private void SendEmail()
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite _site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
using (SPWeb _web = _site.OpenWeb(SPContext.Current.Web.ID))
{
if (_web != null)
{
_site.AllowUnsafeUpdates = true;
_web.AllowUnsafeUpdates = true;
PasswordRecovery prc = _ctlPasswordRecovery;
MembershipUser currentUser = Utils.BaseMembershipProvider(_web.Site).GetUser(prc.UserName, false);
MembershipRequest membershipitem = MembershipRequest.GetMembershipRequest(currentUser, _web);
membershipitem.PasswordQuestion = currentUser.PasswordQuestion;
membershipitem.Password = currentUser.ResetPassword(prc.Answer);
if (!MembershipRequest.SendPasswordRecoveryEmail(membershipitem, _web))
{
TemplateHelper helper = new TemplateHelper(_ctlPasswordRecovery.SuccessTemplateContainer);
helper.SetText("Success", LocalizedString.GetString("FBAPackPasswordRecoveryWebPart", "ErrorSendingEmail"));
}
}
}
}
});
}
public static void ResetUserPassword(string username, string newPassword, bool sendEmail, SPWeb web)
{
if (Utils.BaseMembershipProvider().RequiresQuestionAndAnswer || !Utils.BaseMembershipProvider().EnablePasswordReset)
{
throw new Exception(LocalizedString.GetGlobalString("FBAPackWebPages", "ResetPasswordUnavailable"));
}
MembershipUser user = Utils.BaseMembershipProvider().GetUser(username, false);
string password = user.ResetPassword();
//Change the password to the specified password
if (!String.IsNullOrEmpty(newPassword))
{
if (user.ChangePassword(password, newPassword))
{
password = newPassword;
}
else
{
throw new Exception(LocalizedString.GetGlobalString("FBAPackWebPages", "ResetPasswordChangePasswordError"));
}
}
if (sendEmail)
{
MembershipRequest request = MembershipRequest.GetMembershipRequest(user, web);
request.Password = password;
MembershipRequest.SendResetPasswordEmail(request, web);
}
}
public static bool CopyToReviewList(MembershipRequest request)
{
SPList reviewList;
SPListItem reviewItem = null;
bool result = false;
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
SPWeb web = site.RootWeb;
if (web != null)
{
site.AllowUnsafeUpdates = true;
web.AllowUnsafeUpdates = true;
reviewList = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (reviewList != null)
{
using (SPWeb currentWeb = site.OpenWeb(SPContext.Current.Web.ID))
{
if (!MembershipRequest.SendPendingMembershipEmail(request, currentWeb))
{
return;
}
}
reviewItem = reviewList.Items.Add();
reviewItem[MembershipReviewListFields.DATESUBMITTED] = DateTime.Now;
reviewItem[MembershipReviewListFields.EMAIL] = request.UserEmail;
reviewItem[MembershipReviewListFields.REQUESTID] = Guid.NewGuid();
reviewItem[MembershipReviewListFields.FIRSTNAME] = request.FirstName;
reviewItem[MembershipReviewListFields.LASTNAME] = request.LastName;
reviewItem[MembershipReviewListFields.STATUS] = MembershipStatus.Pending.ToString();
reviewItem[MembershipReviewListFields.USERNAME] = request.UserName;
reviewItem[MembershipReviewListFields.RECOVERPASSWORDQUESTION] = request.PasswordQuestion;;
reviewItem[MembershipReviewListFields.RECOVERPASSWORDANSWER] = request.PasswordAnswer;
reviewItem[MembershipReviewListFields.DEFAULTGROUP] = request.DefaultGroup;
reviewItem.Update();
reviewList.Update();
/* bms Removed called to SendPendingMembershipEmail due to call on ItemAdded */
result = true;
}
else
{
Utils.LogError("Unable to find Membership Review List");
}
}
}
});
}
catch (Exception ex)
{
Utils.LogError(ex);
}
return(result);
}
public static bool SendResetPasswordEmail(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipSettings settings = new MembershipSettings(web);
try
{
xsltValues = new Hashtable();
xsltValues.Add("fba:MembershipRequest", request);
return(Email.SendEmail(web, request.UserEmail, settings.ResetPasswordEmail, xsltValues));
}
catch (Exception ex)
{
Utils.LogError(ex);
return(false);
