/// <summary>
/// Generate a regular Account from the UI, the Administrative Accounts need to go through an Administrative
/// set of interfaces/code
/// </summary>
/// <param name="accountModel"></param>
/// <returns></returns>
public bool AccountCreate(TestSprocGenerator.Business.SingleTable.Bo.Account accountModel)
{
if (_smoSettings.ContainsKey(CONNECTION_STRING_NAME))
{
accountModel.DatabaseSmoObjectsAndSettings = _smoSettings[CONNECTION_STRING_NAME];
if (string.IsNullOrEmpty(accountModel.AccountUsername))
{
throw new ArgumentNullException("AccountUsername");
}
if (string.IsNullOrEmpty(accountModel.AccountPassword))
{
throw new ArgumentNullException("AccountPassword");
}
if (DoesUserNameExist(accountModel.AccountUsername))
{
throw new ArgumentException("AccountUsername is in Use, Please pick another username");
}
//Set default values for insertion of new account
accountModel.AccountCode = DEFAULT_ACCOUNT_CODE;
accountModel.AccountID = Guid.NewGuid();
accountModel.AccountPassword = HashSaltHelper.CreatePasswordHash(accountModel.AccountPassword,
HashSaltHelper.CreateSalt());
accountModel.Deleted = false;
accountModel.InsertedDateTime = DateTime.Now;
accountModel.ModifiedDateTime = DateTime.Now;
accountModel.Insert();
return(true);
}
else
{
throw new ApplicationException("Database Connection String Not in Configuration File or not loaded from Config File");
}
}
public bool ResetPassword(string username, string email, string passwordResetRequestCode, string newPassword)
{
bool success = false;
//1) Find the passwordResetRequestCode Record if it exists, which gives the account id
//2) Get the AccountRecord
//3) Update the Password = newPassword and the Deleted flag = true, call update on bo to update in database
TestSprocGenerator.Business.SingleTable.Bo.PasswordResetRequest foundPasswordResetRequest = null;
TestSprocGenerator.Business.SingleTable.Bo.PasswordResetRequest passwordResetSearchCriteria =
new TestSprocGenerator.Business.SingleTable.Bo.PasswordResetRequest(_smoSettings[CONNECTION_STRING_NAME])
{
PasswordResetCode = passwordResetRequestCode
};
TestSprocGenerator.Business.SingleTable.Bo.List.PasswordResetRequest passwordResetSearchReturned =
new TestSprocGenerator.Business.SingleTable.Bo.List.PasswordResetRequest(_smoSettings[CONNECTION_STRING_NAME]);
passwordResetSearchReturned.FillByCriteriaExact(passwordResetSearchCriteria);
if (passwordResetSearchReturned != null && passwordResetSearchReturned.Count > 0)
{
if (passwordResetSearchReturned.Count == 1)
{
foundPasswordResetRequest = (TestSprocGenerator.Business.SingleTable.Bo.PasswordResetRequest)passwordResetSearchReturned[0];
//make sure that the email or username is valid
TestSprocGenerator.Business.SingleTable.Bo.Account foundAccount = null;
string emailAddress = DetermineEmailGetAccountByEmailOrUsername(username, email, out foundAccount);
if (foundAccount != null)
{
//account is valid if the accountid of the returned record and the password request record accountID match
if (foundAccount.AccountID == foundPasswordResetRequest.AccountID)
{
//TODO: should probably do this in a transaction instead of having the possibility of one of these
//failing
foundAccount.Deleted = false;
foundAccount.AccountPassword = HashSaltHelper.CreatePasswordHash(newPassword,
HashSaltHelper.CreateSalt());
foundAccount.Update();
foundPasswordResetRequest.Delete();
success = true;
}
else
{
throw new ApplicationException("Email or Username provided does not match the Password Reset Request code record");
}
}
else
{
throw new ApplicationException("Email or Username provided is not valid");
}
}
}
return(success);
}
