Skip to content

Instantly share code, notes, and snippets.

@gabrielgreen

gabrielgreen/Security.sql

Created December 6, 2012 23:21
Show Gist options
  • Save gabrielgreen/4229366 to your computer and use it in GitHub Desktop.
Save gabrielgreen/4229366 to your computer and use it in GitHub Desktop.
Download ZIP
security code
Raw
Security.sql
-- --------------------------------------------------
-- Entity Designer DDL Script for SQL Server 2005, 2008, and Azure
-- --------------------------------------------------
-- Date Created: 07/26/2012 11:32:16
-- Generated from EDMX file: C:\GitHub\da-projects\1\EomTool\EomApp1\Screens\Security\Models\EomToolSecurity.edmx
-- --------------------------------------------------
SET QUOTED_IDENTIFIER OFF;
GO
USE [EomToolSecurity];
GO
IF SCHEMA_ID(N'dbo') IS NULL EXECUTE(N'CREATE SCHEMA [dbo]');
GO
-- --------------------------------------------------
-- Dropping existing FOREIGN KEY constraints
-- --------------------------------------------------
IF OBJECT_ID(N'[dbo].[FK_RolePermission_Role]', 'F') IS NOT NULL
ALTER TABLE [dbo].[RolePermission] DROP CONSTRAINT [FK_RolePermission_Role];
GO
IF OBJECT_ID(N'[dbo].[FK_RolePermission_Permission]', 'F') IS NOT NULL
ALTER TABLE [dbo].[RolePermission] DROP CONSTRAINT [FK_RolePermission_Permission];
GO
IF OBJECT_ID(N'[dbo].[FK_RoleGroup_Role]', 'F') IS NOT NULL
ALTER TABLE [dbo].[RoleGroup] DROP CONSTRAINT [FK_RoleGroup_Role];
GO
IF OBJECT_ID(N'[dbo].[FK_RoleGroup_Group]', 'F') IS NOT NULL
ALTER TABLE [dbo].[RoleGroup] DROP CONSTRAINT [FK_RoleGroup_Group];
GO
-- --------------------------------------------------
-- Dropping existing tables
-- --------------------------------------------------
IF OBJECT_ID(N'[dbo].[Permissions]', 'U') IS NOT NULL
DROP TABLE [dbo].[Permissions];
GO
IF OBJECT_ID(N'[dbo].[Roles]', 'U') IS NOT NULL
DROP TABLE [dbo].[Roles];
GO
IF OBJECT_ID(N'[dbo].[Groups]', 'U') IS NOT NULL
DROP TABLE [dbo].[Groups];
GO
IF OBJECT_ID(N'[dbo].[RolePermission]', 'U') IS NOT NULL
DROP TABLE [dbo].[RolePermission];
GO
IF OBJECT_ID(N'[dbo].[RoleGroup]', 'U') IS NOT NULL
DROP TABLE [dbo].[RoleGroup];
GO
-- --------------------------------------------------
-- Creating all tables
-- --------------------------------------------------
-- Creating table 'Permissions'
CREATE TABLE [dbo].[Permissions] (
[Id] int IDENTITY(1,1) NOT NULL,
[Name] nvarchar(max) NOT NULL
);
GO
-- Creating table 'Roles'
CREATE TABLE [dbo].[Roles] (
[Id] int IDENTITY(1,1) NOT NULL,
[Name] nvarchar(max) NOT NULL
);
GO
-- Creating table 'Groups'
CREATE TABLE [dbo].[Groups] (
[Id] int IDENTITY(1,1) NOT NULL,
[Name] nvarchar(max) NOT NULL
);
GO
-- Creating table 'RolePermission'
CREATE TABLE [dbo].[RolePermission] (
[Roles_Id] int NOT NULL,
[Permissions_Id] int NOT NULL
);
GO
-- Creating table 'RoleGroup'
CREATE TABLE [dbo].[RoleGroup] (
[Roles_Id] int NOT NULL,
[Groups_Id] int NOT NULL
);
GO
-- --------------------------------------------------
-- Creating all PRIMARY KEY constraints
-- --------------------------------------------------
-- Creating primary key on [Id] in table 'Permissions'
ALTER TABLE [dbo].[Permissions]
ADD CONSTRAINT [PK_Permissions]
PRIMARY KEY CLUSTERED ([Id] ASC);
GO
-- Creating primary key on [Id] in table 'Roles'
