Ejemplo n.º 1
0
        /// <summary>
        /// Creates the role 'roleName' in the database, but doesn't assign it to any user.
        /// </summary>
        /// <param name="roleName">The role to add</param>
        /// <remarks>Once the role is created, if you do not assign it to a user the role still doesn't
        /// 'exist' as far as the application is concerned</remarks>
        public override void CreateRole(string roleName)
        {
            _dops.ResetDops();
            _dops.Sproc = "usp_insertRole";

            //Insert the role
            _dops.SetParameter("@RoleName", roleName, "IN");

            //Will raise an error if the role is already in the db
            _dops.Execute_Sql();
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Creates a user from the given parameters and settings in the web.config (under the membership section)
        /// </summary>
        /// <param name="username">Kerberos LoginID of the user who created the account (or string.empty)</param>
        /// <param name="password">Password -- complexity determined by web.config settings</param>
        /// <param name="email">Email entered by user</param>
        /// <param name="passwordQuestion"></param>
        /// <param name="passwordAnswer"></param>
        /// <param name="isApproved"></param>
        /// <param name="providerUserKey">Not used since username is always unique, we can look up with UserID when necessary</param>
        /// <param name="status"></param>
        /// <returns>A representation of the current user's membership information</returns>
        public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
        {
            //if the username is SELFCREATED, set it to empty so that we know it was not created on a Kerberos user's behalf
            if (username == "SELFCREATED")
            {
                username = string.Empty;
            }

            //Make sure the password is non-null or empty (excluding white space)
            if (!SecUtility.ValidateParameter(ref password, true, true, false, 0))
            {
                //If the password is invalid, return the correct status
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            //Check that the password meets all requirements laid out in the web.config
            if (password.Length < MinRequiredPasswordLength)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            int count = 0;

            for (int i = 0; i < password.Length; i++)
            {
                if (!char.IsLetterOrDigit(password, i))
                {
                    count++;
                }
            }

            if (count < MinRequiredNonAlphanumericCharacters)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            if (PasswordStrengthRegularExpression.Length > 0)
            {
                if (!Regex.IsMatch(password, PasswordStrengthRegularExpression))
                {
                    status = MembershipCreateStatus.InvalidPassword;
                    return(null);
                }
            }

            //Validate with email as the username
            ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(email, password, true);

            OnValidatingPassword(e);

            if (e.Cancel)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            //Generate a salt of length SALT_SIZE_IN_BYTES
            string salt = GenerateSalt();

            //Encodes the password using the method defined in the web.config membership section (clear, hashed, or encrypted)
            //If method = hashed, then the algortihm defined by the HashAlgorithmType key is used
            string encodedPassword = EncodePassword(password, (int)_PasswordFormat, salt);

            //Make sure the password isn't too long (if it is, it will not fit in the database
            if (encodedPassword.Length > 128)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            //Check the email, question, answer (only the last two if they are required in the web.config)
            //if (!SecUtility.ValidateParameter(ref username, true, true, true, 255))
            //{
            //    status = MembershipCreateStatus.InvalidUserName;
            //    return null;
            //}

            if (!SecUtility.ValidateParameter(ref email,
                                              RequiresUniqueEmail,
                                              RequiresUniqueEmail,
                                              false,
                                              128))
            {
                status = MembershipCreateStatus.InvalidEmail;
                return(null);
            }

            if (!SecUtility.ValidateParameter(ref passwordQuestion,
                                              RequiresQuestionAndAnswer,
                                              true,
                                              false,
                                              255))
            {
                status = MembershipCreateStatus.InvalidQuestion;
                return(null);
            }

            if (!SecUtility.ValidateParameter(ref passwordAnswer,
                                              RequiresQuestionAndAnswer,
                                              true,
                                              false,
                                              128))
            {
                status = MembershipCreateStatus.InvalidAnswer;
                return(null);
            }

            _dops.ResetDops();
            _dops.Sproc = "usp_InsertAccount";

            _dops.SetParameter("@LoginID", username, "IN"); //KerberosID of user that created this account (null if created by applicant)
            _dops.SetParameter("@Email", email, "IN");
            _dops.SetParameter("@Password", encodedPassword, "IN");
            _dops.SetParameter("@PasswordFormat", (int)PasswordFormat, "IN");
            _dops.SetParameter("@PasswordSalt", salt, "IN");
            _dops.SetParameter("@PasswordQuestion", passwordQuestion, "IN");
            _dops.SetParameter("@PasswordAnswer", passwordAnswer, "IN");
            _dops.SetParameter("@CreateStatus", string.Empty, "OUT");
            _dops.SetParameter("RETURN_VALUE", string.Empty, "RETURN");

            try
            {
                _dops.Execute_Sql();
            }
            catch (SqlException)
            {
                status = MembershipCreateStatus.ProviderError;
                return(null);
            }

