private void AuditLogChanges(User user, ChangePersonalDetailsViewModel viewModel) { if (user.Firstname != viewModel.FirstName || user.Lastname != viewModel.LastName || user.ContactFirstName != viewModel.FirstName || user.ContactLastName != viewModel.LastName) { auditLogger.AuditChangeToUser( AuditedAction.UserChangeName, user, new { OldFirstName = user.Firstname, OldLastName = user.Lastname, OldContactFirstName = user.ContactFirstName, OldContactLastName = user.ContactLastName, NewFirstName = viewModel.FirstName, NewLastName = viewModel.LastName, }, user); } if (user.JobTitle != viewModel.JobTitle || user.ContactJobTitle != viewModel.JobTitle) { auditLogger.AuditChangeToUser( AuditedAction.UserChangeJobTitle, user, new { OldJobTitle = user.JobTitle, OldContactJobTitle = user.ContactJobTitle, NewJobTitle = viewModel.JobTitle, }, user); } if (user.ContactPhoneNumber != viewModel.ContactPhoneNumber) { auditLogger.AuditChangeToUser( AuditedAction.UserChangePhoneNumber, user, new { OldContactPhoneNumber = user.ContactPhoneNumber, NewContactPhoneNumber = viewModel.ContactPhoneNumber, }, user); } }
private void PurgeRegistrationsAction() { DateTime deadline = VirtualDateTime.Now.AddDays(0 - Global.PurgeUnconfirmedPinDays); List <UserOrganisation> registrations = dataRepository.GetAll <UserOrganisation>() .Where(uo => uo.PINConfirmedDate == null) .Where(uo => uo.PINSentDate != null) .Where(uo => uo.PINSentDate.Value < deadline) .ToList(); foreach (UserOrganisation registration in registrations) { auditLogger.AuditChangeToUser( AuditedAction.PurgeRegistration, registration.User, new { registration.UserId, registration.User.EmailAddress, registration.OrganisationId, registration.Organisation.EmployerReference, registration.Organisation.OrganisationName, registration.Method, registration.PINSentDate, registration.PINConfirmedDate }); dataRepository.Delete(registration); dataRepository.SaveChanges(); } }
public IActionResult ChangeContactPreferencesPost(long id, AdminChangeUserContactPreferencesViewModel viewModel) { var user = _adminService.SharedBusinessLogic.DataRepository.Get <User>(id); viewModel.ParseAndValidateParameters(Request, m => m.Reason); if (viewModel.HasAnyErrors()) { viewModel.UserId = user.UserId; viewModel.FullName = user.Fullname; return(View("ChangeContactPreferences", viewModel)); } auditLogger.AuditChangeToUser( this, AuditedAction.AdminChangeUserContactPreferences, user, new { AllowContact_Old = user.AllowContact ? "Yes" : "No", AllowContact_New = viewModel.AllowContact ? "Yes" : "No", SendUpdates_Old = user.SendUpdates ? "Yes" : "No", SendUpdates_New = viewModel.SendUpdates ? "Yes" : "No", viewModel.Reason }); user.AllowContact = viewModel.AllowContact; user.SendUpdates = viewModel.SendUpdates; _adminService.SharedBusinessLogic.DataRepository.SaveChangesAsync().Wait(); return(RedirectToAction("ViewUser", "AdminViewUser", new { id = user.UserId })); }
private void PurgeUser(User user) { auditLogger.AuditChangeToUser( AuditedAction.PurgeUser, user, new { user.UserId, user.EmailAddress, user.JobTitle, user.Fullname }); user.SetStatus(UserStatuses.Retired, user, "User retired by PurgeUserJob"); dataRepository.SaveChanges(); }
public void UpdateEmail(User userToUpdate, string newEmailAddress) { if (userToUpdate is null) { throw new ArgumentNullException(nameof(userToUpdate)); } if (newEmailAddress.IsNullOrWhiteSpace()) { throw new ArgumentNullException(nameof(newEmailAddress)); } if (userToUpdate.Status != UserStatuses.Active) { throw new ArgumentException($"Can only update emails for active users. UserId={userToUpdate.UserId}"); } string oldEmailAddress = userToUpdate.EmailAddress; // update email DateTime now = VirtualDateTime.Now; userToUpdate.EmailAddress = newEmailAddress; userToUpdate.EmailVerifiedDate = now; userToUpdate.Modified = now; // save dataRepository.SaveChanges(); // log email change auditLogger.AuditChangeToUser( AuditedAction.UserChangeEmailAddress, userToUpdate, new { OldEmailAddress = oldEmailAddress, NewEmailAddress = newEmailAddress, }, userToUpdate); }
public async Task <IActionResult> ResendVerificationEmailPost(long id, AdminResendVerificationEmailViewModel viewModel) { var user = SharedBusinessLogic.DataRepository.Get <User>(id); viewModel.User = user; if (user.EmailVerifiedDate != null) { viewModel.AddErrorFor <AdminResendVerificationEmailViewModel, object>( m => m.OtherErrorMessagePlaceholder, "This user's email address has already been verified"); return(View("ResendVerificationEmail", viewModel)); } viewModel.ParseAndValidateParameters(Request, m => m.Reason); if (viewModel.HasAnyErrors()) { return(View("ResendVerificationEmail", viewModel)); } auditLogger.AuditChangeToUser( this, AuditedAction.AdminResendVerificationEmail, user, new { viewModel.Reason } ); var verifyCode = Encryption.EncryptQuerystring(user.UserId + ":" + user.Created.ToSmallDateTime()); user.EmailVerifyHash = Crypto.GetSHA512Checksum(verifyCode); user.EmailVerifySendDate = VirtualDateTime.Now; SharedBusinessLogic.DataRepository.SaveChangesAsync().Wait(); var verifyUrl = Url.Action("VerifyEmail", "Account", new { vcode = verifyCode }, "https"); if (!_adminService.SharedBusinessLogic.SendEmailService.SendCreateAccountPendingVerificationAsync(verifyUrl, user.EmailAddress).Result) { viewModel.AddErrorFor <AdminResendVerificationEmailViewModel, object>( m => m.OtherErrorMessagePlaceholder, "Error whilst re-sending verification email. Please try again in a few minutes."); return(View("ResendVerificationEmail", viewModel)); } return(View("VerificationEmailSent", user)); }
public IActionResult ResendVerificationEmailPost(long id, AdminResendVerificationEmailViewModel viewModel) { User user = dataRepository.Get <User>(id); viewModel.User = user; if (user.EmailVerifiedDate != null) { viewModel.AddErrorFor( m => m.OtherErrorMessagePlaceholder, "This user's email address has already been verified"); return(View("ResendVerificationEmail", viewModel)); } viewModel.ParseAndValidateParameters(Request, m => m.Reason); if (viewModel.HasAnyErrors()) { return(View("ResendVerificationEmail", viewModel)); } auditLogger.AuditChangeToUser( AuditedAction.AdminResendVerificationEmail, user, new { viewModel.Reason }, User); string verificationCode = Guid.NewGuid().ToString("N"); string verificationUrl = Url.Action( "VerifyEmail", "AccountCreation", new { code = verificationCode }, "https"); emailSendingService.SendAccountVerificationEmail(user.EmailAddress, verificationUrl); user.EmailVerifyHash = verificationCode; user.EmailVerifySendDate = VirtualDateTime.Now; dataRepository.SaveChanges(); return(View("VerificationEmailSent", user)); }