ALTER TABLE [dbo].[Roles]
ADD CONSTRAINT [PK_Roles]
PRIMARY KEY CLUSTERED ([Id] ASC);
GO
-- Creating primary key on [Id] in table 'Groups'
ALTER TABLE [dbo].[Groups]
ADD CONSTRAINT [PK_Groups]
PRIMARY KEY CLUSTERED ([Id] ASC);
GO
-- Creating primary key on [Roles_Id], [Permissions_Id] in table 'RolePermission'
ALTER TABLE [dbo].[RolePermission]
ADD CONSTRAINT [PK_RolePermission]
PRIMARY KEY NONCLUSTERED ([Roles_Id], [Permissions_Id] ASC);
GO
-- Creating primary key on [Roles_Id], [Groups_Id] in table 'RoleGroup'
ALTER TABLE [dbo].[RoleGroup]
ADD CONSTRAINT [PK_RoleGroup]
PRIMARY KEY NONCLUSTERED ([Roles_Id], [Groups_Id] ASC);
GO
-- --------------------------------------------------
-- Creating all FOREIGN KEY constraints
-- --------------------------------------------------
-- Creating foreign key on [Roles_Id] in table 'RolePermission'
ALTER TABLE [dbo].[RolePermission]
ADD CONSTRAINT [FK_RolePermission_Role]
FOREIGN KEY ([Roles_Id])
REFERENCES [dbo].[Roles]
([Id])
ON DELETE NO ACTION ON UPDATE NO ACTION;
GO
-- Creating foreign key on [Permissions_Id] in table 'RolePermission'
ALTER TABLE [dbo].[RolePermission]
ADD CONSTRAINT [FK_RolePermission_Permission]
FOREIGN KEY ([Permissions_Id])
REFERENCES [dbo].[Permissions]
([Id])
ON DELETE NO ACTION ON UPDATE NO ACTION;
-- Creating non-clustered index for FOREIGN KEY 'FK_RolePermission_Permission'
CREATE INDEX [IX_FK_RolePermission_Permission]
ON [dbo].[RolePermission]
([Permissions_Id]);
GO
-- Creating foreign key on [Roles_Id] in table 'RoleGroup'
ALTER TABLE [dbo].[RoleGroup]
ADD CONSTRAINT [FK_RoleGroup_Role]
FOREIGN KEY ([Roles_Id])
REFERENCES [dbo].[Roles]
([Id])
ON DELETE NO ACTION ON UPDATE NO ACTION;
GO
-- Creating foreign key on [Groups_Id] in table 'RoleGroup'
ALTER TABLE [dbo].[RoleGroup]
ADD CONSTRAINT [FK_RoleGroup_Group]
FOREIGN KEY ([Groups_Id])
REFERENCES [dbo].[Groups]
([Id])
ON DELETE NO ACTION ON UPDATE NO ACTION;
-- Creating non-clustered index for FOREIGN KEY 'FK_RoleGroup_Group'
CREATE INDEX [IX_FK_RoleGroup_Group]
ON [dbo].[RoleGroup]
([Groups_Id]);
GO
-- --------------------------------------------------
-- Script has ended
-- --------------------------------------------------
Raw
User.cs
using System.Linq;
using System;
namespace EomApp1.Security
{
public class User : UserBase
{
private static User Instance;
public static User Current
{
get
{
if (Instance == null)
Instance = new User();
return Instance;
}
}
public bool CanFinalizeForAccountManager(string accountManagerName)
{
if (accountManagerName != null)
return HasPermission("Workflow.Finalize." + accountManagerName.Trim());
else
return false;
}
public bool CanDoWorkflowVerify
{
get
{
return HasPermission("Workflow.Verify");
}
}
public bool CanDoAccountingVerify
{
get
{
return HasPermission("PublisherReports.Verify");
}
}
public bool CanDoAccountingApprove
{
get
{
return HasPermission("PublisherReports.Approve");
}
}
public bool CanDoAccountingPay
{
get
{
return HasPermission("PublisherReports.Pay");
}
}
public bool CanDoMenuItem(string tag)
{
return HasPermission(tag);
}
public static string GetEmailAddress(string name)
{
using (var db = new Security.EomToolSecurityEntities())
{
var group = db.Groups.Where(c => c.Name == name).FirstOrDefault();
if (group != null)
