AppStd/RecordOrganizer
8
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
RecordOrganizer/app/DD-Record-Organizer/ClassWDRights.vb

392 lines
20 KiB
VB.net
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Imports WINDREAMLib
Imports DD_LIB_Standards
Public Class ClassWDRights
#Region "+++++ Konstanten +++++"
Const REL_Document_AccessRight = "AccessRight"
Const COL_AccessRight_AccessRightID = "dwAccessRightID"
Const COL_AccessRight_AccessRight = "dwAccessRight"
Const REL_AccessRight_UserOrGroup = "AccessRightUserOrGroup"
Const WMAccessRightUndefined = 0
Const WMAccessRightRead = 1
Const WMAccessRightWrite = 2
Const WMAccessRightReadWrite = 3
Const WMAccessRightAdmin = 4
Const WMAccessRightAllRights = 7 ' doc+folder: read, write and admin access
Const WMUserTypeMain = 1
Const WMUserTypeNormal = 4
Const WMUserTypeInactive = 8
Const WMGroupTypeAdmin = 2
Const WMEntityGroups = 13
Const WMEntityUser = 18
Const WMGroupTypeAll = 127
#End Region
#Region "+++++ Variables +++++"
Public Shared AD_DOMAIN As String
Public Shared AD_USER As String
Public Shared AD_USER_PW As String
Public Shared AD_SERVER As String
Public Shared WD_RIGHT_ADMIN As Integer
Public Shared MSG_RESULT = ""
#End Region
Public Shared Function Init()
Try
MSG_RESULT = ""
If LogErrorsOnly = False Then ClassLogger.Add(String.Format(" >> Init ClassWDRights started - " & Now & " ..."), False)
Dim DT_KONFIG As DataTable = ClassDatabase.Return_Datatable("SELECT * FROM TBPMO_SERVICE_RIGHT_CONFIG WHERE GUID = 1")
AD_DOMAIN = DT_KONFIG.Rows(0).Item("AD_DOMAIN")
AD_USER = DT_KONFIG.Rows(0).Item("AD_USER")
WD_RIGHT_ADMIN = DT_KONFIG.Rows(0).Item("WD_RIGHT")
If clsDatabase.DB_PROXY_INITIALIZED = True And ClassProxy.MyLinkedServer <> String.Empty Then
ClassLogger.Add("User configured a proxy: " & ClassProxy.MyLinkedServer, False)
AD_SERVER = ClassProxy.MyLinkedServer
Else
AD_SERVER = DT_KONFIG.Rows(0).Item("AD_SERVER")
End If
Dim PWplainText As String
Dim wrapper As New ClassEncryption("!35452didalog=")
' DecryptData throws if the wrong password is used.
Try
PWplainText = wrapper.DecryptData(DT_KONFIG.Rows(0).Item("AD_USER_PW"))
Catch ex As Exception
ClassLogger.Add("The Userpassword could not be decrypted", False)
PWplainText = ""
End Try
AD_USER_PW = PWplainText
If LogErrorsOnly = False Then ClassLogger.Add(String.Format(" >> ClassWDRights Init'ed - AD_DOMAIN: '{0}', AD_USER: '{1}', AD_SERVER: '{2}'", AD_DOMAIN, AD_USER, AD_SERVER), False)
Return True
Catch ex As Exception
ClassLogger.Add("Unexpected Error in ClassRights Init: " & vbNewLine & ex.Message, True)
Return False
End Try
End Function
'''Renews all rights of the passed doc-file
''' </summary>
''' <returns>Returns Boolean True when successfull</returns>
''' <remarks></remarks>
Public Shared Function Doc_Renew_Rights(doc_id As Integer, docpath As String, deleterights As Boolean) As Boolean
Try
If LogErrorsOnly = False Then ClassLogger.Add(String.Format(" >> Working on rights for file: {0}", docpath), False)
Dim DT_USER_RIGHT As DataTable
Dim DT_GROUP_RIGHT As DataTable
Dim oSession
Dim oWMObject As WINDREAMLib.WMObject
Dim UserGroupRelation
Dim UserOrGroup
Dim oUSer
Try
'Dedizierte Session herstellen
oSession = GetWMSessionAsUser(AD_DOMAIN, AD_SERVER, AD_USER, AD_USER_PW)
Catch ex As Exception
Dim msg = "Error in Doc_Renew_Rights-GetWMSessionAsUser : " & ex.Message
ClassLogger.Add(msg, True)
Return False
End Try
If Not IsNothing(oSession) Then
If LogErrorsOnly = False Then ClassLogger.Add(" >> Session created.", False)
Dim sql = String.Format("SELECT * FROM [dbo].[FNPMO_GET_RIGHTS_FOR_DOC] ({0}) where USER_OR_GROUP = 'USER'", doc_id)
DT_USER_RIGHT = clsDatabase.Return_Datatable(sql)
sql = String.Format("SELECT * FROM [dbo].[FNPMO_GET_RIGHTS_FOR_DOC] ({0}) where USER_OR_GROUP = 'GROUP'", doc_id)
DT_GROUP_RIGHT = clsDatabase.Return_Datatable(sql)
