Inheritance: INotifyPropertyChanging, INotifyPropertyChanged
Esempio n. 1
0
 partial void DeleteUserHistory(UserHistory instance);
Esempio n. 2
0
 partial void InsertUserHistory(UserHistory instance);
Esempio n. 3
0
 partial void UpdateUserHistory(UserHistory instance);
Esempio n. 4
0
        /// <summary>
        /// Change this users password, recording in their history that they have done so.
        /// </summary>
        public void ChangePassword(DateTime now, string newPassword, string comment = null)
        {
            var changeEvent = new UserHistory
            {
                Comment = comment ?? "Changed Password",
                CreationDate = now,
                UserHistoryTypeId = UserHistoryTypeId.PasswordChanged,
                IP = Current.RemoteIP,
                UserId = Id
            };

            Current.WriteDB.UserHistory.InsertOnSubmit(changeEvent);

            var thisUser = Current.WriteDB.Users.Single(u => u.Id == this.Id);

            string salt;
            var pwdHash = Current.SecureHash(newPassword, out salt);

            thisUser.PasswordSalt = salt;
            thisUser.PasswordHash = pwdHash;
            thisUser.LastActivityDate = now;
            thisUser.PasswordVersion = null; // We have a strong password now, regardless of what was there before

            Current.WriteDB.SubmitChanges();
        }
Esempio n. 5
0
        public ActionResult EditUserSubmit(string id)
        {
            if (!id.HasValue()) return NotFound();

            Guid providerId;
            if (!Guid.TryParse(id, out providerId)) return NotFound();

            var toUpdate = Current.WriteDB.Users.SingleOrDefault(u => u.ProviderId == providerId);

            if (toUpdate == null) return NotFound();

            if (toUpdate.Id != Current.LoggedInUser.Id && !Current.LoggedInUser.IsAdministrator) return IrrecoverableError("Cannot modify that user", "You can only modify profiles you are logged into.");

            var db = Current.WriteDB;
            var now = Current.Now;

            foreach (var p in Request.Form.AllKeys)
            {
                var value = Request.Form[p];

                if (p == "realname")
                {
                    var old = toUpdate.RealName;
                    if (old == value || (old.IsNullOrEmpty() && value.IsNullOrEmpty())) continue;

                    var hadPreviously = old.HasValue();

                    string errorMessage;
                    if (!toUpdate.UpdateAttribute(value.IsNullOrEmpty() ? null : value, UserAttributeTypeId.RealName, out errorMessage))
                    {
                        if (Current.LoggedInUser.Id == toUpdate.Id)
                        {
                            return RecoverableError(errorMessage, new { });
                        }
                        else
                        {
                            // Hack: URL structure means administrators cannot *really* recover from this error.
                            return IrrecoverableError("Admin edit failed", errorMessage);
                        }

                    }

                    string comment = "Changed";
                    if (hadPreviously && value.IsNullOrEmpty()) comment = "Removed";
                    if (!hadPreviously && value.HasValue()) comment = "Added";

                    var editedRealName =
                        new UserHistory
                        {
                            Comment = comment,
                            CreationDate = now,
                            IP = Current.RemoteIP,
                            UserHistoryTypeId = UserHistoryTypeId.RealNameChanged,
                            UserId = toUpdate.Id
                        };

                    db.UserHistory.InsertOnSubmit(editedRealName);
                }

                if (p == "vanity")
                {
                    var old = toUpdate.VanityProviderId;
                    if (old == value || (old.IsNullOrEmpty() && value.IsNullOrEmpty())) continue;

                    var hadPreviously = old.HasValue();

                    string errorMsg;
                    if (value.HasValue() && !Models.User.IsValidVanityId(value, out errorMsg))
                    {
                        return RecoverableError(errorMsg, new { realname = Request.Form["realname"], vanity = value });
                    }

                    if (value.HasValue() && db.Users.Any(u => u.VanityProviderId == value)) return RecoverableError("That Vanity OpenId is already in use", new { realname = Request.Form["realname"], vanity = value });

                    toUpdate.VanityProviderId = value.IsNullOrEmpty() ? null : value;

                    string comment = "Changed";
                    if (hadPreviously && value.IsNullOrEmpty()) comment = "Removed";
                    if (!hadPreviously && value.HasValue()) comment = "Added";

                    var editedVanity =
                        new UserHistory
                        {
                            Comment = comment,
                            CreationDate = now,
                            IP = Current.RemoteIP,
                            UserHistoryTypeId = UserHistoryTypeId.VanityIdChanged,
                            UserId = toUpdate.Id
                        };

                    db.UserHistory.InsertOnSubmit(editedVanity);
                }
            }

            db.SubmitChanges();

