Ejemplo n.º 1
0
        /// <summary>
        /// Creates the user in the system and returns the system generated username
        /// </summary>
        /// <param name="useModelUserName">If true then try to use <see cref="UserModel"/> instance Username if it exists.  Otherwise fall back to building a user name. </param>
        public string CreateUser(UserModel userModel, string storeName, string password, bool active, bool useModelUserName)
        {
            var authorizationManager = new AuthorizationManager(storeName);

            string username = CreateUniqueUserName(userModel.FirstName, userModel.MiddleInitial, userModel.LastName);

            username = (useModelUserName && !string.IsNullOrWhiteSpace(userModel.Username)) ? userModel.Username : username;

            //register the user
            //try to get the dbuser, and if they arlready exists, just create the account, otherwise create the user and account.
            if (!authorizationManager.InAuthorizationSystem(username))
            {
                WebSecurity.CreateUserAndAccount(username,
                                                 password,

                                                 new
                {
                    FirstName            = userModel.FirstName,
                    MiddleName           = userModel.MiddleInitial,
                    LastName             = userModel.LastName,
                    Phone                = userModel.PhoneNumber,
                    Email                = userModel.EmailAddress,
                    CreatedDate          = DateTime.Now,
                    RequirePasswordReset = true
                });
            }
            else
            {
                //only create them if they dont already exist
                if (!WebSecurity.UserExists(username))
                {
                    //create them
                    WebSecurity.CreateAccount(username, password);
                }
            }

            //update their profile
            //set the models username now that we have it
            userModel.Username = username;

            UpdateUserProfile(userModel, active);
            //now force them to change their pw on next login
            UpdateUserPasswordReset(username, true);

            //add the password to the password history so they cant set it back ot the default
            var pwMGr = new PasswordManager(username);

            pwMGr.AddPasswordToHistory(password);

            //now add them to the default group for this store they will have access to
            authorizationManager.AddGroupMember(Constants.Security.DefaultStoreGroupName, username);

            //update the caching table to include this person
            int userID = GetUserId(userModel.Username);

            authorizationManager.AddCustomerAccess(userID);

            //have to check to see if groupname is null - otherwise we throw an error
            if (!string.IsNullOrEmpty(userModel.Role))
            {
                // now add them to the specific group for this store they will have access to
                authorizationManager.AddGroupMember(userModel.Role, username);
            }

            return(username);
        }