}
}
public static MembershipRequest GetMembershipRequest(MembershipUser user, SPWeb web)
{
MembershipRequest request = new MembershipRequest();
request.UserEmail = user.Email;
request.UserName = user.UserName;
request.SiteName = web.Title;
request.SiteURL = web.Url;
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
MembershipSettings settings = new MembershipSettings(web);
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return(request);
}
private static MembershipRequest GetMembershipRequest(SPWeb web, SPListItem item, string password)
{
MembershipSettings settings = new MembershipSettings(web);
MembershipRequest request = new MembershipRequest();
/* These are the core fields that are part of the membership provider request */
request.FirstName = item[MembershipReviewListFields.FIRSTNAME].ToString();
request.LastName = item[MembershipReviewListFields.LASTNAME].ToString();
request.Password = password;
/* bms Updated the web property of Title for the site name instead of Name */
request.SiteName = web.Title;
request.SiteURL = web.Url;
request.UserEmail = item[MembershipReviewListFields.EMAIL].ToString();
request.UserName = item[MembershipReviewListFields.USERNAME].ToString();
/* These fields may not be avaliable based on the membership provider */
if (item[MembershipReviewListFields.RECOVERPASSWORDQUESTION] != null)
{
request.PasswordQuestion = item[MembershipReviewListFields.RECOVERPASSWORDQUESTION].ToString();
}
if (item[MembershipReviewListFields.RECOVERPASSWORDANSWER] != null)
{
request.PasswordAnswer = item[MembershipReviewListFields.RECOVERPASSWORDANSWER].ToString();
}
if (item[MembershipReviewListFields.DEFAULTGROUP] != null)
{
request.DefaultGroup = item[MembershipReviewListFields.DEFAULTGROUP].ToString();
}
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return(request);
}
protected override void OnCreatedUser(EventArgs e)
{
// Note: this doesn't run using the privileges of the anonymous user, so we elevate them
// Also, you can't use the original Site even with elevated privileges, otherwise it reverts back to anonymous.
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site2 = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
using (SPWeb web2 = site2.OpenWeb(SPContext.Current.Web.ID))
{
// from this point allowunsafeupdates is required because the call is initiated from a browser with
// anonymouse rights only
web2.AllowUnsafeUpdates = true;
MembershipRequest request = new MembershipRequest();
request.UserEmail = this.Email;
request.UserName = this.UserName;
if (System.Web.Security.Membership.RequiresQuestionAndAnswer)
{
request.PasswordQuestion = this.Question;
request.PasswordAnswer = this.Answer;
}
request.FirstName = this.FirstName;
request.LastName = this.LastName;
request.DefaultGroup = this._DefaultGroup;
request.SiteName = web2.Title;
request.SiteURL = web2.Url;
MembershipSettings settings = new MembershipSettings(web2);
if (settings.ReviewMembershipRequests)
{
request.LoginCreatedUser = false;
if (!MembershipRequest.CopyToReviewList(request))
{
lblError.Text = this.UnknownErrorMessage;
return;
}
}
else
{
#region Process new user request if we're NOT using the Request List
if (!AutoGeneratePassword)
{
request.Password = this.Password;
}
request.ChangePasswordURL = Utils.GetAbsoluteURL(web2, settings.ChangePasswordPage);
request.LoginCreatedUser = SPLoginCreatedUser;
try
{
MembershipRequest.ApproveMembership(request, web2);
}
catch (Exception ex)
{
Utils.LogError(ex);
this.lblCompleteSuccess.Text = this.UnknownErrorMessage;
return;
}
#endregion
}
this.MoveTo(this.CompleteStep);
}
}
});
}
protected override void OnCreatedUser(EventArgs e)
{
// Note: this doesn't run using the privileges of the anonymous user, so we elevate them
// Also, you can't use the original Site even with elevated privileges, otherwise it reverts back to anonymous.