If IsNothing(DT_USER_RIGHT) Then
Dim msg = "Error while receiving rights for DocID"
clsLogger.Add(msg, True)
Return False
Else
If LogErrorsOnly = False Then clsLogger.Add(String.Format(" >> Amount of Userrights: {0}", DT_USER_RIGHT.Rows.Count), False)
End If
If LogErrorsOnly = False Then clsLogger.Add(String.Format(" >> Amount of Grouprights: {0}", DT_GROUP_RIGHT.Rows.Count), False)
Try
'Object definieren
oWMObject = oSession.GetWMObjectByPath(0, docpath.Substring(2))
If LogErrorsOnly = False Then ClassLogger.Add(" >> Object created.", False)
Catch ex As Exception
Dim msg = "Error GetWMObjectByPath: (FDSR) " & docpath.Substring(2) & vbNewLine & Err.Description
ClassLogger.Add(msg, True)
Return False
End Try
Dim lret
Try
' Objekt muss zur Rechteänderung gelockt werden
lret = oWMObject.LockRights()
Catch ex As Exception
Dim msg = "Error while locking file" & ex.Message
ClassLogger.Add(msg, True)
Return False
End Try
If LogErrorsOnly = False Then ClassLogger.Add(" >> Object locked.", False)
If CBool(lret) = False Then
Dim msg = "Error in setting lock .LockRights - Err.Number: " & Err.Number & vbCrLf & Err.Description
ClassLogger.Add(msg, True)
Return False
End If
' Rechteträger-Liste holen
Dim AccessRights
AccessRights = oWMObject.GetWMObjectRelationByName(REL_Document_AccessRight)
If LogErrorsOnly = False Then ClassLogger.Add(" >> AccessRights created.", False)
'Bei Fehler in Rechteauswertung
If Err.Number <> 0 Then
Dim msg = "Error in setting REL_Document_AccessRight - Err.Number: " & Err.Number & vbCrLf & Err.Description
ClassLogger.Add(msg, True)
Return False
End If
'############################# Rechte löschen ################################################################################
'#############################################################################################################################
If deleterights = True Then
If LogErrorsOnly = False Then ClassLogger.Add(" >> rights for document will now be deleted.", False)
'Erst einmal alle anderen Rechte löschen
Dim i As Integer = 1
' und nun jeden Rechteträger verarbeiten
For Each aRightRelation In AccessRights
' Auflistung der Rechteträger-Informationen holen
UserGroupRelation = aRightRelation.GetWMObjectRelationByName(REL_AccessRight_UserOrGroup)
If Err.Number <> 0 Then
Dim msg = "Error in setting REL_AccessRight_UserOrGroup - Err.Number: " & Err.Number & vbCrLf & Err.Description
ClassLogger.Add(msg, True)
Return False
End If
' Zugriff auf das Benutzer/Gruppen-Objekt
UserOrGroup = UserGroupRelation.item(0)
Dim _msg As String
If (UserOrGroup.aWMEntity = WMEntityGroups) Then
_msg = "Right for Group '" & UserOrGroup.aName & "'"""
Else
_msg = "Right for User: '" & UserOrGroup.aName & "'"""
End If
If LogErrorsOnly = False Then ClassLogger.Add(String.Format(" >> [{0}] will now be deleted.", _msg), False)
If Err.Number <> 0 Then
Dim msg = "Error in setting UserGroupRelation - Err.Number: " & Err.Number & vbCrLf & Err.Description
ClassLogger.Add(msg, True)
Return False
End If
'einem Rechteträger ALLE Rechte zu entziehen
'entfernt ihn gleichzeitig aus der Auflistung der Rechteträger
Try
AccessRights.Delete2(UserOrGroup, WMAccessRightAllRights)
Catch ex As Exception
Dim msg = "Error in AccessRights.Delete2 (Doc_RenewRights) Doc-ID: " & doc_id & " - UserGroup: " & UserOrGroup.aName & " - ErrorMsg: " & ex.Message
ClassLogger.Add(msg, True)
Continue For
End Try
i += 1
_msg = _msg.Replace(" '", "")
If LogErrorsOnly = False Then ClassLogger.Add(String.Format(" >> {0} was deleted.", _msg), False)
Next
If LogErrorsOnly = False Then ClassLogger.Add(" >> All rights for doc were deleted....", False)
End If
Err.Clear()
' Wenn ALLE Rechteträger entfernt werden (FOR EACH),
' dann muss mindestens EIN Rechteträger mit dem Recht zur Rechteänderung
' wieder zugefügt werden!!!!! Dies ist der ADDI-Right User!
