveGroupId, Guid resourceId) {
    98102      using (contextFactory.GetContext()) {
     
    101105    }
    102106
     107    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    103108    public ResponseList<JobDto> GetAllJobs() {
    104109      using (contextFactory.GetContext(false)) {
    105         secMan.Authorize("AccessJobs", sessionID, Guid.Empty);
    106110        return jobManager.GetAllJobs();
    107111      }
    108112    }
    109113
     114    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    110115    public ResponseList<JobDto> GetAllJobsWithFilter(JobState jobState, int offset, int count) {
    111116      using (contextFactory.GetContext(false)) {
    112         secMan.Authorize("AccessJobs", sessionID, Guid.Empty);
    113117        return jobManager.GetAllJobsWithFilter(jobState, offset, count);
    114118      }
    115119    }
    116120
     121    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    117122    public ResponseObject<JobDto> GetJobById(Guid jobId) {
    118123      using (contextFactory.GetContext(false)) {
    119         secMan.Authorize("AccessJobs", sessionID, jobId);
    120124        return jobManager.GetJobById(jobId);
    121125      }
    122126    }
    123127
     128    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    124129    public ResponseObject<JobDto> GetJobByIdWithDetails(Guid jobId) {
    125130      using (contextFactory.GetContext(false)) {
    126         secMan.Authorize("AccessJobs", sessionID, jobId);
    127131        return jobManager.GetJobByIdWithDetails(jobId);
    128132      }
    129133    }
    130134
     135    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    131136    public ResponseObject<JobDto> AddNewJob(SerializedJob job) {
    132137      using (contextFactory.GetContext()) {
    133         secMan.Authorize("AddJob", sessionID, job.JobInfo.Id);
    134138        return jobManager.AddNewJob(job);
    135139      }
    136140    }
    137141
    138     //public ResponseObject<JobDto> GetLastJobResultOf(Guid jobId) {
    139     //  using (contextFactory.GetContext(false)) {
    140     //    secMan.Authorize("AccessJobResults", sessionID, jobId);
    141     //    return jobManager.GetLastJobResultOf(jobId);
    142     //  }
    143     //}
    144 
     142    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    145143    public ResponseObject<SerializedJob> GetLastSerializedResult(Guid jobId, bool requested, bool snapshot) {
    146144      using (contextFactory.GetContext(false)) {
    147         secMan.Authorize("AccessJobResults", sessionID, jobId);
    148145        return jobManager.GetLastSerializedResult(jobId, requested, snapshot);
    149146      }
    150147    }
    151148
     149    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    152150    public ResponseObject<JobResultList> GetJobResults(IEnumerable<Guid> jobIds) {
    153151      using (contextFactory.GetContext(false)) {
    154         //secMan.Authorize("AccessJobResults", sessionID, jobId); skip authorization
    155152        return jobManager.GetJobResults(jobIds);
    156153      }
    157154    }
    158155
    159     //public Response RemoveJob(Guid jobId) {
    160     //  using (contextFactory.GetContext()) {
    161     //    secMan.Authorize("RemoveJob", sessionID, jobId);
    162     //    return jobManager.RemoveJob(jobId);
    163     //  }
    164     //}
    165 
     156    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    166157    public Response RequestSnapshot(Guid jobId) {
    167158      using (contextFactory.GetContext()) {
    168         secMan.Authorize("AccessJobResults", sessionID, jobId);
    169159        return jobManager.RequestSnapshot(jobId);
    170160      }
    171161    }
    172162
     163    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    173164    public Response AbortJob(Guid jobId) {
    174165      using (contextFactory.GetContext()) {
    175         secMan.Authorize("AbortJob", sessionID, Guid.Empty);
    176166        return jobManager.AbortJob(jobId);
    177167      }
    178168    }
    179169
     170    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    180171    public ResponseObject<SlaveGroupDtoList> GetAllGroupsOfResource(Guid resourceId) {
    181172      using (contextFactory.GetContext(false)) {
    182         secMan.Authorize("AccessUserGroup", sessionID, Guid.Empty);
    183173        return slaveManager.GetAllGroupsOfResource(resourceId);
    184174      }
    185175    }
    186176
     177    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    187178    public Response DeleteSlaveGroup(Guid slaveGroupId) {
    188179      using (contextFactory.GetContext()) {
    189         secMan.Authorize("DeleteSlaveGroup", sessionID, Guid.Empty);
    190180        return slaveManager.DeleteSlaveGroup(slaveGroupId);
    191181      }
    192182    }
    193183
     184    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    194185    public ResponseList<ProjectDto> GetAllProjects() {
    195186      using (contextFactory.GetContext(false)) {
    196         secMan.Authorize("AccessProjects", sessionID, Guid.Empty);
    197187        return jobManager.GetAllProjects();
    198188      }
    199189    }
    200190
     191    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    201192    public Response CreateProject(ProjectDto project) {
    202193      using (contextFactory.GetContext()) {
    203         secMan.Authorize("CreateProjects", sessionID, Guid.Empty);
    204194        return jobManager.CreateProject(project);
    205195      }
    206196    }
    207197
     198    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    208199    public Response ChangeProject(ProjectDto project) {
    209200      using (contextFactory.GetContext()) {
    210         secMan.Authorize("ChangeProjects", sessionID, Guid.Empty);
    211201        return jobManager.ChangeProject(project);
    212202      }
    213203    }
    214204
     205    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    215206    public Response DeleteProject(Guid projectId) {
    216207      using (contextFactory.GetContext()) {
    217         secMan.Authorize("DeleteProjects", sessionID, projectId);
    218208        return jobManager.DeleteProject(projectId);
    219209      }
    220210    }
    221211
     212    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    222213    public ResponseList<JobDto> GetJobsByProject(Guid projectId) {
    223214      using (contextFactory.GetContext(false)) {
    224         secMan.Authorize("AccessJobs", sessionID, Guid.Empty);
    225215        return jobManager.GetJobsByProject(projectId);
    226216      }
    227217    }
    228218
     219    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    229220    public ResponseList<AppointmentDto> GetUptimeCalendarForResource(Guid guid) {
    230221      using (contextFactory.GetContext(false)) {
     
