Merge branch 'feature/Authentication' into develop
This commit is contained in:
@@ -9,8 +9,25 @@ namespace Step.Config
|
||||
WRITE
|
||||
}
|
||||
|
||||
public static string ROLE_LEVEL_KEY = "roleLevel";
|
||||
public static string USERNAME_KEY = "username";
|
||||
public static string ID_KEY = "id";
|
||||
// Token fields Keys
|
||||
public const string ROLE_LEVEL_KEY = "roleLevel";
|
||||
public const string USERNAME_KEY = "username";
|
||||
public const string ID_KEY = "id";
|
||||
|
||||
// Names in the xml file
|
||||
public const string SERVER_CONFIG_KEY = "serverConfig";
|
||||
public const string NC_CONFIG_KEY = "ncConfig";
|
||||
public const string AREAS_CONFIG_KEY = "areasConfig";
|
||||
|
||||
public static class AREAS
|
||||
{
|
||||
public const string PRODUCTION_KEY = "production";
|
||||
public const string TOOLING_KEY = "tooling";
|
||||
public const string REPORT_KEY = "report";
|
||||
public const string ALARMS_KEY = "alarms";
|
||||
public const string MAINTENANCE_KEY = "maintenance";
|
||||
public const string UTILITIES_KEY = "utilities";
|
||||
public const string SCADA_KEY = "scada";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,7 +9,8 @@ namespace Step.Config
|
||||
{
|
||||
public static class StartupConfig
|
||||
{
|
||||
public static GenericConfigModel genericConfig;
|
||||
public static ServerConfigModel serverConfig;
|
||||
public static NcConfigModel ncConfig;
|
||||
|
||||
public static AreasConfigModel productionConfig;
|
||||
public static AreasConfigModel toolingConfig;
|
||||
|
||||
@@ -6,13 +6,14 @@ using System.Xml.Linq;
|
||||
using System.Linq;
|
||||
using static Step.Config.StartupConfig;
|
||||
using Step.Model.ConfigModels;
|
||||
using static Step.Config.Constants;
|
||||
|
||||
namespace Step.Config
|
||||
{
|
||||
public class StartupConfigController
|
||||
public static class StartupConfigController
|
||||
{
|
||||
public static void ReadStartupConfig()
|
||||
{
|
||||
public static void ReadStartUpConfig()
|
||||
{
|
||||
// Read validation file
|
||||
XmlSchemaSet readerSettings = new XmlSchemaSet();
|
||||
// Add Schema
|
||||
@@ -22,60 +23,71 @@ namespace Step.Config
|
||||
// Validate file
|
||||
xmlConfigFile.Validate(readerSettings, ValidationHandler);
|
||||
|
||||
// Read generic config with LINQ
|
||||
genericConfig = xmlConfigFile
|
||||
.Descendants("generalConfig")
|
||||
.Select(x => new GenericConfigModel()
|
||||
// Read nc Config with LINQ
|
||||
ncConfig = xmlConfigFile
|
||||
.Descendants(NC_CONFIG_KEY)
|
||||
.Select(x => new NcConfigModel()
|
||||
{
|
||||
Language = x.Element("language").Value,
|
||||
ServerPort = Convert.ToInt32(x.Element("serverPort").Value),
|
||||
NcVendor = Convert.ToInt32(x.Element("NcVendor").Value),
|
||||
NcIpAddress = x.Element("NcIpAddress").Value,
|
||||
NcPort = Convert.ToInt32(x.Element("NcPort").Value)
|
||||
NcVendor = Convert.ToInt32(x.Element("ncVendor").Value),
|
||||
NcIpAddress = x.Element("ncIpAddress").Value,
|
||||
NcPort = Convert.ToInt32(x.Element("ncPort").Value)
|
||||
}).FirstOrDefault();
|
||||
|
||||
// Read server config with LINQ and save into static config
|
||||
serverConfig = xmlConfigFile
|
||||
.Descendants(SERVER_CONFIG_KEY)
|
||||
.Select(x => new ServerConfigModel()
|
||||
{ // Set server config model data
|
||||
Language = x.Element("language").Value,
|
||||
ServerPort = Convert.ToInt32(x.Element("serverPort").Value),
|
||||
EnableDirectoryBrowsing = Convert.ToBoolean(x.Element("enableDirectoryBrowsing").Value)
|
||||
}).FirstOrDefault();
|
||||
|
||||
// Read areas config with LINQ
|
||||
xmlConfigFile
|
||||
.Descendants("areasConfig")
|
||||
