public virtual ActionResult ChangePassword(string ID)
{
try
{
// Preset form.
ChangePasswordSubmission changePasswordSubmission = new ChangePasswordSubmission();
changePasswordSubmission.NewPassword = System.Web.Security.Membership.GeneratePassword(16, 2);
changePasswordSubmission.NewPasswordVerify = changePasswordSubmission.NewPassword;
changePasswordSubmission.DoNotSave = false;
// Fetch database info.
DatabaseInfo database = MgmtMdl.GetDatabase(ID);
changePasswordSubmission.Database = database;
// Verify user privileges.
if (database.Owner != User.Identity.GetADUsername())
{
System.Web.HttpContext.Current.Session["StatusMessage"] = "You do not have permisson to access the <strong>" + database.Name + "</strong> database.";
return(RedirectToAction("Index", "View"));
}
return(View("ChangePassword", changePasswordSubmission));
}
catch (Exception e)
{
System.Web.HttpContext.Current.Session["ErrorInfo"] = e.ToString();
return(RedirectToAction("Error", "View"));
}
}
public virtual ActionResult ChangePassword(ChangePasswordSubmission changePasswordSubmission, string ID)
{
try
{
// Reattach database info to submission.
changePasswordSubmission.Database = MgmtMdl.GetDatabase(ID);
// Verify data.
if (!ModelState.IsValid) // Invalid HTML form.
{
return(View(changePasswordSubmission));
}
if (changePasswordSubmission.NewPassword != changePasswordSubmission.NewPasswordVerify) // Passwords don't match.
{
System.Web.HttpContext.Current.Session["StatusMessage"] = "Passwords do not match.";
return(View(changePasswordSubmission));
}
Match PasswordVerification = Regex.Match(changePasswordSubmission.NewPassword, @"(?=^.{8,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*", RegexOptions.ECMAScript);
if (!PasswordVerification.Success) // Password requirements.
{
System.Web.HttpContext.Current.Session["StatusMessage"] = "New password does not meet minimal password requirments.";
return(View(changePasswordSubmission));
}
// Attempt to change the username.
IntfcMdl.ChangePassword(changePasswordSubmission);
if (changePasswordSubmission.DoNotSave == true)
{
MgmtMdl.UpdatePassword(ID, "");
}
else
{
MgmtMdl.UpdatePassword(ID, changePasswordSubmission.NewPassword);
}
// Redirect and display success message.
System.Web.HttpContext.Current.Session["StatusMessage"] = "The password to <strong>" + changePasswordSubmission.Database.Name + "</strong> was changed.";
System.Web.HttpContext.Current.Session["StatusStyle"] = "success";
return(RedirectToAction("Database", "View", new { id = changePasswordSubmission.Database.DatabaseID }));
}
catch (Exception e)
{
System.Web.HttpContext.Current.Session["ErrorInfo"] = e.ToString();
return(RedirectToAction("Error", "View"));
}
}
