/// <summary>
 /// Called to write save audit log entries.
 /// </summary>
 /// <param name="success">if set to <c>true</c> [success].</param>
 /// <param name="accessRuleDetails">The password policy details.</param>
 protected override void OnWriteSaveAuditLogEntries(bool success, AuditLogPasswordPolicyDetails accessRuleDetails)
 {
     if (accessRuleDetails.OldMinimumPasswordLength != accessRuleDetails.NewMinimumPasswordLength ||
         accessRuleDetails.OldMaximumPasswordAge != accessRuleDetails.NewMaximumPasswordAge ||
         accessRuleDetails.OldMustContainUpperCaseCharacters != accessRuleDetails.NewMustContainUpperCaseCharacters ||
         accessRuleDetails.OldMustContainLowerCaseCharacters != accessRuleDetails.NewMustContainLowerCaseCharacters ||
         accessRuleDetails.OldMustContainDigits != accessRuleDetails.NewMustContainDigits ||
         accessRuleDetails.OldMustContainSpecialCharacters != accessRuleDetails.NewMustContainSpecialCharacters ||
         accessRuleDetails.OldAccountLockoutDuration != accessRuleDetails.NewAccountLockoutDuration ||
         accessRuleDetails.OldAccountLockoutThreshold != accessRuleDetails.NewAccountLockoutThreshold)
     {
         // Password policy was changed
         AuditLog.OnChangePasswordPolicy(success,
                                         accessRuleDetails.OldMinimumPasswordLength, accessRuleDetails.NewMinimumPasswordLength,
                                         accessRuleDetails.OldMaximumPasswordAge, accessRuleDetails.NewMaximumPasswordAge,
                                         accessRuleDetails.OldMustContainUpperCaseCharacters, accessRuleDetails.NewMustContainUpperCaseCharacters,
                                         accessRuleDetails.OldMustContainLowerCaseCharacters, accessRuleDetails.NewMustContainLowerCaseCharacters,
                                         accessRuleDetails.OldMustContainDigits, accessRuleDetails.NewMustContainDigits,
                                         accessRuleDetails.OldMustContainSpecialCharacters, accessRuleDetails.NewMustContainSpecialCharacters,
                                         accessRuleDetails.OldAccountLockoutDuration, accessRuleDetails.NewAccountLockoutDuration,
                                         accessRuleDetails.OldAccountLockoutThreshold, accessRuleDetails.NewAccountLockoutThreshold);
     }
 }
        /// <summary>
        ///     Called to gather audit log entity details for save.
        /// </summary>
        /// <param name="passwordPolicy">The password policy.</param>
        /// <returns></returns>
        protected override AuditLogPasswordPolicyDetails OnGatherAuditLogEntityDetailsForSave(PasswordPolicy passwordPolicy)
        {
            IEntityFieldValues fields;
            IDictionary <long, IChangeTracker <IMutableIdKey> > forwardRelationships;
            IDictionary <long, IChangeTracker <IMutableIdKey> > reverseRelationships;

            passwordPolicy.GetChanges(out fields, out forwardRelationships, out reverseRelationships, true, false, false);

            var oldPaswordPolicy = new Lazy <PasswordPolicy>(() => Entity.Get <PasswordPolicy>(passwordPolicy.Id));

            var passwordPolicyDetails = new AuditLogPasswordPolicyDetails();

            if (fields != null && fields.Any())
            {
                IEnumerable <EntityRef> idsToLoad = new List <EntityRef>
                {
                    "core:minimumPasswordLength", "core:maximumPasswordAge", "core:mustContainUpperCaseCharacters", "core:mustContainLowerCaseCharacters",
                    "core:mustContainDigits", "core:mustContainSpecialCharacters", "core:accountLockoutDuration", "core:accountLockoutThreshold"
                };

                Dictionary <string, IEntity> fieldEntities = Entity.Get(idsToLoad).ToDictionary(e => e.Alias);

                object fieldObj;

                if (fields.TryGetValue(fieldEntities["minimumPasswordLength"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewMinimumPasswordLength = fieldObj as int?;
                    passwordPolicyDetails.OldMinimumPasswordLength = oldPaswordPolicy.Value.MinimumPasswordLength;
                }

                if (fields.TryGetValue(fieldEntities["maximumPasswordAge"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewMaximumPasswordAge = fieldObj as int?;
                    passwordPolicyDetails.OldMaximumPasswordAge = oldPaswordPolicy.Value.MaximumPasswordAge;
                }

                if (fields.TryGetValue(fieldEntities["mustContainUpperCaseCharacters"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewMustContainUpperCaseCharacters = fieldObj as bool?;
                    passwordPolicyDetails.OldMustContainUpperCaseCharacters = oldPaswordPolicy.Value.MustContainUpperCaseCharacters;
                }

                if (fields.TryGetValue(fieldEntities["mustContainLowerCaseCharacters"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewMustContainLowerCaseCharacters = fieldObj as bool?;
                    passwordPolicyDetails.OldMustContainLowerCaseCharacters = oldPaswordPolicy.Value.MustContainLowerCaseCharacters;
                }

                if (fields.TryGetValue(fieldEntities["mustContainDigits"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewMustContainDigits = fieldObj as bool?;
                    passwordPolicyDetails.OldMustContainDigits = oldPaswordPolicy.Value.MustContainDigits;
                }

                if (fields.TryGetValue(fieldEntities["mustContainSpecialCharacters"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewMustContainSpecialCharacters = fieldObj as bool?;
                    passwordPolicyDetails.OldMustContainSpecialCharacters = oldPaswordPolicy.Value.MustContainSpecialCharacters;
                }

                if (fields.TryGetValue(fieldEntities["accountLockoutDuration"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewAccountLockoutDuration = fieldObj as int?;
                    passwordPolicyDetails.OldAccountLockoutDuration = oldPaswordPolicy.Value.AccountLockoutDuration;
                }

                if (fields.TryGetValue(fieldEntities["accountLockoutThreshold"].Id, out fieldObj))
                {
                    passwordPolicyDetails.NewAccountLockoutThreshold = fieldObj as int?;
                    passwordPolicyDetails.OldAccountLockoutThreshold = oldPaswordPolicy.Value.AccountLockoutThreshold;
                }
            }

            return(passwordPolicyDetails);
        }