623 lines
16 KiB
C#
623 lines
16 KiB
C#
/*********************************************************************************************
|
|
* Copyright 2004 - Volian Enterprises, Inc. All rights reserved.
|
|
* Volian Enterprises - Proprietary Information - DO NOT COPY OR DISTRIBUTE
|
|
* ------------------------------------------------------------------------------
|
|
* $Workfile: Security.cs $ $Revision: 4 $
|
|
* $Author: Jsj $ $Date: 5/17/05 11:52a $
|
|
*
|
|
* $History: Security.cs $
|
|
*
|
|
* ***************** Version 4 *****************
|
|
* User: Jsj Date: 5/17/05 Time: 11:52a
|
|
* Updated in $/LibSource/Utils
|
|
* cleanup
|
|
*
|
|
* ***************** Version 3 *****************
|
|
* User: Kathy Date: 1/24/05 Time: 2:44p
|
|
* Updated in $/LibSource/Utils
|
|
* B2005-004 fixes
|
|
*
|
|
* ***************** Version 2 *****************
|
|
* User: Kathy Date: 1/14/05 Time: 10:38a
|
|
* Updated in $/LibSource/Utils
|
|
* B2004-061: fix security options
|
|
*
|
|
* ***************** Version 1 *****************
|
|
* User: Kathy Date: 7/27/04 Time: 8:34a
|
|
* Created in $/LibSource/Utils
|
|
*********************************************************************************************/
|
|
|
|
using System;
|
|
using System.IO;
|
|
using System.Collections;
|
|
using System.Windows.Forms;
|
|
using System.Text;
|
|
|
|
namespace Utils
|
|
{
|
|
/// <summary>
|
|
/// Summary description for Security.
|
|
/// </summary>
|
|
public class Security
|
|
{
|
|
public const long VIEW =0x00000001L;
|
|
public const long PRINT =0x00000002L;
|
|
public const long PRINTDRAFT =0x00000004L;
|
|
public const long PRINTCHANGES =0x00000008L;
|
|
public const long EDIT =0x00000010L;
|
|
public const long SEARCH =0x00000020L;
|
|
public const long STANDARDSTEPS =0x00000040L;
|
|
public const long APPROVE =0x00000080L;
|
|
public const long APPROVESINGLE =0x00000100L;
|
|
public const long LIBRARYDOCS =0x00000200L;
|
|
public const long ADDMODDEL =0x00000400L;
|
|
public const long CLEAN =0x00000800L;
|
|
public const long LOCKPROC =0x00001000L;
|
|
public const long LOCKSET =0x00000001L;
|
|
public const long UCF =0x00000002L;
|
|
public const long LOCKSYSTEM =0x00000001L;
|
|
public const long DOCMAINT =0x00000002L;
|
|
public const long ROEDITOR =0x00000004L;
|
|
public const long SYSADMIN =0x00000008L;
|
|
|
|
public const int SUPERUSER =1000;
|
|
public const long SUPERACCESS =0xFFFFFFFFL;
|
|
|
|
// the following four flags are system security options,
|
|
// read in for the user from the security file (vesam.opt)
|
|
private bool BlockAccessFlag=false;
|
|
public bool PermissionToManageFlag=false;
|
|
public bool SystemAdminFlag=false;
|
|
public bool PermissionToLockFlag=false;
|
|
|
|
// private string optFileName;
|
|
private int numsets = 0;
|
|
private long uoptions; // user options
|
|
private Int16 blockAccess = 0;
|
|
private long oldpos;
|
|
public int userid = -1;
|
|
// private int plantid = -1;
|
|
// private int procid = -1;
|
|
private string ident;
|
|
public string initials;
|
|
private const string samoptname = "vesam.opt";
|
|
public string optfilename;
|
|
private ArrayList psets; //
|
|
public FileStream fs;
|
|
public BinaryReader bw;
|
|
public bool isDemoMode=false;
|
|
|
|
public Security(string pathname)
|
|
{
|
|
if (File.Exists(pathname + "\\" + samoptname) == false)
|
|
{
|
|
MessageBox.Show("Could not locate the Security Options file:\n\n" + pathname+"\\"+samoptname,"Security Access Error");
|
|
optfilename = null;
|
|
return;
|
|
}
|
|
optfilename = pathname + "\\" + samoptname;
|
|
psets = new ArrayList();
|
|
}
|
|
|
|
public bool OpenFile()
|
|
{
|
|
try
|
|
{
|
|
fs = new FileStream(optfilename,FileMode.Open,FileAccess.Read,FileShare.Read,1,false);
|
|
bw = new BinaryReader(fs);
|
|
return true;
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
MessageBox.Show(e.Message,"Security File");
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public void CloseFile()
|
|
{
|
|
bw.Close();
|
|
fs.Close();
|
|
bw=null;
|
|
fs=null;
|
|
}
|
|
|
|
public int CheckUserId(string Name, string Pass)
|
|
{
|
|
// check for default superuser username/password.
