public UpdateUserResponse UpdateUser(UpdateUserRequest request)
{
var user = FindUserByName(request.UserDetail.UserName);
EnsureCurrentUserAuthorizedToManage(user.AccountType);
// update user account info
var assembler = new UserAssembler();
assembler.UpdateUser(user, request.UserDetail, PersistenceContext);
// for user accounts, reset password if requested
if (request.UserDetail.ResetPassword)
{
if(user.AccountType != UserAccountType.U)
throw new RequestValidationException(SR.MessageAccountTypeDoesNotSupportPasswordReset);
var settings = new AuthenticationSettings();
user.ResetPassword(settings.DefaultTemporaryPassword);
}
// for system accounts, update the password if specified
if(!string.IsNullOrEmpty(request.Password) && user.AccountType == UserAccountType.S)
{
PasswordPolicy.CheckPasswordCandidate(request.Password, new AuthenticationSettings());
user.ChangePassword(request.Password, null);
}
PersistenceContext.SynchState();
return new UpdateUserResponse(assembler.GetUserSummary(user));
}
public UpdateUserResponse UpdateUser(UpdateUserRequest request)
{
var user = FindUserByName(request.UserDetail.UserName);
// update user account info
var assembler = new UserAssembler();
assembler.UpdateUser(user, request.UserDetail, PersistenceContext);
// reset password if requested
if (request.UserDetail.ResetPassword)
{
var settings = new AuthenticationSettings();
user.ResetPassword(settings.DefaultTemporaryPassword);
}
PersistenceContext.SynchState();
return new UpdateUserResponse(assembler.GetUserSummary(user));
}
private static void CreateOrUpdateAccount(string accountName, SystemAccountCommandLine cmdLine)
{
StdOut(string.Format("Checking Enterprise Server for existing account '{0}'...", accountName), cmdLine);
// update the enterprise server
UserDetail accountDetail;
if (GetExistingAccount(accountName, out accountDetail))
{
StdOut(string.Format("Account '{0}' exists.", accountName), cmdLine);
var updateRequest = new UpdateUserRequest(accountDetail);
bool authGroupChange = false, passwordChange = false;
// update auth group if specified
if (!string.IsNullOrEmpty(cmdLine.AuthorityGroup))
{
var authGroup = GetAuthorityGroup(cmdLine.AuthorityGroup);
accountDetail.AuthorityGroups = new List<AuthorityGroupSummary> {authGroup};
authGroupChange = true;
StdOut(string.Format("Authority group will be set to '{0}'.", authGroup.Name), cmdLine);
}
// update password if specified
var changePassword = !string.IsNullOrEmpty(cmdLine.AccountPassword);
if (changePassword)
{
updateRequest.Password = cmdLine.AccountPassword;
passwordChange = true;
StdOut(string.Format("Account password will be set to '{0}'.", updateRequest.Password), cmdLine);
}
else
{
// if password was not specified, generate password, and check if reset password flag was set
// this distinction exists because in upgrade+distributed scenarios, it is possible that the account exists
// but that the password may be explicitly specified by another (earlier) component install
// so the installer needs a way to use generated password locally without effecting any changes to enterprise server
updateRequest.Password = cmdLine.AccountPassword = GeneratePassword(accountName);
if (cmdLine.ResetPassword)
{
// save generated password to both server and local
passwordChange = changePassword = true;
}
else
{
// only save generated password locally
StdOut(string.Format("Synchronizing password locally..."), cmdLine);
LocalRegistryManager.SetAccountPassword(accountName, cmdLine.AccountPassword);
}
}
if (passwordChange || authGroupChange)
{
StdOut(string.Format("Saving changes to Enterprise Server..."), cmdLine);
Platform.GetService<IUserAdminService>(
service => service.UpdateUser(updateRequest));
// update the local machine
if (changePassword)
{
StdOut(string.Format("Saving password locally..."), cmdLine);
LocalRegistryManager.SetAccountPassword(accountName, cmdLine.AccountPassword);
}
StdOut(string.Format("All changes saved."), cmdLine);
}
else
{
