public ContentResult UnAssignMemberRoleByID(long MemberID, long[] UnAssignRoles) { Member member = Members.GetBy(MemberID); foreach (long RoleID in UnAssignRoles) { Role role = Roles.GetBy(RoleID); // Ignore admin in admins role if (member.Name.ToLower() == "admin" && role.Name.ToLower() == "admins") { } else { MemberRole memberrole = new MemberRole(); memberrole.MemberID = MemberID; memberrole.RoleID = RoleID; memberrole.Delete(); } } String Json = Roles.JsonCollection(Roles.GetByMember(MemberID)); return(Content(Json, TypeJson)); }
public ContentResult UnAssignMemberRolesByName(string Email, string[] UnAssignRoles) { Member Member = Members.GetByEmail(Email); foreach (string RoleName in UnAssignRoles) { Role Role = Roles.GetBy(RoleName); // Ignore admin in admins role if (Member.Name.ToLower() == "admin" && Role.Name.ToLower() == "admins") { } else { MemberRole memberrole = new MemberRole(); memberrole.MemberID = Member.MemberID; memberrole.RoleID = Role.RoleID; memberrole.Delete(); } } String Json = Roles.JsonCollection(Roles.GetByMember(Member.MemberID)); return(Content(Json, TypeJson)); }
public ActionResult Activate() { if (AppSession.Parameters.RegistrationSelfActivation.Value == "false") { if (AppSession.IsMemberInAdminRole) { } else { string ReturnUrl = AppSession.ReturnUrl; ReturnUrl = (ReturnUrl != null && ReturnUrl.Length > 0) ? ReturnUrl : ((AppSession.Parameters.RulesRedirectAfterLogin.Value != null && AppSession.Parameters.RulesRedirectAfterLogin.Value.Length > 0) ? AppSession.Parameters.RulesRedirectAfterLogin.Value : Url.Content("~/")); AuditEvent.AppEventError(AppSession.Parameters.GeneralAdminEmail.Value, "Somebody tries to activate an account but it was switched off. ", AuditEvent.GetSessionDetails()); return new RedirectResult(ReturnUrl); } } string Token = Request.QueryString["t"]; RequestResultModel model = new RequestResultModel(); model.Title = GetLabel("Account.Controller.Warning"); model.Message = GetLabel("Account.Controller.WrongActiveLink"); model.InfoType = RequestResultInfoType.Information; if (Token != null && Token.Length > 0) { try { // Review activation token ActionToken actionToken = ActionTokens.GetBy(Token, ActionTokenTypes.SelfActivation); if (actionToken.ActionID <= 0) { string ReturnUrl = AppSession.ReturnUrl; ReturnUrl = (ReturnUrl != null && ReturnUrl.Length > 0) ? ReturnUrl : ((AppSession.Parameters.RulesRedirectAfterLogin.Value != null && AppSession.Parameters.RulesRedirectAfterLogin.Value.Length > 0) ? AppSession.Parameters.RulesRedirectAfterLogin.Value : Url.Content("~/")); AuditEvent.AppEventWarning(AppSession.Parameters.GeneralAdminEmail.Value, "Somebody tries to activate an account but token doesn't exist.", AuditEvent.GetSessionDetails()); return new RedirectResult(ReturnUrl); } if (actionToken.ReturnURL != null && actionToken.ReturnURL.Length > 0) AppSession.ReturnUrl = actionToken.ReturnURL; Member Member = Members.GetByEmail(actionToken.Email); if (Member.MemberID > 0) { // Remove registration roles string[] RoleNames = AppParams.RegistrationMemberRegistrationToRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim()); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = Member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Delete(); } } // Add activation roles RoleNames = AppParams.RegistrationMemberActivationToRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim()); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = Member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } string ReturnURL = actionToken.ReturnURL; // AuditEvent.AppEventInfo(Member.Email, "ActionToken.ReturnURL = " + actionToken.ReturnURL + " Session back URL: " + AppSession.ReturnUrl); actionToken.Delete(); try { if (!SendActivationDoneEmail(Member.Name, Member.Email, ReturnURL)) { AuditEvent.AppEventError(Member.Email, "Activation notification e-mail has not been send!", AuditEvent.GetSessionDetails()); } } catch (Exception ex) { AuditEvent.AppEventError(Member.Email, "Activation: Something went wrong with e-mail notification: " + ex.Message, AuditEvent.GetSessionDetails(ex.StackTrace), true); } model.Title = GetLabel("Account.Controller.Congrat"); model.Message = GetLabel("Account.Controller.Activated").Replace("{{name}}", actionToken.Email); model.InfoType = RequestResultInfoType.Success; AuditEvent.AppEventSuccess(Member.Email, String.Format(AuditEvent.AccountActivated, Member.Name, Member.Email)); } } catch (Exception ex) { AuditEvent.AppEventError(AppSession.Parameters.GeneralAdminEmail.Value, "Something wrong with activation: " + ex.Message, AuditEvent.GetSessionDetails(ex.StackTrace),true); } } else { AuditEvent.AppEventWarning(AppSession.Parameters.GeneralAdminEmail.Value, String.Format(AuditEvent.AccountWrongActiveLink, Token)); } return View("ActivateAccount", model); }
