Initial project's source code check-in.

2011-07-13 16:07:32 -07:00 · 2011-07-13 16:07:32 -07:00 · b03b0b373f
commit b03b0b373f
4573 changed files with 981205 additions and 0 deletions
--- a/WebsitePanel/Sources/WebsitePanel.Providers.Web.IIS70/Delegation/DelegationRulesModuleService.cs
+++ b/WebsitePanel/Sources/WebsitePanel.Providers.Web.IIS70/Delegation/DelegationRulesModuleService.cs
@ -0,0 +1,240 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using WebsitePanel.Providers.Web.Iis.Common;
+using Microsoft.Web.Administration;
+
+namespace WebsitePanel.Providers.Web.Delegation
+{
+	internal sealed class DelegationRulesModuleService : ConfigurationModuleService
+	{
+		public void RestrictRuleToUser(string providers, string path, string accountName)
+		{
+			var rulePredicate = new Predicate<ConfigurationElement>(x => { return x.Attributes["providers"].Value.Equals(providers) && x.Attributes["path"].Value.Equals(path); });
+			//
+			var userPredicate = new Predicate<ConfigurationElement>(x => { return x.Attributes["name"].Value.Equals(accountName); });
+			//
+			using (var srvman = new ServerManager())
+			{
+				var adminConfig = srvman.GetAdministrationConfiguration();
+				//
+				var delegationSection = adminConfig.GetSection("system.webServer/management/delegation");
+				//
+				var rulesCollection = delegationSection.GetCollection();
+				// Update rule if exists
+				foreach (var rule in rulesCollection)
+				{
+					if (rulePredicate.Invoke(rule) == true)
+					{
+						var permissions = rule.GetCollection("permissions");
+						//
+						var user = default(ConfigurationElement);
+						//
+						foreach (var item in permissions)
+						{
+							if (userPredicate.Invoke(item))
+							{
+								user = item;
+								//
+								break;
+							}
+						}
+						//
+						if (user == null)
+						{
+							user = permissions.CreateElement("user");
+							//
+							user.SetAttributeValue("name", accountName);
+							user.SetAttributeValue("isRole", false);
+							//
+							permissions.Add(user);
+						}
+						//
+						if (user != null)
+						{
+							user.SetAttributeValue("accessType", "Deny");
+							//
+							srvman.CommitChanges();
+						}
+					}
+				}
+			}
+		}
+
+		public void AllowRuleToUser(string providers, string path, string accountName)
+		{
+			RemoveUserFromRule(providers, path, accountName);
+		}
+
+		public void RemoveUserFromRule(string providers, string path, string accountName)
+		{
+			var rulePredicate = new Predicate<ConfigurationElement>(x => { return x.Attributes["providers"].Value.Equals(providers) && x.Attributes["path"].Value.Equals(path); });
+			//
+			var userPredicate = new Predicate<ConfigurationElement>(x => { return x.Attributes["name"].Value.Equals(accountName); });
+			//
+			using (var srvman = new ServerManager())
+			{
+				var adminConfig = srvman.GetAdministrationConfiguration();
+				//
+				var delegationSection = adminConfig.GetSection("system.webServer/management/delegation");
+				//
+				var rulesCollection = delegationSection.GetCollection();
+				// Update rule if exists
+				foreach (var rule in rulesCollection)
+				{
+					if (rulePredicate.Invoke(rule) == true)
+					{
+						var permissions = rule.GetCollection("permissions");
+						//
+						foreach (var user in permissions)
+						{
+							if (userPredicate.Invoke(user))
+							{
+								permissions.Remove(user);
+								//
+								srvman.CommitChanges();
+								//
+								break;
+							}
+						}
+					}
+				}
+			}
+		}
+
+		public bool DelegationRuleExists(string providers, string path)
+		{
+			var exists = false;
+			//
+			var predicate = new Predicate<ConfigurationElement>(x =>
+			{
+				return x.Attributes["providers"].Value.Equals(providers) && x.Attributes["path"].Value.Equals(path);
+			});
+			//
+			using (var srvman = new ServerManager())