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site2 = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
using (SPWeb web2 = site2.OpenWeb(SPContext.Current.Web.ID))
{
// from this point allowunsafeupdates is required because the call is initiated from a browser with
// anonymouse rights only
web2.AllowUnsafeUpdates = true;
MembershipRequest request = new MembershipRequest();
request.UserEmail = this.Email;
request.UserName = this.UserName;
if (System.Web.Security.Membership.RequiresQuestionAndAnswer)
{
request.PasswordQuestion = this.Question;
request.PasswordAnswer = this.Answer;
}
request.FirstName = this.FirstName;
request.LastName = this.LastName;
request.DefaultGroup = this._DefaultGroup;
request.SiteName = web2.Title;
request.SiteURL = web2.Url;
MembershipSettings settings = new MembershipSettings(web2);
if (settings.ReviewMembershipRequests)
{
request.LoginCreatedUser = false;
if (!MembershipRequest.CopyToReviewList(request))
{
lblError.Text = this.UnknownErrorMessage;
return;
}
}
else
{
#region Process new user request if we're NOT using the Request List
if (!AutoGeneratePassword)
{
request.Password = this.Password;
}
request.ChangePasswordURL = Utils.GetAbsoluteURL(web2, settings.ChangePasswordPage);
request.LoginCreatedUser = SPLoginCreatedUser;
try
{
MembershipRequest.ApproveMembership(request, web2);
}
catch (Exception ex)
{
Utils.LogError(ex);
this.lblCompleteSuccess.Text = this.UnknownErrorMessage;
return;
}
#endregion
}
this.MoveTo(this.CompleteStep);
}
}
});
}
public static bool SendResetPasswordEmail(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipSettings settings = new MembershipSettings(web);
try
{
xsltValues = new Hashtable();
xsltValues.Add("fba:MembershipRequest", request);
return Email.SendEmail(web, request.UserEmail, settings.ResetPasswordEmail, xsltValues);
}
catch (Exception ex)
{
Utils.LogError(ex);
return false;
}
}
public static MembershipRequest GetMembershipRequest(MembershipUser user, SPWeb web)
{
MembershipRequest request = new MembershipRequest();
request.UserEmail = user.Email;
request.UserName = user.UserName;
request.SiteName = web.Title;
request.SiteURL = web.Url;
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
MembershipSettings settings = new MembershipSettings(web);
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return request;
}
public static bool CopyToReviewList(MembershipRequest request)
{
SPList reviewList;
SPListItem reviewItem = null;
bool result = false;
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
SPWeb web = site.RootWeb;
if (web != null)
{
site.AllowUnsafeUpdates = true;
web.AllowUnsafeUpdates = true;
reviewList = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (reviewList != null)
{
using (SPWeb currentWeb = site.OpenWeb(SPContext.Current.Web.ID))
{
if (!MembershipRequest.SendPendingMembershipEmail(request, currentWeb))
{
return;
}
}
reviewItem = reviewList.Items.Add();
reviewItem[MembershipReviewListFields.DATESUBMITTED] = DateTime.Now;
reviewItem[MembershipReviewListFields.EMAIL] = request.UserEmail;
reviewItem[MembershipReviewListFields.REQUESTID] = Guid.NewGuid();
reviewItem[MembershipReviewListFields.FIRSTNAME] = request.FirstName;
reviewItem[MembershipReviewListFields.LASTNAME] = request.LastName;
reviewItem[MembershipReviewListFields.STATUS] = MembershipStatus.Pending.ToString();
reviewItem[MembershipReviewListFields.USERNAME] = request.UserName;
reviewItem[MembershipReviewListFields.RECOVERPASSWORDQUESTION] = request.PasswordQuestion; ;
reviewItem[MembershipReviewListFields.RECOVERPASSWORDANSWER] = request.PasswordAnswer;
reviewItem[MembershipReviewListFields.DEFAULTGROUP] = request.DefaultGroup;
reviewItem.Update();
reviewList.Update();
/* bms Removed called to SendPendingMembershipEmail due to call on ItemAdded */
result = true;
}
else
{
Utils.LogError("Unable to find Membership Review List");
}
}
}
});
}
catch (Exception ex)
{
Utils.LogError(ex);
}
return result;
}
public static void ApproveMembership(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipCreateStatus createStatus;
SPListItem debuggingInfoItem = null;
MembershipSettings settings = new MembershipSettings(web);
MembershipProvider membership = Utils.BaseMembershipProvider(web.Site);