            //If the return value is not 0 (success), inspect the error and return it to the user
            if ((int)_dops.GetOutputVariable("RETURN_VALUE") != 0)
            {
                switch ((string)_dops.GetOutputVariable("@CreateStatus"))
                {
                case "InvalidLogin":
                    status = MembershipCreateStatus.DuplicateUserName;
                    break;

                case "InvalidEmail":
                    status = MembershipCreateStatus.DuplicateEmail;
                    break;

                default:
                    status = MembershipCreateStatus.ProviderError;
                    break;
                }

                return(null);
            }
            else
            {
                //No error, so go ahead and return success
                DateTime dt = DateTime.Now;

                status = MembershipCreateStatus.Success;
                return(new MembershipUser(this.Name,
                                          username,
                                          null,
                                          email,
                                          passwordQuestion,
                                          string.Empty,
                                          isApproved,
                                          false,
                                          dt,
                                          dt,
                                          dt,
                                          dt,
                                          DateTime.MinValue));
            }
        }
Ejemplo n.º 3
0
    // saves the final analysis results to db
    public void saveToDB(EatFit.Data.User user)
    {
        dops.ResetDops();
        dops.Sproc = "usp_InsertSessionInformation";

        dops.SetParameter("@SessionID", System.Guid.NewGuid().ToString(), CAESDO.DataOps.DopsDirection.Input);

        // convert the food list to an xml stream
        DataSet      ds = (DataSet)HttpContext.Current.Session["foodVars"];
        string       xml;
        UTF8Encoding encoding = new UTF8Encoding();

        using (MemoryStream memoryStream = new MemoryStream())
        {
            ds.WriteXml(memoryStream);

            xml = encoding.GetString(memoryStream.ToArray());
        }
        // save the daily food list
        dops.SetParameter("@mealInfoXML", xml, CAESDO.DataOps.DopsDirection.Input);

        // save the nutrient list
        System.Collections.Specialized.StringDictionary[] nutinfo;
        // Convert the nutrients (vScore) list into an XML stream:
        nutinfo = (System.Collections.Specialized.StringDictionary[])HttpContext.Current.Session["vScore"];
        float totFat     = 0;
        float totSugar   = 0;
        float totFruits  = 0;
        float totIron    = 0;
        float totCalcium = 0;
        float totHabits  = 0;
        float tempInt    = 0;

        foreach (System.Collections.Specialized.StringDictionary nutrients in nutinfo)
        {
            totFat     += (float.TryParse(nutrients["fat"], out tempInt) ? tempInt : 0);
            totSugar   += (float.TryParse(nutrients["sugar"], out tempInt) ? tempInt : 0);
            totFruits  += (float.TryParse(nutrients["fruits"], out tempInt) ? tempInt : 0);
            totIron    += (float.TryParse(nutrients["iron"], out tempInt) ? tempInt : 0);
            totCalcium += (float.TryParse(nutrients["calcium"], out tempInt) ? tempInt : 0);
            totHabits  += (float.TryParse(nutrients["habits"], out tempInt) ? tempInt : 0);
        }
        dops.SetParameter("@fat", totFat, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@sugar", totSugar, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@fruits", totFruits, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@iron", totIron, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@calcium", totCalcium, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@habits", totHabits, CAESDO.DataOps.DopsDirection.Input);

        /*
         * using (MemoryStream ms = new MemoryStream())
         * {
         *  BinaryFormatter bf = new BinaryFormatter();
         *  //bf.FilterLevel = System.Runtime.Serialization.Formatters.TypeFilterLevel.Full;
         *  bf.Serialize(ms, nutinfo);
         *  //UTF8Encoding encoding = new UTF8Encoding();
         *  xml = Convert.ToBase64String(ms.ToArray());
         *  //xml = encoding.GetString(ms.ToArray());
         * }
         * */
        /*
         * // Deserialization test.
         * System.Collections.Specialized.StringDictionary[] nutrientInfo;
         * using (MemoryStream ms = new MemoryStream(Convert.FromBase64String(xml)))
         * {
         *  BinaryFormatter bf = new BinaryFormatter();
         *  nutrientInfo = (System.Collections.Specialized.StringDictionary[])bf.Deserialize(ms);
         * }
         */

