private async Task <bool> SetLockout(UserAccountInfoViewModel model, TicketDeskUser user)
{
var currentlyLocked = UserManager.IsLockedOut(model.User.Id);
var currentlyDisabled = currentlyLocked && (user.LockoutEndDateUtc ?? DateTime.MinValue).ToUniversalTime() == DateTime.MaxValue.ToUniversalTime();
if (currentlyDisabled != model.IsDisabled || currentlyLocked != model.IsLocked)
{
DateTimeOffset newLockoutDate = DateTimeOffset.MinValue;
if (model.IsDisabled)
{
newLockoutDate = DateTimeOffset.MaxValue;
}
else if (model.IsLocked)
{
newLockoutDate = DateTimeOffset.Now.Add(UserManager.DefaultAccountLockoutTimeSpan);
}
var result = await UserManager.SetLockoutEndDateAsync(model.User.Id, newLockoutDate);
if (!result.Succeeded)
{
AddErrors(result);
}
return(result.Succeeded);
}
return(true);
}
private async Task SignInAsync(TicketDeskUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie, DefaultAuthenticationTypes.TwoFactorCookie);
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = isPersistent
}, await user.GenerateUserIdentityAsync(UserManager));
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new TicketDeskUser {
UserName = model.Email, Email = model.Email, DisplayName = model.DisplayName
};
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
await UserManager.AddToRoleAsync(user.Id, "TdInternalUsers");
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return(RedirectToAction("Index", "Home"));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public UserAccountInfoViewModel(TicketDeskUser user, IEnumerable <string> roles)
{
var lockDate = (user.LockoutEndDateUtc ?? DateTime.MinValue).ToUniversalTime();
User = user;
IsLocked = lockDate > DateTime.UtcNow && lockDate < DateTime.MaxValue.ToUniversalTime();
IsDisabled = lockDate == DateTime.MaxValue.ToUniversalTime();
Roles = roles ?? new string[] {};
}
public void InitializeUsers(TicketDeskIdentityContext context)
{
var demoMode = ConfigurationManager.AppSettings["ticketdesk:DemoModeEnabled"];
if (!string.IsNullOrEmpty(demoMode) && demoMode.Equals("true", StringComparison.InvariantCultureIgnoreCase))
{
DemoIdentityDataManager.SetupDemoIdentityData(context);
}
else//TODO: move this block to the context itself, and ensure that at least one admin account exists no matter what
{
//create the standard roles and default admin account
var userStore = new UserStore <TicketDeskUser>(context);
var roleStore = new RoleStore <IdentityRole>(context);
//TODO: this user manager has a default config, need to leverage the same user manager as the rest of the application
var userManager = new UserManager <TicketDeskUser>(userStore);
var roleManager = new RoleManager <IdentityRole>(roleStore);
var roleNames = context.DefaultRoleNames;
foreach (var roleName in roleNames)
{
//Create Role if it does not exist
var role = roleManager.FindByName(roleName);
if (role == null)
{
role = new IdentityRole(roleName);
roleManager.Create(role);
}
}
var existingAdminRole = roleManager.FindByName("TdAdministrators");
//only create default admin user if no other user exists with the admin role
if (existingAdminRole != null &&
!userManager.Users.Any(u => u.Roles.Any(r => r.RoleId == existingAdminRole.Id)))
{
var admin = new TicketDeskUser
{
Id = "64165817-9cb5-472f-8bfb-6a35ca54be6a",
UserName = "******",
Email = "*****@*****.**",
DisplayName = "Admin User",
};
if (userManager.FindById("64165817-9cb5-472f-8bfb-6a35ca54be6a") == null)
{
var adminRoles = new[] { "TdAdministrators", "TdHelpDeskUsers", "TdInternalUsers" };
userManager.Create(admin, "123456");
userManager.SetLockoutEnabled(admin.Id, false);
foreach (var rname in adminRoles)
{
userManager.AddToRole(admin.Id, rname);
}
}
}
}
}
/// <summary>
/// Migrates the users and roles from a legacy database to the new TD 2.5 schema.