'Für jeden User das Recht einzeln hinzufügen
For Each User_Row As DataRow In DT_USER_RIGHT.Rows
Dim fileright 'Recht als Integer
Dim StringUserRight
Try
StringUserRight = AD_DOMAIN & "\" & User_Row.Item("USR_NAME")
fileright = User_Row.Item("USR_RIGHT")
If LogErrorsOnly = False Then ClassLogger.Add(String.Format(" >> Working on right for user-right: {0}-{1}", StringUserRight, fileright), False)
Try
' User holen
oUSer = oSession.GetWMObjectByName(WMEntityUser, StringUserRight)
If LogErrorsOnly = False Then ClassLogger.Add(" >> got oUSer...", False)
Catch ex As Exception
Dim msg = String.Format(">> Could not create windream-Usersession for user '{0}' - check whether user is part of windream-group!", StringUserRight)
ClassLogger.Add(msg, False)
MSG_RESULT &= msg & vbNewLine
Continue For
End Try
If Not IsNothing(oUSer) Then
Try
AccessRights.Insert2(oUSer, fileright) 'WMAccessRightAllRights)
If LogErrorsOnly = False Then ClassLogger.Add(" >> Right was set...", False)
Catch ex As Exception
Dim msg = String.Format(">> Could not set right for user {0} - AccessRights.Insert2: {1}", StringUserRight, ex.Message)
ClassLogger.Add(msg, True)
Continue For
End Try
End If
Catch ex As Exception
Dim _right
Select Case fileright
Case WMAccessRightRead
_right = "READ"
Case WMAccessRightWrite
_right = "WRITE"
Case WMAccessRightAdmin
_right = "ADMIN"
Case WMAccessRightAllRights
_right = "ALL RIGHTS"
Case WMAccessRightReadWrite
_right = "READ WRITE"
End Select
MSG_RESULT &= String.Format("Error while working on RightChange:" & vbNewLine & "Fileright: {0}" & vbNewLine & "User: {1} " & vbNewLine & "File: {2}", _right, StringUserRight, docpath) & vbNewLine
ClassLogger.Add(ex.Message)
End Try
Next
'Für jede Gruppe das Recht einzeln hinzufügen
For Each Group_Row As DataRow In DT_GROUP_RIGHT.Rows
Dim fileright 'Recht als Integer
Dim StringGroupRight
Dim _oGroup
Try
StringGroupRight = AD_DOMAIN & "\" & Group_Row.Item("USR_NAME")
fileright = Group_Row.Item("USR_RIGHT")
If LogErrorsOnly = False Then clsLogger.Add(String.Format(" >> Working on right for group-right: {0}-{1}", StringGroupRight, fileright), False)
Try
' User holen
_oGroup = oSession.GetWMObjectByName(WMEntityGroups, StringGroupRight)
If LogErrorsOnly = False Then clsLogger.Add(" >> got Group...", False)
Catch ex As Exception
Dim msg = String.Format(">> Could not create windream-Usersession for group '{0}' - check whether group exists in windream!", StringGroupRight)
clsLogger.Add(msg, False)
MSG_RESULT &= msg & vbNewLine
Continue For
End Try
If Not IsNothing(_oGroup) Then
Try
AccessRights.Insert2(_oGroup, fileright) 'WMAccessRightAllRights)
If LogErrorsOnly = False Then clsLogger.Add(" >> Right was set...", False)
Catch ex As Exception
Dim msg = String.Format(">> Could not set right for docID: {0} group {1} - AccessRights.Insert2: {2}", doc_id, StringGroupRight, ex.Message)
clsLogger.Add(msg, True)
Continue For
End Try
End If
Catch ex As Exception
Dim _right
Select Case fileright
Case WMAccessRightRead
_right = "READ"
Case WMAccessRightWrite
_right = "WRITE"
Case WMAccessRightAdmin
_right = "ADMIN"
Case WMAccessRightAllRights
_right = "ALL RIGHTS"
Case WMAccessRightReadWrite
_right = "READ WRITE"
End Select
