private static Boolean SaveUser(String AUserID, SUserTable AUserDataTable) { TDBTransaction TheTransaction; if ((AUserDataTable != null) && (AUserDataTable.Rows.Count > 0)) { TheTransaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable); try { SUserAccess.SubmitChanges(AUserDataTable, TheTransaction); DBAccess.GDBAccessObj.CommitTransaction(); } catch (Exception Exc) { TLogging.Log("An Exception occured during the saving of a User:" + Environment.NewLine + Exc.ToString()); DBAccess.GDBAccessObj.RollbackTransaction(); throw; } } else { // nothing to save! return(false); } return(true); }
public static bool SetUserPassword(string AUsername, string APassword, bool APasswordNeedsChanged) { string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); if (UserAuthenticationMethod == "OpenPetraDBSUser") { TPetraPrincipal tempPrincipal; SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal); SUserTable UserTable = (SUserTable)UserDR.Table; Random r = new Random(); UserDR.PasswordSalt = r.Next(1000000000).ToString(); UserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword, UserDR.PasswordSalt), "SHA1"); UserDR.PasswordNeedsChange = APasswordNeedsChanged; TDBTransaction Transaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable); SUserAccess.SubmitChanges(UserTable, Transaction); DBAccess.GDBAccessObj.CommitTransaction(); return(true); } else { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); return(auth.SetPassword(AUsername, APassword)); } }
public static bool SetUserPassword(string AUsername, string APassword, bool APasswordNeedsChanged, bool AUnretireIfRetired) { string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); if (UserAuthenticationMethod == "OpenPetraDBSUser") { TDBTransaction SubmitChangesTransaction = null; bool SubmissionResult = false; TPetraPrincipal tempPrincipal; DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionResult, delegate { SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal); SUserTable UserTable = (SUserTable)UserDR.Table; Random r = new Random(); UserDR.PasswordSalt = r.Next(1000000000).ToString(); UserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword, UserDR.PasswordSalt), "SHA1"); UserDR.PasswordNeedsChange = APasswordNeedsChanged; // unretire the user if it has been previously retired if (AUnretireIfRetired) { UserDR.Retired = false; } SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction); SubmissionResult = true; }); return(true); } else { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); return(auth.SetPassword(AUsername, APassword)); } }
private static Boolean SaveUser(String AUserID, SUserTable AUserDataTable, TDBTransaction ATransaction) { if ((AUserDataTable != null) && (AUserDataTable.Rows.Count > 0)) { try { SUserAccess.SubmitChanges(AUserDataTable, ATransaction); } catch (Exception Exc) { TLogging.Log("An Exception occured during the saving of a User:" + Environment.NewLine + Exc.ToString()); throw; } } else { // nothing to save! return(false); } return(true); }
public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName, string AModulePermissions) { TDBTransaction ReadTransaction = null; TDBTransaction SubmitChangesTransaction = null; bool UserExists = false; bool SubmissionOK = false; // TODO: check permissions. is the current user allowed to create other users? SUserTable userTable = new SUserTable(); SUserRow newUser = userTable.NewRowTyped(); newUser.UserId = AUsername; newUser.FirstName = AFirstName; newUser.LastName = AFamilyName; if (AUsername.Contains("@")) { newUser.EmailAddress = AUsername; newUser.UserId = AUsername.Substring(0, AUsername.IndexOf("@")). Replace(".", string.Empty). Replace("_", string.Empty).ToUpper(); } // Check whether the user that we are asked to create already exists DBAccess.GDBAccessObj.BeginAutoReadTransaction(IsolationLevel.ReadCommitted, ref ReadTransaction, delegate { if (SUserAccess.Exists(newUser.UserId, ReadTransaction)) { TLogging.Log("Cannot create new user as a user with User Name '" + newUser.UserId + "' already exists!"); UserExists = true; } }); if (UserExists) { return(false); } userTable.Rows.Add(newUser); string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); if (UserAuthenticationMethod == "OpenPetraDBSUser") { if (APassword.Length > 0) { newUser.PasswordSalt = PasswordHelper.GetNewPasswordSalt(); newUser.PasswordHash = PasswordHelper.GetPasswordHash(APassword, newUser.PasswordSalt); newUser.PasswordNeedsChange = true; } } else { try { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName)) { newUser = null; } } catch (Exception e) { TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString()); return(false); } } if (newUser != null) { DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionOK, delegate { SUserAccess.SubmitChanges(userTable, SubmitChangesTransaction); List <string> modules = new List <string>(); if (AModulePermissions == DEMOMODULEPERMISSIONS) { modules.Add("PTNRUSER"); modules.Add("FINANCE-1"); ALedgerTable theLedgers = ALedgerAccess.LoadAll(SubmitChangesTransaction); foreach (ALedgerRow ledger in theLedgers.Rows) { modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000")); } } else { string[] modulePermissions = AModulePermissions.Split(new char[] { ',' }); foreach (string s in modulePermissions) { if (s.Trim().Length > 0) { modules.Add(s.Trim()); } } } SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable(); foreach (string module in modules) { SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped(); moduleAccessPermissionRow.UserId = newUser.UserId; moduleAccessPermissionRow.ModuleId = module; moduleAccessPermissionRow.CanAccess = true; moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow); } SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, SubmitChangesTransaction); // TODO: table permissions should be set by the module list // TODO: add p_data_label... tables here so user can generally have access string[] tables = new string[] { "p_bank", "p_church", "p_family", "p_location", "p_organisation", "p_partner", "p_partner_location", "p_partner_type", "p_person", "p_unit", "p_venue", "p_data_label", "p_data_label_lookup", "p_data_label_lookup_category", "p_data_label_use", "p_data_label_value_partner", }; SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable(); foreach (string table in tables) { SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped(); tableAccessPermissionRow.UserId = newUser.UserId; tableAccessPermissionRow.TableName = table; tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow); } SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, SubmitChangesTransaction); SubmissionOK = true; }); return(true); } return(false); }
public static bool SetUserPassword(string AUsername, string APassword, string AOldPassword, bool APasswordNeedsChanged, out TVerificationResultCollection AVerification) { TDBTransaction Transaction; string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); TVerificationResult VerificationResult; AVerification = new TVerificationResultCollection(); if (!TSharedSysManValidation.CheckPasswordQuality(APassword, out VerificationResult)) { return(false); } if (APasswordNeedsChanged && APassword == AOldPassword) { AVerification = new TVerificationResultCollection(); AVerification.Add(new TVerificationResult("\nPassword check.", Catalog.GetString( "Password not changed as the old password was reused. Please use a new password."), TResultSeverity.Resv_Critical)); return(false); } if (UserAuthenticationMethod == "OpenPetraDBSUser") { TPetraPrincipal tempPrincipal; SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal); if (TUserManagerWebConnector.CreateHashOfPassword(String.Concat(AOldPassword, UserDR.PasswordSalt)) != UserDR.PasswordHash) { AVerification = new TVerificationResultCollection(); AVerification.Add(new TVerificationResult("\nPassword quality check.", String.Format( Catalog.GetString( "Old password entered incorrectly. Password not changed.")), TResultSeverity.Resv_Critical)); return(false); } SUserTable UserTable = (SUserTable)UserDR.Table; UserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword, UserDR.PasswordSalt)); UserDR.PasswordNeedsChange = false; Transaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable); try { SUserAccess.SubmitChanges(UserTable, Transaction); DBAccess.GDBAccessObj.CommitTransaction(); } catch (Exception Exc) { TLogging.Log("An Exception occured during the setting of the User Password:" + Environment.NewLine + Exc.ToString()); DBAccess.GDBAccessObj.RollbackTransaction(); throw; } return(true); } else { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); return(auth.SetPassword(AUsername, APassword, AOldPassword)); } }
