Silver Monkey OPS 0.1 Documentation¶
Note
Documentation is still in development process. Please do not hesitate to contact us on support@silvermonkey.net for further information.
Welcome¶
This document is meant to be a source for all information regarding the administration and installation of the new OPS module.
This document was generated on 2017-09-12 at 11:28.
Contents:
Introduction¶
In this article:
OPS Module overview¶
The OPS (Operations) Module enables users to view the current state of different domain entities (such as Computers, Applications, Users etc.) and allows to invoke actions (such as WakeOnLan, Install Application etc.) on these entities.
Access to OPS is controled by the SIM access control system (domain groups are mapped to SIM roles).
The OPS Module consists of three seperate applications: ops-auth, ops-api and ops-webapp. The end-user will only deal with ops-webapp (the frontend), whereas administrators also need to configure ops-auth and ops-api (the backend). The OPS Module actions that can be invoked for the domain entities are delegated to v5/v6 Forms. Therefore the OPS Module has a dependency on v5/v6.
ops-auth¶
The ops-auth module (or simpler just auth module) is a service to retrieve OPS user roles (not Windows or Azure AD roles).
Warning
Note. The ops-auth module will be replaced in the near future
ops-api¶
The ops-api module is a service that provides access to one or more sql tables as well as defines the views and actions that will be shown in its clients (for example the ops-webapp). Access to the data, the views and actions is determined by SIM roles.
ops-webapp / ops-web¶
ops-webapp is the frontend that end-users will use to view entities and invoke actions on them. The views and actions that are available are configured in ops-api.
Requirements¶
Serverside¶
| Name | Technologie | Operating System | Webserver | .NET Framework |
|---|---|---|---|---|
| ops-api | ASP.NET | Windows 7, Windows Server 2012 (or higher) | IIS 8 (or higher) | 4.5.2 (or higher) |
| ops-auth | ASP.NET Core | Windows 7, Windows Server 2012 (or higher) | IIS 8 (or higher) | 4.5.2 (or higher) |
Clientside¶
any modern browser SHOULD work.
Installation¶
In this article:
ops-auth¶
The module needs to be installed as an IIS application for a website. The websites url needs to be known by SIM before compiling the application.
| Applicationname | auth | |
| Applicationpool | .NET CLR Version | v4.0.30319 |
| Managed pipeline mode | Integrated | |
| Identity | Custom account with read access to the database | |
| Authentication | Only anonymous authentication enabled | |
ops-api¶
The module needs to be installed as an IIS application for a website. The websites url needs to be known by SIM before compiling the application.
| Applicationname | ops-api | |
| Applicationpool | .NET CLR Version | No Managed Code |
| Managed pipeline mode | Integrated | |
| Identity | Custom account with read access to the database | |
| Authentication | Only anonymous authentication enabled | |
IIS Modules¶
The AspNetCoreModule module needs to be activated for this application.
ops-webapp / ops-web¶
The ops-webapp can be hosted in any webserver. If it is hosted in IIS the following settings apply:
| Applicationname | ops or ops-web or ops-webapp | |
| Applicationpool | .NET CLR Version | v4.0.30319 |
| Managed pipeline mode | Integrated | |
| Identity | Applicationpool Identity | |
| Authentication | Only anonymous authentication enabled | |
Database Setup¶
ops-auth¶
The module requires an MS SQL Server and database that provides the mapping between Windows domain roles and OPS roles. The connection to the database can be specified in the modules Web.config DefaultConnectionString node. The connection strings property “integrated security” SHOULD have the value “true”, the “provider name” property SHOULD have the value “System.Data.EntityClient”. Under the node appSettings the value of “DomainName” MUST have the name of the windows domain.
example Web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<appSettings>
<add key="DomainName" value="phatconsulting.group" />
</appSettings>
<connectionStrings>
<add name="DefaultConnectionString" connectionString="data source=simsrv042;initial catalog=SIM_OPS_R042;integrated security=True;MultipleActiveResultSets=True;" providerName="System.Data.EntityClient" />
</connectionStrings>
<system.web>
<authentication mode="Windows" />
<compilation targetFramework="4.6.1">
<assemblies>
<add assembly="System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.DirectoryServices.AccountManagement, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</assemblies>
</compilation>
<httpRuntime targetFramework="4.5.2" />
</system.web>
</configuration>
<!--ProjectGuid: b03c2d11-e5ac-4242-a5c2-862a3787e00a-->
The auth module expects a Table named “Role_Group” with columns “RoleId” (uniqueidentifier, not null) and “GroupName” (varchar, not null) in the given database. The Groupname is the name of a windows domain group. The RoleId is the id of a SIM/OPS role. The corresponding Role table is not used by the auth module and therefore CAN be absent.
ops-api¶
The ops-api module expects following tables and relationships:
Role table:
| Column | Type |
|---|---|
| Id | PK, uniqueidentifier, not null |
| Name | Name, varchar(1000), not null |
any number of Item tables: (name can be chosen arbitrarily)
| Column | Type |
|---|---|
| Id | PK, uniqueidentifier, not null |
| ItemType | varchar(15), not null |
foreach Item table there MUST be exactly one corresponding Item_Role table (name can be chosen arbitrarily), that defines a many-to-many relationship between the corresponding Item table and the Role table:
| Column | Type |
|---|---|
| RoleId | FK Role(Id), uniqueidentifier, not null |
| ItemId | FK **Item**(Id), uniqueidentifier, not null |
Note
database conventions SIM (usually) uses
- singular for table names (for example “Application” instead of “Applications”)
- “Id” as the name for the PRIMARY KEY
- The GUID/uniqueidentifier type for the PRIMARY KEY column
- The names of the involved tables seperated by an underscore in a many to many relationship (for example “Computer_Role”)
- Tablename + “Id” for FOREIGN KEYS (for example “RoleId”)
Config schema¶
This document describes the schema of the config.json file. The config.json file is used to configure the available views and actions for the web-app.
