Here's my custom Windows Server 2003 Authorization Manager Role Provider:
using System;using System.Collections;using System.Configuration;using System.Web;using System.Web.Security;
using AZROLESLib;
public class AuthorizationManagerRoleProvider: RoleProvider{ private string name; private string applicationName; private string storeLocation; private AZROLESLib.AzAuthorizationStore store; private const int AZ_AZSTORE_FORCE_APPLICATION_CLOSE = 0x10;
public AuthorizationManagerRoleProvider() {
}
private AZROLESLib.IAzApplication OpenApplication() { return store.OpenApplication(this.applicationName, null); }
private void CloseApplication() { //this.store.CloseApplication(this.ApplicationName, 0); }
#region Validation Routines private void ValidateUserName(string userName) { if (StringUtility.IsEmpty(userName)) { throw new HttpException("User names cannot be empty or null."); } if (userName.IndexOf(',') > 0) { throw new HttpException("User names cannot contain commas."); } }
private void ValidateUserNames(string[] userNames) { foreach (string userName in userNames) { this.ValidateUserName(userName);
} }
private void ValidateRoleName(string roleName, bool shouldExist) { if (StringUtility.IsEmpty(roleName)) { throw new HttpException("Role names cannot be empty or null."); } bool exists = this.RoleExists(roleName); if (shouldExist != exists) { if (shouldExist) { throw new HttpException("Invalid role name."); } else { //ignore //throw new HttpException("Duplicate role name."); } }
private void ValidateRoleNames(string[] roleNames, bool shouldExist) { foreach (string roleName in roleNames) { this.ValidateRoleName(roleName, shouldExist); } } #endregion
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection configuration) { try { this.name = name;
this.storeLocation = configuration["store"]; this.store = new AZROLESLib.AzAuthorizationStoreClass(); store.Initialize(0, this.storeLocation, null);
this.ApplicationName = configuration["applicationName"]; } catch (Exception e) { Console.WriteLine(e.Message); }
public override string Name { get { return this.name; } }
public override string ApplicationName { get { return this.applicationName; }
set { this.applicationName = value; } }
public override string[] FindUsersInRole(string roleName, string usernameToMatch) { ArrayList usersInRole = new ArrayList(); string[] users = this.GetUsersInRole(roleName); foreach (string userName in users) { if (userName.IndexOf(usernameToMatch) >= 0) { usersInRole.Add(userName); } } return (string[])usersInRole.ToArray(typeof(string)); }
public override string[] GetAllRoles() { AZROLESLib.IAzApplication application = this.OpenApplication(); string[] roleNames = null; try { AZROLESLib.IAzApplicationGroups roles = application.ApplicationGroups; AZROLESLib.IAzApplicationGroup currentRole = null; int limit = roles.Count; roleNames = new string[limit]; for (int index = 1; index <= limit; index++) { currentRole = roles[index] as IAzApplicationGroup; roleNames[index - 1] = currentRole.Name; } } finally { this.CloseApplication(); } return roleNames; }
public override string[] GetRolesForUser(string userName) { ArrayList rolesForUser = new ArrayList(); string[] roleNames = this.GetAllRoles(); string[] userNames = null; foreach (string roleName in roleNames) { userNames = this.GetUsersInRole(roleName); foreach (string currentUserName in userNames) { if (string.Compare(userName, currentUserName, true) == 0) { rolesForUser.Add(roleName); } } } return (string[])rolesForUser.ToArray(typeof(string)); }
public override string[] GetUsersInRole(string roleName) { AZROLESLib.IAzApplication application = this.OpenApplication(); string[] usersInRole = null; try { AZROLESLib.IAzApplicationGroup group = application.OpenApplicationGroup(roleName, null); object[] userNames = group.MembersName as object[]; int limit = userNames.Length; usersInRole = new string[limit]; for (int index = 0; index < limit; index++) { usersInRole[index] = userNames[index] as string; } } finally { this.CloseApplication(); } return StringUtility.EliminateDuplicateArrayElements(usersInRole,true); }
public override bool IsUserInRole(string userName, string roleName) { string abbreviatedUserName = userName; int index = abbreviatedUserName.IndexOf('\\'); if(index >= 0) { abbreviatedUserName = abbreviatedUserName.Substring(++index); }
string[] usersInRole = this.GetUsersInRole(roleName); foreach (string currentUserName in usersInRole) { if (string.Compare(currentUserName, abbreviatedUserName, true) == 0) { return true; } } return false; }
public override void RemoveUsersFromRoles(string[] userNames, string[] roleNames) { string[] uniqueUserNames = StringUtility.EliminateDuplicateArrayElements(userNames, true); string[] uniqueRoleNames = StringUtility.EliminateDuplicateArrayElements(roleNames, true);
this.ValidateRoleNames(uniqueRoleNames, true); this.ValidateUserNames(uniqueUserNames);
foreach (string userName in uniqueUserNames) { foreach (string roleName in uniqueRoleNames) { if (!(this.IsUserInRole(userName, roleName))) { throw new HttpException(string.Format("User, {0}, is not the role, {1}",userName,roleName)); } } }
AZROLESLib.IAzApplication application = this.OpenApplication(); try { AZROLESLib.IAzApplicationGroup group = null; foreach (string roleName in uniqueRoleNames) { group = application.OpenApplicationGroup(roleName, null); foreach (string userName in uniqueUserNames) { group.DeleteMemberName(userName, null); } group.Submit(0, null); } } finally { this.CloseApplication(); }
public override bool RoleExists(string roleName) { string[] roleNames = this.GetAllRoles(); foreach (string currentRoleName in roleNames) { if (string.Compare(roleName, currentRoleName, true) == 0) { return true; } } return false; }
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { this.ValidateRoleName(roleName, true); if (throwOnPopulatedRole) { string[] users = this.GetUsersInRole(roleName); if (users.Length > 0) { throw new HttpException("Cannot delete a populated role.");
} } AZROLESLib.IAzApplication application = this.OpenApplication(); try { application.DeleteApplicationGroup(roleName, null); application.DeleteRole(roleName, null); } finally { this.CloseApplication(); }
return true; }
public override void CreateRole(string roleName) { this.ValidateRoleName(roleName,false); AZROLESLib.IAzApplication application = this.OpenApplication(); try { AZROLESLib.IAzApplicationGroup group = application.CreateApplicationGroup(roleName, null); group.Submit(0, null); AZROLESLib.IAzRole role = application.CreateRole(roleName, null); role.Submit(0, null); role.AddAppMember(group.Name, null); role.Submit(0, null); } finally { this.CloseApplication(); } }
public override void AddUsersToRoles(string[] userNames, string[] roleNames) { string[] uniqueUserNames = StringUtility.EliminateDuplicateArrayElements(userNames,true); string[] uniqueRoleNames = StringUtility.EliminateDuplicateArrayElements(roleNames,true);
this.ValidateRoleNames(uniqueRoleNames,true); this.ValidateUserNames(uniqueUserNames);
foreach (string userName in uniqueUserNames) { foreach (string roleName in uniqueRoleNames) { if (this.IsUserInRole(userName, roleName)) { throw new HttpException("A user is already in a role."); } } }
AZROLESLib.IAzApplication application = this.OpenApplication(); try { AZROLESLib.IAzApplicationGroup group = null; foreach (string roleName in uniqueRoleNames) { group = application.OpenApplicationGroup(roleName, null); foreach (string userName in uniqueUserNames) { group.AddMemberName(userName, null); } group.Submit(0, null); } } catch { this.CloseApplication(); }