public void TryGetEmailAddressTest()
        {
            ManagedAccount a = new ManagedAccount(Session);

            try
            {
                string email = GetNewEmailAddress();
                a.Create("Test User", "testpassword", email, DateTime.UtcNow, AdminSecurityContext);

                string address;
                Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
                Console.WriteLine("Address: {0}", address);
                Assert.AreEqual(email, address);
                Assert.IsFalse(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
                a.VerifyAllEmails();
                Assert.IsTrue(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
                Assert.AreEqual(email, address);
                // add an address, make it principal
                TransitAccountEmail t_instance = new TransitAccountEmail();
                t_instance.Address   = GetNewEmailAddress();
                t_instance.AccountId = a.Id;
                ManagedAccountEmail m_instance = new ManagedAccountEmail(Session);
                t_instance.Id = m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
                Session.Flush();

                a.Instance.AccountEmails = Session.CreateCriteria(typeof(AccountEmail))
                                           .Add(Expression.Eq("Account.Id", a.Id))
                                           .List <AccountEmail>();

                m_instance.Confirm(AdminSecurityContext);
                a.VerifyAllEmails();
                t_instance.Principal = true;
                m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
                Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
                Console.WriteLine("Address: {0}", address);
                Assert.AreEqual(address, t_instance.Address);
            }
            finally
            {
                a.Delete(AdminSecurityContext);
            }
        }
Beispiel #2
0
        public void RunCleanupStaleAccounts(ISession session, ManagedSecurityContext sec)
        {
            // fetch accounts that have not been logged in for two months and that don't have a verified e-mail
            IEnumerable<Account> accounts = session.CreateQuery(
                string.Format(
                 "FROM Account account" +
                 " WHERE NOT EXISTS ( " +
                  " FROM AccountEmail AS email" +
                  " WHERE email.Account = account" +
                  " AND email.Verified = 1" +
                 ") AND account.LastLogin < '{0}'", DateTime.UtcNow.AddMonths(-2).ToString(DateTimeFormatInfo.InvariantInfo)))
                 .Enumerable<Account>();

            IEnumerator<Account> enumerator = accounts.GetEnumerator();
            while (enumerator.MoveNext() && ! IsStopping)
            {
                Account account = enumerator.Current;

                try
                {
                    ManagedAccount ma = new ManagedAccount(session, account);

                    bool bDelete = false;

                    // delete an account without any e-mail addresses (openid)
                    if (account.AccountEmails == null || account.AccountEmails.Count == 0)
                    {
                        bDelete = true;
                    }

                    if (account.AccountEmails != null && !bDelete)
                    {
                        // see if there exists another account with the same verified e-mail address
                        // someone either tried to hijack this account or tried to register again with the same e-mail and succeeded
                        foreach (AccountEmail email in account.AccountEmails)
                        {
                            if (IsStopping)
                                break;

                            IList verifiedemails = session.CreateCriteria(typeof(AccountEmail))
                                .Add(Expression.Eq("Verified", true))
                                .Add(Expression.Eq("Address", email.Address))
                                .SetMaxResults(1)
                                .List();

                            if (verifiedemails.Count > 0)
                            {
                                // there exists another account that has the same address, verified
                                // user has subscribed twice and verified another account
                                bDelete = true;
                                break;
                            }
                        }
                    }

                    if (account.AccountEmails != null && !bDelete)
                    {
                        foreach (AccountEmail email in account.AccountEmails)
                        {
                            if (IsStopping)
                                break;

                            // if we have never resent the e-mail confirmation, do it now
                            if (email.Created == email.Modified)
                            {
                                ManagedAccountEmail mae = new ManagedAccountEmail(session, email);
                                email.Modified = DateTime.UtcNow;
                                session.Save(email);
                                mae.Confirm(sec);
                            }
                            else if (email.Modified < DateTime.UtcNow.AddDays(-14))
                            {
                                // we have sent another confirmation earlier than two weeks ago
                                bDelete = true;
                                break;
                            }
                        }
                    }

                    if (bDelete)
                    {
                        ma.Delete(ManagedAccount.GetAdminSecurityContext(session));
                    }

                    session.Flush();
                }
                catch (ThreadAbortException)
                {
                    throw;
                }
                catch (Exception ex)
                {
                    EventLogManager.WriteEntry(string.Format("Error processing reminder for account {0} ({1}): {2}",
                        account.Id, account.Name, ex.Message), EventLogEntryType.Warning);
                }
            }
        }
Beispiel #3
0
        public void RunCleanupStaleAccounts(ISession session, ManagedSecurityContext sec)
        {
            // fetch accounts that have not been logged in for two months and that don't have a verified e-mail
            IEnumerable <Account> accounts = session.CreateQuery(
                string.Format(
                    "FROM Account account" +
                    " WHERE NOT EXISTS ( " +
                    " FROM AccountEmail AS email" +
                    " WHERE email.Account = account" +
                    " AND email.Verified = 1" +
                    ") AND account.LastLogin < '{0}'", DateTime.UtcNow.AddMonths(-2).ToString(DateTimeFormatInfo.InvariantInfo)))
                                             .Enumerable <Account>();