    233224    }
    234225
     226    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    235227    public Response SetUptimeCalendarForResource(Guid guid, IEnumerable<AppointmentDto> appointments, bool isForced) {
    236228      using (contextFactory.GetContext()) {
     
    239231    }
    240232
     233    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Administrator)]
    241234    public ResponseObject<JobDto> AddJobWithGroupStrings(SerializedJob job, IEnumerable<string> resources) {
    242235      using (contextFactory.GetContext()) {

  • branches/3.3-HiveMigration/sources/HeuristicLab.Hive/HeuristicLab.Hive.Server.Core/3.3/Facades/SlaveFacade.cs

    r4267 r4289  
    3636using HeuristicLab.Hive.Server.DataAccess;
    3737using HeuristicLab.Hive.Contracts.ResponseObjects;
     38using System.Security.Permissions;
    3839
    3940namespace HeuristicLab.Hive.Server.Core {
     
    5051    #region ISlaveCommunicator Members
    5152
    52     public Response Login(SlaveDto clientInfo) {
     53    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
     54    public Response Login(Guid slaveId) {
    5355      using (contextFactory.GetContext()) {
    54         return slaveCommunicator.Login(clientInfo);
     56        return slaveCommunicator.Login(slaveId);
    5557      }
    5658    }
    5759
     60    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    5861    public ResponseHeartBeat ProcessHeartBeat(HeartBeatData hbData) {
    5962      using (contextFactory.GetContext()) {
     
    6265    }
    6366
     67    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    6468    public ResponseObject<JobDto> GetJob(Guid clientId) {
    6569      using (contextFactory.GetContext()) {
     
    6872    }
    6973
     74    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    7075    public ResponseResultReceived StoreFinishedJobResult(Guid clientId, Guid jobId, byte[] result, double percentage, string exception) {
    7176      using (contextFactory.GetContext()) {
     
    7479    }
    7580
     81    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    7682    public Response Logout(Guid clientId) {
    7783      using (contextFactory.GetContext()) {
     
    8086    }
    8187
     88    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    8289    public Response IsJobStillNeeded(Guid jobId) {
    8390      using (contextFactory.GetContext()) {
     
    8693    }
    8794
     95    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    8896    public ResponseList<CachedHivePluginInfoDto> GetPlugins(List<HivePluginInfoDto> pluginList) {
    8997      return slaveCommunicator.GetPlugins(pluginList);     
    9098    }
    9199
     100    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    92101    public ResponseResultReceived ProcessSnapshot(Guid clientId, Guid jobId, byte[] result, double percentage, string exception) {
    93102      using (contextFactory.GetContext()) {
     
    96105    }
    97106
     107    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    98108    public ResponseCalendar GetCalendar(Guid clientId) {
    99109      using (contextFactory.GetContext()) {
     
    102112    }
    103113
     114    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    104115    public Response SetCalendarStatus(Guid clientId, CalendarState state) {
    105116      using (contextFactory.GetContext()) {
     
    114125    /// Do not use automatic transactions here
    115126    /// </summary>
     127    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    116128    public Stream GetStreamedJob(Guid clientId) {
    117129      using (contextFactory.GetContext(false)) {
     
    144156    }
    145157
     158    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    146159    public Stream GetStreamedPlugins(List<HivePluginInfoDto> pluginList) {
    147160      return new StreamedObject<ResponseList<CachedHivePluginInfoDto>>(this.GetPlugins(pluginList));
    148161    }
    149162
     163    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    150164    public ResponseResultReceived StoreFinishedJobResultStreamed(Stream stream) {
    151165      using (contextFactory.GetContext()) {
     
    154168    }
    155169
     170    [PrincipalPermission(SecurityAction.Demand, Role = HiveRoles.Slave)]
    156171    public ResponseResultReceived ProcessSnapshotStreamed(Stream stream) {
    157172      using (contextFactory.GetContext()) {
Note: See TracChangeset for help on using the changeset viewer.