/// </summary>
/// <param name="context">The identity database context</param>
/// <param name="userManager">The user manager.</param>
/// <param name="roleManager">The role manager.</param>
/// <returns><c>true</c> if users migrated, <c>false</c> otherwise.</returns>
public static bool MigrateSecurity(TdIdentityContext context, TicketDeskUserManager userManager, TicketDeskRoleManager roleManager)
{
roleManager.EnsureDefaultRolesExist();
var appId =
context.Database.SqlQuery <Guid>(
"select ApplicationId from aspnet_Applications where ApplicationName = 'TicketDesk'").First().ToString();
var users = context.Database.SqlQuery <LegacyUser>(
"select UserId, Email, Password, PasswordFormat, Comment from aspnet_Membership where ApplicationId = '" + appId + "' and IsApproved = 1 and IsLockedOut = 0").ToList();
const string roleQuery = "SELECT r.RoleName FROM aspnet_UsersInRoles u inner join aspnet_Roles r on u.RoleId = r.RoleId WHERE u.UserId = @userId and r.ApplicationId = @appId";
foreach (var user in users)
{
var newUser = new TicketDeskUser
{
UserName = user.Email,
Email = user.Email,
DisplayName = user.Comment,
};
var result = user.PasswordFormat == 0 ?
userManager.Create(newUser, user.Password) :
userManager.Create(newUser);
if (result.Succeeded)
{
var rolesForUser =
context.Database.SqlQuery <string>(roleQuery,
new SqlParameter("userId", user.UserId),
new SqlParameter("appId", appId));
var newRoles = new List <string>();
foreach (var role in rolesForUser)
{
switch (role.ToLowerInvariant())
{
case "administrators":
newRoles.Add("TdAdministrators");
break;
case "helpdesk":
newRoles.Add("TdHelpDeskUsers");
break;
case "ticketsubmitters":
newRoles.Add("TdInternalUsers");
break;
default:
newRoles.Add("TdPendingUsers");
break;
}
}
userManager.AddToRoles(newUser.Id, newRoles.ToArray());
}
}
return(true);
}
public static void SetupDemoIdentityData(TicketDeskIdentityContext context)
{
var userStore = new UserStore <TicketDeskUser>(context);
var roleStore = new RoleStore <IdentityRole>(context);
//TODO: this user manager has a default config, need to leverage the same user manager as the rest of the application
var userManager = new UserManager <TicketDeskUser>(userStore);
var roleManager = new RoleManager <IdentityRole>(roleStore);
var roleNames = context.DefaultRoleNames;
foreach (var roleName in roleNames)
{
//Create Role if it does not exist
var role = roleManager.FindByName(roleName);
if (role == null)
{
role = new IdentityRole(roleName);
roleManager.Create(role);
}
}
var admin = new TicketDeskUser {
Id = "64165817-9cb5-472f-8bfb-6a35ca54be6a", UserName = "******", Email = "*****@*****.**", DisplayName = "Admin User"
};
var staff = new TicketDeskUser {
Id = "72bdddfb-805a-4883-94b9-aa494f5f52dc", UserName = "******", Email = "*****@*****.**", DisplayName = "HelpDesk User"
};
var reguser = new TicketDeskUser {
Id = "17f78f38-fa68-445f-90de-38896140db28", UserName = "******", Email = "*****@*****.**", DisplayName = "Regular User"
};
var users = new[] { admin, staff, reguser };
var rolesNames = new Dictionary <string, string[]>
{
{ "*****@*****.**", new[] { "TdAdministrators", "TdHelpDeskUsers", "TdInternalUsers" } },
{ "*****@*****.**", new[] { "TdHelpDeskUsers", "TdInternalUsers" } },
{ "*****@*****.**", new[] { "TdInternalUsers" } }
};
foreach (var tdUser in users)
{
var user = userManager.FindByName(tdUser.UserName);
if (user == null)
{
user = tdUser;
userManager.Create(user, "123456");
userManager.SetLockoutEnabled(user.Id, false);
}
var rnames = rolesNames[user.UserName];
var rolesForUser = userManager.GetRoles(user.Id);
