/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
throw new ArgumentNullException("request");
var result = new ChangePasswordResult();
if (String.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return result;
}
if (String.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return result;
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return result;
}
var requestIsValid = false;
if (request.ValidateRequest)
{
//password
string oldPwd = "";
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
oldPwd = _encryptionService.EncryptText(request.OldPassword);
break;
case PasswordFormat.Hashed:
oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
oldPwd = request.OldPassword;
break;
}
bool oldPasswordIsValid = oldPwd == customer.Password;
if (!oldPasswordIsValid)
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
if (oldPasswordIsValid)
requestIsValid = true;
}
else
requestIsValid = true;
//at this point request is valid
if (requestIsValid)
{
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
{
customer.Password = request.NewPassword;
}
break;
case PasswordFormat.Encrypted:
{
customer.Password = _encryptionService.EncryptText(request.NewPassword);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
customer.PasswordSalt = saltKey;
customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
default:
break;
}
customer.PasswordFormat = request.NewPasswordFormat;
_customerService.UpdateCustomer(customer);
}
return result;
}
public ActionResult Create(CustomerModel model, bool continueEditing, FormCollection form)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))
return AccessDeniedView();
if (!String.IsNullOrWhiteSpace(model.Email))
{
var cust2 = _customerService.GetCustomerByEmail(model.Email);
if (cust2 != null)
ModelState.AddModelError("", "Email is already registered");
}
if (!String.IsNullOrWhiteSpace(model.Username) & _customerSettings.UsernamesEnabled)
{
var cust2 = _customerService.GetCustomerByUsername(model.Username);
if (cust2 != null)
ModelState.AddModelError("", "Username is already registered");
}
//validate customer roles
var allCustomerRoles = _customerService.GetAllCustomerRoles(true);
var newCustomerRoles = new List<CustomerRole>();
foreach (var customerRole in allCustomerRoles)
if (model.SelectedCustomerRoleIds != null && model.SelectedCustomerRoleIds.Contains(customerRole.Id))
newCustomerRoles.Add(customerRole);
var customerRolesError = ValidateCustomerRoles(newCustomerRoles);
if (!String.IsNullOrEmpty(customerRolesError))
{
ModelState.AddModelError("", customerRolesError);
ErrorNotification(customerRolesError, false);
}
if (ModelState.IsValid)
{
var customer = new Customer
{
CustomerGuid = Guid.NewGuid(),
Email = model.Email,
Username = model.Username,
VendorId = model.VendorId,
AdminComment = model.AdminComment,
IsTaxExempt = model.IsTaxExempt,
Active = model.Active,
CreatedOnUtc = DateTime.UtcNow,
LastActivityDateUtc = DateTime.UtcNow,
};
_customerService.InsertCustomer(customer);
//form fields
if (_dateTimeSettings.AllowCustomersToSetTimeZone)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.TimeZoneId, model.TimeZoneId);
if (_customerSettings.GenderEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Gender, model.Gender);
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.FirstName, model.FirstName);
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.LastName, model.LastName);
if (_customerSettings.DateOfBirthEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.DateOfBirth, model.DateOfBirth);
if (_customerSettings.CompanyEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Company, model.Company);
if (_customerSettings.StreetAddressEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.StreetAddress, model.StreetAddress);
if (_customerSettings.StreetAddress2Enabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.StreetAddress2, model.StreetAddress2);
if (_customerSettings.ZipPostalCodeEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.ZipPostalCode, model.ZipPostalCode);
if (_customerSettings.CityEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.City, model.City);
if (_customerSettings.CountryEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.CountryId, model.CountryId);
if (_customerSettings.CountryEnabled && _customerSettings.StateProvinceEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.StateProvinceId, model.StateProvinceId);
if (_customerSettings.PhoneEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Phone, model.Phone);
if (_customerSettings.FaxEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Fax, model.Fax);
//custom customer attributes
var customerAttributes = ParseCustomCustomerAttributes(customer, form);
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.CustomCustomerAttributes, customerAttributes);
//password
if (!String.IsNullOrWhiteSpace(model.Password))
{
var changePassRequest = new ChangePasswordRequest(model.Email, false, _customerSettings.DefaultPasswordFormat, model.Password);
var changePassResult = _customerRegistrationService.ChangePassword(changePassRequest);
if (!changePassResult.Success)
{
foreach (var changePassError in changePassResult.Errors)
ErrorNotification(changePassError);
}
}
//customer roles
foreach (var customerRole in newCustomerRoles)
{
//ensure that the current customer cannot add to "Administrators" system role if he's not an admin himself
if (customerRole.SystemName == SystemCustomerRoleNames.Administrators &&
!_workContext.CurrentCustomer.IsAdmin())
continue;
customer.CustomerRoles.Add(customerRole);
}
_customerService.UpdateCustomer(customer);
//ensure that a customer with a vendor associated is not in "Administrators" role
//otherwise, he won't be have access to the other functionality in admin area
if (customer.IsAdmin() && customer.VendorId > 0)
{
customer.VendorId = 0;
_customerService.UpdateCustomer(customer);
ErrorNotification(_localizationService.GetResource("Admin.Customers.Customers.AdminCouldNotbeVendor"));
}
//ensure that a customer in the Vendors role has a vendor account associated.