.Descendants(AREAS_CONFIG_KEY) // Get areas config node
|
||||
.Elements()
|
||||
.ToList()
|
||||
.ForEach(x => addKeyValue(x));
|
||||
.ForEach(x => SetAreaValueByName(x)); // Loop through elements
|
||||
}
|
||||
|
||||
private static void addKeyValue(XElement element)
|
||||
private static void SetAreaValueByName(XElement element)
|
||||
{
|
||||
// Choose which area to be set
|
||||
switch (element.Name.ToString())
|
||||
{
|
||||
case "production":
|
||||
SetAreasConfigValue(ref productionConfig, element);
|
||||
case AREAS.PRODUCTION_KEY:
|
||||
SetAreaValue(ref productionConfig, element);
|
||||
break;
|
||||
case "tooling":
|
||||
SetAreasConfigValue(ref toolingConfig, element);
|
||||
case AREAS.TOOLING_KEY:
|
||||
SetAreaValue(ref toolingConfig, element);
|
||||
break;
|
||||
case "report":
|
||||
SetAreasConfigValue(ref reportConfig, element);
|
||||
case AREAS.REPORT_KEY:
|
||||
SetAreaValue(ref reportConfig, element);
|
||||
break;
|
||||
case "alarms":
|
||||
SetAreasConfigValue(ref alarmsConfig, element);
|
||||
case AREAS.ALARMS_KEY:
|
||||
SetAreaValue(ref alarmsConfig, element);
|
||||
break;
|
||||
case "maintenance":
|
||||
SetAreasConfigValue(ref maintenanceConfig, element);
|
||||
case AREAS.MAINTENANCE_KEY:
|
||||
SetAreaValue(ref maintenanceConfig, element);
|
||||
break;
|
||||
case "utilities":
|
||||
SetAreasConfigValue(ref utilitiesConfig, element);
|
||||
case AREAS.UTILITIES_KEY:
|
||||
SetAreaValue(ref utilitiesConfig, element);
|
||||
break;
|
||||
case "scada":
|
||||
SetAreasConfigValue(ref scadaConfig, element);
|
||||
case AREAS.SCADA_KEY:
|
||||
SetAreaValue(ref scadaConfig, element);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
private static void SetAreasConfigValue (ref AreasConfigModel areasConfig, XElement element)
|
||||
private static void SetAreaValue (ref AreasConfigModel areasConfig, XElement element)
|
||||
{
|
||||
// Set area model with xml data
|
||||
areasConfig = new AreasConfigModel()
|
||||
{
|
||||
name = element.Name.ToString(),
|
||||
enabled = Convert.ToBoolean(element.Element("enabled").Value),
|
||||
allowExternalBrowser = Convert.ToBoolean(element.Element("allowExternalBrowser").Value)
|
||||
Name = element.Name.ToString(),
|
||||
Enabled = Convert.ToBoolean(element.Element("enabled").Value),
|
||||
AllowExternalBrowser = Convert.ToBoolean(element.Element("allowExternalBrowser").Value)
|
||||
};
|
||||
}
|
||||
|
||||
@@ -92,5 +104,28 @@ namespace Step.Config
|
||||
Console.WriteLine(e.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public static bool CheckAreaStatus(string areaName)
|
||||
{ // Get Area status ( enabled field) by name
|
||||
switch (areaName)
|
||||
{
|
||||
case AREAS.PRODUCTION_KEY:
|
||||
return productionConfig.Enabled;
|
||||
case AREAS.TOOLING_KEY:
|
||||
return toolingConfig.Enabled;
|
||||
case AREAS.REPORT_KEY:
|
||||
return productionConfig.Enabled;
|
||||
case AREAS.ALARMS_KEY:
|
||||
return alarmsConfig.Enabled;
|
||||
case AREAS.MAINTENANCE_KEY:
|
||||
return maintenanceConfig.Enabled;
|
||||
case AREAS.UTILITIES_KEY:
|
||||
return utilitiesConfig.Enabled;
|
||||
case AREAS.SCADA_KEY:
|
||||
return scadaConfig.Enabled;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -58,5 +58,10 @@
|
||||
<Name>Step.Model</Name>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Content Include="startupConfig.xml">
|
||||
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
||||
</Content>
|
||||
</ItemGroup>
|
||||
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
|
||||
</Project>
|
||||
@@ -0,0 +1,43 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<root>
|
||||
<ncConfig>
|
||||
<ncPort>8080</ncPort>
|
||||
<ncVendor>1</ncVendor>