foreach (var rname in rnames.Where(rname => !rolesForUser.Contains(rname)))
{
userManager.AddToRole(user.Id, rname);
}
}
}
public static void SetupDemoIdentityData(TdIdentityContext context, string currentUserId)
{
var userStore = new UserStore <TicketDeskUser>(context);
var roleStore = new RoleStore <TicketDeskRole>(context);
var userManager = new TicketDeskUserManager(userStore);
var roleManager = new TicketDeskRoleManager(roleStore);
roleManager.EnsureDefaultRolesExist();
var staff = new TicketDeskUser {
Id = "72bdddfb-805a-4883-94b9-aa494f5f52dc", UserName = "******", Email = "*****@*****.**", DisplayName = "HelpDesk User"
};
var reguser = new TicketDeskUser {
Id = "17f78f38-fa68-445f-90de-38896140db28", UserName = "******", Email = "*****@*****.**", DisplayName = "Regular User"
};
var users = new List <TicketDeskUser> {
staff, reguser
};
var rolesNames = new Dictionary <string, string[]>
{
{ "*****@*****.**", new[] { "TdHelpDeskUsers" } },
{ "*****@*****.**", new[] { "TdInternalUsers" } }
};
if (currentUserId == null && userManager.FindByName("*****@*****.**") == null)
{
users.Add(new TicketDeskUser
{
Id = "64165817-9cb5-472f-8bfb-6a35ca54be6a",
UserName = "******",
Email = "*****@*****.**",
DisplayName = "Admin User"
});
rolesNames.Add("*****@*****.**", new[] { "TdAdministrators" });
}
foreach (var tdUser in users)
{
var user = userManager.FindById(tdUser.Id);
if (user != null)
{
userManager.Delete(user);
}
user = tdUser;
userManager.Create(user, "123456");
var rnames = rolesNames[user.UserName];
var rolesForUser = userManager.GetRoles(user.Id);
foreach (var rname in rnames.Where(rname => !rolesForUser.Contains(rname)))
{
userManager.AddToRole(user.Id, rname);
}
}
}
public async Task <ActionResult> CreateDatabase(string email, string password, string displayName)
{
using (var ctx = new TdDomainContext(null))
{
Database.SetInitializer(
new MigrateDatabaseToLatestVersion <TdDomainContext, Configuration>(true));
ctx.Database.Initialize(true);
}
var filter = GlobalFilters.Filters.FirstOrDefault(f => f.Instance is DbSetupFilter);
if (filter != null)
{
GlobalFilters.Filters.Remove(filter.Instance);
}
Database.SetInitializer(new TdIdentityDbInitializer());
var existingUser = UserManager.FindByName(email);
if (existingUser == null)
{
var user = new TicketDeskUser {
UserName = email, Email = email, DisplayName = displayName
};
await UserManager.CreateAsync(user, password);
await UserManager.AddToRoleAsync(user.Id, "TdAdministrators");
}
else
{
//should only happen if user entered one of the demo user names when setting up the DB
//reset the password to the one the user entered here, and set the admin role if needed
var token = await UserManager.GeneratePasswordResetTokenAsync(existingUser.Id);
await UserManager.ResetPasswordAsync(existingUser.Id, token, password);
existingUser.DisplayName = displayName;
await UserManager.UpdateAsync(existingUser);
if (!UserManager.IsTdAdministrator(existingUser.Id))
{
await UserManager.AddToRoleAsync(existingUser.Id, "TdAdministrators");
}
}
Database.SetInitializer(new TdPushNotificationDbInitializer());
Startup.ConfigurePushNotifications();
UpdateSearchIndex();
return(RedirectToAction("Index"));
}
private async Task <bool> UpdateUserInfo(TicketDeskUser user, UserAccountInfoViewModel model)
{
user.UserName = model.User.Email;
user.Email = model.User.Email;
user.DisplayName = model.User.DisplayName;
var result = await UserManager.UpdateAsync(user);
if (!result.Succeeded)
{
AddErrors(result);
}
return(result.Succeeded);
}
public async Task <ActionResult> Register(UserRegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new TicketDeskUser {