//otherwise, he will have access to ALL products
if (customer.IsVendor() && customer.VendorId == 0)
{
var vendorRole = customer
.CustomerRoles
.FirstOrDefault(x => x.SystemName == SystemCustomerRoleNames.Vendors);
customer.CustomerRoles.Remove(vendorRole);
_customerService.UpdateCustomer(customer);
ErrorNotification(_localizationService.GetResource("Admin.Customers.Customers.CannotBeInVendoRoleWithoutVendorAssociated"));
}
//activity log
_customerActivityService.InsertActivity("AddNewCustomer", _localizationService.GetResource("ActivityLog.AddNewCustomer"), customer.Id);
SuccessNotification(_localizationService.GetResource("Admin.Customers.Customers.Added"));
return continueEditing ? RedirectToAction("Edit", new { id = customer.Id }) : RedirectToAction("List");
}
//If we got this far, something failed, redisplay form
PrepareCustomerModel(model, null, true);
return View(model);
}
public ActionResult ChangePassword(ChangePasswordModel model)
{
if (!_workContext.CurrentCustomer.IsRegistered())
return new HttpUnauthorizedResult();
var customer = _workContext.CurrentCustomer;
if (ModelState.IsValid)
{
var changePasswordRequest = new ChangePasswordRequest(customer.Email,
true, _customerSettings.DefaultPasswordFormat, model.NewPassword, model.OldPassword);
var changePasswordResult = _customerRegistrationService.ChangePassword(changePasswordRequest);
if (changePasswordResult.Success)
{
model.Result = _localizationService.GetResource("Account.ChangePassword.Success");
return View(model);
}
//errors
foreach (var error in changePasswordResult.Errors)
ModelState.AddModelError("", error);
}
//If we got this far, something failed, redisplay form
return View(model);
}
public ActionResult ChangePassword(CustomerModel model)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))
return AccessDeniedView();
var customer = _customerService.GetCustomerById(model.Id);
if (customer == null)
//No customer found with the specified id
return RedirectToAction("List");
//ensure that the current customer cannot change passwords of "Administrators" if he's not an admin himself
if (customer.IsAdmin() && !_workContext.CurrentCustomer.IsAdmin())
{
ErrorNotification(_localizationService.GetResource("Admin.Customers.Customers.OnlyAdminCanChangePassword"));
return RedirectToAction("Edit", new { id = customer.Id });
}
if (ModelState.IsValid)
{
var changePassRequest = new ChangePasswordRequest(model.Email,
false, _customerSettings.DefaultPasswordFormat, model.Password);
var changePassResult = _customerRegistrationService.ChangePassword(changePassRequest);
if (changePassResult.Success)
SuccessNotification(_localizationService.GetResource("Admin.Customers.Customers.PasswordChanged"));
else
foreach (var error in changePassResult.Errors)
ErrorNotification(error);
}
return RedirectToAction("Edit", new {id = customer.Id});
}
public ActionResult ChangePassword(CustomerModel model)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))
return AccessDeniedView();
var customer = _customerService.GetCustomerById(model.Id);
if (customer == null)
//No customer found with the specified id
return RedirectToAction("List");
if (ModelState.IsValid)
{
var changePassRequest = new ChangePasswordRequest(model.Email,
false, _customerSettings.DefaultPasswordFormat, model.Password);
var changePassResult = _customerRegistrationService.ChangePassword(changePassRequest);
if (changePassResult.Success)
SuccessNotification(_localizationService.GetResource("Admin.Customers.Customers.PasswordChanged"));
else
foreach (var error in changePassResult.Errors)
ErrorNotification(error);
}
return RedirectToAction("Edit", customer.Id);
}
public ActionResult Create(CustomerModel model, bool continueEditing)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))
return AccessDeniedView();
if (!String.IsNullOrWhiteSpace(model.Email))
{
var cust2 = _customerService.GetCustomerByEmail(model.Email);
if (cust2 != null)
ModelState.AddModelError("", "Email is already registered");