public bool Authenticate(ref String Email, String Password) { bool LDAPAuthSuccess = false; bool IsClassicAuth = AppSession.Parameters.LDAPUseOnly.Value == "false"; bool IsLDAPAuth = AppSession.Parameters.LDAPEnabled.Value == "true"; //LDAP Auth if (AppSession.Parameters.LDAPEnabled.Value == "true" && Email.IndexOf("@"+AppSession.Parameters.LDAPDomain.Value) > 0) { LDAPTools ldapTools = new LDAPTools(); ldapTools.UserName = Email; ldapTools.Password = Password; ldapTools.DirectoryPath = AppSession.Parameters.LDAPPath.Value; if (ldapTools.Authenticate()) { LDAPAuthSuccess = true; string memberName = ldapTools.MemberInfo.DisplayName; string memberAllGroups = ldapTools.GetGroups(); /////////////////////////////////////////////////////////////////////////////////////////////////////////// // The member email will be changed because the first part of e-mail can be different with user network id. /////////////////////////////////////////////////////////////////////////////////////////////////////////// Email = ldapTools.MemberInfo.Email; Member memberNew = Members.GetByEmail(Email); if (memberNew.MemberID <= 0) { memberNew.Name = memberName; memberNew.Email = Email; memberNew.Password = StringTool.RandomString(80); memberNew.IsBuiltIn = false; memberNew.Created = DateTime.UtcNow; memberNew.Save(); string Message = String.Format("LDAP member added: {0} {1}", memberName, Email); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message , null, true); // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = memberNew.MemberID; _memberDomain.Save(); } // Create LDAP settings roles if (AppSession.Parameters.LDAPAddToRoles.Value != null && AppSession.Parameters.LDAPAddToRoles.Value.Length > 0) { string[] memberRoles = AppSession.Parameters.LDAPAddToRoles.Value.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberRole in memberRoles) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberRole); if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } } // Create LDAP specific roles if (memberAllGroups != null && memberAllGroups.Length > 0 && AppSession.Parameters.LDAPAddRoleGroup.Value == "true") { string[] memberGroups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberGroup in memberGroups) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberGroup); if (_role.RoleID <= 0) { _role.Name = memberGroup; _role.Settings = "LDAP role reflection. Keep key word: [LDAP-Auto-Role] to be synchronized."; _role.BackColor = "6bbb54"; _role.ForeColor = "ffffff"; _role.Save(); string Message = String.Format("LDAP role added: {0}", _role.Name); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true); }; if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } // Synchronize members roles with LDAP [LDAP-Auto-Role] key words. List<Role> _roles = Web.Admin.Logic.Collections.Roles.GetByMemberKeyWordInDescription(memberNew.MemberID, "[LDAP-Auto-Role]"); string[] _groups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (Web.Admin.Logic.Objects.Role _role in _roles) { if (_groups != null && _groups.Length > 0) { if (_groups.Where(t => t.Trim().ToLower() == _role.Name.Trim().ToLower()).FirstOrDefault() == default(String)) { Web.Admin.Logic.Objects.Role removeRoleFromUser = Web.Admin.Logic.Collections.Roles.GetBy(_role.Name); MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = removeRoleFromUser.RoleID; _memberRole.Delete(); } } else { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Delete(); } } } } //Classic Auth Member member = Members.GetByEmail(Email); if (member.MemberID > 0) { if ( (IsLDAPAuth && LDAPAuthSuccess) || (IsClassicAuth && Member.ComputePasswordHash(Password) == member.Password) ) { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.AttemptID > 0) { Attempt.IsAttemptValid = 0; Attempt.Save(); } // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } member.UpdateLoginTime(); return true; } else { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.MemberID <= 0) { Attempt.MemberID = member.MemberID; Attempt.AttemptType = MemberAttemptTypes.LoginPasswordFailed; Attempt.IsAttemptValid = 1; } if (Attempt.Attempts > 0) Attempt.Attempts++; else Attempt.Attempts = 1; Attempt.Save(); if (AppSession.Parameters.RulesPasswordFailedRoles.Value != null && AppSession.Parameters.RulesPasswordFailedRoles.Value.Length > 0 && !AppSession.IsMemberInAdminRole) { Parameter Param = AppSession.Parameters.RulesPasswordFailedAttempts; long value = -1; bool result = long.TryParse(Param.Value, out value); if (result && value > 0 && Attempt.Attempts >= value) { string[] RoleNames = AppSession.Parameters.RulesPasswordFailedRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } return false; } } else return false; }
public JsonResult AssignRoleMembers(long RoleID, int[] AssignMembers, bool Assign) { MemberListModel _model = new MemberListModel(); foreach (int MemberID in AssignMembers) { Web.Admin.Logic.Objects.Member Member = Web.Admin.Logic.Collections.Members.GetBy(MemberID); Web.Admin.Logic.Objects.Role Role = Web.Admin.Logic.Collections.Roles.GetBy(RoleID); if (RoleID > 0) { if (Member.IsBuiltIn) { if (Member.Name.Trim().ToLower() == "admin" && Role.Name.Trim().ToLower() == "admins") { AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberNoRemovedAdminFromRole, Member.Name, Member.Email, Role.Name)); continue; } } else { MemberRole _roleMember = new MemberRole(); _roleMember.MemberID = MemberID; _roleMember.RoleID = RoleID; if (Role.Name.ToLower() == "blocked") ResetPasswordfailedAttemps(MemberID); if (Assign) { _roleMember.Save(); AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberAssigToRole, Member.Name, Member.Email, Role.Name)); } else { _roleMember.Delete(); AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberRemovedFromRole, Member.Name, Member.Email, Role.Name)); } } } else if (!Assign) { if (Member.IsBuiltIn) { AuditEvent.AppEventWarning(Profile.Member.Email, String.Format(AuditEvent.MemberNoRemovedAdminFromRole, Member.Name, Member.Email, Role.Name)); continue; } else { MemberRole _roleMember = new MemberRole(); _roleMember.MemberID = MemberID; _roleMember.DeleteAll(); ResetPasswordfailedAttemps(MemberID); AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberRemovedFromAllRole, Member.Name, Member.Email)); } } } _model.Role = Roles.GetBy(RoleID); return Json(new { Html = "" }, JsonRequestBehavior.AllowGet); }
public JsonResult RemoveFromRole(long MemberID, long RoleID) { Member member = Web.Admin.Logic.Collections.Members.GetBy(MemberID); Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleID); // Ignore admin in admins role if (member.Name.ToLower() == "admin" && role.Name.ToLower() == "admins") { AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberNoRemovedAdminFromRole, member.Name, member.Email, role.Name)); } else { MemberRole memberrole = new MemberRole(); memberrole.MemberID = MemberID; memberrole.RoleID = RoleID; memberrole.Delete(); AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberRemovedFromRole, member.Name, member.Email, role.Name)); } if (role.Name.ToLower() == "blocked") { MemberAttempt MemberAttempt = MemberAttempts.GetValid(MemberID, DateTime.Now, MemberAttemptTypes.LoginPasswordFailed); if (MemberAttempt.AttemptID > 0) { MemberAttempt.Attempts = 0; MemberAttempt.Save(); } } MemberListModel model = new MemberListModel(); model.Members.Add(member); return Json(new { Html = this.RenderPartialView(@"_MemberRoleList", model), }, JsonRequestBehavior.AllowGet); }