/* This is just for debugging */
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web,MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
debuggingInfoItem = addItem;
/* bms added break to only loop through items needed */
break;
}
}
}
}
catch
{
}
/* Above is for debugging */
try
{
if (string.IsNullOrEmpty(request.UserName))
{
throw new Exception("User name must not be null or empty.");
}
/* rdcpro: Allows providers that don't have password and question */
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordQuestion))
{
throw new Exception("You must specify a password question.");
}
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordAnswer))
{
throw new Exception("You must specify a password answer.");
}
if (string.IsNullOrEmpty(request.UserEmail))
{
throw new Exception("Email address must not be null or empty.");
}
//create account
/* bms Create password at a minimum of 7 characters or Min from provider if greater */
int passwordLength = 14;
if (passwordLength < membership.MinRequiredPasswordLength)
{
passwordLength = membership.MinRequiredPasswordLength;
}
if (passwordLength < membership.MinRequiredNonAlphanumericCharacters)
{
passwordLength = membership.MinRequiredNonAlphanumericCharacters;
}
if (String.IsNullOrEmpty(request.Password))
{
request.Password = System.Web.Security.Membership.GeneratePassword(passwordLength, membership.MinRequiredNonAlphanumericCharacters);
}
MembershipUser existingUser = Utils.BaseMembershipProvider(web.Site).GetUser(request.UserName,false);
if (existingUser != null)
{
membership.DeleteUser(request.UserName, true);
}
MembershipUser newUser;
//This section is to transaction Creating the user and sending the email
try
{
// rdcpro: Changes to support providers that don't require question and answer.
if (membership.RequiresQuestionAndAnswer)
{
//membership.CreateUser(request.UserName, tempPassword, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, out createStatus);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, null, out createStatus);
}
else
{
// With this method the MembershipCreateUserException will take care of things if the user can't be created, so no worry that createStatus is set to success
//membership.CreateUser(.CreateUser(request.UserName, tempPassword, request.UserEmail);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, null, null, true, null, out createStatus);
createStatus = MembershipCreateStatus.Success;
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Created User";
debuggingInfoItem.SystemUpdate();
}
}
if (createStatus == MembershipCreateStatus.Success)
{
newUser.IsApproved = true;
membership.UpdateUser(newUser);
//Add the user to the default group
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
web.SiteGroups[request.DefaultGroup].AddUser(Utils.EncodeUsername(request.UserName.ToLower(), web.Site), request.UserEmail, request.FirstName + " " + request.LastName, "Self Registration");
//Login the user if selected
if (request.LoginCreatedUser)
{
Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(new Uri(web.Url), request.UserName, request.Password);
}
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
debuggingInfoItem["LastError"] = "Add User Has No Groups";
}
else
{
debuggingInfoItem["LastError"] = "Add User To Groups";
}
debuggingInfoItem.SystemUpdate();
}
}
//email user to confirm that request is approved
xsltValues = new Hashtable(1);
xsltValues.Add("fba:MembershipRequest", request);
bool bSentMail = Email.SendEmail(web, request.UserEmail, settings.MembershipApprovedEmail, xsltValues);
if (!bSentMail)
{
Utils.LogError("SendEmail failed");
throw new Exception("Error sending mail notification");
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Sent Email To New User: "******"Error creating user: "******"LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
addItem["LastError"] = AdduserExp.Message.ToString();
addItem.SystemUpdate();
break;
}
}
}
}
catch
{
}
// TODO: if CreateUser fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is.
// Maybe the list should always have the "LastError" field, or else the status can have an extra error value in addition to pending | approved | rejected
// Then in the calling code, we must not delete the item from the list!
