Blackpearl 的 Impersonate

时间:2022-04-25
本文章向大家介绍Blackpearl 的 Impersonate,主要内容包括其使用实例、应用技巧、基本知识点总结和需要注意事项,具有一定的参考价值,需要的朋友可以参考一下。

Blackpearl的Connection方法 Impersonate(string name)。这个就是传说中的后门方法,它可以帮你模拟任何一个帐号(域用户或者数据库用户),来做他可以做得事情。当然,你必须在WorkSpace中设置操作这个命令的权限。

以下代码将给用户设置Impersonate权限,包装成一个Job来定时运行就可以了:

               WorkflowManagementServer managementServer = new WorkflowManagementServer();   
                managementServer.CreateConnection();    
                managementServer.Connection.Open(GetConnectionString(dataMap));    
                AdminPermissions adminPerms = managementServer.GetAdminPermissions();    
                AdminPermissions newAdminPerms = new AdminPermissions();    
                StaffCollection staffs = Staff.GetAllStaff();    
                foreach (AdminPermission item in adminPerms)    
                {    
                    var staffName = item.UserName.Replace("K2SQL:","").Trim();    
                    Staff staff = staffs.Find(t => t.EnglishName == staffName );    
                    if (staff != null)    
                    {    
                        newAdminPerms.Add(item);    
                        staffs.Remove(staff);    
                    }    
                    else    
                    {    
                        if (item.UserName.ToUpper().Contains("K2:TENCENT"))    
                        {    
                            newAdminPerms.Add(item);    
                        }    
                    }    
                }    
                foreach (var item in staffs)    
                {    
                    AdminPermission adminPermission = new AdminPermission();    
                    adminPermission.CanImpersonate = true;    
                    adminPermission.UserName = string.Format("K2SQL:{0}", item.EnglishName);    
                    newAdminPerms.Add(adminPermission);    
                }    
                managementServer.UpdateAdminUsers(newAdminPerms);

Impersonate方法的调用可以参照K2 blackpearl Client Impersonation - Suggested Design Pattern包装后使用,下面是我的包装代码:

using System;   
using System.Collections.Generic;    
using System.Linq;    
using System.Text;    
using SourceCode.Workflow.Client;    
using Tencent.OA.Framework.Workflow.Interfaces;
namespace Tencent.OA.Framework.Workflow   
{    
    /// <summary>    
    /// <example>    
    ///IK2Connection k2Conn = K2Factory.NewK2Connection("oa-flowdb");;     
    ///using(Impersonation.Impersonate(userName, k2Conn)     
    ///{     
    ///    //Do whatever work you need to do as the impersonated user     
    ///}    
    /// </example>    
    /// </summary>    
    public class Impersonation : IDisposable    
    {    
        private IK2Connection _conn = null;
        private Impersonation(IK2Connection conn)   
        {    
            _conn = conn;    
        }
        #region Impersonate Methods
        /// <summary>   
        /// 模拟用户    
        /// </summary>    
        /// <param name="userName">用户英文名</param>    
        /// <param name="conn">代表K2服务器链接</param>    
        /// <returns></returns>    
        public static Impersonation Impersonate(string userName, IK2Connection conn)    
        {    
            if (!userName.ToUpper().Contains("K2SQL"))    
            {    
                userName = string.Format("K2SQL:{0}", userName);    
            }    
            conn.Connection.ImpersonateUser(userName);    
            return new Impersonation(conn);    
        }
        #endregion Impersonate Methods
        #region IDisposable Members   
        /// <summary>    
        /// 取消用户的模拟    
        /// </summary>    
        public void Dispose()    
        {    
            _conn.Connection.RevertUser();    
        }
        #endregion   
    }    
}

随机文章
本站知识点必读
最近更新