public Result <ServiceResponse> ResetPassword(ResetPasswordRequest request)
{
return(this.InTransaction("Default", uow =>
{
request.CheckNotNull();
if (string.IsNullOrEmpty(request.Token))
{
throw new ArgumentNullException("token");
}
var bytes = HttpContext.RequestServices
.GetDataProtector("ResetPassword").Unprotect(Convert.FromBase64String(request.Token));
int userId;
using (var ms = new MemoryStream(bytes))
using (var br = new BinaryReader(ms))
{
var dt = DateTime.FromBinary(br.ReadInt64());
if (dt < DateTime.UtcNow)
{
throw new ValidationError(Texts.Validation.InvalidResetToken);
}
userId = br.ReadInt32();
}
UserRow user;
using (var connection = SqlConnections.NewFor <UserRow>())
{
user = connection.TryById <UserRow>(userId);
if (user == null)
{
throw new ValidationError(Texts.Validation.InvalidResetToken);
}
}
if (request.ConfirmPassword != request.NewPassword)
{
throw new ValidationError("PasswordConfirmMismatch", LocalText.Get("Validation.PasswordConfirm"));
}
request.NewPassword = UserRepository.ValidatePassword(user.Username, request.NewPassword, false);
string salt = null;
var hash = UserRepository.GenerateHash(request.NewPassword, ref salt);
UserRepository.CheckPublicDemo(user.UserId);
uow.Connection.UpdateById(new UserRow
{
UserId = user.UserId.Value,
PasswordSalt = salt,
PasswordHash = hash
});
BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey);
return new ServiceResponse();
}));
}
public SaveResponse Update(IUnitOfWork uow, UserPermissionUpdateRequest request)
{
Check.NotNull(request, "request");
Check.NotNull(request.UserID, "userID");
Check.NotNull(request.Permissions, "permissions");
var userID = request.UserID.Value;
var oldList = new Dictionary <string, bool>(StringComparer.OrdinalIgnoreCase);
foreach (var p in GetExisting(uow.Connection, userID, request.Module, request.Submodule))
{
oldList[p.PermissionKey] = p.Granted.Value;
}
var newList = new Dictionary <string, bool>(StringComparer.OrdinalIgnoreCase);
foreach (var p in request.Permissions)
{
newList[p.PermissionKey] = p.Granted ?? false;
}
if (oldList.Count == newList.Count &&
oldList.All(x => newList.ContainsKey(x.Key) && newList[x.Key] == x.Value))
{
return(new SaveResponse());
}
foreach (var k in oldList.Keys)
{
if (newList.ContainsKey(k))
{
continue;
}
new SqlDelete(fld.TableName)
.Where(
new Criteria(fld.UserId) == userID &
new Criteria(fld.PermissionKey) == k)
.Execute(uow.Connection);
}
foreach (var k in newList.Keys)
{
if (!oldList.ContainsKey(k))
{
uow.Connection.Insert(new MyRow
{
UserId = userID,
PermissionKey = k,
Granted = newList[k]
});
}
else if (oldList[k] != newList[k])
{
new SqlUpdate(fld.TableName)
.Where(
fld.UserId == userID &
fld.PermissionKey == k)
.Set(fld.Granted, newList[k])
.Execute(uow.Connection);
}
}
BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey);
return(new SaveResponse());
}
protected override void AfterSave()
{
base.AfterSave();
BatchGenerationUpdater.OnCommit(this.UnitOfWork, fld.GenerationKey);
}
public SaveResponse Update(IUnitOfWork uow, RolePermissionUpdateRequest request)
{
Check.NotNull(request, "request");
Check.NotNull(request.RoleID, "roleID");
Check.NotNull(request.Permissions, "permissions");
var roleID = request.RoleID.Value;
var oldList = new HashSet <string>(
GetExisting(uow.Connection, roleID, request.Module, request.Submodule)
.Select(x => x.PermissionKey), StringComparer.OrdinalIgnoreCase);
var newList = new HashSet <string>(request.Permissions.ToList(),
StringComparer.OrdinalIgnoreCase);
var allowedKeys = new UserPermissionRepository()
.ListPermissionKeys()
.Entities.ToDictionary(x => x);
if (newList.Any(x => !allowedKeys.ContainsKey(x)))
{
throw new AccessViolationException();
}
if (oldList.SetEquals(newList))
{
return(new SaveResponse());
}
foreach (var k in oldList)
{
if (newList.Contains(k))
{
continue;
}
new SqlDelete(fld.TableName)
.Where(
new Criteria(fld.RoleId) == roleID &
new Criteria(fld.PermissionKey) == k)
.Execute(uow.Connection);
}
foreach (var k in newList)
{
if (oldList.Contains(k))
{
continue;
}
uow.Connection.Insert(new MyRow
{
RoleId = roleID,
PermissionKey = k
});
}
BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey);
BatchGenerationUpdater.OnCommit(uow, Entities.UserPermissionRow.Fields.GenerationKey);
return(new SaveResponse());
}