|
||||
<ncIpAddress>127.0.0.1</ncIpAddress>
|
||||
</ncConfig>
|
||||
<serverConfig>
|
||||
<serverPort>9000</serverPort>
|
||||
<language>ita</language>
|
||||
<enableDirectoryBrowsing>true</enableDirectoryBrowsing>
|
||||
</serverConfig>
|
||||
<areasConfig>
|
||||
<production>
|
||||
<enabled>true</enabled>
|
||||
<allowExternalBrowser>false</allowExternalBrowser>
|
||||
</production>
|
||||
<tooling>
|
||||
<enabled>false</enabled>
|
||||
<allowExternalBrowser>false</allowExternalBrowser>
|
||||
</tooling>
|
||||
<report>
|
||||
<enabled>true</enabled>
|
||||
<allowExternalBrowser>true</allowExternalBrowser>
|
||||
</report>
|
||||
<alarms>
|
||||
<enabled>false</enabled>
|
||||
<allowExternalBrowser>true</allowExternalBrowser>
|
||||
</alarms>
|
||||
<maintenance>
|
||||
<enabled>true</enabled>
|
||||
<allowExternalBrowser>false</allowExternalBrowser>
|
||||
</maintenance>
|
||||
<utilities>
|
||||
<enabled>true</enabled>
|
||||
<allowExternalBrowser>false</allowExternalBrowser>
|
||||
</utilities>
|
||||
<scada>
|
||||
<enabled>false</enabled>
|
||||
<allowExternalBrowser>true</allowExternalBrowser>
|
||||
</scada>
|
||||
</areasConfig>
|
||||
</root>
|
||||
@@ -3,14 +3,21 @@
|
||||
<xs:element name="root">
|
||||
<xs:complexType>
|
||||
<xs:sequence>
|
||||
<xs:element name="generalConfig">
|
||||
<xs:element name="ncConfig">
|
||||
<xs:complexType>
|
||||
<xs:sequence>
|
||||
<xs:element name="ncVendor" type="NcType" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="ncIpAddress" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="ncPort" type="xs:int" minOccurs='1' maxOccurs='1'/>
|
||||
</xs:sequence>
|
||||
</xs:complexType>
|
||||
</xs:element>
|
||||
<xs:element name="serverConfig">
|
||||
<xs:complexType>
|
||||
<xs:sequence>
|
||||
<xs:element name="serverPort" type="xs:int" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="language" type="xs:language" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="NcVendor" type="NcType" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="NcIpAddress" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="NcPort" type="xs:int" minOccurs='1' maxOccurs='1'/>
|
||||
<xs:element name="language" type="xs:language" minOccurs='1' maxOccurs='1' default="en"/>
|
||||
<xs:element name="enableDirectoryBrowsing" type="xs:boolean" default="false"/>
|
||||
</xs:sequence>
|
||||
</xs:complexType>
|
||||
</xs:element>
|
||||
|
||||
@@ -1,38 +0,0 @@
|
||||
using System;
|
||||
using System.Linq;
|
||||
using Step.Model;
|
||||
using static Step.Config.Constants;
|
||||
|
||||
namespace Step.Database.Controllers
|
||||
{
|
||||
public class AccessCategoriesController : IDisposable
|
||||
{
|
||||
private DatabaseContext dbCtx;
|
||||
|
||||
public AccessCategoriesController()
|
||||
{
|
||||
// Initialize database context
|
||||
dbCtx = new DatabaseContext();
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
// Clear database context
|
||||
dbCtx.Dispose();
|
||||
}
|
||||
|
||||
public int FindCategoryLevelByAction(string categoryName, ACTIONS action)
|
||||
{
|
||||
AccessCategoryModel accessCategories = dbCtx.AccessCategories.Where(ac => ac.Name == categoryName).FirstOrDefault();
|
||||
if (accessCategories != null)
|
||||
{
|
||||
if (ACTIONS.READ == action)
|
||||
return accessCategories.ReadLevelMin;
|
||||
else
|
||||
return accessCategories.WriteLevelMin;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,32 @@
|
||||
using System;
|
||||
using System.Linq;
|
||||
using System.Web.Helpers;
|
||||
using Step.Model;
|
||||
|
||||
namespace Step.Database.Controllers
|
||||
{
|
||||
public class FunctionAccessController : IDisposable
|