|
|
if ((Name=="vlnmsp") && (Pass=="575"))
|
|
{
|
|
userid = SUPERUSER;
|
|
ident = "vlnmsp";
|
|
initials = Name;
|
|
return userid;
|
|
}
|
|
|
|
if (bw==null)
|
|
{
|
|
bool op;
|
|
if ((op = OpenFile()) == false) return -1;
|
|
}
|
|
byte x;
|
|
// read past some header stuff.
|
|
for (int jj=0;jj<16;jj++)
|
|
x=bw.ReadByte();
|
|
long nxtUs;
|
|
uint nmUser;
|
|
nxtUs=bw.ReadUInt32();
|
|
nmUser=bw.ReadUInt16();
|
|
|
|
int uid, tmp;
|
|
string fName, fPass;
|
|
for (int i = 0; i < nmUser; i++)
|
|
{
|
|
fs.Seek((long)nxtUs,SeekOrigin.Begin);
|
|
nxtUs=bw.ReadUInt32();
|
|
uid = bw.ReadUInt16();
|
|
tmp = bw.ReadUInt16();
|
|
byte [] test = new byte[10];
|
|
test = bw.ReadBytes(10);
|
|
fName = Encoding.ASCII.GetString(test,0,10);
|
|
int indx = fName.IndexOf("\0");
|
|
string fNameTrim = fName.Substring(0,indx);
|
|
if (fNameTrim == Name)
|
|
{
|
|
test = bw.ReadBytes(10);
|
|
fPass = Encoding.ASCII.GetString(test,0,10);
|
|
indx = fPass.IndexOf("\0");
|
|
string fPassTrim = fPass.Substring(0,indx);
|
|
if (fPassTrim == Pass)
|
|
{
|
|
userid = uid;
|
|
ident = Name;
|
|
initials = Name;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
CloseFile();
|
|
|
|
return userid;
|
|
}
|
|
|
|
public void SetUserSystemRights()
|
|
{
|
|
BlockAccessFlag=BlockAccess();
|
|
long userAccessFlags=GetUserSecurity();
|
|
PermissionToManageFlag=(userAccessFlags&Security.DOCMAINT)==0?false:true;
|
|
PermissionToLockFlag=(userAccessFlags&Security.LOCKSYSTEM)==0?false:true;
|
|
SystemAdminFlag=(userAccessFlags&Security.SYSADMIN)==0?false:true;
|
|
}
|
|
|
|
public void LoadUserSecurity()
|
|
{
|
|
//
|
|
// get the system level security options for this user here
|
|
//
|
|
bool op = OpenFile();
|
|
if (op==false) return;
|
|
|
|
if( userid == 1000 )
|
|
{ // super user priviledge
|
|
uoptions = 0xFFFFFFFFL;
|
|
SetUserSystemRights();
|
|
CloseFile();
|
|
return;
|
|
}
|
|
|
|
fs.Seek(32,SeekOrigin.Begin);
|
|
blockAccess=bw.ReadInt16();
|
|
|
|
fs.Seek(0,SeekOrigin.Begin);
|
|
byte x;
|
|
// read past some header stuff.