{
return group.EmailAddress;
}
else
{
throw new Exception("There is no group named " + name);
}
}
}
}
}
Raw
UserBase.cs
using System.Collections.Generic;
using System.Linq;
using DAgents.Common;
namespace EomApp1.Security
{
public class UserBase
{
string _IpAddress;
string IpAddress
{
get
{
if (_IpAddress == null)
{
_IpAddress = WindowsIdentityHelper.GetIpAddress();
}
return _IpAddress;
}
}
List<Role> _Roles;
List<Role> Roles
{
get
{
if (_Roles == null)
using (var db = new Security.EomToolSecurityEntities())
{
_Roles = (from g in db.Groups.ToList()
where WindowsIdentityHelper.DoesCurrentUserHaveIdentity(g.WindowsIdentity.ToArray(','))
from r in g.Roles
select r).ToList();
if (_Roles.Count == 0 && !string.IsNullOrWhiteSpace(IpAddress))
{
_Roles = (from g in db.Groups.ToList()
where g.IpAddress == IpAddress
from r in g.Roles
select r).ToList();
}
}
return _Roles;
}
}
List<string> _RoleNames;
List<string> RoleNames
{
get
{
if (_RoleNames == null)
_RoleNames = Roles.Select(r => r.Name).ToList();
return _RoleNames;
}
}
List<int> _RoleIds;
List<int> RoleIds
{
get
{
if (_RoleIds == null)
_RoleIds = Roles.Select(r => r.Id).ToList();
return _RoleIds;
}
}
List<string> _PermissionTags;
List<string> PermissionTags
{
get
{
if (_PermissionTags == null)
using (var db = new Security.EomToolSecurityEntities())
_PermissionTags = (from r in db.Roles
where RoleIds.Contains(r.Id)
from p in r.Permissions
select p.Tag).ToList();
return _PermissionTags;
}
}
protected bool HasPermission(string permissionTag)
{
return PermissionTags.Contains(permissionTag);
}
}
}
Raw
WindowsIdentityHelper.cs
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Principal;
namespace DAgents.Common
{
public class WindowsIdentityHelper
{
public static string GetWindowsIdentityName()
{
var ident = System.Security.Principal.WindowsIdentity.GetCurrent();
return ident.Name;
}
public static string GetWindowsIdentityNameLower()
{
return GetWindowsIdentityName().ToLower();
}
public static bool DoesCurrentUserHaveIdentity(string identityName)
{
return CurrentUsersGroupsAndIdentity.Contains(identityName.ToUpper());
}
public static bool DoesCurrentUserHaveIdentity(IEnumerable<string> identityNames)
{
return identityNames.Any(c => CurrentUsersGroupsAndIdentity.Contains(c.ToUpper()));
}
public static List<string> CurrentUsersGroupsAndIdentity
{
get
{
if (_CurrentUsersGroups == null)
{
_CurrentUsersGroups = WindowsIdentity.GetCurrent().Groups.Select(g => ((IdentityReference)g).Translate(typeof(NTAccount)).Value.ToUpper()).ToList();
_CurrentUsersGroups.Add(GetWindowsIdentityName().ToUpper());
}
return _CurrentUsersGroups;
}
}
private static List<string> _CurrentUsersGroups;
public static string GetIpAddress()
{
try
{
string responseText = "";
WebRequest request = WebRequest.Create("http://checkip.dyndns.org/");
using (WebResponse response = request.GetResponse())
using (StreamReader stream = new StreamReader(response.GetResponseStream()))
{
responseText = stream.ReadToEnd();
}
//Search for the ip in the html
int first = responseText.IndexOf("Address: ") + 9;
int last = responseText.LastIndexOf("</body>");
return responseText.Substring(first, last - first).Trim();
}
catch
{
return string.Empty;
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment