public CPGroup UpdateGroup(CPGroup group) { if (group == null) { return(null); } using (CPSecurityEntities context = new CPSecurityEntities()) { var match = context.SecurityGroups.FirstOrDefault(g => g.GroupId == group.ID); if (match == null) { return(null); } match.GroupName = group.Name; match.UserRights = (int)group.UserRights; try { context.SaveChanges(); } catch (OptimisticConcurrencyException) { context.Refresh(RefreshMode.ClientWins, match); context.SaveChanges(); } catch (ConstraintException) { } return(GetGroup(match.GroupName)); } }
public bool ChangePassword(string username, string oldPassword, string newPassword) { MembershipUser user = Membership.GetUser(username); if (user != null && user.ChangePassword(oldPassword, newPassword)) { using (CPSecurityEntities context = new CPSecurityEntities()) { var match = context.SecurityUserProfiles.FirstOrDefault(p => p.UserName == username); if (match != null) { match.PasswordExpired = false; try { context.SaveChanges(); } catch (OptimisticConcurrencyException) { context.Refresh(RefreshMode.ClientWins, match); context.SaveChanges(); } } } return(true); } return(false); }
public bool RemoveUserFromGroups(string username, List <byte> groupIDs) { if (groupIDs == null || groupIDs.Count == 0) { return(true); } using (CPSecurityEntities context = new CPSecurityEntities()) { foreach (var m in from m in context.SecurityGroupMemberships where m.UserName == username && groupIDs.Contains(m.GroupId) select m) { context.DeleteObject(m); } try { context.SaveChanges(); return(true); } catch (ConstraintException) { return(false); } } }
public bool AddUserToGroups(string username, List <byte> groupIDs) { using (CPSecurityEntities context = new CPSecurityEntities()) { foreach (var id in (groupIDs ?? new List <byte>()).Except(from m in context.SecurityGroupMemberships where m.UserName == username select m.GroupId)) { context.SecurityGroupMemberships.AddObject(new SecurityGroupMembership() { UserName = username, GroupId = id }); } try { context.SaveChanges(); return(true); } catch (ConstraintException) { return(false); } } }
/// <summary> /// Creates a new login token for authenticating a specific user for a specific application. /// </summary> /// <param name="username">The login name of the user requesting authentication.</param> /// <param name="applicationID">The unique identifier of the application requesting authentication.</param> /// <returns>A new login token if the specified user has access to the specified application; otherwise, null.</returns> public Token CreateToken(string username, byte applicationID) { using (CPSecurityEntities context = new CPSecurityEntities()) { var app = context.SecuritySsoApplications.FirstOrDefault(a => a.ApplicationId == applicationID); if (app != null && HasUserRights(username, (CPUserRights)app.UserRights)) { SecuritySsoToken token = new SecuritySsoToken() { UserName = username, SecuritySsoApplication = app }; try { context.SecuritySsoTokens.AddObject(token); context.SaveChanges(); return(TokenFactory.CreateToken(token)); } catch { } } } return(null); }
/// <summary> /// Deletes a security user profile from the datastore. /// </summary> /// <param name="context">The datastore entity context to use.</param> /// <param name="username">The username of the profile to delete.</param> public static void DeleteSecurityUserProfile(this CPSecurityEntities context, string username) { var match = context.SecurityUserProfiles.FirstOrDefault(p => p.UserName == username); if (match != null) { try { context.DeleteObject(match); context.SaveChanges(); } catch (OptimisticConcurrencyException) { context.Refresh(RefreshMode.ClientWins, match); context.DeleteObject(match); } } }
/// <summary> /// Adds a new security user profile entity instance to the datastore. /// </summary> /// <param name="context">The datastore entity context to use.</param> /// <param name="username">The username for the new profile.</param> /// <param name="candidateID">The candidate ID for the new profile.</param> /// <param name="displayName">The display name for the profile.</param> /// <param name="type">The entity type of the CFB-registered contact used to create the profile.</param> /// <param name="committeeID">If not representing a candidate, the ID of the profile's committee.</param> /// <param name="electionCycle">If representing a treasurer, the election cycle for which the profile's committee is authorized.</param> /// <param name="liaisonID">If representing a liaison, the committee-relative liaison ID of the profile.</param> /// <param name="passwordExpired">Indicates whether or not the password on the newly created profile is to be expired.</param> /// <returns>A <see cref="SecurityUserProfile"/> instance representing the newly created profile that has been added to the datastore.</returns> public static SecurityUserProfile AddToSecurityUserProfiles(this CPSecurityEntities context, string username, string candidateID, string displayName = null, EntityType type = EntityType.Generic, char?committeeID = null, string electionCycle = null, byte?liaisonID = null, bool passwordExpired = true) { if (context == null || string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(candidateID)) { return(null); } SecurityUserProfile profile = SecurityUserProfile.CreateSecurityUserProfile(username, candidateID, passwordExpired, (byte)type); profile.DisplayName = displayName; if (committeeID.HasValue) { profile.CfisCommitteeID = committeeID.Value.ToString(); } profile.CfisCommitteeContactID = liaisonID.HasValue ? liaisonID.Value.ToString() : electionCycle; context.SecurityUserProfiles.AddObject(profile); context.SaveChanges(); return(profile); }
/// <summary> /// Checks whether or not a login token exists and is valid for authentication. /// </summary> /// <param name="tokenID">The unique identifier of the token to validate.</param> /// <returns>The login name of the user attempting to authenticate with the specified token, if valid; otherwise, null.</returns> /// <remarks>The login token is automatically discarded once validated.</remarks> public string ValidateToken(Guid tokenID) { string username = null; if (tokenID != null) { using (CPSecurityEntities context = new CPSecurityEntities()) { var token = context.SecuritySsoTokens.FirstOrDefault(t => t.TokenId == tokenID); if (token != null) { if (DateTime.Now <= token.Created.Add(Properties.Settings.Default.TokenValidationWindow)) { username = token.UserName; } context.DeleteObject(token); context.SaveChanges(); } } } return(username); }
public CPGroup CreateGroup(string groupName) { using (CPSecurityEntities context = new CPSecurityEntities()) { if (!context.SecurityGroups.Any(g => g.GroupName == groupName)) { SecurityGroup group = new SecurityGroup() { GroupName = groupName }; try { context.SecurityGroups.AddObject(group); context.SaveChanges(); return(CPGroupFactory.CreateGroup(group)); } catch (ConstraintException) { } } } return(null); }
public bool DeleteGroup(string groupName) { using (CPSecurityEntities context = new CPSecurityEntities()) { var match = context.SecurityGroups.FirstOrDefault(g => g.GroupName == groupName); if (match == null) { return(true); } context.DeleteObject(match); try { return(context.SaveChanges() > 0); } catch (OptimisticConcurrencyException) { return(false); } catch (ConstraintException) { return(false); } } }
public UpdateResult UpdateUser(CPUser user) { UpdateResultState state = UpdateResultState.Success; // .NET Membership properties MembershipUser muser = user == null ? null : Membership.GetUser(user.UserName); if (muser == null) { state |= UpdateResultState.MembershipUserNotFound; } else { bool dirty = false; if (muser.Email != user.Email) { muser.Email = user.Email; dirty = true; } if (muser.IsApproved != user.Enabled) { muser.IsApproved = user.Enabled; dirty = true; } if (muser.IsLockedOut && !user.LockedOut) { muser.UnlockUser(); dirty = true; } if (dirty) { try { Membership.UpdateUser(muser); } catch { state |= UpdateResultState.AspNetMembershipFailure; } } // C-Access Security using (CPSecurityEntities context = new CPSecurityEntities()) { var match = context.SecurityUserProfiles.FirstOrDefault(u => u.UserName == user.UserName); if (match == null) { state |= UpdateResultState.ProfileNotFound; } else { // basic properties match.CandidateId = user.Cid; match.DisplayName = user.DisplayName; match.CfisType = (byte)user.SourceType; match.CfisCommitteeID = user.SourceCommitteeID.HasValue ? user.SourceCommitteeID.Value.ToString() : null; match.CfisCommitteeContactID = user.SourceLiaisonID.HasValue ? user.SourceLiaisonID.Value.ToString() : user.SourceElectionCycle; // election cycles var currentCycles = context.SecurityUserElectionCycles.Where(c => c.UserName == user.UserName); var updateCycles = user.ElectionCycles; if (user.ImplicitElectionCycles == updateCycles.Any()) // implicit EC access requires both an empty EC collection AND a set flag { state |= UpdateResultState.ElectionCycleNotFound; } else { // delete old cycles foreach (var cycle in currentCycles.Where(c => !updateCycles.Contains(c.ElectionCycle))) { context.SecurityUserElectionCycles.DeleteObject(cycle); } // add new cycles foreach (var cycle in updateCycles.Except(currentCycles.Select(c => c.ElectionCycle))) { context.SecurityUserElectionCycles.AddObject(SecurityUserElectionCycle.CreateSecurityUserElectionCycle(user.UserName, cycle)); } } // save changes try { context.SaveChanges(); } catch (OptimisticConcurrencyException) { context.Refresh(RefreshMode.ClientWins, match); context.SaveChanges(); } catch (ConstraintException) { state |= UpdateResultState.ProfileFailure; } } } } return(new UpdateResult(GetUser(user.UserName), state)); }