MSG_RESULT &= String.Format("Error while working on RightChange2:" & vbNewLine & "Fileright: {0}" & vbNewLine & "Group: {1} " & vbNewLine & "File: {2}", _right, StringGroupRight, docpath) & vbNewLine
clsLogger.Add(ex.Message)
End Try
Next
Try
'Speichern nicht vergessen
oWMObject.Save()
If LogErrorsOnly = False Then ClassLogger.Add(" >> Doc was saved...", False)
Catch ex As Exception
Dim msg = String.Format("Error at Object2Change.Save - DocID ({0}): {1}", doc_id, ex.Message)
ClassLogger.Add(msg, True)
If oWMObject.aLocked = True Then
oWMObject.unlock()
If LogErrorsOnly = False Then ClassLogger.Add(" >> Doc unlocked after error!", False)
End If
Return False
End Try
'und der Vollständigkeit halber auch ein Unlock
If oWMObject.aLocked = True Then
Try
oWMObject.unlock()
If LogErrorsOnly = False Then ClassLogger.Add(" >> Doc was unlocked...", False)
Catch ex As Exception
Dim msg = "Fehler bei Unlock - Error: " & ex.Message
ClassLogger.Add(msg, True)
Return False
End Try
End If
ClassHelper.InsertEssential_Log(doc_id, "DOC-ID", "Rights for doc successfully renewed - Doc_Renew_Rights")
'jetzt True zurückgeben
Return True
Else
Dim msg = "ERROR : no session could be created (3)!"
ClassLogger.Add(msg, True)
Return False
End If
Catch ex As Exception
ClassLogger.Add(String.Format("Unexpected Error while Doc_Renew_Rightss DocID: {0}", doc_id), True)
Dim msg = "ErrorMessage: " & vbNewLine & ex.Message
ClassLogger.Add(msg, False)
Return False
End Try
End Function
Public Shared Function GetWMSessionAsUser(Domain, ServerName, UserName, Password)
Try
Dim SessionAsUser
Dim aConnect, aUserId, aSession
' Hilfsobjekte erschaffen, um eine Verbindung zum windream Server herzustellen
' mit der gewünschten Benutzer-Identität
aConnect = CreateObject("Windream.WMConnect")
'Bei einer impersonifizierten Session ist zu beachten, dass die ModuleID 9 zu nutzen ist.
'Wird keine Session-ID angegeben, hat die Session die ID 0 (Default).
aConnect.ModuleId = 9
If Err.Number <> 0 Then
Dim msg = "Error in CreateObject (aConnect) - Err.Number: " & Err.Number & vbNewLine & Err.Description
ClassLogger.Add(msg, True)
SessionAsUser = Nothing
Return SessionAsUser
End If
aUserId = CreateObject("WMOTool.WMUserIdentity")
If Err.Number <> 0 Then
Dim msg = "Error in CreateObject('WMOTool.WMUserIdentity') - Err.Number: " & Err.Number & vbNewLine & Err.Description
ClassLogger.Add(msg, True)
SessionAsUser = Nothing
Return SessionAsUser
End If
aUserId.aDomain = Domain
aUserId.aServerName = ServerName
aUserId.aUserName = UserName
aUserId.aPassword = Password
aSession = aConnect.Login(aUserId)
If Err.Number <> 0 Then
Dim msg = "Error in Connect.Login(aUserId) - Err.Number: " & Err.Number & vbNewLine & Err.Description
ClassLogger.Add(msg, True)
SessionAsUser = Nothing
Return SessionAsUser
Else
SessionAsUser = aSession
If aSession.aLoggedin = True Then
Return SessionAsUser
End If
End If
Catch ex As Exception
Dim msg = "Unexpected Error in DDLibraries-GetWMSessionAsUser: " & ex.Message & vbNewLine & _
String.Format("Domain: {0}, ServerName: {1}, UserName: {2}, Password: {3},", Domain, ServerName, UserName, Password)
ClassLogger.Add(msg, True)
Return Nothing
End Try
End Function
End Class
Reference in New Issue View Git Blame Copy Permalink