||||
{
|
||||
private DatabaseContext dbCtx;
|
||||
|
||||
public FunctionAccessController()
|
||||
{
|
||||
// Initialize database context
|
||||
dbCtx = new DatabaseContext();
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
// Clear database context
|
||||
dbCtx.Dispose();
|
||||
}
|
||||
|
||||
public FunctionAccessModel FindEnabledFunctionByName(string functionName)
|
||||
{
|
||||
return dbCtx
|
||||
.FunctionsAccess
|
||||
.Where(x => x.Name == functionName && x.Enabled == true)
|
||||
.FirstOrDefault();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -14,7 +14,7 @@ namespace Step.Database
|
||||
{
|
||||
public DbSet<UserModel> Users { get; set; }
|
||||
public DbSet<RoleModel> Roles { get; set; }
|
||||
public DbSet<AccessCategoryModel> AccessCategories { get; set; }
|
||||
public DbSet<FunctionAccessModel> FunctionsAccess { get; set; }
|
||||
|
||||
public DatabaseContext()
|
||||
: base("mySQLDatabaseConnection")
|
||||
|
||||
@@ -66,14 +66,13 @@
|
||||
<Reference Include="System.Xml" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Compile Include="Controllers\AccessCategoriesController.cs" />
|
||||
<Compile Include="Controllers\FunctionAccessController.cs" />
|
||||
<Compile Include="Controllers\UsersController.cs" />
|
||||
<Compile Include="DatabaseContext.cs" />
|
||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<None Include="App.config" />
|
||||
<None Include="packages.config" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\Step.Config\Step.Config.csproj">
|
||||
|
||||
@@ -8,8 +8,8 @@ namespace Step.Model.ConfigModels
|
||||
{
|
||||
public class AreasConfigModel
|
||||
{
|
||||
public string name { get; set; }
|
||||
public bool enabled { get; set; }
|
||||
public bool allowExternalBrowser { get; set; }
|
||||
public string Name { get; set; }
|
||||
public bool Enabled { get; set; }
|
||||
public bool AllowExternalBrowser { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Step.Model.ConfigModels
|
||||
{
|
||||
public class ServerConfigModel
|
||||
{
|
||||
public string Language { get; set; }
|
||||
public int ServerPort { get; set; }
|
||||
public bool EnableDirectoryBrowsing { get; set; }
|
||||
}
|
||||
}
|
||||
+2
-4
@@ -6,12 +6,10 @@ using System.Threading.Tasks;
|
||||
|
||||
namespace Step.Model.ConfigModels
|
||||
{
|
||||
public class GenericConfigModel
|
||||
public class NcConfigModel
|
||||
{
|
||||
public string Language { get; set; }
|
||||
public int ServerPort { get; set; }
|
||||
public int NcVendor { get; set; }
|
||||
public int NcPort { get; set; }
|
||||
public string NcIpAddress { get; set; }
|
||||
public int NcPort { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -8,20 +8,22 @@ using System.Threading.Tasks;
|
||||
|
||||
namespace Step.Model
|
||||
{
|
||||
[Table("access_category")]
|
||||
public class AccessCategoryModel
|
||||
[Table("functions_access")]
|
||||
|
||||
public class FunctionAccessModel
|
||||
{
|
||||
[Key]
|
||||
[Column("id")]
|
||||
public int RoleId { get; set; }
|
||||
|
||||
public int FunctionAccessId { get; set; }
|
||||
[Column("name")]
|
||||
public string Name { get; set; }
|
||||
|
||||
[Column("write_level_min")]
|
||||
public int WriteLevelMin { get; set; }
|
||||
|
||||
[Column("read_level_min")]
|
||||
public int ReadLevelMin { get; set; }
|
||||
[Column("area")]
|
||||
public string Area { get; set; }
|
||||
[Column("enabled")]
|
||||
public bool Enabled { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -53,9 +53,10 @@
|
||||
<Reference Include="System.Xml" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Compile Include="AccessCategoryModel.cs" />
|
||||
<Compile Include="ConfigModels\NcConfigModel.cs" />