UserName = model.Email, Email = model.Email, DisplayName = model.DisplayName
};
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
await UserManager.AddToRolesAsync(user.Id, DomainContext.TicketDeskSettings.SecuritySettings.DefaultNewUserRoles.ToArray());
HostingEnvironment.QueueBackgroundWorkItem(ct =>
{
using
(
var notificationContext = DependencyResolver.Current.GetService <TdPushNotificationContext>()
)
{
notificationContext.SubscriberPushNotificationSettingsManager.AddSettingsForSubscriber(
new SubscriberNotificationSetting
{
SubscriberId = user.Id,
IsEnabled = true,
PushNotificationDestinations = new[]
{
new PushNotificationDestination()
{
DestinationType = "email",
DestinationAddress = user.Email,
SubscriberName = user.DisplayName
}
}
});
notificationContext.SaveChanges();
}
});
return(RedirectToAction("Index", "Home"));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
}
private async Task <bool> RemoveRoles(IEnumerable <string> roleIdsToRemove, TicketDeskUser user)
{
var roleNamesToRemove = RoleManager.Roles.Where(r => roleIdsToRemove.Any(ri => ri == r.Id)).Select(r => r.Name);
if (roleNamesToRemove.Any())
{
var result = await UserManager.RemoveFromRolesAsync(user.Id, await roleNamesToRemove.ToArrayAsync());
if (!result.Succeeded)
{
AddErrors(result);
}
return(result.Succeeded);
}
return(true);
}
private async Task ResetMailEmailDestination(TicketDeskUser user, string oldEmail)
{
var noteSettings =
await NotificationContext.SubscriberPushNotificationSettingsManager.GetSettingsForSubscriberAsync(user.Id);
var dest = noteSettings.PushNotificationDestinations.FirstOrDefault(
d => d.DestinationType == "email" && d.DestinationAddress == oldEmail);
if (dest == null)
{
dest = new PushNotificationDestination()
{
SubscriberId = user.Id, DestinationType = "email"
};
noteSettings.PushNotificationDestinations.Add(dest);
}
dest.DestinationAddress = user.Email;
dest.SubscriberName = user.DisplayName;
await NotificationContext.SaveChangesAsync();
}
public async Task <ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "Manage"));
}
if (ModelState.IsValid)
{
// Get the information about the user from the external login provider
var info = await AuthenticationManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(View("ExternalLoginFailure"));
}
var user = new TicketDeskUser {
UserName = model.Email, Email = model.Email
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
return(RedirectToLocal(returnUrl));
}
}
AddErrors(result);
}
ViewBag.ReturnUrl = returnUrl;
return(View(model));
}
public static void InitializeStockUsers(TdIdentityContext context)
{
//create the standard roles and default admin account
var userStore = new UserStore <TicketDeskUser>(context);
var roleStore = new RoleStore <TicketDeskRole>(context);
var userManager = new TicketDeskUserManager(userStore);
var roleManager = new TicketDeskRoleManager(roleStore);
roleManager.EnsureDefaultRolesExist();
var existingAdminRole = roleManager.FindByName("TdAdministrators");
//only create default admin user if no other user exists with the admin role
if (existingAdminRole != null &&
!userManager.Users.Any(u => u.Roles.Any(r => r.RoleId == existingAdminRole.Id)))
{
var admin = new TicketDeskUser
{
Id = "64165817-9cb5-472f-8bfb-6a35ca54be6a",
UserName = "******",
Email = "*****@*****.**",
DisplayName = "Admin User",
};
if (userManager.FindById("64165817-9cb5-472f-8bfb-6a35ca54be6a") == null)
{
var adminRoles = new[] { "TdAdministrators" };
userManager.Create(admin, "123456");
foreach (var rname in adminRoles)
{
userManager.AddToRole(admin.Id, rname);
}
}
}
}