|
|
for (int jj=0;jj<16;jj++)
|
|
x=bw.ReadByte();
|
|
|
|
long nxtUs;
|
|
uint nmUser;
|
|
nxtUs=bw.ReadUInt32();
|
|
nmUser=bw.ReadUInt16();
|
|
|
|
int uid;
|
|
for (int i = 0; i < nmUser; i++)
|
|
{
|
|
oldpos = nxtUs;
|
|
fs.Seek((long)nxtUs,SeekOrigin.Begin);
|
|
nxtUs=bw.ReadUInt32();
|
|
uid = bw.ReadUInt16();
|
|
if (uid == userid)
|
|
{
|
|
string junk = new string (bw.ReadChars(22));
|
|
uoptions=bw.ReadUInt16();
|
|
break;
|
|
}
|
|
}
|
|
SetUserSystemRights();
|
|
CloseFile();
|
|
}
|
|
|
|
public void SetUpDemoMode()
|
|
{
|
|
userid=Security.SUPERUSER; // super user so that demo data can be anywhere (doesn't check vesamp.opt)
|
|
ident="demo";
|
|
initials="demo";
|
|
isDemoMode = true;
|
|
}
|
|
public int GetPlantSecurityIndex(string Location)
|
|
{
|
|
for (int i=0;i<psets.Count;i++)
|
|
{
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[i];
|
|
if (Location.ToUpper() == sps.GetPath().ToUpper()) return i;
|
|
}
|
|
return -1;
|
|
}
|
|
|
|
public bool PlantHasSecurity(int idx)
|
|
{
|
|
if (userid == SUPERUSER) return true;
|
|
if (idx<0 || idx>psets.Count-1)return false;
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[idx];
|
|
return sps.HasSecurity;
|
|
}
|
|
|
|
public bool ProcSetHasSecurity(int idx, string procset)
|
|
{
|
|
if (userid == SUPERUSER) return true;
|
|
if (idx<0 || idx>psets.Count-1)return false;
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[idx];
|
|
return sps.ProcSetHasSecurity(procset);
|
|
}
|
|
|
|
public long GetPlantSecurity(int idx)
|
|
{
|
|
if(userid == SUPERUSER ) return SUPERACCESS;
|
|
if (idx<0 || idx>psets.Count-1) return 0L;
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[idx];
|
|
return (sps.GetSecurity());
|
|
}
|
|
|
|
public bool AnyOptionsSet(int idx)
|
|
{
|
|
if(userid==SUPERUSER) return true;
|
|
if (idx<0 || idx>psets.Count-1) return false;
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[idx];
|
|
return sps.AnyOptionsSet();
|
|
}
|
|
|
|
public long GetUserSecurity()
|
|
{
|
|
if(userid == SUPERUSER) return SUPERACCESS;
|
|
return(uoptions);
|
|
}
|
|
|
|
public bool BlockAccess()
|
|
{
|
|
if (userid == SUPERUSER) return false;
|
|
if(blockAccess!=0) return true;
|
|
return false;
|
|
}
|
|
|
|
public bool IsAllowed(long mask)
|
|
{
|
|
if(userid == SUPERUSER) return true;
|
|
return (uoptions&mask) != 0;
|
|
}
|
|
|
|
public bool IsAllowed(string plantpath, string procpath, long mask)
|
|
{
|
|
bool retval = false;
|
|
if(userid == SUPERUSER) return true;
|
|
for(int i=0; i<numsets; i++)
|
|
{
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[i];
|
|
if(sps.IsAllowed(plantpath,procpath,mask)==true)
|
|
{
|
|
retval = true;
|
|
break;
|
|
}
|
|
}
|
|
return retval;
|
|
}
|
|
|
|
public long GetProcSecurity(string fullpath)
|
|
{
|
|
long mask=0L;
|
|
string plantpath;
|
|
string fullprocpath;
|
|
string procpath;
|
|
string tmpchg=null;
|
|
string apr=null;
|
|
|
|
if(userid == SUPERUSER) return SUPERACCESS;
|
|
plantpath = fullpath;
|
|
procpath = plantpath.Substring(plantpath.LastIndexOf("\\"),plantpath.Length-plantpath.LastIndexOf("\\"));
|
|
if (procpath.Substring(1,procpath.Length-1).ToUpper() == "TMPCHG")
|
|
{
|
|
// we have a Temporary Change directory, store it
|
|
tmpchg=procpath;
|
|
// remove the tmpchg text from the plantpath string
|
|
plantpath=plantpath.Substring(0,plantpath.Length-tmpchg.Length);
|
|
// Get the procedure subdirectory
|
|
procpath = plantpath.Substring(plantpath.LastIndexOf("\\"),plantpath.Length-plantpath.LastIndexOf("\\"));
|
|
}
|
|
if(procpath.Substring(1,procpath.Length-1).ToUpper() == "APPROVED")
|
|
{
|
|
// we have an approved dir, store it
|
|
apr = procpath;
|
|
// remove the approved text from the plantpath string
|
|
plantpath=plantpath.Substring(0,plantpath.Length-apr.Length);
|
|
// Get the procedure subdirectory
|
|
procpath = plantpath.Substring(plantpath.LastIndexOf("\\"),plantpath.Length-plantpath.LastIndexOf("\\"));
|
|
}
|
|
|
|
// at this point, tmpchg & apr will be set if we have a tmpchg or approved directory,
|
|
// plantpath will contain the plant directory & procedure set subdirectory, and
|
|
// procpath will be the procedure set subdirectory name (with the preceeding '\').