|
||||
<Compile Include="ConfigModels\AreasConfigModel.cs" />
|
||||
<Compile Include="ConfigModels\GenericConfigModel.cs" />
|
||||
<Compile Include="ConfigModels\ServerConfigModel.cs" />
|
||||
<Compile Include="FunctionAccessModel.cs" />
|
||||
<Compile Include="RoleModel.cs">
|
||||
<Generator>DtsGenerator</Generator>
|
||||
<LastGenOutput>RoleModel.cs.d.ts</LastGenOutput>
|
||||
|
||||
@@ -8,7 +8,7 @@ using System.Threading.Tasks;
|
||||
|
||||
namespace Step.Model
|
||||
{
|
||||
[Table("user")]
|
||||
[Table("users")]
|
||||
public class UserModel
|
||||
{
|
||||
[Key]
|
||||
|
||||
@@ -8,7 +8,6 @@
|
||||
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
|
||||
</configSections>
|
||||
<appSettings>
|
||||
<add key="localHostServiceURI" value="http://localhost:9000" />
|
||||
<add key="enableDirectoryBrowsing" value="true" />
|
||||
</appSettings>
|
||||
<system.web>
|
||||
|
||||
+34
-11
@@ -8,8 +8,11 @@ using System.Reflection;
|
||||
using Microsoft.Owin.FileSystems;
|
||||
using System.Configuration;
|
||||
using Microsoft.Owin.Security.OAuth;
|
||||
using Microsoft.Owin.Cors;
|
||||
using Step.Provider;
|
||||
using Step.Config;
|
||||
using Microsoft.AspNet.SignalR;
|
||||
using Microsoft.AspNet.SignalR.Hubs;
|
||||
using Step.Attributes;
|
||||
|
||||
[assembly: OwinStartup(typeof(Step.App_Start.Startup))]
|
||||
|
||||
@@ -17,10 +20,9 @@ namespace Step.App_Start
|
||||
{
|
||||
public class Startup
|
||||
{
|
||||
public static OAuthAuthorizationServerOptions OAuthOptions;
|
||||
public void Configuration(IAppBuilder app)
|
||||
{
|
||||
StartupConfigController.ReadStartUpConfig();
|
||||
|
||||
// Configure HTTP
|
||||
HttpConfiguration config = new HttpConfiguration();
|
||||
|
||||
@@ -30,13 +32,13 @@ namespace Step.App_Start
|
||||
// Register Swagger config
|
||||
SwaggerConfig.Register(config);
|
||||
|
||||
// Configure authentication
|
||||
ConfigureOAuth(app);
|
||||
|
||||
app.UseWebApi(config);
|
||||
// Configure api authentication
|
||||
ConfigureWebApiOAuth(app);
|
||||
|
||||
// SignalR config & startup
|
||||
SignalRConfig(app);
|
||||
|
||||
// Register SignalR
|
||||
app.MapSignalR();
|
||||
var directoryBrowsing = ConfigurationManager.AppSettings["enableDirectoryBrowsing"] == "true";
|
||||
|
||||
string rootDir = Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), "..", "wwwroot");
|
||||
@@ -51,9 +53,10 @@ namespace Step.App_Start
|
||||
app.UseFileServer(options);
|
||||
}
|
||||
|
||||
private void ConfigureOAuth(IAppBuilder app)
|
||||
{
|
||||
OAuthAuthorizationServerOptions OAuthOptions = new OAuthAuthorizationServerOptions
|
||||
private void ConfigureWebApiOAuth(IAppBuilder app)
|
||||
{
|
||||
// Create new authorization options
|
||||
OAuthOptions = new OAuthAuthorizationServerOptions
|
||||
{
|
||||
// Login and Token generation end point
|
||||
TokenEndpointPath = new PathString("/Token"),
|
||||
@@ -68,5 +71,25 @@ namespace Step.App_Start
|
||||
// Set bearer oAuth as authentication method
|
||||
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
|
||||
}
|
||||
|
||||
public void SignalRConfig(IAppBuilder app)
|
||||
{
|
||||
//// Set up signalR config
|
||||
//app.Map("/signalr", map =>
|
||||
//{
|
||||
// map.UseCors(CorsOptions.AllowAll);
|
||||
// // Debug
|
||||
// HubConfiguration hubConfiguration = new HubConfiguration
|
||||
// {
|
||||
// EnableDetailedErrors = true
|
||||
// };
|
||||
// // Create an istance of custom authorize attribute
|
||||
// SignalRAuthorizeAttribute authorizer = new SignalRAuthorizeAttribute();
|
||||
// AuthorizeModule module = new AuthorizeModule(authorizer, authorizer);
|
||||
// GlobalHost.HubPipeline.AddModule(module);
|
||||
// map.RunSignalR();
|
||||
//});
|
||||
app.MapSignalR();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,7 +26,7 @@ namespace Step
|
||||
config.Formatters.JsonFormatter.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
|
||||
|
||||
config.EnableCors();
|
||||
|
||||
|
||||
// Web API routes
|
||||
config.MapHttpAttributeRoutes();
|
||||
|
||||
|
||||
@@ -0,0 +1,68 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.Security.Principal;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNet.SignalR;
|
||||
using Microsoft.AspNet.SignalR.Hubs;
|
||||
using Step.Config;
|
||||
using Step.Database.Controllers;
|
||||
using Step.Model;
|
||||
using static Step.Config.Constants;
|
||||
|
||||
namespace Step.Attributes
|
||||
{
|
||||
class SignalRAuthorizeAttribute : AuthorizeAttribute
|
||||
{
|
||||
public string Category;
|
||||
public ACTIONS Action;
|
||||
protected override bool UserAuthorized(IPrincipal user)
|
||||
{
|
||||
if (!base.UserAuthorized(user))
|
||||
return false;
|
||||
|
||||
// Get user level stored in the bearer token
|
||||
ClaimsIdentity identity = user.Identity as ClaimsIdentity;
|
||||
var userRoleLevel = identity.Claims.Where(c => c.Type == ROLE_LEVEL_KEY).SingleOrDefault();
|
||||
// User data not found -> not authorized
|
||||
if (userRoleLevel == null)
|
||||
return false;
|
||||
|
||||
// check authorization
|
||||
if (!CheckAuthorization(Convert.ToInt32(userRoleLevel.Value), Category))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
private bool CheckAuthorization(int userLevel, string areaName)
|
||||
{
|
||||
using (FunctionAccessController acController = new FunctionAccessController())
|
||||
{
|
||||
// Read from db category levels
|
||||
FunctionAccessModel functionAccess = acController.FindEnabledFunctionByName(areaName);
|
||||
if (functionAccess != null && StartupConfigController.CheckAreaStatus(functionAccess.Area))
|
||||
{
|
||||
if (Action == ACTIONS.READ)
|
||||
{ // Check read permissions
|
||||
if (functionAccess.ReadLevelMin > userLevel)
|
||||
return false; // Not authorized
|
||||
}
|
||||
else
|
||||
{ // Check write permissions
|
||||
if (functionAccess.WriteLevelMin > userLevel)
|
||||
return false; // Not authorized
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
// Authorized
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,64 @@
|
||||
using System;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.Web.Http;
|
||||
using System.Web.Http.Controllers;
|
||||
using Step.Database.Controllers;
|
||||
using Step.Config;
|
||||
using static Step.Config.Constants;
|
||||
using Step.Model;
|
||||
|
||||
namespace Step
|
||||
{
|
||||
class WebApiAuthorizeAttribute : AuthorizeAttribute
|
||||
{
|
||||
public string Category;
|
||||
public ACTIONS Action;
|
||||
protected override bool IsAuthorized(HttpActionContext actionContext)
|
||||
{
|
||||
if (!base.IsAuthorized(actionContext))
|
||||
return false;
|
||||
|
||||
// Get user level stored in the bearer token
|
||||
ClaimsPrincipal principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
|
||||
var userRoleLevel = principal.Claims.Where(c => c.Type == ROLE_LEVEL_KEY).SingleOrDefault();
|
||||
// User data not found -> not authorized
|
||||
if (userRoleLevel == null)
|
||||
return false;
|
||||
|
||||
// check authorization
|
||||
if (!CheckAuthorization(Convert.ToInt32(userRoleLevel.Value), Category))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
private bool CheckAuthorization(int userLevel, string areaName)
|
||||
{
|
||||
using (FunctionAccessController acController = new FunctionAccessController())
|
||||
{
|
||||
// Read from db category levels
|
||||
FunctionAccessModel functionAccess = acController.FindEnabledFunctionByName(areaName);
|
||||
if (functionAccess != null && StartupConfigController.CheckAreaStatus(functionAccess.Area))
|
||||
{
|
||||
if (Action == ACTIONS.READ)
|
||||
{ // Check read permissions
|
||||
if (functionAccess.ReadLevelMin > userLevel)
|
||||
return false; // Not authorized
|
||||
}
|
||||
else
|
||||
{ // Check write permissions
|
||||
if (functionAccess.WriteLevelMin > userLevel)
|
||||
return false; // Not authorized
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
// Authorized
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,50 +0,0 @@
|
||||
using System;
|
||||
using System.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.Security.Principal;
|
||||
using System.Web.Http;
|
||||
using System.Web.Http.Controllers;
|
||||
using Step.Database.Controllers;
|
||||
using static Step.Config.Constants;
|
||||
|
||||
namespace Step
|
||||
{
|
||||
class CmsAuthorizationAttribute : AuthorizeAttribute
|
||||
{
|
||||
public string Category;
|
||||
public ACTIONS Action;
|
||||
protected override bool IsAuthorized(HttpActionContext actionContext)
|
||||
{
|
||||
if (!base.IsAuthorized(actionContext))
|
||||
return false;
|
||||
|
||||
// Get user level stored in the bearer token
|
||||
ClaimsPrincipal principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
|
||||
int userLevel = Convert.ToInt32(principal.Claims.Where(c => c.Type == ROLE_LEVEL_KEY).Single().Value);
|
||||
|
||||
if (!CheckAuthorization(userLevel))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
return base.IsAuthorized(actionContext);
|
||||
}
|
||||
|
||||
private bool CheckAuthorization(int userLevel)
|
||||
{
|
||||
using (AccessCategoriesController acController = new AccessCategoriesController())
|
||||
{
|
||||
// Read from db category levels
|
||||
int categoryLevel = acController.FindCategoryLevelByAction(Category, Action);
|
||||
|
||||
if (categoryLevel > userLevel)
|
||||
{
|
||||
// Not authorized
|
||||
return false;
|
||||
}
|
||||
// Authorized
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -3,6 +3,9 @@ using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Web;
|
||||
using Microsoft.AspNet.SignalR;
|
||||
using Microsoft.AspNet.SignalR.Hubs;
|
||||
using Step.Attributes;
|
||||
using static Step.Config.Constants;
|
||||
|
||||
namespace Step.Controllers
|
||||
{
|
||||
|
||||
@@ -16,7 +16,7 @@ namespace Step.Controllers
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
[CmsAuthorization(Category = "test", Action = ACTIONS.WRITE)]
|
||||
[WebApiAuthorize(Category = "test", Action = ACTIONS.WRITE)]
|
||||
[Route("test"), HttpGet]
|
||||
public IHttpActionResult Test()
|
||||
{
|
||||
|
||||
@@ -6,26 +6,34 @@ using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
using System.Web;
|
||||
|
||||
namespace Groupadoo.Web.Providers
|
||||
namespace Step.Provider
|
||||
{
|
||||
public class SignalROAuthBearerProvider : OAuthBearerAuthenticationProvider
|
||||
{
|
||||
|
||||
public override Task RequestToken(OAuthRequestTokenContext context)
|
||||
public class SignalROAuthBearerProvider : OAuthBearerAuthenticationProvider
|
||||
{
|
||||
var token = context.OwinContext.Request.Query["connectionToken"];
|
||||
if (!string.IsNullOrWhiteSpace(token))
|
||||
{
|
||||
var result = JsonConvert.DeserializeObject<TokenValue>(token);
|
||||
if (context != null && result != null)
|
||||
context.Token = result.token;
|
||||
}
|
||||
return Task.FromResult<object>(null);
|
||||
}
|
||||
}
|
||||
|
||||
class TokenValue
|
||||
{
|
||||
public string token { get; set; }
|
||||
}
|
||||
