public static List<ApplicationUser> GetUserSearch(string searchTerm) {
using (var securityHelper = new SecurityHelper()) {
return (from u in securityHelper.DataContext.Users
where u.UserName.ToLower().Contains(searchTerm.ToLower())
|| u.Email.ToLower().Contains(searchTerm.ToLower())
select securityHelper.UserManager.FindByName(u.UserName)).Take(100).ToList();
}
}
public IdentityResult ResetPassword(ApplicationUser user, string code, string password) {
IdentityResult result = new IdentityResult();
if (user != null && !String.IsNullOrEmpty(user.Id)) {
using (var securityHelper = new SecurityHelper()) {
result = securityHelper.UserManager.ResetPassword(user.Id, code, password);
return result;
}
}
return result;
}
public bool ResetPassword(string resetUri, string email) {
HttpRequest request = HttpContext.Current.Request;
ApplicationUser user = null;
string code = String.Empty;
if (resetUri.StartsWith("/")) {
resetUri = resetUri.Substring(1);
}
if (!String.IsNullOrEmpty(email)) {
using (var securityHelper = new SecurityHelper()) {
user = securityHelper.UserManager.FindByEmail(email);
if (user != null) {
code = securityHelper.UserManager.GeneratePasswordResetToken(user.Id);
}
}
}
if (user != null) {
string sBody = String.Empty;
Assembly _assembly = Assembly.GetExecutingAssembly();
using (StreamReader oTextStream = new StreamReader(_assembly.GetManifestResourceStream("Carrotware.CMS.Core.Security.EmailForgotPassMsg.txt"))) {
sBody = oTextStream.ReadToEnd();
}
string strHTTPHost = String.Empty;
try { strHTTPHost = request.ServerVariables["HTTP_HOST"].ToString().Trim(); } catch { strHTTPHost = String.Empty; }
string hostName = strHTTPHost.ToLower();
string strHTTPPrefix = "http://";
try {
strHTTPPrefix = request.ServerVariables["SERVER_PORT_SECURE"] == "1" ? "https://" : "http://";
} catch { strHTTPPrefix = "http://"; }
strHTTPHost = String.Format("{0}{1}", strHTTPPrefix, strHTTPHost).ToLower();
var resetTokenUrl = String.Format("{0}/{1}?userId={2}&code={3}", strHTTPHost, resetUri, user.Id, HttpUtility.UrlEncode(code));
sBody = sBody.Replace("{%%UserName%%}", user.UserName);
sBody = sBody.Replace("{%%SiteURL%%}", strHTTPHost);
sBody = sBody.Replace("{%%ResetURL%%}", resetTokenUrl);
sBody = sBody.Replace("{%%Version%%}", CurrentDLLVersion);
if (SiteData.CurretSiteExists) {
sBody = sBody.Replace("{%%Time%%}", SiteData.CurrentSite.Now.ToString());
} else {
sBody = sBody.Replace("{%%Time%%}", DateTime.Now.ToString());
}
EmailHelper.SendMail(null, user.Email, String.Format("Reset Password {0}", hostName), sBody, false);
return true;
} else {
return false;
}
}
public static ApplicationUser GetUserByEmail(string email) {
using (var securityHelper = new SecurityHelper()) {
return securityHelper.UserManager.FindByEmail(email);
}
}
private IdentityResult AttemptCreateApplicationUser(ApplicationUser user, string password, out ExtendedUserData newusr) {
newusr = null;
var result = new IdentityResult();
lock (newUsrLock) {
if (user != null && !String.IsNullOrEmpty(user.Id)) {
using (var securityHelper = new SecurityHelper()) {
result = securityHelper.UserManager.Create(user, password);
if (result.Succeeded) {
user = securityHelper.UserManager.FindByName(user.UserName);
newusr = new ExtendedUserData();
newusr.UserKey = user.Id;
newusr.Id = user.Id;
newusr.Save();
newusr = ExtendedUserData.FindByUserID(newusr.UserId);
}
}
}
}
return result;
}
public static ApplicationUser GetUserByID(string key) {
using (var securityHelper = new SecurityHelper()) {
return securityHelper.UserManager.FindById(key);
}
}
public static ApplicationUser GetUserByName(string username) {
using (var securityHelper = new SecurityHelper()) {
return securityHelper.UserManager.FindByName(username);
}
}
public static List<ApplicationUser> GetUsersInRole(string groupName) {
List<ApplicationUser> usrs = new List<ApplicationUser>();
using (var securityHelper = new SecurityHelper()) {
var role = (from r in securityHelper.DataContext.Roles
where r.Name.ToLower() == groupName.ToLower()
select r).FirstOrDefault();
if (role != null) {
usrs = (from ur in role.Users
join u in securityHelper.DataContext.Users on ur.UserId equals u.Id
select securityHelper.UserManager.FindByName(u.UserName)).Take(2500).ToList();
}
}
return usrs;
}
public static bool IsUserInRole(string userName, string groupName) {
if (SiteData.IsWebView && HttpContext.Current.User.Identity.IsAuthenticated) {