}
if (!String.IsNullOrWhiteSpace(model.Username) & _customerSettings.UsernamesEnabled)
{
var cust2 = _customerService.GetCustomerByUsername(model.Username);
if (cust2 != null)
ModelState.AddModelError("", "Username is already registered");
}
//validate customer roles
var allCustomerRoles = _customerService.GetAllCustomerRoles(true);
var newCustomerRoles = new List<CustomerRole>();
foreach (var customerRole in allCustomerRoles)
if (model.SelectedCustomerRoleIds != null && model.SelectedCustomerRoleIds.Contains(customerRole.Id))
newCustomerRoles.Add(customerRole);
var customerRolesError = ValidateCustomerRoles(newCustomerRoles);
if (!String.IsNullOrEmpty(customerRolesError))
{
ModelState.AddModelError("", customerRolesError);
ErrorNotification(customerRolesError, false);
}
bool allowManagingCustomerRoles = _permissionService.Authorize(StandardPermissionProvider.ManageCustomerRoles);
if (ModelState.IsValid)
{
var customer = new Customer()
{
CustomerGuid = Guid.NewGuid(),
Email = model.Email,
Username = model.Username,
VendorId = model.VendorId,
AdminComment = model.AdminComment,
IsTaxExempt = model.IsTaxExempt,
Active = model.Active,
CreatedOnUtc = DateTime.UtcNow,
LastActivityDateUtc = DateTime.UtcNow,
};
_customerService.InsertCustomer(customer);
//form fields
if (_dateTimeSettings.AllowCustomersToSetTimeZone)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.TimeZoneId, model.TimeZoneId);
if (_customerSettings.GenderEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Gender, model.Gender);
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.FirstName, model.FirstName);
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.LastName, model.LastName);
if (_customerSettings.DateOfBirthEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.DateOfBirth, model.DateOfBirth);
if (_customerSettings.CompanyEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Company, model.Company);
if (_customerSettings.StreetAddressEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.StreetAddress, model.StreetAddress);
if (_customerSettings.StreetAddress2Enabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.StreetAddress2, model.StreetAddress2);
if (_customerSettings.ZipPostalCodeEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.ZipPostalCode, model.ZipPostalCode);
if (_customerSettings.CityEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.City, model.City);
if (_customerSettings.CountryEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.CountryId, model.CountryId);
if (_customerSettings.CountryEnabled && _customerSettings.StateProvinceEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.StateProvinceId, model.StateProvinceId);
if (_customerSettings.PhoneEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Phone, model.Phone);
if (_customerSettings.FaxEnabled)
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.Fax, model.Fax);
//password
if (!String.IsNullOrWhiteSpace(model.Password))
{
var changePassRequest = new ChangePasswordRequest(model.Email, false, _customerSettings.DefaultPasswordFormat, model.Password);
var changePassResult = _customerRegistrationService.ChangePassword(changePassRequest);
if (!changePassResult.Success)
{
foreach (var changePassError in changePassResult.Errors)
ErrorNotification(changePassError);
}
}
//customer roles
if (allowManagingCustomerRoles)
{
foreach (var customerRole in newCustomerRoles)
customer.CustomerRoles.Add(customerRole);
_customerService.UpdateCustomer(customer);
}
//ensure that a customer with a vendor associated is not in "Administrators" role
//otherwise, he won't be have access to the other functionality in admin area
if (customer.IsAdmin() && customer.VendorId > 0)
{
customer.VendorId = 0;
_customerService.UpdateCustomer(customer);
ErrorNotification(_localizationService.GetResource("Admin.Customers.Customers.AdminCouldNotbeVendor"));
}
//ensure that a customer in the Vendors role has a vendor account associated.