public override Task RequestToken(OAuthRequestTokenContext context)
|
||||
{
|
||||
|
||||
var token = context.OwinContext.Request.Query["connectionToken"];
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(token))
|
||||
{
|
||||
if (context != null)
|
||||
{
|
||||
context.Token = token;
|
||||
base.RequestToken(context);
|
||||
}
|
||||
}
|
||||
return Task.FromResult<object>(null);
|
||||
}
|
||||
public override Task ValidateIdentity(OAuthValidateIdentityContext context)
|
||||
{
|
||||
return base.ValidateIdentity(context);
|
||||
}
|
||||
}
|
||||
|
||||
class TokenValue
|
||||
{
|
||||
public string token { get; set; }
|
||||
}
|
||||
}
|
||||
+5
-1
@@ -59,6 +59,9 @@
|
||||
<Reference Include="Microsoft.Owin, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.Owin.3.1.0\lib\net45\Microsoft.Owin.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.Owin.Cors, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.Owin.Cors.3.1.0\lib\net45\Microsoft.Owin.Cors.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.Owin.FileSystems, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.Owin.FileSystems.3.1.0\lib\net45\Microsoft.Owin.FileSystems.dll</HintPath>
|
||||
</Reference>
|
||||
@@ -145,7 +148,8 @@
|
||||
<Compile Include="App_Start\Startup.cs" />
|
||||
<Compile Include="App_Start\SwaggerConfig.cs" />
|
||||
<Compile Include="App_Start\WebApiConfig.cs" />
|
||||
<Compile Include="CmsAuthorizationAttribute.cs" />
|
||||
<Compile Include="Attributes\WebApiAuthorizeAttribute.cs" />
|
||||
<Compile Include="Attributes\SignalRAuthorizeAttribute.cs" />
|
||||
<Compile Include="Controllers\DataHub.cs" />
|
||||
<Compile Include="Controllers\LoginController.cs" />
|
||||
<Compile Include="program.cs" />
|
||||
|
||||
+27
-16
@@ -8,6 +8,8 @@ using System.Threading;
|
||||
using System.Web;
|
||||
using TeamDev.SDK;
|
||||
using TeamDev.SDK.MVVM;
|
||||
using static Step.Config.StartupConfig;
|
||||
using Step.Config;
|
||||
|
||||
namespace Step
|
||||
{
|
||||
@@ -20,25 +22,34 @@ namespace Step
|
||||
|
||||
public static void Main()
|
||||
{
|
||||
// Start self host application
|
||||
var configuredUri = ConfigurationManager.AppSettings["localHostServiceURI"];
|
||||
|
||||
// Start WinForm
|
||||
ServerControlWindow.Start();
|
||||
|
||||
// Register listener to "close application" messages
|
||||
MessageServices.Current.Subscribe("StopServer", (a, b) =>
|
||||
try
|
||||
{
|
||||
StopRequest.Set();
|
||||
});
|
||||
StartupConfigController.ReadStartupConfig();
|
||||
|
||||
// Start server services
|
||||
using (WebApp.Start<Step.App_Start.Startup>(url: configuredUri))
|
||||
{
|
||||
StopRequest.WaitOne();
|
||||
// Start self host application
|
||||
string configuredUri = "http://localhost:" + serverConfig.ServerPort.ToString();
|
||||
|
||||
// Start WinForm
|
||||
ServerControlWindow.Start();
|
||||
|
||||
// Register listener to "close application" messages
|
||||
MessageServices.Current.Subscribe("StopServer", (a, b) =>
|
||||
{
|
||||
StopRequest.Set();
|
||||
});
|
||||
|
||||
// Start server services
|
||||
using (WebApp.Start<Step.App_Start.Startup>(url: configuredUri))
|
||||
{
|
||||
StopRequest.WaitOne();
|
||||
}
|
||||
// Close WinForm
|
||||
ServerControlWindow.Stop();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
Console.WriteLine(ex);
|
||||
}
|
||||
// Close WinForm
|
||||
ServerControlWindow.Stop();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Vendored
+95
-48
File diff suppressed because one or more lines are too long
Vendored
+50
-8
File diff suppressed because one or more lines are too long
Vendored
+459
-611
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user