public UpdateUserResponse UpdateUser(UpdateUserRequest request) { var user = FindUserByName(request.UserDetail.UserName); EnsureCurrentUserAuthorizedToManage(user.AccountType); // update user account info var assembler = new UserAssembler(); assembler.UpdateUser(user, request.UserDetail, PersistenceContext); // for user accounts, reset password if requested if (request.UserDetail.ResetPassword) { if (user.AccountType != UserAccountType.U) { throw new RequestValidationException(SR.MessageAccountTypeDoesNotSupportPasswordReset); } var settings = new AuthenticationSettings(); user.ResetPassword(settings.DefaultTemporaryPassword); } // for system accounts, update the password if specified if (!string.IsNullOrEmpty(request.Password) && user.AccountType == UserAccountType.S) { PasswordPolicy.CheckPasswordCandidate(user.AccountType, request.Password, new AuthenticationSettings()); user.ChangePassword(request.Password, null); } PersistenceContext.SynchState(); return(new UpdateUserResponse(assembler.GetUserSummary(user))); }
private static Password GetNewAccountPassword(UserAccountType accountType, string password) { var settings = new AuthenticationSettings(); switch (accountType) { case UserAccountType.U: // for user accounts, always use the temp password, set to expire immediately return(Password.CreateTemporaryPassword(settings.DefaultTemporaryPassword)); case UserAccountType.G: // for group accounts, generate a random password (since it will never be used) return(Password.CreatePassword(Guid.NewGuid().ToString("N"), null)); case UserAccountType.S: // for system accounts, use password provided in request, and set to never expire PasswordPolicy.CheckPasswordCandidate(UserAccountType.S, password, settings); return(Password.CreatePassword(password, null)); default: throw new ArgumentOutOfRangeException("accountType"); } }