//otherwise, he will have access to ALL products
if (customer.IsVendor() && customer.VendorId == 0)
{
var vendorRole = customer
.CustomerRoles
.FirstOrDefault(x => x.SystemName == SystemCustomerRoleNames.Vendors);
customer.CustomerRoles.Remove(vendorRole);
_customerService.UpdateCustomer(customer);
ErrorNotification(_localizationService.GetResource("Admin.Customers.Customers.CannotBeInVendoRoleWithoutVendorAssociated"));
}
//activity log
_customerActivityService.InsertActivity("AddNewCustomer", _localizationService.GetResource("ActivityLog.AddNewCustomer"), customer.Id);
SuccessNotification(_localizationService.GetResource("Admin.Customers.Customers.Added"));
return continueEditing ? RedirectToAction("Edit", new { id = customer.Id }) : RedirectToAction("List");
}
//If we got this far, something failed, redisplay form
model.UsernamesEnabled = _customerSettings.UsernamesEnabled;
model.AllowUsersToChangeUsernames = _customerSettings.AllowUsersToChangeUsernames;
model.AllowCustomersToSetTimeZone = _dateTimeSettings.AllowCustomersToSetTimeZone;
foreach (var tzi in _dateTimeHelper.GetSystemTimeZones())
model.AvailableTimeZones.Add(new SelectListItem() { Text = tzi.DisplayName, Value = tzi.Id, Selected = (tzi.Id == model.TimeZoneId) });
model.DisplayVatNumber = false;
//customer roles
model.AvailableCustomerRoles = _customerService
.GetAllCustomerRoles(true)
.Select(cr => cr.ToModel())
.ToList();
model.AllowManagingCustomerRoles = allowManagingCustomerRoles;
//vendors
PrepareVendorsModel(model);
//form fields
model.GenderEnabled = _customerSettings.GenderEnabled;
model.DateOfBirthEnabled = _customerSettings.DateOfBirthEnabled;
model.CompanyEnabled = _customerSettings.CompanyEnabled;
model.StreetAddressEnabled = _customerSettings.StreetAddressEnabled;
model.StreetAddress2Enabled = _customerSettings.StreetAddress2Enabled;
model.ZipPostalCodeEnabled = _customerSettings.ZipPostalCodeEnabled;
model.CityEnabled = _customerSettings.CityEnabled;
model.CountryEnabled = _customerSettings.CountryEnabled;
model.StateProvinceEnabled = _customerSettings.StateProvinceEnabled;
model.PhoneEnabled = _customerSettings.PhoneEnabled;
model.FaxEnabled = _customerSettings.FaxEnabled;
if (_customerSettings.CountryEnabled)
{
model.AvailableCountries.Add(new SelectListItem() { Text = _localizationService.GetResource("Address.SelectCountry"), Value = "0" });
foreach (var c in _countryService.GetAllCountries())
{
model.AvailableCountries.Add(new SelectListItem() { Text = c.Name, Value = c.Id.ToString(), Selected = (c.Id == model.CountryId) });
}
if (_customerSettings.StateProvinceEnabled)
{
//states
var states = _stateProvinceService.GetStateProvincesByCountryId(model.CountryId).ToList();
if (states.Count > 0)
{
foreach (var s in states)
model.AvailableStates.Add(new SelectListItem() { Text = s.Name, Value = s.Id.ToString(), Selected = (s.Id == model.StateProvinceId) });
}
else
model.AvailableStates.Add(new SelectListItem() { Text = _localizationService.GetResource("Address.OtherNonUS"), Value = "0" });
}
}
return View(model);
}
public ActionResult ChangePassword(ChangePasswordModel model)
{
if (!IsCurrentUserRegistered())
return new HttpUnauthorizedResult();
var customer = _workContext.CurrentCustomer;
model.NavigationModel = GetCustomerNavigationModel(customer);
model.NavigationModel.SelectedTab = CustomerNavigationEnum.ChangePassword;
if (ModelState.IsValid)
{
var changePasswordRequest = new ChangePasswordRequest(customer.Email,
true, PasswordFormat.Hashed, model.NewPassword, model.OldPassword);
var changePasswordResult = _customerRegistrationService.ChangePassword(changePasswordRequest);
if (changePasswordResult.Success)
{
model.Result = _localizationService.GetResource("Account.ChangePassword.Success");
return View(model);
}
else
{
foreach (var error in changePasswordResult.Errors)
ModelState.AddModelError("", error);
}
}
//If we got this far, something failed, redisplay form
return View(model);
}
public ActionResult Create(CustomerModel model, bool continueEditing)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))
return AccessDeniedView();
if (!String.IsNullOrWhiteSpace(model.Email))
{
var cust2 = _customerService.GetCustomerByEmail(model.Email);