// Also, if we're handling an exception, we should set the status back to "Pending".
// For now, we rethrow the exception which will cause the caller to fail, and prevent the delete.
throw new Exception(AdduserExp.Message);
}
}
catch (Exception ex)
{
//Add error information to list
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
// This overwrites anything already in the LastError field.
addItem["LastError"] = ex.Message.ToString();
addItem.SystemUpdate();
}
}
}
}
catch
{
}
Utils.LogError(ex);
throw new Exception(ex.Message);
}
}
public override void ItemUpdated(SPItemEventProperties properties)
{
this.EventFiringEnabled = false;
SPListItem item = null;
SPList list = null;
MembershipStatus status;
try
{
item = properties.ListItem;
if (item != null)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(item.Web.Site.ID, item.Web.Site.Zone))
{
using (SPWeb web = site.OpenWeb(item.Web.ID))
{
if (web != null)
{
site.AllowUnsafeUpdates = true;
web.AllowUnsafeUpdates = true;
list = item.ParentList;
status = (MembershipStatus)Utils.GetChoiceIndex(list.Fields.GetFieldByInternalName(MembershipReviewListFields.STATUS) as SPFieldChoice, item[MembershipReviewListFields.STATUS].ToString());
switch (status)
{
case MembershipStatus.Approved:
// TODO: rdcpro: if CreateUser in the ApproveMembership call fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is.
// Maybe the list should have the "LastError" field which will get the error info, or else the status can have an extra error value in addition to pending | approved | rejected
// Then in the calling code, we must not delete the item from the list!
// It would have been better if ApproveMembership returned a status code, rather than use exception handling, but here we are.
MembershipRequest.ApproveMembership(GetMembershipRequest(web, item), web);
item.Delete();
list.Update();
break;
case MembershipStatus.Pending:
break;
case MembershipStatus.Rejected:
if (!MembershipRequest.RejectMembership(GetMembershipRequest(web, item), web))
{
throw new Exception("Error rejecting membership");
}
//bms Removed Delete from Reject Membership to allow administrators to approve user later and delete with UI
//item.Delete();
//list.Update();
break;
}
}
}
}
});
}
}
catch (Exception ex)
{
throw new Exception("Error updating item in Membership Request List", ex);
}
finally
{
this.EventFiringEnabled = true;
}
}
private static MembershipRequest GetMembershipRequest(SPWeb web, SPListItem item, string password)
{
MembershipSettings settings = new MembershipSettings(web);
MembershipRequest request = new MembershipRequest();
/* These are the core fields that are part of the membership provider request */
request.FirstName = item[MembershipReviewListFields.FIRSTNAME].ToString();
request.LastName = item[MembershipReviewListFields.LASTNAME].ToString();
request.Password = password;
/* bms Updated the web property of Title for the site name instead of Name */
request.SiteName = web.Title;
request.SiteURL = web.Url;
request.UserEmail = item[MembershipReviewListFields.EMAIL].ToString();
request.UserName = item[MembershipReviewListFields.USERNAME].ToString();
/* These fields may not be avaliable based on the membership provider */
if (item[MembershipReviewListFields.RECOVERPASSWORDQUESTION] != null)
{
request.PasswordQuestion = item[MembershipReviewListFields.RECOVERPASSWORDQUESTION].ToString();
}
if (item[MembershipReviewListFields.RECOVERPASSWORDANSWER] != null)
{
request.PasswordAnswer = item[MembershipReviewListFields.RECOVERPASSWORDANSWER].ToString();
}
if (item[MembershipReviewListFields.DEFAULTGROUP] != null)
{
request.DefaultGroup = item[MembershipReviewListFields.DEFAULTGROUP].ToString();
}
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return request;
}
public static void ApproveMembership(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipCreateStatus createStatus;
SPListItem debuggingInfoItem = null;
MembershipSettings settings = new MembershipSettings(web);
MembershipProvider membership = Utils.BaseMembershipProvider(web.Site);
/* This is just for debugging */
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
debuggingInfoItem = addItem;
/* bms added break to only loop through items needed */
break;
}
}
}
}
catch
{
}
/* Above is for debugging */
try
{
if (string.IsNullOrEmpty(request.UserName))
{
throw new Exception("User name must not be null or empty.");
}