|
|
// Now set plantpath to be the plant level directory. Make fullprocpath from the
|
|
// procedure set subdirectory & any approved/tmpchg directories that were part
|
|
// of the path that was passed in.
|
|
plantpath=plantpath.Substring(0,plantpath.Length-procpath.Length);
|
|
procpath=procpath.Substring(1,procpath.Length-1); // remove '\' prefix
|
|
fullprocpath=procpath+apr+tmpchg;
|
|
for(int i=0; i<numsets; i++)
|
|
{
|
|
SecurityPlantSets sps = (SecurityPlantSets) psets[i];
|
|
if( sps.GetProcSecurity(plantpath,fullprocpath,ref mask) ) break;
|
|
}
|
|
return mask;
|
|
}
|
|
|
|
public void AddPlant(int nTab, string path)
|
|
{
|
|
SecurityPlantSets sps = new SecurityPlantSets(path, oldpos, this);
|
|
psets.Insert(nTab,sps);
|
|
numsets = psets.Count;
|
|
}
|
|
}
|
|
|
|
public class SecurityProcSets
|
|
{
|
|
private long[] procoptions;
|
|
private string path;
|
|
|
|
public SecurityProcSets(string pth, Security security, long userPos, int procid, int numplants, int pid)
|
|
{
|
|
procoptions = new long[4];
|
|
path = pth;
|
|
// read in proc options
|
|
if (security.userid == Security.SUPERUSER)
|
|
{
|
|
for(int i=0;i<4;i++) procoptions[i]=0xff;
|
|
return;
|
|
}
|
|
security.fs.Seek(userPos+38L,SeekOrigin.Begin);
|
|
|
|
short tpid;
|
|
for (int i=0;i<numplants;i++)
|
|
{
|
|
tpid = security.bw.ReadInt16();
|
|
security.fs.Seek(8L,SeekOrigin.Current);
|
|
short nProcSets;
|
|
nProcSets = security.bw.ReadInt16();
|
|
for (int j=0; j<nProcSets;j++)
|
|
{
|
|
short tprocid;
|
|
tprocid = security.bw.ReadInt16();
|
|
if (tprocid==procid && tpid==pid)
|
|
{
|
|
tprocid = security.bw.ReadInt16();
|
|
for(int k=0;k<4;k++) procoptions[k]=security.bw.ReadInt32();
|
|
return;
|
|
}
|
|
else
|
|
security.fs.Seek(18,SeekOrigin.Current);
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool AnyOptionsSet()
|
|
{
|
|
for(int k=0;k<4;k++) if(procoptions[k]!=0L)return true;
|
|
return false;
|
|
}
|
|
|
|
public bool IsAllowed(string procpath, long mask)
|
|
{
|
|
bool retval = false;
|
|
if (path==procpath) retval = (procoptions[0]&mask) !=0;
|
|
return retval;
|
|
}
|
|
|
|
public string GetPath()
|
|
{
|
|
return path;
|
|
}
|
|
|
|
public bool GetProcSecurity(string procpath, ref long mask)
|
|
{
|
|
bool retval = false;
|
|
if (path.ToUpper()==procpath.ToUpper())
|
|
{
|
|
mask = procoptions[0];
|
|
retval = true;
|
|
}
|
|
return retval;
|
|
}
|
|
}
|
|
|
|
public class SecurityPlantSets
|
|
{
|
|
private string path;
|
|
private long setoption;
|
|
private int numopts;
|
|
private ArrayList procs; // SecurityProcSets;
|
|
private Security security;
|
|
// Flag whether this plant has data in the security options file. (maybe newly
|
|
// created since vesam was run).
|
|
public bool HasSecurity;
|
|
|
|
public SecurityPlantSets(string cptr, long userPos, Security sec)
|
|
{
|
|
string title;
|
|
string pth;
|
|
int pid=0;
|
|
long plantpos;
|
|
procs = new ArrayList();
|
|
security = sec;
|
|
path = cptr;
|
|
HasSecurity=false;
|
|
|
|
security.fs.Seek(8L,SeekOrigin.Begin);
|
|
numopts = -1;
|
|
plantpos = security.bw.ReadInt32(); // 1st plant set position
|
|
short np;
|
|
np = security.bw.ReadInt16(); // number of plant sets.
|
|
long oldpos=0;
|
|
short sz;
|
|
for (int i=0;i<np;i++)
|
|
{
|
|
security.fs.Seek(plantpos,SeekOrigin.Begin);
|
|
plantpos = security.bw.ReadInt32();
|
|
pid = security.bw.ReadInt16();
|
|
sz = security.bw.ReadInt16();
|
|
title = new string(security.bw.ReadChars(sz));
|
|
sz = security.bw.ReadInt16();
|
|
pth=null;
|
|
pth = new string(security.bw.ReadChars(sz));
|
|
if (pth.ToUpper()==path.ToUpper()) // this is what we're looking for..
