11-01-2012 10:53 AM
I'm researching Sublogix as a means of accessing our underlying SLX data store from at least 1 external web app. So far it has proven itself to be very easy to work with.
One of the requirements I have to flesh out is the ability to create and manipulate objects, within the context of another user, without knowing that user's password (just the ID).
So far, I see that the Usersecurity object exposes the Userpw property, but it's hashed.
Does anyone know if there is a method available that will unhash the password (I dont want to see it, I just want to unhash it) so that I can open another Repository object in the context of this new user?
var repo = new Repository("myserver", "mydatabase", "admin", "myadminpass");
var johnDoeUserSec = repo.Find<Usersecurity>(x => x.Usercode == "johndoe").FirstOrDefault();
var johnDoeRepo = new Repository("myserver", "mydatabase", johnDoeUserSec.Usercode, johnDoeUserSec.Userpw);
At which point I'd pull all of John Doe's accounts, create Contacts, etc.
If I don't do it this way then everything is created in the context of Admin, and I don't want that.
Thanks for any insight.
Solved! Go to Solution.
11-02-2012 02:27 AM
Have you seen this post, it might come of help to you.
11-02-2012 05:42 AM
I am sorry you could not access that part of the community, it is essentially a community for Sage Partners and Employees, I was not sure if you belonged to the partner community.
11-14-2012 02:28 PM
Glad Sublogix has been working out for you
As far as decrypting the userpw field in SLX, you'll be out of luck there for the most part. As you've found out, the SLXRWEL does not decrypt the user passwords.
The bets option would be to use impersonation. You'll use the admin credentials in Sublogix and provide a custom connection string to create the Sublogix repository and include the impersonation parameter in that connection string. Then, any queries will return only those records that the user you are impersonating has access to, just as if you were actually logged in as that user.
See this link for details on creating a SLX connection string and including the "impersonate" parameter: http://slxdeveloper.com/page.aspx?action=viewarticle&articleid=55
Basically, you'd build a connection string using the admin's credentials, but then include the impersonate in the extended properties of the connection string. Then, use that connection string when creating the Sublogix repository:
string slxConnectionString = "...";
var repo = new Sublogix.Repository(slxConnectionString);
That's it. Then when you do something like this:
var accounts = repo.Find<Account>(x => x.Type == "Customer");
You'll only see accounts that have a type of customer that the user you are impersonating has access to. Make sense?