Get All the list of (Roles, Tasks, Operations) for specific user

Topics: SQL Database Schema, Web Console
Nov 13, 2010 at 9:49 AM

Hi Andrea,

I am looking for a way to get all the list of(Roles, Tasks, Operations) for specific user.

- 3.6.0.8 NetSqlAzMan version
- Management Console
- Win server 2008 with C# 
- Platform (64 bit) 
- SQL Server version (2008)

Thanks.

Coordinator
Nov 15, 2010 at 3:52 PM

Hi,

sorry for the delay.

You have to run a CheckAccess for all Application Items. All items for which the result is Allow/AllowWithDelegation is good.

Regards,

Andrea.

__________________________________
Andrea Ferendeles
NetSqlAzMan Project Coordinator
E-mail aferende@hotmail.com Web http://netsqlazman.codeplex.com

Nov 15, 2010 at 5:07 PM

Hello Andrea,

You answer implies that for each item, there has to be a database call for a user. So, if there are 200 operations defined in an application, there have to be 200 database calls to check access to all the items. Is that true? I am trying to figure out a way to get all the operations for a user from one database call and save it into a Session object to use it across the web application. Can you please answer my question. I will appreciate it.

Thanks.

Coordinator
Nov 15, 2010 at 5:16 PM

The answer is yes.

If you are referring to a potential performance issue you can use the NetSqlAzMan.Cache.StorageCache object or better the NetSqlAzMan WCF Cache Service

(StorageCache.GetAuthorizedItems(…) method).

Regards,

Andrea.

__________________________________
Andrea Ferendeles
NetSqlAzMan Project Coordinator
E-mail aferende@hotmail.com Web http://netsqlazman.codeplex.com

Nov 16, 2010 at 9:07 AM

Hi All,

I can tell you what i did eventually:

In the class: UserPermissionCache, i changed the method: buildApplicationCache() to be public, and i changed the class member CheckAccessTimeSlice to be property and public.

Then, in my application i creates the following class:


[Serializable]
    public class AuthenticateObject
    {
        public string Id { get; set; }
        public string Name { get; set; }
        public string Type { get; set; }
        public bool IsAllow { get; set; }
    }

And now i can build the authorization list for the logged in user:

public virtual List<AuthenticateObject> CreateAuthoriationObjectInCache(bool retrieveAttributes, bool multiThreadedBuild, string dbUserName, params KeyValuePair<string, object>[] contextParameters)
        {
            IAzManStorage mStorage = new NetSqlAzMan.SqlAzManStorage(CONNECTION_STRING);
            var userPermissionCache = new UserPermissionCache(mStorage, STORE_NAME, APPLICATION_NAME, mStorage.GetDBUser(dbUserName), retrieveAttributes, multiThreadedBuild);
            userPermissionCache.buildApplicationCache();
            var authCacheList = userPermissionCache.CheckAccessTimeSlice;

            var list = new List<AuthenticateObject>();
            using (IAzManStorage storage = new SqlAzManStorage(CONNECTION_STRING))
            {
                var application = storage[STORE_NAME][APPLICATION_NAME];
                foreach (var authItem in authCacheList)
                {
                    var authObj = application.GetItem(authItem.ItemName);
                    list.Add(new AuthenticateObject
                    {
                        Id = authObj.ItemId.ToString(),
                        Name = authObj.Name,
                        Type = authObj.ItemType.ToString(),
                        IsAllow = ((authItem.AuthorizationType == AuthorizationType.AllowWithDelegation)
                            || (authItem.AuthorizationType == AuthorizationType.Allow))
                    });
                }
            }
            return list;
        }
I don't know if it is good solution, but, its working for me now.

Coordinator
Nov 16, 2010 at 2:42 PM

I prefer to use the StorageCache object or better the WCF Cache Service.

Here an example:

String connectionString="Data Source=(local);Initial Catalog=NetSqlAzManStorage;Integrated Security==True";
WindowsIdentity windowsIdentity = HttpContext.Current.Request.LogonUserIdentity ?? WindowsIdentity.GetCurrent();
NetSqlAzMan.Cache.StorageCache sc = new StorageCache(connectionString);
sc.BuildStorageCache();
AuthorizedItem[] authorizedItems = sc.GetAuthorizedItems(
"My Store Name",
"My Application Name",
windowsIdentity.GetUserBinarySSid(),
windowsIdentity.GetGroupsBinarySSid(),
DateTime.Now);

authorizedItems = (from t in authorizedItems
where t.Authorization == AuthorizationType.Allow || t.Authorization == AuthorizationType.AllowWithDelegation
select t).ToArray();

Regards,

Andrea.

__________________________________
Andrea Ferendeles
NetSqlAzMan Project Coordinator
E-mail aferende@hotmail.com Web http://netsqlazman.codeplex.com

Jul 23, 2011 at 3:52 PM

Andrea,

Could you please clarify where are

windowsIdentity.GetUserBinarySSid() and windowsIdentity.GetGroupsBinarySSid() methods?

They are not available in WindowsIdentity.GetCurrent() on my machine Window7(64)

Regards,

Andrew Neskoromnyi

Andrew.Neskoromnyi@comcat.net

Coordinator
Jul 23, 2011 at 4:01 PM

They are Extension Methods.

You need to add the

Using NetSqlAzMan.Cache;

directive on top of your class.

__________________________________
Andrea Ferendeles
NetSqlAzMan Project Coordinator
E-mail aferende@hotmail.com Web http://netsqlazman.codeplex.com

Jul 23, 2011 at 5:15 PM

Thank you Andrea, it works now