StdOut(string.Format("No changes to save."), cmdLine);
}
}
else
{
StdOut(string.Format("Account '{0}' does not exist. It will be created.", accountName), cmdLine);
if (string.IsNullOrEmpty(cmdLine.AccountPassword))
{
// generate a password
cmdLine.AccountPassword = GeneratePassword(accountName);
}
var authGroup = GetAuthorityGroup(cmdLine.AuthorityGroup ?? BuiltInAuthorityGroups.SystemAccounts.Name);
var userDetail = new UserDetail
{
AccountType = new EnumValueInfo("S", null),
UserName = accountName,
DisplayName = accountName,
Enabled = true,
AuthorityGroups = new List<AuthorityGroupSummary> {authGroup}
};
StdOut(string.Format("Creating account '{0}', authority group '{1}'.",
accountName, authGroup.Name), cmdLine);
StdOut(string.Format("Saving changes to Enterprise Server..."), cmdLine);
Platform.GetService<IUserAdminService>(
service => service.AddUser(new AddUserRequest(userDetail) {Password = cmdLine.AccountPassword}));
// save password locally
StdOut(string.Format("Saving password locally..."), cmdLine);
LocalRegistryManager.SetAccountPassword(accountName, cmdLine.AccountPassword);
StdOut(string.Format("All changes saved."), cmdLine);
}
}
private static void CreateOrUpdateAccount(string accountName, SystemAccountCommandLine cmdLine)
{
StdOut(string.Format("Checking Enterprise Server for existing account '{0}'...", accountName), cmdLine);
// update the enterprise server
UserDetail accountDetail;
if (GetExistingAccount(accountName, out accountDetail))
{
StdOut(string.Format("Account '{0}' exists.", accountName), cmdLine);
var updateRequest = new UpdateUserRequest(accountDetail);
bool authGroupChange = false, passwordChange = false;
// update auth group if specified
if (!string.IsNullOrEmpty(cmdLine.AuthorityGroup))
{
var authGroup = GetAuthorityGroup(cmdLine.AuthorityGroup);
accountDetail.AuthorityGroups = new List<AuthorityGroupSummary> { authGroup };
authGroupChange = true;
StdOut(string.Format("Authority group will be set to '{0}'.", authGroup.Name), cmdLine);
}
// update password if specified
var changePassword = !string.IsNullOrEmpty(cmdLine.AccountPassword);
if (changePassword)
{
updateRequest.Password = cmdLine.AccountPassword;
passwordChange = true;
StdOut(string.Format("Account password will be set to '{0}'.", updateRequest.Password), cmdLine);
}
if(passwordChange || authGroupChange)
{
StdOut(string.Format("Saving changes to Enterprise Server..."), cmdLine);
Platform.GetService<IUserAdminService>(
service => service.UpdateUser(updateRequest));
// update the local machine
if (changePassword)
{
StdOut(string.Format("Saving password locally..."), cmdLine);
LocalRegistryManager.SetAccountPassword(accountName, cmdLine.AccountPassword);
}
StdOut(string.Format("All changes saved."), cmdLine);
}
else
{
StdOut(string.Format("No changes to save."), cmdLine);
}
}
else
{
StdOut(string.Format("Account '{0}' does not exist. It will be created.", accountName), cmdLine);
if (string.IsNullOrEmpty(cmdLine.AccountPassword))
{
// generate a password
cmdLine.AccountPassword = GeneratePassword();
}
var authGroup = GetAuthorityGroup(cmdLine.AuthorityGroup ?? BuiltInAuthorityGroups.SystemAccounts.Name);
var userDetail = new UserDetail
{
AccountType = new EnumValueInfo("S", null),
UserName = accountName,
DisplayName = accountName,
Enabled = true,
AuthorityGroups = new List<AuthorityGroupSummary> { authGroup }
};
StdOut(string.Format("Creating account '{0}', password '{1}', authority group '{2}'.",
accountName, cmdLine.AccountPassword, authGroup.Name), cmdLine);
StdOut(string.Format("Saving changes to Enterprise Server..."), cmdLine);
Platform.GetService<IUserAdminService>(
service => service.AddUser(new AddUserRequest(userDetail) { Password = cmdLine.AccountPassword }));
// save password locally
StdOut(string.Format("Saving password locally..."), cmdLine);
LocalRegistryManager.SetAccountPassword(accountName, cmdLine.AccountPassword);
StdOut(string.Format("All changes saved."), cmdLine);
}
}