            IEnumerator <Account> enumerator = accounts.GetEnumerator();

            while (enumerator.MoveNext() && !IsStopping)
            {
                Account account = enumerator.Current;

                try
                {
                    ManagedAccount ma = new ManagedAccount(session, account);

                    bool bDelete = false;

                    // delete an account without any e-mail addresses (openid)
                    if (account.AccountEmails == null || account.AccountEmails.Count == 0)
                    {
                        bDelete = true;
                    }

                    if (account.AccountEmails != null && !bDelete)
                    {
                        // see if there exists another account with the same verified e-mail address
                        // someone either tried to hijack this account or tried to register again with the same e-mail and succeeded
                        foreach (AccountEmail email in account.AccountEmails)
                        {
                            if (IsStopping)
                            {
                                break;
                            }

                            IList verifiedemails = session.CreateCriteria(typeof(AccountEmail))
                                                   .Add(Expression.Eq("Verified", true))
                                                   .Add(Expression.Eq("Address", email.Address))
                                                   .SetMaxResults(1)
                                                   .List();

                            if (verifiedemails.Count > 0)
                            {
                                // there exists another account that has the same address, verified
                                // user has subscribed twice and verified another account
                                bDelete = true;
                                break;
                            }
                        }
                    }

                    if (account.AccountEmails != null && !bDelete)
                    {
                        foreach (AccountEmail email in account.AccountEmails)
                        {
                            if (IsStopping)
                            {
                                break;
                            }

                            // if we have never resent the e-mail confirmation, do it now
                            if (email.Created == email.Modified)
                            {
                                ManagedAccountEmail mae = new ManagedAccountEmail(session, email);
                                email.Modified = DateTime.UtcNow;
                                session.Save(email);
                                mae.Confirm(sec);
                            }
                            else if (email.Modified < DateTime.UtcNow.AddDays(-14))
                            {
                                // we have sent another confirmation earlier than two weeks ago
                                bDelete = true;
                                break;
                            }
                        }
                    }

                    if (bDelete)
                    {
                        ma.Delete(ManagedAccount.GetAdminSecurityContext(session));
                    }

                    session.Flush();
                }
                catch (ThreadAbortException)
                {
                    throw;
                }
                catch (Exception ex)
                {
                    EventLogManager.WriteEntry(string.Format("Error processing reminder for account {0} ({1}): {2}",
                                                             account.Id, account.Name, ex.Message), EventLogEntryType.Warning);
                }
            }
        }
Beispiel #4
0
 public void ConfirmAccountEmail(string ticket, int id)
 {
     using (SnCore.Data.Hibernate.Session.OpenConnection())
     {
         ISession session = SnCore.Data.Hibernate.Session.Current;
         ManagedSecurityContext sec = new ManagedSecurityContext(session, ticket);
         ManagedAccountEmail e = new ManagedAccountEmail(session, id);
         e.Confirm(sec);
         SnCore.Data.Hibernate.Session.Flush();
     }
 }
Beispiel #5
0
        public int CreateOrUpdateAccountEmail(string ticket, TransitAccountEmail tae)
        {
            int id = WebServiceImpl<TransitAccountEmail, ManagedAccountEmail, AccountEmail>.CreateOrUpdate(
                ticket, tae);

            if (tae.Id == 0)
            {
                using (SnCore.Data.Hibernate.Session.OpenConnection())
                {
                    ISession session = SnCore.Data.Hibernate.Session.Current;
                    ManagedSecurityContext sec = new ManagedSecurityContext(session, ticket);
                    ManagedAccountEmail m_instance = new ManagedAccountEmail(session, id);
                    m_instance.Confirm(sec);
                    SnCore.Data.Hibernate.Session.Flush();
                }
            }

            return id;
        }
        public void TryGetEmailAddressTest()
        {
            ManagedAccount a = new ManagedAccount(Session);

            try
            {
                string email = GetNewEmailAddress();
                a.Create("Test User", "testpassword", email, DateTime.UtcNow, AdminSecurityContext);

                string address;
                Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
                Console.WriteLine("Address: {0}", address);
                Assert.AreEqual(email, address);
                Assert.IsFalse(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
                a.VerifyAllEmails();
                Assert.IsTrue(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
                Assert.AreEqual(email, address);
                // add an address, make it principal
                TransitAccountEmail t_instance = new TransitAccountEmail();
                t_instance.Address = GetNewEmailAddress();
                t_instance.AccountId = a.Id;
                ManagedAccountEmail m_instance = new ManagedAccountEmail(Session);
                t_instance.Id = m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
                Session.Flush();

                a.Instance.AccountEmails = Session.CreateCriteria(typeof(AccountEmail))
                    .Add(Expression.Eq("Account.Id", a.Id))
                    .List<AccountEmail>();

                m_instance.Confirm(AdminSecurityContext);
                a.VerifyAllEmails();
                t_instance.Principal = true;
                m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
                Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
                Console.WriteLine("Address: {0}", address);
                Assert.AreEqual(address, t_instance.Address);
            }
            finally
            {
                a.Delete(AdminSecurityContext);
            }
        }