/// <summary>
/// Processes a request to update the password for a membership user.
/// </summary>
/// <param name="username">The user to update the password for. </param>
/// <param name="oldPassword">The current password for the specified user.</param>
/// <param name="newPassword">The new password for the specified user. </param>
/// <returns>true if the password was updated successfully; otherwise, false.</returns>
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
User user = UserDataSource.LoadForUserName(username);
if ((user != null) && user.CheckPassword(oldPassword))
{
return(user.SetPassword(newPassword));
}
return(false);
}
/// <summary>
/// Removes a user from the membership data source.
/// </summary>
/// <param name="username">The name of the user to delete.</param>
/// <param name="deleteAllRelatedData">This parameter is ignored by the provider. Related user data is always deleted.</param>
/// <returns>true if the user was successfully deleted; otherwise, false.</returns>
public override bool DeleteUser(string username, bool deleteAllRelatedData)
{
User user = UserDataSource.LoadForUserName(username);
if (user != null)
{
return(user.Delete());
}
return(false);
}
/// <summary>
/// Gets the user name associated with the specified e-mail address.
/// </summary>
/// <param name="email">The e-mail address to search for.</param>
/// <returns>The user name associated with the specified e-mail address. If no match is found, return a null reference (Nothing in Visual Basic)</returns>
public override string GetUserNameByEmail(string email)
{
UserCollection users = UserDataSource.LoadForEmail(email);
if (users.Count == 0)
{
return(null);
}
return(users[0].UserName);
}
/// <summary>
/// Gets a value indicating whether the specified user is in the specified role for the configured applicationName.
/// </summary>
/// <param name="username">The name of the user to check for</param>
/// <param name="roleName">The role to check for</param>
/// <returns><b>true</b> if user is in role, <b>false</b> otherwise</returns>
public override bool IsUserInRole(string username, string roleName)
{
User user = UserDataSource.LoadForUserName(username);
if (user == null)
{
return(false);
}
return(RoleDataSource.IsUserInRole(user.UserId, roleName));
}
/// <summary>
/// Clears a lock so that the membership user can be validated.
/// </summary>
/// <param name="username">The membership user whose lock status you want to clear.</param>
/// <returns>true if the membership user was successfully unlocked; otherwise, false.</returns>
public override bool UnlockUser(string username)
{
User user = UserDataSource.LoadForUserName(username);
if (user != null)
{
user.IsLockedOut = false;
return(user.Save() != SaveResult.Failed);
}
return(false);
}
/// <summary>
/// Gets a collection of all the users in the data source in pages of data.
/// </summary>
/// <param name="pageIndex">The index of the page of results to return. pageIndex is zero-based.</param>
/// <param name="pageSize">The size of the page of results to return.</param>
/// <param name="totalRecords">The total number of matched users.</param>
/// <returns>A MembershipUserCollection collection that contains a page of pageSizeMembershipUser objects beginning at the page specified by pageIndex.</returns>
public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)
{
MembershipUserCollection allUsers = new MembershipUserCollection();
PersistentCollection <User> users = UserDataSource.LoadForStore(pageSize, (pageSize * (pageIndex - 1)), string.Empty);
foreach (User user in users)
{
allUsers.Add(new MembershipUser(this.Name, user.UserName, user.UserId, user.Email, user.PasswordQuestion, user.Comment, user.IsApproved, user.IsLockedOut, user.CreateDate, user.LastLoginDate, user.LastActivityDate, user.LastPasswordChangedDate, user.LastLockoutDate));
}
totalRecords = UserDataSource.CountForStore();
return(allUsers);
}
/// <summary>
/// Gets a collection of membership users where the user name contains the specified user name to match.
/// </summary>
/// <param name="usernameToMatch">The user name to search for.</param>
/// <param name="pageIndex">The index of the page of results to return. pageIndex is zero-based.</param>
/// <param name="pageSize">The size of the page of results to return.</param>
/// <param name="totalRecords">The total number of matched users.</param>
/// <returns>A MembershipUserCollection collection that contains a page of pageSizeMembershipUser objects beginning at the page specified by pageIndex.</returns>
public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)
{
totalRecords = UserDataSource.FindUsersByNameCount(usernameToMatch, UserDataSource.NameSearchField.UserName);
UserCollection users = UserDataSource.FindUsersByName(usernameToMatch, UserDataSource.NameSearchField.UserName, pageSize, (pageSize * (pageIndex - 1)), "UserName");
MembershipUserCollection matchingUsers = new MembershipUserCollection();
foreach (User user in users)
{
matchingUsers.Add(new MembershipUser(this.Name, user.UserName, user.UserId, user.Email, user.PasswordQuestion, user.Comment, user.IsApproved, user.IsLockedOut, user.CreateDate, user.LastLoginDate, user.LastActivityDate, user.LastPasswordChangedDate, user.LastLockoutDate));
}
return(matchingUsers);
}
/// <summary>
/// Processes a request to update the password question and answer for a membership user.
