public ActionResult Auth(AccountInfo m)
{
var userId = Session[MFAUserId] as int?;
var user = CurrentDatabase.CurrentUser ?? CurrentDatabase.Users
.Where(u => u.Username == m.UsernameOrEmail || u.EmailAddress == m.UsernameOrEmail || u.Person.EmailAddress2 == m.UsernameOrEmail)
.Where(u => u.UserId == userId).SingleOrDefault();
if (user == null)
{
return(RedirectTo("/"));
}
if (user.MFAEnabled && !User.Identity.IsAuthenticated)
{
var passcode = Request["passcode"]?.Replace(",", "");
if (MembershipService.ValidateTwoFactorPasscode(user, CurrentDatabase, passcode))
{
AccountModel.FinishLogin(user.Username, Session, CurrentDatabase, CurrentImageDatabase);
if (user.UserId.Equals(Session[MFAUserId]))
{
MembershipService.SaveTwoFactorAuthenticationToken(CurrentDatabase, Response);
Session.Remove(MFAUserId);
}
}
else
{
ViewBag.Message = "Invalid passcode";
TryLoadAlternateShell();
return(View(m));
}
}
var newleadertag = CurrentDatabase.FetchTag("NewOrgLeadersOnly", user.PeopleId, DbUtil.TagTypeId_System);
if (newleadertag != null)
{
if (!user.InRole("Access")) // if they already have Access role, then don't limit them with OrgLeadersOnly
{
user.AddRoles(CurrentDatabase, "Access,OrgLeadersOnly".Split(','));
}
CurrentDatabase.Tags.DeleteOnSubmit(newleadertag);
CurrentDatabase.SubmitChanges();
}
if (!m.ReturnUrl.HasValue())
{
if (!CMSRoleProvider.provider.IsUserInRole(user.Username, "Access"))
{
return(RedirectTo("/Person2/" + Util.UserPeopleId));
}
}
if (m.ReturnUrl.HasValue() && Url.IsLocalUrl(m.ReturnUrl))
{
return(RedirectTo(m.ReturnUrl));
}
return(RedirectTo("/"));
}
public ActionResult CreateAccount(string id)
{
TryLoadAlternateShell();
if (!id.HasValue())
{
return(Content("invalid URL"));
}
var pid = AccountModel.GetValidToken(CurrentDatabase, id).ToInt();
var p = CurrentDatabase.LoadPersonById(pid);
if (p == null)
{
return(View("LinkUsed"));
}
var minage = CurrentDatabase.Setting("MinimumUserAge", "16").ToInt();
if ((p.Age ?? 16) < minage)
{
return(Content($"must be Adult ({minage} or older)"));
}
var user = MembershipService.CreateUser(CurrentDatabase, pid);
var newleadertag = CurrentDatabase.FetchTag("NewOrgLeadersOnly", p.PeopleId, CmsData.DbUtil.TagTypeId_System);
if (newleadertag != null)
{
if (!user.InRole("Access")) // if they already have Access role, then don't limit them with OrgLeadersOnly
{
user.AddRoles(CurrentDatabase, "Access,OrgLeadersOnly".Split(','));
}
CurrentDatabase.Tags.DeleteOnSubmit(newleadertag);
CurrentDatabase.SubmitChanges();
}
else // todo: remove this when things have settled
{
var roles = p.GetExtra("Roles");
if (roles.HasValue())
{
user.AddRoles(CurrentDatabase, roles.Split(','));
p.RemoveExtraValue(CurrentDatabase, "Roles");
CurrentDatabase.SubmitChanges();
}
}
FormsAuthentication.SetAuthCookie(user.Username, false);
AccountModel.SetUserInfo(CurrentDatabase, CurrentImageDatabase, user.Username);
ViewBag.user = user.Username;
ViewBag.MinPasswordLength = MembershipService.MinPasswordLength(CurrentDatabase);
ViewBag.RequireSpecialCharacter = MembershipService.RequireSpecialCharacter(CurrentDatabase);
ViewBag.RequireOneNumber = MembershipService.RequireOneNumber(CurrentDatabase);
ViewBag.RequireOneUpper = MembershipService.RequireOneUpper(CurrentDatabase);
return(View("SetPassword"));
}
public ActionResult TagUploadPeopleIds(string name, string text, bool newtag)
{
var q = from line in text.Split('\n')
select line.GetCsvToken(1, sep : "\t").ToInt();
if (newtag)
{
var tag = CurrentDatabase.FetchTag(name, Util.UserPeopleId, DbUtil.TagTypeId_Personal);
if (tag != null)
{
CurrentDatabase.ExecuteCommand("delete TagPerson where Id = {0}", tag.Id);
}
}
foreach (var pid in q)
{
Person.Tag(CurrentDatabase, pid, name, CurrentDatabase.CurrentUser.PeopleId, DbUtil.TagTypeId_Personal);
CurrentDatabase.SubmitChanges();
}
return(Redirect("/Tags?tag=" + name));
}
public ActionResult LogOn(AccountInfo m)
{
Session.Remove("IsNonFinanceImpersonator");
TryLoadAlternateShell();
if (m.ReturnUrl.HasValue())
{
var lc = m.ReturnUrl.ToLower();
if (lc.StartsWith("/default.aspx") || lc.StartsWith("/login.aspx"))
{
m.ReturnUrl = "/";
}
}
if (!m.UsernameOrEmail.HasValue())
{
return(View(m));
}
var ret = AccountModel.AuthenticateLogon(m.UsernameOrEmail, m.Password, Session, Request, CurrentDatabase, CurrentImageDatabase);
if (ret is string)
{
ViewBag.error = ret.ToString();
return(View(m));
}
var user = ret as User;
if (user.MustChangePassword)
{
return(Redirect("/Account/ChangePassword"));
}
var access = CurrentDatabase.Setting("LimitAccess", "");
if (access.HasValue())
{
if (!user.InRole("Developer"))
{
return(Message(access));
}
}
var newleadertag = CurrentDatabase.FetchTag("NewOrgLeadersOnly", user.PeopleId, CmsData.DbUtil.TagTypeId_System);
if (newleadertag != null)
{
if (!user.InRole("Access")) // if they already have Access role, then don't limit them with OrgLeadersOnly
{
user.AddRoles(CurrentDatabase, "Access,OrgLeadersOnly".Split(','));
}
CurrentDatabase.Tags.DeleteOnSubmit(newleadertag);
CurrentDatabase.SubmitChanges();
}
if (!m.ReturnUrl.HasValue())
{
if (!CMSRoleProvider.provider.IsUserInRole(user.Username, "Access"))
{
return(Redirect("/Person2/" + Util.UserPeopleId));
}
}
if (m.ReturnUrl.HasValue() && Url.IsLocalUrl(m.ReturnUrl))
{
return(Redirect(m.ReturnUrl));
}
return(Redirect("/"));
}