internal static void login(
long idUser_in,
Guid sessionGuid_in,
string login_forLogPurposes_in,
string ip_forLogPurposes_in,
bool andCheckPassword_in,
string password_in,
out long idUser_out,
out string login_out,
out long[] idPermissions_out,
ref List <int> errorlist_ref
)
{
login(
DO_CRD_User.getObject(
idUser_in
),
sessionGuid_in,
login_forLogPurposes_in,
ip_forLogPurposes_in,
andCheckPassword_in,
password_in,
out idUser_out,
out login_out,
out idPermissions_out,
ref errorlist_ref
);
}
internal static long insObject_Registration(
string login_in,
string password_in,
int idApplication_in,
bool selectIdentity_in,
ref List <int> errorlist_in,
DBConnection con_in
)
{
long _output = -1L;
// user registering
//
if (!Sessionuser.checkLogin(login_in, ref errorlist_in))
{
return(_output);
}
bool _constraint;
_output = DO_CRD_User.insObject(
new SO_CRD_User(
-1L,
login_in,
// ToDos: here! encrypt before sending...
password_in,
idApplication_in
),
selectIdentity_in,
out _constraint,
con_in
);
if (_constraint)
{
errorlist_in.Add(ErrorType.data__constraint_violation);
}
else
{
if (con_in == null)
{
// assuming NO other (internal) operations are going on
errorlist_in.Add(ErrorType.user__successfully_created__WARNING);
}
}
return(_output);
}
internal static long insObject_CreateUser(
Sessionuser sessionUser_in,
string login_in,
bool selectIdentity_in,
ref List <int> errorlist_in,
DBConnection con_in
)
{
long _output = -1L;
// ToDos: here! must have permission to create user
if (!sessionUser_in.hasPermission(
PermissionType.User__insert
))
{
errorlist_in.Add(ErrorType.user__lack_of_permissions_to_write);
return(_output);
}
if (!Sessionuser.checkLogin(login_in, ref errorlist_in))
{
return(_output);
}
bool _constraint;
_output = DO_CRD_User.insObject(
new SO_CRD_User(
-1L,
login_in,
// ToDos: here! encrypt before sending...
login_in, // default: password = login
sessionUser_in.IDApplication
),
selectIdentity_in,
out _constraint,
con_in
);
if (_constraint)
{
errorlist_in.Add(ErrorType.data__constraint_violation);
}
else
{
if (con_in == null)
{
// assuming NO other (internal) operations are going on
errorlist_in.Add(ErrorType.user__successfully_created__WARNING);
}
}
return(_output);
}
public static void ChangePassword(
string sessionGuid_in,
string ip_forLogPurposes_in,
string password_old_in,
string password_new_in,
out int[] errors_out
)
{
List <int> _errorlist;
Guid _sessionguid;
Sessionuser _sessionuser;
#region check...
if (!SBO_CRD_Authentication.isSessionGuid_valid(
sessionGuid_in,
ip_forLogPurposes_in,
out _sessionguid,
out _sessionuser,
out _errorlist,
out errors_out
))
{
//// no need!
//errors_out = _errors.ToArray();
return;
}
SO_CRD_User _user = DO_CRD_User.getObject(_sessionuser.IDUser);
if (_user == null)
{
_errorlist.Add(ErrorType.authentication__no_such_user);
UserSession.Remove(_sessionguid);
errors_out = _errorlist.ToArray();
return;
}
#endregion
bool _constraint;
if (
!SimpleHash.VerifyHash(
password_old_in,
SimpleHash.HashAlgotithm.SHA256,
_user.Password
)
)
{
_errorlist.Add(ErrorType.authentication__change_password__wrong_password);
}
else if (string.IsNullOrEmpty(password_new_in))
{
_errorlist.Add(ErrorType.authentication__change_password__invalid_password);
}
else
{
_user.Password
= SimpleHash.ComputeHash(
password_new_in,
SimpleHash.HashAlgotithm.SHA256,
null
);
DO_CRD_User.updObject(
_user,
true,
out _constraint
);
}
errors_out = _errorlist.ToArray();
}
public static void Login(
string login_in,
string password_in,
string sessionGuid_in,
string ip_forLogPurposes_in,
int idApplication_in,
out long idUser_out,
out long[] idPermissions_out,
out int[] errors_out
)
{
idPermissions_out = null;
idUser_out = -1L;
Guid _sessionguid;
List <int> _errorlist;
#region check...
if (!SBO_CRD_Authentication.isSessionGuid_valid(
sessionGuid_in,
out _sessionguid,
out _errorlist,
out errors_out
))
{
//// no need!
//errors_out = _errors.ToArray();
return;
}
if (string.IsNullOrEmpty(login_in))
{
_errorlist.Add(ErrorType.authentication__invalid_login);
errors_out = _errorlist.ToArray();
return;
}
#endregion
string _login;
login(
DO_CRD_User.getObject_byLogin(
login_in,
idApplication_in
),
_sessionguid,
login_in,
ip_forLogPurposes_in,
true,
password_in,
out idUser_out,
out _login,
out idPermissions_out,
ref _errorlist
);
errors_out = _errorlist.ToArray();
}