/// </summary>
/// <param name="username">The user to change the password question and answer for. </param>
/// <param name="password">The password for the specified user.</param>
/// <param name="newPasswordQuestion">The new password question for the specified user</param>
/// <param name="newPasswordAnswer">The new password answer for the specified user. </param>
/// <returns>true if the password question and answer are updated successfully; otherwise, false.</returns>
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
User user = UserDataSource.LoadForUserName(username);
if ((user != null) && user.CheckPassword(password))
{
user.PasswordQuestion = newPasswordQuestion;
//password answer is always encoded in SHA1
user.PasswordAnswer = UserPasswordHelper.EncodePassword(newPasswordAnswer, "SHA1");
return(user.Save() != SaveResult.Failed);
}
return(false);
}
/// <summary>
/// Converts the existing user record from an anonymous user to a registered user.
/// </summary>
/// <param name="username">The username to associate with the user account.</param>
/// <param name="email">The email address for the user.</param>
/// <param name="password">The password for the user.</param>
/// <param name="securityQuestion">Question for use in password recovery.</param>
/// <param name="securityAnswer">Answer to the security question.</param>
/// <param name="isApproved">Flag indicating whether the user is approved.</param>
/// <returns>The result of the registration.</returns>
public MembershipCreateStatus Register(string username, string email, string password, string securityQuestion, string securityAnswer, bool isApproved)
{
//get database reference
Database database = Token.Instance.Database;
//validate email
if (!ValidationHelper.IsValidEmail(email))
{
//email address not valid
return(MembershipCreateStatus.InvalidEmail);
}
//check for dupliate email
//we won't prevent duplicate emails anymore bug 7567
/*
* int userId = UserDataSource.GetUserIdByEmail(email);
* if (userId != 0) return MembershipCreateStatus.DuplicateEmail;
*/
//validate user name
if (string.IsNullOrEmpty(username))
{
return(MembershipCreateStatus.InvalidUserName);
}
else
{
//CHECK FOR DUPLICATE USER NAME
int userId = UserDataSource.GetUserIdByUserName(username);
if (userId != 0)
{
return(MembershipCreateStatus.DuplicateUserName);
}
}
//PASSED CHECKS, UPDATE USER RECORD
this.UserName = username;
this.Email = email;
this.IsApproved = isApproved;
this.CreateDate = LocaleHelper.LocalNow;
this.SetPasswordQuestion(securityQuestion, securityAnswer);
if (this.Save() == SaveResult.Failed)
{
return(MembershipCreateStatus.ProviderError);
}
this.SetPassword(password);
//USER CREATED SUCCESSFULLY
return(MembershipCreateStatus.Success);
}
/// <summary>
/// Save this User object to database
/// </summary>
/// <returns><b>SaveResult</b> enumeration that represents the result of the save operation.</returns>
public virtual SaveResult Save()
{
//IF USERNAME IS GUID, THIS IS AN ANONYMOUS USER
this.IsAnonymous = (CommerceBuilder.Utility.AlwaysConvert.ToGuid(this.UserName) != Guid.Empty);
//CHECK WHETHER WE ARE SAVING AN EXISTING USER
if (this.UserId > 0)
{
//GET THE EMAIL VALUE STORED IN DATABASE
string existingEmail = UserDataSource.GetEmail(this.UserId).ToLowerInvariant();
string newEmail = this.Email.ToLowerInvariant();
//SEE WHETHER THE NEW AND EXISTING EMAILS MATCH
if (newEmail != existingEmail)
{
//EMAILS ARE DIFFERENT, IS THE NEW EMAIL VALID?
bool newAddressValid = ValidationHelper.IsValidEmail(newEmail);
//GET ALL EMAIL LISTS ASSOCIATED WITH EXISTING ADDRESS
EmailListCollection emailLists = EmailListDataSource.LoadForEmail(existingEmail);
//LOOP THE LISTS
foreach (EmailList list in emailLists)
{
//REMOVE EXISTING ADDRESS FROM LISTS
EmailListUser elu = list.RemoveMember(existingEmail);
//IF NEW ADDRESS WAS VALID RE-ADD TO SAME LIST
if (newAddressValid && (elu != null))
{
list.AddMember(newEmail, elu.SignupDate, elu.SignupIP);
}
}
//if the user is registered and the new email address is also valid
if (newAddressValid && !this.IsAnonymous)
{
OrderCollection orders = OrderDataSource.LoadForUser(this.UserId);
foreach (Order order in orders)
{
if (order.BillToEmail.ToLowerInvariant() == existingEmail)
{
order.BillToEmail = newEmail;
order.Save();
}
}
}
}
// ENSURE THE AFFILIATE ASSOCIATION IS VALID
this.ValidateAffiliate();
}
return(this.BaseSave());;
}
/// <summary>
/// Gets user information from the data source based on the unique identifier for the membership user. Provides an option to update the last-activity date/time stamp for the user.