if (cust2 != null)
ModelState.AddModelError("", "Email is already registered");
}
if (!String.IsNullOrWhiteSpace(model.Username) & _customerSettings.UsernamesEnabled)
{
var cust2 = _customerService.GetCustomerByEmail(model.Username);
if (cust2 != null)
ModelState.AddModelError("", "Username is already registered");
}
if (ModelState.IsValid)
{
var customer = new Customer()
{
CustomerGuid = Guid.NewGuid(),
Email = model.Email,
Username = model.Username,
AdminComment = model.AdminComment,
IsTaxExempt = model.IsTaxExempt,
TimeZoneId = model.TimeZoneId,
Active = model.Active,
CreatedOnUtc = DateTime.UtcNow,
LastActivityDateUtc = DateTime.UtcNow,
};
_customerService.InsertCustomer(customer);
//form fields
if (_customerSettings.GenderEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.Gender, model.Gender);
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.FirstName, model.FirstName);
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.LastName, model.LastName);
if (_customerSettings.DateOfBirthEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.DateOfBirth, model.DateOfBirth);
if (_customerSettings.CompanyEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.Company, model.Company);
if (_customerSettings.StreetAddressEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.StreetAddress, model.StreetAddress);
if (_customerSettings.StreetAddress2Enabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.StreetAddress2, model.StreetAddress2);
if (_customerSettings.ZipPostalCodeEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.ZipPostalCode, model.ZipPostalCode);
if (_customerSettings.CityEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.City, model.City);
if (_customerSettings.CountryEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.CountryId, model.CountryId);
if (_customerSettings.CountryEnabled && _customerSettings.StateProvinceEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.StateProvinceId, model.StateProvinceId);
if (_customerSettings.PhoneEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.Phone, model.Phone);
if (_customerSettings.FaxEnabled)
_customerService.SaveCustomerAttribute(customer, SystemCustomerAttributeNames.Fax, model.Fax);
//password
if (!String.IsNullOrWhiteSpace(model.Password))
{
var changePassRequest = new ChangePasswordRequest(model.Email, false, PasswordFormat.Hashed, model.Password);
var changePassResult = _customerService.ChangePassword(changePassRequest);
if (!changePassResult.Success)
{
foreach (var changePassError in changePassResult.Errors)
ErrorNotification(changePassError);
}
}
//customer roles
var allCustomerRoles = _customerService.GetAllCustomerRoles(true);
foreach (var customerRole in allCustomerRoles)
{
if (model.SelectedCustomerRoleIds != null && model.SelectedCustomerRoleIds.Contains(customerRole.Id))
customer.CustomerRoles.Add(customerRole);
}
_customerService.UpdateCustomer(customer);
//activity log
_customerActivityService.InsertActivity("AddNewCustomer", _localizationService.GetResource("ActivityLog.AddNewCustomer"), customer.Id);
SuccessNotification(_localizationService.GetResource("Admin.Customers.Customers.Added"));
return continueEditing ? RedirectToAction("Edit", new { id = customer.Id }) : RedirectToAction("List");
}
//If we got this far, something failed, redisplay form
model.UsernamesEnabled = _customerSettings.UsernamesEnabled;
model.AllowUsersToChangeUsernames = _customerSettings.AllowUsersToChangeUsernames;
model.AllowCustomersToSetTimeZone = _dateTimeSettings.AllowCustomersToSetTimeZone;
foreach (var tzi in _dateTimeHelper.GetSystemTimeZones())
model.AvailableTimeZones.Add(new SelectListItem() { Text = tzi.DisplayName, Value = tzi.Id, Selected = (tzi.Id == model.TimeZoneId) });
model.DisplayVatNumber = false;
//customer roles
var customerRoles = _customerService.GetAllCustomerRoles(true);
model.AvailableCustomerRoles = customerRoles.ToList();
//form fields
model.GenderEnabled = _customerSettings.GenderEnabled;
model.DateOfBirthEnabled = _customerSettings.DateOfBirthEnabled;
model.CompanyEnabled = _customerSettings.CompanyEnabled;
model.StreetAddressEnabled = _customerSettings.StreetAddressEnabled;