Root object¶
| Name | Type | Description | Required |
|---|---|---|---|
| Sites | array<SiteConfig> | A list of Sites | required |
| Panels | array<PanelConfig> | A list of Panels | required |
| Filters | array<FilterConfig> | A list of Filters | required |
| ContextMenus | array<ContextMenu> | A list of ContextMenus | required |
| DndMenus | array<DnDMenu> | A list of DndMenus | required |
| Menus | array<Menu> | A list of Menus | required |
SiteConfig¶
| Name | Type | Description | Required |
|---|---|---|---|
| Id | integer | required | |
| DisplayName | string | The name that will be displayed to users | required |
| PanelIds | array<integer> | A Site can display several Panels that are specified here | required |
| RoleNames | A Site can be shown to only authorized users, which can be described here |
RoleNames¶
| Name | Type | Description | Required |
|---|---|---|---|
| Values | array<> |
PanelConfig¶
| Name | Type | Description | Required |
|---|---|---|---|
| Id | integer | required | |
| SearchField | string | required | |
| Columns | array<Column> | required | |
| FilterIds | array<integer> | required | |
| Table | string | required | |
| PermissionTable | string | required | |
| DefaultCondition | null |
Column¶
| Name | Type | Description | Required |
|---|---|---|---|
| FieldName | string | The name of the property (usually a database column) | required |
| DisplayName | string | The label that should be displayed in the UI | required |
FilterConfig¶
| Name | Type | Description | Required |
|---|---|---|---|
| Id | integer | Id must be unique among all filters | required |
| DisplayName | string | The name that will be displayed in the UI | required |
| ActionsMenuId | integer | Every filter is bound to a specific ActionMenu | required |
| RoleNames | A filter can be made available to specific roles. If this property is not set, the filter will be available for all users | ||
| Condition | null | An SQL condition that is used as part of a where clause when querying the database table |
config.json sample file¶
{
"sites": [
{
"id": 1,
"displayName": "Everything",
"panelIds": [ 2 ],
"roleNames": { "values": [ "Admin", "User" ] }
},
{
"id": 2,
"displayName": "Restricted",
"panelIds": [ 3 ],
"roleNames": { "values": [ "Admin", "RoleWithWildCard*" ] }
}
],
"panels": [
{
"id": 2,
"table": "[dbo].[Item]",
"permissionTable": "[dbo].[ItemsRoles]",
"columns": [
{
// Name of the db column for this field.
"fieldName": "name",
// Name displayed on frontend for this field.
"displayName": "Computer Name"
},
{
// Name of the db column for this field.
"fieldName": "description",
// Name displayed on frontend for this field.
"displayName": "Computer Description"
},
{
// Name of the db column for this field.
"fieldName": "dn",
// Name displayed on frontend for this field.
"displayName": "dn"
},
{
// Name of the db column for this field.
"fieldName": "domainAlias",
// Name displayed on frontend for this field.
"displayName": "Alias"
}
],
"searchField": "name",
"defaultCondition": "",
"filterIds": [ 0, 3 ]
},
{
"id": 3,
"table": "[dbo].[Item]",
"permissionTable": "[dbo].[ItemsRoles]",
"columns": [
{
"fieldName": "name",
"displayName": "Computer Name"
},
{
"fieldName": "description",
"displayName": "Computer Description"
},
{
"fieldName": "dn",
"displayName": "dn"
},
{
"fieldName": "domainAlias",
"displayName": "Alias"
}
],
"searchField": "name",
"defaultCondition": "",
"filterIds": [ 3 ]
}
],
"filters": [
{
"id": 0,
"displayName": "All",
"actionsMenuId": 0
},
{
"id": 3,
"displayName": "With description 2",
"condition": "Name IS NOT NULL",
"actionsMenuId": 7
}
],
"contextMenus": [
{
"itemType": "computer",
"menuId": 1
},
{
"itemType": "app",
"menuId": 3
}
],
"dndMenus": [
{
"itemTypes": [ "computer", "app" ],
"menuId": 4
},
{
"itemTypes": [ "computer", "appPrd" ],
"menuId": 9
}
],
"menus": [
{
"id": 0,
"name": "A S1 P1",
"menuItems": [
{
"displayName": "Add computer",
"urlTemplate": "http: //v6.com/add_computer"
}
]
},
{
"id": 1,
"name": "C S1 P1",
"menuItems": [
{
"displayName": "Delete computer",
"urlTemplate": "http: //v6.com/delete_computer/:id",
"roleNames": { "values": [ "RoleWithWildCard*", "Admin" ] }
},
{
"displayName": "Edit computer",
"urlTemplate": "http: //v6.com/edit_computer/:id"
}
]
}
]
}
Changelog¶
| Version | TicketId | Product | Description |
|---|---|---|---|
| 0.1.0 | None | OPS | alpha version |
Support¶
If you have further questions regarding our products or the documentation contact us:
- Tel. : +49 40 - 226 383 160
- E-Mail : Support@SilverMonkey.net
If you need general Information about our Products visit: http://www.SilverMonkey.net