//public override MyroCommand AfterBindingParameter(SearchScenario searchFor, DbConnect con, MyroCommand cmd, DynamicDictionary data_param, bool count = false, string tableAlias = null)
//{
// //Myro.Base.List.DynamicDictionary sessionData = MyApp.LoadSessionDataForClient();
// //string role_id = sessionData.GetValueAsString("assigned_role_ids").Replace("[", "").Replace("]", "").Replace(@"""", "");
// User.UserService srvc = new User.UserService();
// string role_id = Newtonsoft.Json.JsonConvert.SerializeObject(srvc.LoadAssignedRoles(con, (int)SessionData.user_id)); ;
// role_id = role_id.Replace("[", "").Replace("]", "").Replace(@"""", "");
// string[] lst_rols = role_id.Split(',');
// bool rol_exists = lst_rols.Contains("1"); //not "Administrator"
// if (rol_exists==false) //not "Administrator"
// {
// if (role_id.Trim().Length > 0)
// data_param.Add("id", role_id);
// }
// MyroCommand cmd1 = cmd;
// if (data_param.ContainsKey("id"))
// {
// MyroCommand test = new MyroCommand(MyroCommandTypes.SqlBuilder);
// cmd1.Template = test.SqlBuilder.AddTemplate(string.Format(@"
// {0}
// AND c.id IN (WITH RECURSIVE roles(role_id) as (
// SELECT assigned_role_id role_id
// FROM RBAC_USER_ROLES
// where is_deleted = false AND status = true AND user_id = {1}
// UNION ALL
// SELECT c.assigned_role_id role_id
// FROM rbac_role_roles as c
// JOIN roles nd ON c.role_id = nd.role_id
// AND c.is_deleted = false AND c.status = true
// )
// SELECT DISTINCT role_id FROM roles ) ", cmd.FinalSql.Replace("@status", "true"), SessionData.user_id ));
// }
// //Todo:Pending Task 01 Jun 2016 Shivashwor ...
// //cmd1 = DbServiceUtility.BindParameter(cmd, _model.GetType().GetProperty("id"), data_param, "c", SearchTypes.IN_Search); //IS NOT NULL
// return cmd1;
//}
public override BangoCommand AfterBindingParameter(SearchScenario searchFor, DbConnect con, BangoCommand cmd, DynamicDictionary data_param, bool count = false, string tableAlias = null)
{
//Myro.Base.List.DynamicDictionary sessionData = MyApp.LoadSessionDataForClient();
//string role_id = sessionData.GetValueAsString("assigned_role_ids").Replace("[", "").Replace("]", "").Replace(@"""", "");
User.UserService srvc = new User.UserService();
string role_id = Newtonsoft.Json.JsonConvert.SerializeObject(srvc.LoadAssignedRoles(con, (int)SessionData.user_id));;
role_id = role_id.Replace("[", "").Replace("]", "").Replace(@"""", "");
string[] lst_rols = role_id.Split(',');
bool rol_exists = lst_rols.Contains("1"); //not "Administrator"
if (rol_exists == false) //not "Administrator"
{
if (role_id.Trim().Length > 0)
{
data_param.SetValue("id", role_id);
}
}
BangoCommand cmd1 = cmd;
if (data_param.ContainsKey("id"))
{
// data_param.Remove("id");
BangoCommand test = new BangoCommand(MyroCommandTypes.SqlBuilder);
cmd1.Template = cmd1.SqlBuilder.AddTemplate(string.Format(@"
{0}
AND c.id >= (WITH RECURSIVE roles(role_id) as (
SELECT assigned_role_id role_id
FROM RBAC_USER_ROLES
where is_deleted = false AND status = true AND user_id = {1}
UNION ALL
SELECT c.assigned_role_id role_id
FROM rbac_role_roles as c
JOIN roles nd ON c.role_id = nd.role_id
AND c.is_deleted = false AND c.status = true
)
SELECT DISTINCT role_id FROM roles ) ", cmd.FinalSql.Replace("@status", "true"), SessionData.user_id));
/// cmd1.FinalParameters.AddDynamicParams(cmd.FinalParameters.ParameterNames);
}
//Todo:Pending Task 01 Jun 2016 Shivashwor ...