|
|
{
|
|
numopts = security.bw.ReadInt16();
|
|
security.fs.Seek(4L,SeekOrigin.Current);
|
|
oldpos = security.fs.Position;
|
|
HasSecurity=true;
|
|
break;
|
|
}
|
|
}
|
|
|
|
// get the plant level options
|
|
int currentUID = sec.userid;
|
|
if (currentUID != Security.SUPERUSER)
|
|
{
|
|
security.fs.Seek(userPos,SeekOrigin.Begin);
|
|
security.fs.Seek(38L,SeekOrigin.Current);
|
|
short tpid;
|
|
for (int i=0;i<np;i++)
|
|
{
|
|
tpid = security.bw.ReadInt16();
|
|
if (tpid == pid) // correct plant
|
|
{
|
|
setoption = security.bw.ReadInt32();
|
|
break;
|
|
}
|
|
else
|
|
{
|
|
setoption = security.bw.ReadInt32(); //skip following data...
|
|
setoption = security.bw.ReadInt32();
|
|
tpid = security.bw.ReadInt16();
|
|
for (int j=0;j<tpid;j++) security.fs.Seek(20L,SeekOrigin.Current);
|
|
}
|
|
}
|
|
}
|
|
else
|
|
setoption = Security.SUPERACCESS;
|
|
if (numopts>0)
|
|
procs = new ArrayList(numopts);
|
|
else
|
|
procs = null;
|
|
for(int i=0;i<numopts;i++)
|
|
{
|
|
security.fs.Seek(oldpos+4L,SeekOrigin.Begin);
|
|
short procid;
|
|
procid = security.bw.ReadInt16();
|
|
sz = security.bw.ReadInt16();
|
|
title = new string(security.bw.ReadChars(sz));
|
|
sz = security.bw.ReadInt16();
|
|
pth = new string(security.bw.ReadChars(sz));
|
|
security.fs.Seek(4L,SeekOrigin.Current);
|
|
oldpos = security.fs.Position;
|
|
SecurityProcSets sps = new SecurityProcSets(pth, security, userPos, procid, np, pid);
|
|
procs.Insert(i,sps);
|
|
}
|
|
}
|
|
|
|
public string GetPath()
|
|
{
|
|
return path;
|
|
}
|
|
|
|
public bool ProcSetHasSecurity(string procset)
|
|
{
|
|
if (procs==null)return false; // if no procs for plant in security file.
|
|
//see if this plant has a procedure set that matches the input string
|
|
// this will tell us that it is included in the vesam.opt file.
|
|
for (int i=0;i<procs.Count;i++)
|
|
{
|
|
SecurityProcSets sps = (SecurityProcSets) procs[i];
|
|
if (sps.GetPath().ToUpper() == procset.ToUpper()) return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
public bool AnyOptionsSet()
|
|
{
|
|
for (int i=0;i<numopts;i++)
|
|
{
|
|
SecurityProcSets sps = (SecurityProcSets) procs[i];
|
|
if (sps.AnyOptionsSet())return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
public bool IsAllowed(string plantpath, string procpath, long mask)
|
|
{
|
|
bool retval = false;
|
|
if (path==plantpath)
|
|
{
|
|
for (int i=0;i<numopts;i++)
|
|
{
|
|
SecurityProcSets sps = (SecurityProcSets) procs[i];
|
|
if (sps.IsAllowed(procpath, mask)==true)
|
|
{
|
|
retval = true;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
return retval;
|
|
}
|
|
|
|
public long GetSecurity()
|
|
{
|
|
return (setoption);
|
|
}
|
|
|
|
public bool GetProcSecurity(string plantpath, string procpath, ref long mask)
|
|
{
|
|
bool retval = false;
|
|
if(path.ToUpper() == plantpath.ToUpper())
|
|
{
|
|
if (security.userid!=Security.SUPERUSER)
|
|
{
|
|
for (int i=0; i<numopts; i++)
|
|
{
|
|
SecurityProcSets sps = (SecurityProcSets) procs[i];
|
|
if (sps.GetProcSecurity(procpath,ref mask) == true)
|
|
{
|
|
retval = true;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
retval = true;
|
|
mask = Security.SUPERACCESS;
|
|
}
|
|
}
|
|
return retval;
|
|
}
|
|
}
|
|
}
|