/* rdcpro: Allows providers that don't have password and question */
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordQuestion))
{
throw new Exception("You must specify a password question.");
}
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordAnswer))
{
throw new Exception("You must specify a password answer.");
}
if (string.IsNullOrEmpty(request.UserEmail))
{
throw new Exception("Email address must not be null or empty.");
}
//create account
/* bms Create password at a minimum of 7 characters or Min from provider if greater */
int passwordLength = 14;
if (passwordLength < membership.MinRequiredPasswordLength)
{
passwordLength = membership.MinRequiredPasswordLength;
}
if (passwordLength < membership.MinRequiredNonAlphanumericCharacters)
{
passwordLength = membership.MinRequiredNonAlphanumericCharacters;
}
if (String.IsNullOrEmpty(request.Password))
{
request.Password = System.Web.Security.Membership.GeneratePassword(passwordLength, membership.MinRequiredNonAlphanumericCharacters);
}
MembershipUser existingUser = Utils.BaseMembershipProvider(web.Site).GetUser(request.UserName, false);
if (existingUser != null)
{
membership.DeleteUser(request.UserName, true);
}
MembershipUser newUser;
//This section is to transaction Creating the user and sending the email
try
{
// rdcpro: Changes to support providers that don't require question and answer.
if (membership.RequiresQuestionAndAnswer)
{
//membership.CreateUser(request.UserName, tempPassword, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, out createStatus);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, null, out createStatus);
}
else
{
// With this method the MembershipCreateUserException will take care of things if the user can't be created, so no worry that createStatus is set to success
//membership.CreateUser(.CreateUser(request.UserName, tempPassword, request.UserEmail);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, null, null, true, null, out createStatus);
createStatus = MembershipCreateStatus.Success;
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Created User";
debuggingInfoItem.SystemUpdate();
}
}
if (createStatus == MembershipCreateStatus.Success)
{
newUser.IsApproved = true;
membership.UpdateUser(newUser);
//Add the user to the default group
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
web.SiteGroups[request.DefaultGroup].AddUser(Utils.EncodeUsername(request.UserName.ToLower(), web.Site), request.UserEmail, request.FirstName + " " + request.LastName, "Self Registration");
//Login the user if selected
if (request.LoginCreatedUser)
{
Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(new Uri(web.Url), request.UserName, request.Password);
}
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
debuggingInfoItem["LastError"] = "Add User Has No Groups";
}
else
{
debuggingInfoItem["LastError"] = "Add User To Groups";
}
debuggingInfoItem.SystemUpdate();
}
}
//email user to confirm that request is approved
xsltValues = new Hashtable(1);
xsltValues.Add("fba:MembershipRequest", request);
bool bSentMail = Email.SendEmail(web, request.UserEmail, settings.MembershipApprovedEmail, xsltValues);
if (!bSentMail)
{
Utils.LogError("SendEmail failed");
throw new Exception("Error sending mail notification");
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Sent Email To New User: "******"Error creating user: "******"LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
addItem["LastError"] = AdduserExp.Message.ToString();
addItem.SystemUpdate();
break;
}
}
}
}
catch
{
}
// TODO: if CreateUser fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is.
// Maybe the list should always have the "LastError" field, or else the status can have an extra error value in addition to pending | approved | rejected
// Then in the calling code, we must not delete the item from the list!
// Also, if we're handling an exception, we should set the status back to "Pending".
// For now, we rethrow the exception which will cause the caller to fail, and prevent the delete.
throw new Exception(AdduserExp.Message);
}
}
catch (Exception ex)
{
//Add error information to list
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
// This overwrites anything already in the LastError field.
addItem["LastError"] = ex.Message.ToString();
addItem.SystemUpdate();
}
}
}
}
catch
{
}
Utils.LogError(ex);
throw new Exception(ex.Message);
}
}