/// </summary>
/// <param name="providerUserKey">The unique identifier for the membership user to get information for.</param>
/// <param name="userIsOnline">true to update the last-activity date/time stamp for the user; false to return user information without updating the last-activity date/time stamp for the user.</param>
/// <returns>A MembershipUser object populated with the specified user's information from the data source.</returns>
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
//validate the provider user key
if ((providerUserKey == null) || (!(providerUserKey is int)))
{
return(null);
}
User user = UserDataSource.Load((int)providerUserKey);
if (user == null)
{
return(null);
}
return(new MembershipUser(this.Name, user.UserName, user.UserId, user.Email, user.PasswordQuestion, user.Comment, user.IsApproved, user.IsLockedOut, user.CreateDate, user.LastLoginDate, user.LastActivityDate, user.Passwords[0].CreateDate, user.LastLockoutDate));
}
/// <summary>
/// Gets information from the data source for a user. Provides an option to update the last-activity date/time stamp for the user.
/// </summary>
/// <param name="username">The name of the user to get information for. </param>
/// <param name="userIsOnline">true to update the last-activity date/time stamp for the user; false to return user information without updating the last-activity date/time stamp for the user.</param>
/// <returns>A MembershipUser object populated with the specified user's information from the data source.</returns>
public override MembershipUser GetUser(string username, bool userIsOnline)
{
//validate the provider user key
User user = UserDataSource.LoadForUserName(username);
if (user == null)
{
return(null);
}
if (userIsOnline)
{
user.LastActivityDate = LocaleHelper.LocalNow;
user.Save();
}
return(new MembershipUser(this.Name, user.UserName, user.UserId, user.Email, user.PasswordQuestion, user.Comment, user.IsApproved, user.IsLockedOut, user.CreateDate, user.LastLoginDate, user.LastActivityDate, user.Passwords[0].CreateDate, user.LastLockoutDate));
}
/// <summary>
/// Save this wishlist for the given user
/// </summary>
/// <param name="userID">Id of the user for which to save this wishlist</param>
/// <returns><b>SaveResult</b> enumeration that represents the result of save operation</returns>
public SaveResult SaveForUser(int userID)
{
User user = UserDataSource.Load(userID);
//MAKE SURE A USER ACCOUNT EXISTS
if (user != null)
{
this.UserId = user.UserId;
return(this.BaseSave());
}
else
{
//associate with an anonymous user
return(this.Save());
}
}
/// <summary>
/// Gets a list of the roles that a specified user is in for the configured applicationName.
/// </summary>
/// <param name="username">The user to return a list of roles for.</param>
/// <returns>A string array containing the names of all the roles that the specified user is in for the configured applicationName.</returns>
public override string[] GetRolesForUser(string username)
{
string[] userRoles = new string[0];
User user = UserDataSource.LoadForUserName(username);
if (user != null)
{
RoleCollection roles = RoleDataSource.LoadForUser(user.UserId);
if (roles.Count > 0)
{
userRoles = new string[roles.Count];
for (int i = 0; i < roles.Count; i++)
{
userRoles[i] = roles[i].Name;
}
}
}
return(userRoles);
}
/// <summary>
/// Adds a new membership user to the data source.
/// </summary>
/// <param name="username">The user name for the new user. </param>
/// <param name="password">The password for the new user. </param>
/// <param name="email">The e-mail address for the new user.</param>
/// <param name="passwordQuestion">The password question for the new user.</param>
/// <param name="passwordAnswer">The password answer for the new user.</param>
/// <param name="isApproved">Whether or not the new user is approved to be validated.</param>
/// <param name="providerUserKey">The unique identifier from the membership data source for the user.</param>
/// <param name="status">A MembershipCreateStatus enumeration value indicating whether the user was created successfully.</param>
/// <returns>A MembershipUser object populated with the information for the newly created user.</returns>
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
//validate the provider user key
if (!(providerUserKey is int))
{
status = MembershipCreateStatus.InvalidProviderUserKey;
return(null);
}
//validation is done in UserDataSource.CreateUser
User user = UserDataSource.CreateUser(username, email, password, passwordQuestion, passwordAnswer, isApproved, 0, out status);
if (status == MembershipCreateStatus.Success)
{
return(new MembershipUser(this.Name, username, user.UserId, email, passwordQuestion, null, isApproved, false, user.CreateDate, user.CreateDate, user.CreateDate, user.CreateDate, DateTime.MinValue));
}
//something went wrong.
return(null);
}
/// <summary>
/// Updates information about a user in the data source.