using (var securityHelper = new SecurityHelper()) {
var _user = securityHelper.UserManager.FindByName(userName);
return securityHelper.UserManager.IsInRole(_user.Id, groupName);
}
}
return false;
}
public static List<ApplicationUser> GetUserList() {
using (var securityHelper = new SecurityHelper()) {
return (from u in securityHelper.DataContext.Users
select securityHelper.UserManager.FindByName(u.UserName)).Take(1000).ToList();
}
}
public static List<ApplicationUser> GetUserListByName(string usrName) {
using (var securityHelper = new SecurityHelper()) {
return (from u in securityHelper.DataContext.Users
where (u.UserName.ToLower().Contains(usrName.ToLower()))
select securityHelper.UserManager.FindByName(u.UserName)).Take(50).ToList();
}
}
public static List<ApplicationUser> GetCreditUserSearch(string searchTerm) {
List<ApplicationUser> usrs = null;
List<string> admins = null;
List<string> editors = null;
using (CarrotCMSDataContext _db = CarrotCMSDataContext.Create()) {
admins = (from ur in _db.membership_UserRoles
join u in _db.membership_Users on ur.UserId equals u.Id
join r in _db.membership_Roles on ur.RoleId equals r.Id
join ud in _db.carrot_UserDatas on u.Id equals ud.UserKey
where r.Name == CMSGroup_Admins
select ud.UserKey.ToLower()).ToList();
editors = (from sm in _db.carrot_UserSiteMappings
join ud in _db.carrot_UserDatas on sm.UserId equals ud.UserId
where sm.SiteID == SiteData.CurrentSiteID
select ud.UserKey.ToLower()).ToList();
}
using (var securityHelper = new SecurityHelper()) {
usrs = (from u in securityHelper.DataContext.Users
where (u.UserName.ToLower().Contains(searchTerm.ToLower())
|| u.Email.ToLower().Contains(searchTerm.ToLower()))
&& admins.Union(editors).Contains(u.Id.ToLower())
select securityHelper.UserManager.FindByName(u.UserName)).Take(50).ToList();
}
return usrs;
}
public static bool IsUserInRole(string userName, string groupName)
{
bool keyVal = false;
if (SiteData.IsWebView && IsAuthenticated) {
string key = String.Format("{0}_{1}_{2}", keyIsUserInRole, userName, groupName);
if (HttpContext.Current.Cache[key] != null) {
keyVal = Convert.ToBoolean(HttpContext.Current.Cache[key]);
} else {
using (var securityHelper = new SecurityHelper()) {
var _user = securityHelper.UserManager.FindByName(userName);
keyVal = securityHelper.UserManager.IsInRole(_user.Id, groupName);
}
HttpContext.Current.Cache.Insert(key, keyVal.ToString(), null, DateTime.Now.AddSeconds(15), Cache.NoSlidingExpiration);
}
}
return keyVal;
}
public bool ResetPassword(string Email)
{
ApplicationUser user = null;
string code = String.Empty;
if (!String.IsNullOrEmpty(Email)) {
using (var securityHelper = new SecurityHelper()) {
user = securityHelper.UserManager.FindByEmail(Email);
if (user != null) {
code = securityHelper.UserManager.GeneratePasswordResetToken(user.Id);
}
}
}
if (user != null) {
string sBody = String.Empty;
Assembly _assembly = Assembly.GetExecutingAssembly();
using (StreamReader oTextStream = new StreamReader(_assembly.GetManifestResourceStream("Carrotware.CMS.Core.Security.EmailForgotPassMsg.txt"))) {
sBody = oTextStream.ReadToEnd();
}
string strHTTPHost = "";
try { strHTTPHost = HttpContext.Current.Request.ServerVariables["HTTP_HOST"] + ""; } catch (Exception ex) { strHTTPHost = ""; }
string strHTTPProto = "http://";
try {
strHTTPProto = HttpContext.Current.Request.ServerVariables["SERVER_PORT_SECURE"] + "";
if (strHTTPProto == "1") {
strHTTPProto = "https://";
} else {
strHTTPProto = "http://";
}
} catch (Exception ex) { }
strHTTPHost = strHTTPProto + strHTTPHost.ToLower();
string adminFolder = SiteData.AdminFolderPath;
if (adminFolder.StartsWith("/")) {
adminFolder = adminFolder.Substring(1);
}
if (adminFolder.EndsWith("/")) {
adminFolder = adminFolder.Substring(0, adminFolder.Length - 1);
}
var callbackUrl = String.Format("{0}/{1}/ResetPassword?userId={2}&code={3}", strHTTPHost, adminFolder, user.Id, HttpUtility.UrlEncode(code));
sBody = sBody.Replace("{%%UserName%%}", user.UserName);
sBody = sBody.Replace("{%%SiteURL%%}", strHTTPHost);
sBody = sBody.Replace("{%%ResetURL%%}", callbackUrl);
sBody = sBody.Replace("{%%Version%%}", CurrentDLLVersion);
if (SiteData.CurretSiteExists) {
sBody = sBody.Replace("{%%Time%%}", SiteData.CurrentSite.Now.ToString());
} else {
sBody = sBody.Replace("{%%Time%%}", DateTime.Now.ToString());
}
EmailHelper.SendMail(null, user.Email, "Reset Password", sBody, false);
return true;
} else {
return false;
}
}