public static bool SetUserPassword(string AUsername, string ANewPassword, bool APasswordNeedsChanged, bool AUnretireIfRetired, string AClientComputerName, string AClientIPAddress, out TVerificationResultCollection AVerification) { TVerificationResult VerificationResult; SUserTable UserTable; SUserRow UserDR; string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); bool BogusPasswordChangeAttempt = false; AVerification = new TVerificationResultCollection(); // Password quality check if (!TSharedSysManValidation.CheckPasswordQuality(ANewPassword, out VerificationResult)) { AVerification.Add(VerificationResult); return(false); } if (UserAuthenticationMethod == "OpenPetraDBSUser") { TDBTransaction SubmitChangesTransaction = null; bool SubmissionResult = false; TPetraPrincipal tempPrincipal; DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionResult, delegate { try { UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal, SubmitChangesTransaction); } catch (EUserNotExistantException) { // Because this cannot happen when a password change gets effected through normal OpenPetra // operation this is treated as a bogus operation that an attacker launches! BogusPasswordChangeAttempt = true; // Logging TUserAccountActivityLog.AddUserAccountActivityLogEntry(AUsername, TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_ATTEMPT_BY_SYSADMIN_FOR_NONEXISTING_USER, String.Format(Catalog.GetString( "A system administrator, {0}, made an attempt to change a User's password for UserID {1} " + "but that user doesn't exist! "), UserInfo.GUserInfo.UserID, AUsername) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), SubmitChangesTransaction); SubmissionResult = true; // Need to set this so that the DB Transaction gets committed! // Simulate that time is spent on 'authenticating' a user (although the user doesn't exist)...! Reason for that: see Method // SimulatePasswordAuthenticationForNonExistingUser! TUserManagerWebConnector.SimulatePasswordAuthenticationForNonExistingUser(); return; } UserTable = (SUserTable)UserDR.Table; // Note: We are on purpose NOT checking here whether the new password is the same as the existing // password (which would be done by calling the IsNewPasswordSameAsExistingPassword Method) because // if we would do that then the SYSADMIN could try to find out what the password of a user is by // seeing if (s)he would get a message that the new password must be different from the old password...! SetNewPasswordHashAndSaltForUser(UserDR, ANewPassword, AClientComputerName, AClientIPAddress, SubmitChangesTransaction); UserDR.PasswordNeedsChange = APasswordNeedsChanged; // 'Unretire' the user if the user has been previously 'retired' and also 'unlock' the User Account if // it has previously been locked if (AUnretireIfRetired) { UserDR.Retired = false; UserDR.AccountLocked = false; } try { SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction); TUserAccountActivityLog.AddUserAccountActivityLogEntry(UserDR.UserId, TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_BY_SYSADMIN, String.Format(Catalog.GetString( "The password of user {0} got changed by user {1} (the latter user has got SYSADMIN " + "privileges). "), UserDR.UserId, UserInfo.GUserInfo.UserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), SubmitChangesTransaction); } catch (Exception Exc) { TLogging.Log("An Exception occured during the saving of the new User Password by the SYSADMIN:" + Environment.NewLine + Exc.ToString()); throw; } SubmissionResult = true; }); return(!BogusPasswordChangeAttempt); } else { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); return(auth.SetPassword(AUsername, ANewPassword)); } }
public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName, string AModulePermissions, string AClientComputerName, string AClientIPAddress, TDBTransaction ATransaction = null) { TDataBase DBConnectionObj = DBAccess.GetDBAccessObj(ATransaction); TDBTransaction ReadWriteTransaction = null; bool SeparateDBConnectionEstablished = false; bool NewTransaction; bool SubmissionOK = false; // TODO: check permissions. is the current user allowed to create other users? SUserTable userTable = new SUserTable(); SUserRow newUser = userTable.NewRowTyped(); newUser.UserId = AUsername; newUser.FirstName = AFirstName; newUser.LastName = AFamilyName; if (AUsername.Contains("@")) { newUser.EmailAddress = AUsername; newUser.UserId = AUsername.Substring(0, AUsername.IndexOf("@")). Replace(".", string.Empty). Replace("_", string.Empty).ToUpper(); } if (DBConnectionObj == null) { // ATransaction was null and GDBAccess is also null: we need to establish a DB Connection manually here! DBConnectionObj = DBAccess.SimpleEstablishDBConnection("CreateUser"); SeparateDBConnectionEstablished = true; } ReadWriteTransaction = DBConnectionObj.GetNewOrExistingTransaction( IsolationLevel.Serializable, out NewTransaction, "CreateUser"); try { // Check whether the user that we are asked to create already exists if (SUserAccess.Exists(newUser.UserId, ReadWriteTransaction)) { TLogging.Log("Cannot create new user because a user with User Name '" + newUser.UserId + "' already exists!"); return(false); } newUser.PwdSchemeVersion = TPasswordHelper.CurrentPasswordSchemeNumber; userTable.Rows.Add(newUser); string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); if (UserAuthenticationMethod == "OpenPetraDBSUser") { if (APassword.Length > 0) { SetNewPasswordHashAndSaltForUser(newUser, APassword, AClientComputerName, AClientIPAddress, ReadWriteTransaction); if (AModulePermissions != TMaintenanceWebConnector.DEMOMODULEPERMISSIONS) { newUser.PasswordNeedsChange = true; } } } else { try { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName)) { newUser = null; } } catch (Exception e) { TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString()); return(false); } } if (newUser != null) { SUserAccess.SubmitChanges(userTable, ReadWriteTransaction); List <string> modules = new List <string>(); if (AModulePermissions == DEMOMODULEPERMISSIONS) { modules.Add("PTNRUSER"); modules.Add("FINANCE-1"); ALedgerTable theLedgers = ALedgerAccess.LoadAll(ReadWriteTransaction); foreach (ALedgerRow ledger in theLedgers.Rows) { modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000")); } } else { string[] modulePermissions = AModulePermissions.Split(new char[] { ',' }); foreach (string s in modulePermissions) { if (s.Trim().Length > 0) { modules.Add(s.Trim()); } } } SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable(); foreach (string module in modules) { SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped(); moduleAccessPermissionRow.UserId = newUser.UserId; moduleAccessPermissionRow.ModuleId = module; moduleAccessPermissionRow.CanAccess = true; moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow); } SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, ReadWriteTransaction); // TODO: table permissions should be set by the module list // TODO: add p_data_label... tables here so user can generally have access string[] tables = new string[] { "p_bank", "p_church", "p_family", "p_location", "p_organisation", "p_partner", "p_partner_location", "p_partner_type", "p_person", "p_unit", "p_venue", "p_data_label", "p_data_label_lookup", "p_data_label_lookup_category", "p_data_label_use", "p_data_label_value_partner", }; SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable(); foreach (string table in tables) { SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped(); tableAccessPermissionRow.UserId = newUser.UserId; tableAccessPermissionRow.TableName = table; tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow); } SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, ReadWriteTransaction); TUserAccountActivityLog.AddUserAccountActivityLogEntry(newUser.UserId, TUserAccountActivityLog.USER_ACTIVITY_USER_RECORD_CREATED, String.Format(Catalog.GetString("The user record for the new user {0} got created by user {1}. "), newUser.UserId, UserInfo.GUserInfo.UserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), ReadWriteTransaction); SubmissionOK = true; return(true); } } finally { if (NewTransaction) { if (SubmissionOK) { ReadWriteTransaction.DataBaseObj.CommitTransaction(); } else { ReadWriteTransaction.DataBaseObj.RollbackTransaction(); } if (SeparateDBConnectionEstablished) { DBConnectionObj.CloseDBConnection(); } } } return(false); }
public static bool SetUserPassword(string AUserID, string ANewPassword, string ACurrentPassword, bool APasswordNeedsChanged, string AClientComputerName, string AClientIPAddress, out TVerificationResultCollection AVerification) { string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); TVerificationResult VerificationResult; TVerificationResultCollection VerificationResultColl = null; SUserRow UserDR = null; SUserTable UserTable = null; bool BogusPasswordChangeAttempt = false; AVerification = new TVerificationResultCollection(); // Security check: Is the user that is performing the password change request the current user? if (AUserID != UserInfo.GUserInfo.UserID) { throw new EOPAppException( "The setting of a User's Password must only be done by the user itself, but this isn't the case here and therefore the request gets denied"); } // Password quality check if (!TSharedSysManValidation.CheckPasswordQuality(ANewPassword, out VerificationResult)) { AVerification.Add(VerificationResult); return(false); } if (UserAuthenticationMethod == "OpenPetraDBSUser") { TPetraPrincipal tempPrincipal; TDBTransaction SubmitChangesTransaction = null; bool SubmissionResult = false; DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionResult, delegate { try { UserDR = TUserManagerWebConnector.LoadUser(AUserID.ToUpper(), out tempPrincipal, SubmitChangesTransaction); } catch (EUserNotExistantException) { // Because this cannot happen when a password change gets effected through normal OpenPetra // operation this is treated as a bogus operation that an attacker launches! BogusPasswordChangeAttempt = true; // Logging TUserAccountActivityLog.AddUserAccountActivityLogEntry(AUserID, TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_ATTEMPT_BY_USER_FOR_NONEXISTING_USER, String.Format(Catalog.GetString( "User {0} tried to make an attempt to change a User's password for UserID {1} " + "but that user doesn't exist! "), UserInfo.GUserInfo.UserID, AUserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), SubmitChangesTransaction); SubmissionResult = true; // Need to set this so that the DB Transaction gets committed! // Simulate that time is spent on 'authenticating' a user (although the user doesn't exist)...! Reason for that: see Method // SimulatePasswordAuthenticationForNonExistingUser! TUserManagerWebConnector.SimulatePasswordAuthenticationForNonExistingUser(); return; } UserTable = (SUserTable)UserDR.Table; // Security check: Is the supplied current password correct? if (TUserManagerWebConnector.CreateHashOfPassword(ACurrentPassword, UserDR.PasswordSalt, UserDR.PwdSchemeVersion) != UserDR.PasswordHash) { VerificationResultColl = new TVerificationResultCollection(); VerificationResultColl.Add(new TVerificationResult("Password Verification", Catalog.GetString( "The current password was entered incorrectly! The password did not get changed."), TResultSeverity.Resv_Critical)); try { SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction); TUserAccountActivityLog.AddUserAccountActivityLogEntry(UserDR.UserId, TUserAccountActivityLog.USER_ACTIVITY_PWD_WRONG_WHILE_PWD_CHANGE, String.Format(Catalog.GetString( "User {0} supplied the wrong current password while attempting to change " + "his/her password! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), UserInfo.GUserInfo.UserID), SubmitChangesTransaction); SubmissionResult = true; } catch (Exception Exc) { TLogging.Log(String.Format( "An Exception occured during the changing of the User Password by user '{0}' (Situation 1):", AUserID) + Environment.NewLine + Exc.ToString()); throw; } } }); if (BogusPasswordChangeAttempt) { // Note: VerificationResultColl will be null in this case because we don't want to disclose to an attackeer // why the password change attempt was denied!!! return(false); } if (VerificationResultColl != null) { AVerification = VerificationResultColl; return(false); } // Security check: Is the supplied new password the same than the current password? if (IsNewPasswordSameAsExistingPassword(ANewPassword, UserDR, out VerificationResult)) { AVerification.Add(VerificationResult); return(false); } // // All checks passed: We go aheand and change the user's password! // SetNewPasswordHashAndSaltForUser(UserDR, ANewPassword, AClientComputerName, AClientIPAddress, SubmitChangesTransaction); UserDR.PasswordNeedsChange = false; DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionResult, delegate { try { SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction); TUserAccountActivityLog.AddUserAccountActivityLogEntry(UserDR.UserId, (APasswordNeedsChanged ? TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_BY_USER_ENFORCED : TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_BY_USER), String.Format(Catalog.GetString("User {0} changed his/her password{1}"), UserInfo.GUserInfo.UserID, (APasswordNeedsChanged ? Catalog.GetString(" (enforced password change.) ") : ". ")) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), SubmitChangesTransaction); SubmissionResult = true; } catch (Exception Exc) { TLogging.Log(String.Format("An Exception occured during the changing of the User Password by user '{0}' (Situation 2):", AUserID) + Environment.NewLine + Exc.ToString()); throw; } }); return(true); } else { IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod); return(auth.SetPassword(AUserID, ANewPassword, ACurrentPassword)); } }