/// <summary>
/// Checks authorization for the given operation context based on default policy evaluation.
/// </summary>
/// <param name="operationContext">The <see cref="T:System.ServiceModel.OperationContext"/> for the current authorization request.</param>
/// <returns>
/// true if access is granted; otherwise, false. The default is true.
/// </returns>
protected override bool CheckAccessCore(OperationContext operationContext)
{
string key = string.Empty;
// Always allow the Help interface
var properties = operationContext.RequestContext.RequestMessage.Properties;
if (properties["HttpOperationName"].ToString() == "HelpPageInvoke")
{
return(true);
}
// If the user is currently logged in
var currentUser = System.Web.Security.Membership.GetUser();
if (currentUser != null)
{
return(true);
}
// Get the matched uriTemplate
UriTemplateMatch template = properties["UriTemplateMatchResults"] as UriTemplateMatch;
if (template != null && !string.IsNullOrEmpty(template.BoundVariables["apiKey"]))
{
// Get the apiKey value from the uriTemplate
key = template.BoundVariables["apiKey"];
// Read the user
Rock.Services.Cms.UserService userService = new Rock.Services.Cms.UserService();
Rock.Models.Cms.User user = userService.Queryable().
Where(u => u.ApiKey == key && u.IsApproved == true && u.IsLockedOut == false).
FirstOrDefault();
// Verify that the key is valid
if (user != null)
{
return(true);
}
}
return(false);
}
public override MembershipUser CreateUser( string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status )
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs( username, password, true );
OnValidatingPassword( args );
if ( args.Cancel )
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
UserService UserService = new Services.Cms.UserService();
if ( ( RequiresUniqueEmail && ( GetUserNameByEmail( UserService, email ) != String.Empty ) ) )
{
status = MembershipCreateStatus.DuplicateEmail;
return null;
}
MembershipUser membershipUser = GetUser( UserService, username, false );
if ( membershipUser == null )
{
DateTime createDate = DateTime.Now;
Rock.Models.Cms.User user = new Rock.Models.Cms.User();
if ( providerUserKey != null && providerUserKey is int )
user.PersonId = ( int )providerUserKey;
else
{
status = MembershipCreateStatus.InvalidProviderUserKey;
return null;
}
user.ApplicationName = applicationName;
user.Username = username;
user.Password = EncodePassword( password );
user.Email = email;
user.PasswordQuestion = passwordQuestion;
user.PasswordAnswer = passwordAnswer;
user.IsApproved = isApproved;
user.Comment = string.Empty;
user.CreationDate = createDate;
user.LastPasswordChangedDate = createDate;
user.LastActivityDate = createDate;
user.IsLockedOut = false;
user.LastLockedOutDate = createDate;
user.FailedPasswordAttemptCount = 0;
user.FailedPasswordAttemptWindowStart = createDate;
user.FailedPasswordAnswerAttemptCount = 0;
user.FailedPasswordAnswerAttemptWindowStart = createDate;
user.AuthenticationType = (int)AuthenticationType.Database;
try
{
UserService.AddUser( user );
UserService.Save( user, CurrentPersonId() );
status = MembershipCreateStatus.Success;
}
catch ( SystemException ex )
{
status = MembershipCreateStatus.ProviderError;
}
return GetUser( UserService, user, false );
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
return null;
}
}