/// </summary>
/// <param name="user">A MembershipUser object that represents the user to update and the updated information for the user.</param>
public override void UpdateUser(MembershipUser user)
{
User acUser = UserDataSource.Load((int)user.ProviderUserKey);
if (acUser != null)
{
acUser.Comment = user.Comment;
acUser.CreateDate = user.CreationDate;
acUser.UserName = user.UserName;
acUser.Email = user.Email;
acUser.IsApproved = user.IsApproved;
acUser.IsLockedOut = user.IsLockedOut;
//TODO: ISONLINE?
acUser.LastActivityDate = user.LastActivityDate;
acUser.LastLockoutDate = user.LastLockoutDate;
acUser.LastLoginDate = user.LastLoginDate;
acUser.LastPasswordChangedDate = user.LastPasswordChangedDate;
acUser.PasswordQuestion = user.PasswordQuestion;
acUser.Save();
}
}
/// <summary>
/// Validates the given username and password
/// </summary>
/// <param name="username">Name of user attempting login</param>
/// <param name="password">Password provided by user</param>
/// <returns>True if the login succeeds; false otherwise.</returns>
public static bool Login(string username, string password)
{
User user = UserDataSource.LoadForUserName(username);
if (user == null)
{
return(AuditLogin_InvalidUsername(username));
}
if (!user.IsApproved)
{
return(AuditLogin_Unapproved(user));
}
UserPasswordCollection passwordCollection = user.Passwords;
if (passwordCollection.Count == 0)
{
return(AuditLogin_NoPassword(user));
}
UserPassword storedPassword = passwordCollection[0];
bool isPasswordValid = storedPassword.VerifyPassword(password);
PasswordPolicy policy;
if (user.IsAdmin)
{
policy = new MerchantPasswordPolicy();
}
else
{
policy = new CustomerPasswordPolicy();
}
if (user.IsLockedOut)
{
if (user.LastLockoutDate >= LocaleHelper.LocalNow.AddMinutes(-1 * policy.LockoutPeriod))
{
//STILL LOCKED OUT
// BUG # 6688 (DONT RESET THE LOCKOUT TIME IF ACCOUNT ALREADY LOCKED)
// ALSO IGNORE THE LOGIN ATTEMPTS
//if (!isPasswordValid)
//{
// user.LastLockoutDate = LocaleHelper.LocalNow;
// user.FailedPasswordAttemptCount += 1;
// user.Save();
//}
return(AuditLogin_AccountLocked(user));
}
user.IsLockedOut = false;
}
if (isPasswordValid)
{
user.FailedPasswordAttemptCount = 0;
user.LastLoginDate = LocaleHelper.LocalNow;
user.Save();
return(AuditLogin_Success(user));
}
else
{
user.FailedPasswordAttemptCount += 1;
if (user.FailedPasswordAttemptCount >= policy.MaxAttempts)
{
user.IsLockedOut = true;
// RESET THE FAILED ATTEMPTS COUNT
user.FailedPasswordAttemptCount = 0;
user.LastLockoutDate = LocaleHelper.LocalNow;
}
user.Save();
return(AuditLogin_InvalidPassword(user));
}
}
public static User Load(Int32 userId)
{
return(UserDataSource.Load(userId, true));
}
public static UserCollection LoadForPersonalizationPath(Int32 personalizationPathId, int maximumRows, int startRowIndex)
{
return(UserDataSource.LoadForPersonalizationPath(personalizationPathId, maximumRows, startRowIndex, string.Empty));
}
public static UserCollection LoadForPersonalizationPath(Int32 personalizationPathId, string sortExpression)
{
return(UserDataSource.LoadForPersonalizationPath(personalizationPathId, 0, 0, sortExpression));
}
public static UserCollection LoadForPersonalizationPath(Int32 personalizationPathId)
{
return(UserDataSource.LoadForPersonalizationPath(personalizationPathId, 0, 0, string.Empty));
}
public static UserCollection LoadForGroup(Int32 groupId, int maximumRows, int startRowIndex)
{
return(UserDataSource.LoadForGroup(groupId, maximumRows, startRowIndex, string.Empty));
}
public static UserCollection LoadForGroup(Int32 groupId, string sortExpression)
{
return(UserDataSource.LoadForGroup(groupId, 0, 0, sortExpression));
}
public static UserCollection LoadForGroup(Int32 groupId)
{
return(UserDataSource.LoadForGroup(groupId, 0, 0, string.Empty));
}
){kind=link}
){kind=link}
){kind=link}
){kind=link}