            // post submit sanity check to make sure we've got no duplicate vanity id's out there
            //   this is a bit of hack, to work around the inability to set a meaningful unique constraint
            //   on a nullable column
            if (toUpdate.VanityProviderId.HasValue())
            {
                if (db.Users.Count(u => u.VanityProviderId == toUpdate.VanityProviderId) != 1)
                {
                    toUpdate.VanityProviderId = null;

                    var editedVanity =
                        new UserHistory
                        {
                            Comment = "Removed",
                            CreationDate = now,
                            IP = "127.0.0.1",
                            UserHistoryTypeId = UserHistoryTypeId.VanityIdChanged,
                            UserId = toUpdate.Id
                        };

                    db.UserHistory.InsertOnSubmit(editedVanity);
                    db.SubmitChanges();
                }
            }

            return
                SafeRedirect(
                    (Func<ActionResult>)this.ViewUser
                );
        }
Esempio n. 6
0
        /// <summary>
        /// Record a login event for a user, run any needed cleanup, and give the user a session.
        /// </summary>
        public void Login(DateTime now)
        {
            // Kill the anonymous cookie
            Current.KillCookie(Current.AnonymousCookieName);

            // Write a login event
            var loginEvent = new UserHistory
            {
                Comment = "Logged In",
                CreationDate = now,
                UserHistoryTypeId = UserHistoryTypeId.Login,
                UserId = Id,
                IP = Current.RemoteIP
            };

            Current.WriteDB.UserHistory.InsertOnSubmit(loginEvent);

            // Generate and write a session
            var session = Convert.ToBase64String(Current.Random(32));
            var sessionHash = Current.WeakHash(session);

            SessionHash = sessionHash;
            SessionCreationDate = now;
            LastActivityDate = now;

            // Add the user session cookie
            Current.AddCookie(Current.UserCookieName, session, TimeSpan.FromDays(7));

            Current.WriteDB.SubmitChanges();
        }
Esempio n. 7
0
        /// <summary>
        /// Record a logout event for the user, destoy their cookie, and invalidate their session.
        /// </summary>
        public void Logout(DateTime now, string careOfHost = null)
        {
            // Delete this users session cookie
            Current.KillCookie(Current.UserCookieName);

            var comment = "Logged Out";
            if (careOfHost.HasValue())
            {
                var cleanHost = careOfHost.ToLowerInvariant();
                if (cleanHost.Length + 3 + comment.Length > 400)
                {
                    cleanHost = cleanHost.Substring(0, 400 - 3 - comment.Length);
                }

                comment += " (" + cleanHost + ")";
            }

            var logoutEvent = new UserHistory
            {
                Comment = comment,
                CreationDate = now,
                UserHistoryTypeId = UserHistoryTypeId.Logout,
                UserId = Id,
                IP = Current.RemoteIP
            };

            Current.WriteDB.UserHistory.InsertOnSubmit(logoutEvent);

            SessionHash = null;
            SessionCreationDate = null;
            LastActivityDate = now;

            Current.WriteDB.SubmitChanges();
        }
Esempio n. 8
0
        public void AuthenticatedTo(DateTime now, string host)
        {
            var authenticatedEvent = new UserHistory
            {
                Comment = "Authenticated to "+host,
                CreationDate = now,
                UserHistoryTypeId = UserHistoryTypeId.AuthenticatedTo,
                UserId = Id,
                IP = Current.RemoteIP
            };

            Current.WriteDB.UserHistory.InsertOnSubmit(authenticatedEvent);

            LastActivityDate = now;

            Current.WriteDB.SubmitChanges();
        }
Esempio n. 9
0
        public void UserHistoryInsertWithUserId()
        {
            var r = new Restrictions();

            var history = new UserHistory
            {
                UserId = 1
            };

            var updates = new Dictionary<object, Restrictions.ShadowModifiedMember[]>();

            string ignored;
            Assert.IsTrue(r.IsValidChangeSet(updates, new List<object>(), new List<object>() { history }, new List<object>(), new List<int>() { 1 }, out ignored));
        }
Esempio n. 10
0
        public void NoUserHistoryUpdates()
        {
            var r = new Restrictions();

            var history = new UserHistory
            {
                Id = 1
            };

            var updates = new Dictionary<object, Restrictions.ShadowModifiedMember[]>();
            updates[history] = new Restrictions.ShadowModifiedMember[]
                {
                    new Restrictions.ShadowModifiedMember
                    {
                        Member = typeof(UserHistory).GetProperty("Id"),
                        CurrentValue = history.Id,
                        OriginalValue = 2
                    }
                };

            string ignored;
            Assert.IsFalse(r.IsValidChangeSet(updates, new List<object>(), new List<object>(), new List<object>() { history }, new List<int>() { 1 }, out ignored));
        }