        //dops.SetParameter("@nutinfoxml", xml, CAESDO.DataOps.DopsDirection.Input);

        // save the user's choices goal choices
        int[] goals = (int[])HttpContext.Current.Session["goals"];
        dops.SetParameter("@goal1", Convert.ToInt16(goals[0]), CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@goal2", Convert.ToInt16(goals[1]), CAESDO.DataOps.DopsDirection.Input);

        // save minor goals
        dops.SetParameter("@minor_goal", Convert.ToInt16(HttpContext.Current.Session["MinorGoal"]), CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@howto_goal", Convert.ToInt16((string)HttpContext.Current.Session["EatingArea"]), CAESDO.DataOps.DopsDirection.Input);

        // save user info
        dops.SetParameter("@name", (string)HttpContext.Current.Session["personName"], CAESDO.DataOps.DopsDirection.Input);
        //dops.SetParameter("@name", user.UserName, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@age", Convert.ToInt16(HttpContext.Current.Session["age"]), CAESDO.DataOps.DopsDirection.Input);
        //dops.SetParameter("@age", user.Age, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@gender", (string)HttpContext.Current.Session["gender"], CAESDO.DataOps.DopsDirection.Input);
        //dops.SetParameter("@gender", user.Gender, CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@UserId", user.UserId, CAESDO.DataOps.DopsDirection.Input);

        // save eating habits
        string[] habits = (string[])HttpContext.Current.Session["habits"];
        dops.SetParameter("@q1", Convert.ToInt16(habits[0]), CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@q2", Convert.ToInt16(habits[1]), CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@q3", Convert.ToInt16(habits[2]), CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@q4", Convert.ToInt16(habits[3]), CAESDO.DataOps.DopsDirection.Input);
        dops.SetParameter("@q5", Convert.ToInt16(habits[4]), CAESDO.DataOps.DopsDirection.Input);

        try
        {
            dops.Execute_Sql();
        }
        catch (System.Data.SqlClient.SqlException ex)
        {
            throw ex;
        }
    }
Ejemplo n.º 4
0
        public override void SetPropertyValues(SettingsContext context, SettingsPropertyValueCollection properties)
        {
            string username        = (string)context["UserName"];
            bool   isAuthenticated = (bool)context["IsAuthenticated"];

            //Make sure we valid parameters
            if (username == null || username.Length < 1 || properties.Count < 1)
            {
                return;
            }

            foreach (SettingsPropertyValue property in properties)
            {
                string sVal         = string.Empty;
                string PropertyType = string.Empty;

                //only save if the property is dirty or using its default value
                if (property.IsDirty || property.UsingDefaultValue)
                {
                    if (property.Property.SerializeAs == SettingsSerializeAs.Binary)
                    {
                        //Serialize the property value as binary
                        PropertyType = "B";

                        //NOT IMPLEMENTED
                    }
                    else
                    {
                        //Any serialization other than binary
                        object propVal = property.PropertyValue;

                        if (property.Deserialized && property.PropertyValue == null)
                        {
                            sVal = string.Empty;
                        }
                        else
                        {
                            if (!(property.SerializedValue is string))
                            {
                                if (property.SerializedValue == null)
                                {
                                    sVal = string.Empty;
                                }
                                else
                                {
                                    sVal = Convert.ToBase64String((byte[])property.SerializedValue);
                                }
                            }
                            else
                            {
                                sVal = (string)property.SerializedValue;
                            }
                        }
                        //if (property.Deserialized)
                        //{
                        //    sVal = Convert.ToBase64String((byte[])property.SerializedValue);
                        //}
                        //else
                        //{
                        //    sVal = Convert.ToBase64String((byte[])propVal);
                        //}

                        PropertyType = "S";
                    }

                    //Now call dataops and save the current property
                    _dops.ResetDops();
                    _dops.Sproc = "usp_SetProfileProperties";

                    _dops.SetParameter("@ApplicationName", ApplicationName, "IN");
                    _dops.SetParameter("@UserName", username, "IN");
                    _dops.SetParameter("@PropertyName", property.Name, "IN");
                    _dops.SetParameter("@PropertyValueString", sVal, "IN");
                    _dops.SetParameter("@PropertyValueBinary", string.Empty, "IN");
                    _dops.SetParameter("@PropertyType", PropertyType, "IN");
                    _dops.SetParameter("@CurrentTime", DateTime.Now, "IN");

                    _dops.Execute_Sql();
                }
            }
        }