public bool Authenticate(ref String Email, String Password) { bool LDAPAuthSuccess = false; bool IsClassicAuth = AppSession.Parameters.LDAPUseOnly.Value == "false"; bool IsLDAPAuth = AppSession.Parameters.LDAPEnabled.Value == "true"; //LDAP Auth if (AppSession.Parameters.LDAPEnabled.Value == "true" && Email.IndexOf("@" + AppSession.Parameters.LDAPDomain.Value) > 0) { LDAPTools ldapTools = new LDAPTools(); ldapTools.UserName = Email; ldapTools.Password = Password; ldapTools.DirectoryPath = AppSession.Parameters.LDAPPath.Value; if (ldapTools.Authenticate()) { LDAPAuthSuccess = true; string memberName = ldapTools.MemberInfo.DisplayName; string memberAllGroups = ldapTools.GetGroups(); /////////////////////////////////////////////////////////////////////////////////////////////////////////// // The member email will be changed because the first part of e-mail can be different with user network id. /////////////////////////////////////////////////////////////////////////////////////////////////////////// Email = ldapTools.MemberInfo.Email; Member memberNew = Members.GetByEmail(Email); if (memberNew.MemberID <= 0) { memberNew.Name = memberName; memberNew.Email = Email; memberNew.Password = StringTool.RandomString(80); memberNew.IsBuiltIn = false; memberNew.Created = DateTime.UtcNow; memberNew.Save(); string Message = String.Format("LDAP member added: {0} {1}", memberName, Email); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true); // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = memberNew.MemberID; _memberDomain.Save(); } // Create LDAP settings roles if (AppSession.Parameters.LDAPAddToRoles.Value != null && AppSession.Parameters.LDAPAddToRoles.Value.Length > 0) { string[] memberRoles = AppSession.Parameters.LDAPAddToRoles.Value.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberRole in memberRoles) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberRole); if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } } // Create LDAP specific roles if (memberAllGroups != null && memberAllGroups.Length > 0 && AppSession.Parameters.LDAPAddRoleGroup.Value == "true") { string[] memberGroups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberGroup in memberGroups) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberGroup); if (_role.RoleID <= 0) { _role.Name = memberGroup; _role.Settings = "LDAP role reflection. Keep key word: [LDAP-Auto-Role] to be synchronized."; _role.BackColor = "6bbb54"; _role.ForeColor = "ffffff"; _role.Save(); string Message = String.Format("LDAP role added: {0}", _role.Name); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true); } ; if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } // Synchronize members roles with LDAP [LDAP-Auto-Role] key words. List <Role> _roles = Web.Admin.Logic.Collections.Roles.GetByMemberKeyWordInDescription(memberNew.MemberID, "[LDAP-Auto-Role]"); string[] _groups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (Web.Admin.Logic.Objects.Role _role in _roles) { if (_groups != null && _groups.Length > 0) { if (_groups.Where(t => t.Trim().ToLower() == _role.Name.Trim().ToLower()).FirstOrDefault() == default(String)) { Web.Admin.Logic.Objects.Role removeRoleFromUser = Web.Admin.Logic.Collections.Roles.GetBy(_role.Name); MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = removeRoleFromUser.RoleID; _memberRole.Delete(); } } else { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Delete(); } } } } //Classic Auth Member member = Members.GetByEmail(Email); if (member.MemberID > 0) { if ((IsLDAPAuth && LDAPAuthSuccess) || (IsClassicAuth && Member.ComputePasswordHash(Password) == member.Password) ) { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.AttemptID > 0) { Attempt.IsAttemptValid = 0; Attempt.Save(); } // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } member.UpdateLoginTime(); return(true); } else { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.MemberID <= 0) { Attempt.MemberID = member.MemberID; Attempt.AttemptType = MemberAttemptTypes.LoginPasswordFailed; Attempt.IsAttemptValid = 1; } if (Attempt.Attempts > 0) { Attempt.Attempts++; } else { Attempt.Attempts = 1; } Attempt.Save(); if (AppSession.Parameters.RulesPasswordFailedRoles.Value != null && AppSession.Parameters.RulesPasswordFailedRoles.Value.Length > 0 && !AppSession.IsMemberInAdminRole) { Parameter Param = AppSession.Parameters.RulesPasswordFailedAttempts; long value = -1; bool result = long.TryParse(Param.Value, out value); if (result && value > 0 && Attempt.Attempts >= value) { string[] RoleNames = AppSession.Parameters.RulesPasswordFailedRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } return(false); } } else { return(false); } }