model.StreetAddress2Enabled = _customerSettings.StreetAddress2Enabled;
model.ZipPostalCodeEnabled = _customerSettings.ZipPostalCodeEnabled;
model.CityEnabled = _customerSettings.CityEnabled;
model.CountryEnabled = _customerSettings.CountryEnabled;
model.StateProvinceEnabled = _customerSettings.StateProvinceEnabled;
model.PhoneEnabled = _customerSettings.PhoneEnabled;
model.FaxEnabled = _customerSettings.FaxEnabled;
if (_customerSettings.CountryEnabled)
{
model.AvailableCountries.Add(new SelectListItem() { Text = _localizationService.GetResource("Address.SelectCountry"), Value = "0" });
foreach (var c in _countryService.GetAllCountries())
{
model.AvailableCountries.Add(new SelectListItem() { Text = c.Name, Value = c.Id.ToString(), Selected = (c.Id == model.CountryId) });
}
if (_customerSettings.StateProvinceEnabled)
{
//states
var states = _stateProvinceService.GetStateProvincesByCountryId(model.CountryId).ToList();
if (states.Count > 0)
{
foreach (var s in states)
model.AvailableStates.Add(new SelectListItem() { Text = s.Name, Value = s.Id.ToString(), Selected = (s.Id == model.StateProvinceId) });
}
else
model.AvailableStates.Add(new SelectListItem() { Text = _localizationService.GetResource("Address.OtherNonUS"), Value = "0" });
}
}
return View(model);
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
var result = new ChangePasswordResult();
if (String.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (String.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
var requestIsValid = false;
if (request.ValidateRequest)
{
//password
string oldPwd;
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
oldPwd = _encryptionService.EncryptText(request.OldPassword);
break;
case PasswordFormat.Hashed:
oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
oldPwd = request.OldPassword;
break;
}
bool oldPasswordIsValid = oldPwd == customer.Password;
if (!oldPasswordIsValid)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
}
if (oldPasswordIsValid)
{
requestIsValid = true;
}
}
else
{
requestIsValid = true;
}
//at this point request is valid
if (requestIsValid)
{
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
{
customer.Password = request.NewPassword;
}
break;
case PasswordFormat.Encrypted:
{
customer.Password = _encryptionService.EncryptText(request.NewPassword);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
customer.PasswordSalt = saltKey;
customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
default:
break;
}
customer.PasswordFormat = request.NewPasswordFormat;
_customerService.UpdateCustomer(customer);
}
return(result);
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var result = new ChangePasswordResult();
if (string.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (string.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
if (request.ValidateRequest)
{
//request isn't valid
if (!PasswordsMatch(_customerService.GetCurrentPassword(customer.Id), request.OldPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
return(result);
}
}
//check for duplicates
if (_customerSettings.UnduplicatedPasswordsNumber > 0)
{
//get some of previous passwords
var previousPasswords = _customerService.GetCustomerPasswords(customer.Id, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber);
var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password, request.NewPassword));
if (newPasswordMatchesWithPrevious)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious"));
return(result);
}
}
//at this point request is valid
var customerPassword = new CustomerPassword
{
Customer = customer,
PasswordFormat = request.NewPasswordFormat,
CreatedOnUtc = DateTime.UtcNow
};
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
customerPassword.Password = request.NewPassword;
break;
case PasswordFormat.Encrypted:
customerPassword.Password = _encryptionService.EncryptText(request.NewPassword);
break;
case PasswordFormat.Hashed:
{
var saltKey = _encryptionService.CreateSaltKey(SALT_KEY_SIZE);
customerPassword.PasswordSalt = saltKey;
customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
}
_customerService.InsertCustomerPassword(customerPassword);
//publish event
_eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword));
return(result);
}