//cmd1 = DbServiceUtility.BindParameter(cmd, _model.GetType().GetProperty("id"), data_param, "c", SearchTypes.IN_Search); //IS NOT NULL
return(cmd1);
}
public ActionResult ForgotPassword(LostPasswordModel model)
{
//Boolean ErrorFlag = false; //unused
if (TryValidateModel(model))
{
var messageService = new AuthMessageSender();
var userService = new User.UserService();
var newPassword = userService.ResetUserPassword(model.Email);
var sentmessage = messageService.SendEmailAsync(model.Email, "Reset IRIS Password", "Hello " + model.Email + " your temporary password is " + newPassword);
if (!sentmessage)
{
//ErrorFlag = true;
ModelState.AddModelError(string.Empty, "SMTP server is down, unable to send temporary password at this time.");
return(View("ForgotPassword", model));
}
else
{
Session["ExpirationTime"] = DateTime.Now.AddHours(4);
return(View("ForgotPasswordConfirmation"));
}
//return RedirectToAction("ForgotPasswordConfirmation"); //unreachable
}
else
{
return(View("Login"));
}
}
public ActionResult ChangePassword(ChangePasswordViewModel model, string userMessage)
{
var userInfo = _coreService.LoadModel <IRISUserModel>().FirstOrDefault(u => u.UserName == model.UserName);
// PasswordScore score;
//score = CheckStrength(model.PasswordOne);
int minLen = 8;
int maxLen = 30;
int minDigit = 1;
int minSpChar = 1;
int minCapLetters = 1;
Boolean ErrorFlag = false;
//Check for password length
if (model.PasswordOne.Length < minLen)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must be at least " + minLen + " characters long.");
}
if (model.PasswordOne.Length > maxLen)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must not exceed " + maxLen + " characters long.");
}
//Check for Digits and Special Characters
int digitCount = 0;
int splCharCount = 0;
int capLetterCount = 0;
bool excludedSpcCharacter = false;
foreach (char c in model.PasswordOne)
{
if (char.IsDigit(c))
{
digitCount++;
}
if (Regex.IsMatch(c.ToString(), @"[!#$%&*+-:<>?\\^_`|~]"))
{
splCharCount++;
}
if (Regex.IsMatch(c.ToString(), @"[A-Z]"))
{
capLetterCount++;
}
if (Regex.IsMatch(c.ToString(), @"^[.;\@`']") && !excludedSpcCharacter)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "The following special characters cannot be used in a password." + "." + ";" + "`" + "'" + "@");
excludedSpcCharacter = true;
}
}
if (capLetterCount < minCapLetters)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must have at least " + minCapLetters + " capital letter.");
}
if (digitCount < minDigit)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must have at least " + minDigit + " digit(s).");
}
if (splCharCount < minSpChar)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must have at least " + minSpChar + " special character(s).");
}
if (model.PasswordOne.Contains("abcdef") || model.PasswordTwo.Contains("123456"))
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password cannot be a squence of numbers or letters");
}
if (model.PasswordOne == model.UserName || model.PasswordTwo == model.UserName)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password cannot be the same as User Name");
}
if (model.PasswordOne != model.PasswordTwo)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Passwords do not match.");
}
else if (ErrorFlag)
{
return(View(model));
}
else
{
var userService = new User.UserService();
var newPassword = userService.ResetUserPassword(model.UserName, model.PasswordOne);
if (newPassword != "")
{
return(RedirectToAction("Login", new AuthStartRequestModel()));
}
else
{
ModelState.AddModelError(string.Empty, "Error Updating Password.");
return(View(model));
}
}
return(View(model));
}