+			{
+				var adminConfig = srvman.GetAdministrationConfiguration();
+				//
+				var delegationSection = adminConfig.GetSection("system.webServer/management/delegation");
+				//
+				var rulesCollection = delegationSection.GetCollection();
+				// Update rule if exists
+				foreach (var rule in rulesCollection)
+				{
+					if (predicate.Invoke(rule) == true)
+					{
+						exists = true;
+						//
+						break;
+					}
+				}
+			}
+			//
+			return exists;
+		}
+
+		public void AddDelegationRule(string providers, string path, string pathType, string identityType, string userName, string userPassword)
+		{
+			var predicate = new Predicate<ConfigurationElement>(x =>
+			{
+				return x.Attributes["providers"].Value.Equals(providers) && x.Attributes["path"].Value.Equals(path);
+			});
+			//
+			using (var srvman = GetServerManager())
+			{
+				var adminConfig = srvman.GetAdministrationConfiguration();
+				//
+				var delegationSection = adminConfig.GetSection("system.webServer/management/delegation");
+				//
+				var rulesCollection = delegationSection.GetCollection();
+				// Update rule if exists
+				foreach (var rule in rulesCollection)
+				{
+					//
+					if (predicate.Invoke(rule) == true)
+					{
+						if (identityType.Equals("SpecificUser"))
+						{
+							var runAsElement = rule.ChildElements["runAs"];
+							//
+							runAsElement.SetAttributeValue("userName", userName);
+							runAsElement.SetAttributeValue("password", userPassword);
+							// Ensure the rules is enabled
+							if (rule.Attributes["enabled"].Equals(false))
+							{
+								rule.SetAttributeValue("enabled", true);
+							}
+							//
+							srvman.CommitChanges();
+						}
+						//
+						return; // Exit
+					}
+				}
+				// Create new rule if none exists
+				var newRule = rulesCollection.CreateElement("rule");
+				newRule.SetAttributeValue("providers", providers);
+				newRule.SetAttributeValue("actions", "*"); // Any
+				newRule.SetAttributeValue("path", path);
+				newRule.SetAttributeValue("pathType", pathType);
+				newRule.SetAttributeValue("enabled", true);
+				// Run rule as SpecificUser
+				if (identityType.Equals("SpecificUser"))
+				{
+					var runAs = newRule.GetChildElement("runAs");
+					//
+					runAs.SetAttributeValue("identityType", "SpecificUser");
+					runAs.SetAttributeValue("userName", userName);
+					runAs.SetAttributeValue("password", userPassword);
+				}
+				else // Run rule as CurrentUser
+				{
+					var runAs = newRule.GetChildElement("runAs");
+					//
+					runAs.SetAttributeValue("identityType", "CurrentUser");
+				}
+				// Establish permissions
+				var permissions = newRule.GetCollection("permissions");
+				var user = permissions.CreateElement("user");
+				user.SetAttributeValue("name", "*");
+				user.SetAttributeValue("accessType", "Allow");
+				user.SetAttributeValue("isRole", false);
+				permissions.Add(user);
+				//
+				rulesCollection.Add(newRule);
+				//
+				srvman.CommitChanges();
+			}
+		}
+
+		public void RemoveDelegationRule(string providers, string path)
+		{
+			var predicate = new Predicate<ConfigurationElement>(x =>
+			{
+				return x.Attributes["providers"].Value.Equals(providers) && x.Attributes["path"].Value.Equals(path);
+			});
+			//
+			using (var srvman = GetServerManager())
+			{
+				var adminConfig = srvman.GetAdministrationConfiguration();
+				//
+				var delegationSection = adminConfig.GetSection("system.webServer/management/delegation");
+				//
+				var rulesCollection = delegationSection.GetCollection();
+				// Remove rule if exists
+				foreach (var rule in rulesCollection)
+				{
+					// Match rule against predicate
+					if (predicate.Invoke(rule) == true)
+					{
+						rulesCollection.Remove(rule);
+						//
+						srvman.CommitChanges();
+						//
+						return; // Exit
+					}
+				}
+			}
+		}
+	}
+}