public string SetNewPassword(string AUserID, string AToken, string ANewPassword) { TVerificationResultCollection VerificationResult; bool Result = TMaintenanceWebConnector.SetNewPassword(AUserID, AToken, ANewPassword, out VerificationResult); return("{" + "\"AVerificationResult\": " + THttpBinarySerializer.SerializeObject(VerificationResult) + "," + "\"result\": " + THttpBinarySerializer.SerializeObject(Result) + "}"); }
public string GetNavigationMenu() { Dictionary <string, object> result = new Dictionary <string, object>(); if (UserInfo.GetUserInfo() == null) { result.Add("resultcode", "error"); result.Add("error", "invalid user"); return(JsonConvert.SerializeObject(result)); } result.Add("resultcode", "success"); result.Add("navigation", new TUINavigation().LoadNavigationUI()); string assistant = String.Empty; if (assistant == String.Empty) { assistant = TSettingsWebConnector.GetSetupAssistant(); } if (assistant == String.Empty) { assistant = TMaintenanceWebConnector.GetSelfServiceAssistant(); } if (assistant == String.Empty) { assistant = TGLSetupWebConnector.GetLedgerSetupAssistant(); } result.Add("assistant", assistant); return(JsonConvert.SerializeObject(result)); }
/// <summary> /// add a new user /// </summary> public bool AddUser(string AUserID, string APassword = "") { return(TMaintenanceWebConnector.CreateUser(AUserID, APassword, string.Empty, string.Empty, TMaintenanceWebConnector.DEMOMODULEPERMISSIONS)); }
public string SetNewPassword(string AUserID, string AToken, string ANewPassword) { // make sure we are logged out. especially SYSADMIN could be logged in when a new user is created. Logout(); TVerificationResultCollection VerificationResult; bool Result = TMaintenanceWebConnector.SetNewPassword(AUserID, AToken, ANewPassword, out VerificationResult); return("{" + "\"AVerificationResult\": " + THttpBinarySerializer.SerializeObject(VerificationResult) + "," + "\"result\": " + THttpBinarySerializer.SerializeObject(Result) + "}"); }
public bool SetInitialSysadminEmail(string AEmailAddress, string AFirstName, string ALastName, string ALanguageCode, string AAuthToken) { string requiredToken = TAppSettingsManager.GetValue("AuthTokenForInitialisation"); if ((AAuthToken != requiredToken) || (requiredToken == String.Empty)) { return(false); } if (TMaintenanceWebConnector.SetInitialSysadminEmail(AEmailAddress, AFirstName, ALastName, ALanguageCode)) { return(RequestNewPassword(AEmailAddress)); } return(false); }
public bool SignUpSelfServiceConfirm(string AUserID, string AToken) { try { TServerAdminWebConnector.LoginServerAdmin("SELFSERVICE"); bool Result = TMaintenanceWebConnector.SignUpSelfServiceConfirm(AUserID, AToken); Logout(); return(Result); } catch (Exception Exc) { TLogging.Log("An Exception occured during SignUpSelfServiceConfirm:" + Environment.NewLine + Exc.ToString()); throw; } }
public string IsUserLoggedIn() { Dictionary <string, object> result = new Dictionary <string, object>(); object loggedIn = TSession.GetVariable("LoggedIn"); if ((null != loggedIn) && ((bool)loggedIn == true)) { result.Add("resultcode", "success"); } else { result.Add("selfsignupEnabled", TMaintenanceWebConnector.SignUpSelfServiceEnabled()?"true":"false"); result.Add("resultcode", "error"); } return(JsonConvert.SerializeObject(result)); }
public string SignUpSelfService(string AEmailAddress, string AFirstName, string ALastName, string APassword, string ALanguageCode, out TVerificationResultCollection AVerification) { AVerification = new TVerificationResultCollection(); try { TServerAdminWebConnector.LoginServerAdmin("SELFSERVICE"); bool Result = TMaintenanceWebConnector.SignUpSelfService(AEmailAddress, AFirstName, ALastName, APassword, ALanguageCode, out AVerification); Logout(); return("{" + "\"AVerification\": " + THttpBinarySerializer.SerializeObject(AVerification) + "," + "\"result\": " + THttpBinarySerializer.SerializeObject(Result) + "}"); } catch (Exception Exc) { TLogging.Log("An Exception occured during SignUpSelfService:" + Environment.NewLine + Exc.ToString()); throw; } }
public bool RequestNewPassword(string AEmailAddress) { return(TMaintenanceWebConnector.RequestNewPassword(AEmailAddress)); }
public bool SetInitialSysadminEmail(string AEmailAddress, string AFirstName, string ALastName, string ALanguageCode, string AAuthToken) { bool result = true; string requiredToken = TAppSettingsManager.GetValue("AuthTokenForInitialisation"); if ((AAuthToken != requiredToken) || (requiredToken == String.Empty)) { return(false); } string UserEmailAddress = String.Empty; string UserID = String.Empty; UserInfo.SetUserInfo(new TPetraPrincipal("SYSADMIN")); if (TMaintenanceWebConnector.SetInitialSysadminEmail(AEmailAddress, AFirstName, ALastName, ALanguageCode)) { // create unprivileged user as well if (AEmailAddress.Contains("+sysadmin@")) { string InitialModulePermissions; Int64 SiteKey; string InitialPassword; string FirstName; string LastName; string LanguageCode; result = TSettingsWebConnector.GetDefaultsForFirstSetup( ALanguageCode, out UserID, out FirstName, out LastName, out LanguageCode, out UserEmailAddress, out InitialModulePermissions, out InitialPassword, out SiteKey); if (result) { TVerificationResultCollection VerificationResult; result = TSettingsWebConnector.RunFirstSetup( UserID, FirstName, LastName, LanguageCode, UserEmailAddress, InitialModulePermissions.Split(',').ToList(), "", SiteKey, false, out VerificationResult); } } if (result) { return(TMaintenanceWebConnector.SendWelcomeEmail(AEmailAddress, UserEmailAddress, UserID, AFirstName, ALastName, ALanguageCode)); } } return(false); }
/// <summary> /// Set the password /// </summary> /// <remarks>Gets called from TServerManager.SetPassword() Method, which is used to /// set the initial password for SYSADMIN.</remarks> public bool SetPassword(string AUserID, string APassword) { TVerificationResultCollection VerificationResult; return(TMaintenanceWebConnector.SetUserPassword(AUserID, APassword, true, true, string.Empty, string.Empty, out VerificationResult)); }
public static TPetraPrincipal PerformUserAuthentication(String AUserID, String APassword, string AClientComputerName, string AClientIPAddress, out Boolean ASystemEnabled, TDBTransaction ATransaction) { SUserRow UserDR; DateTime LoginDateTime; TPetraPrincipal PetraPrincipal = null; string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); IUserAuthentication AuthenticationAssembly; string AuthAssemblyErrorMessage; Int32 AProcessID = -1; ASystemEnabled = true; string EmailAddress = AUserID; if (EmailAddress.Contains("@")) { // try to find unique User for this e-mail address string sql = "SELECT s_user_id_c FROM PUB_s_user WHERE UPPER(s_email_address_c) = ?"; OdbcParameter[] parameters = new OdbcParameter[1]; parameters[0] = new OdbcParameter("EmailAddress", OdbcType.VarChar); parameters[0].Value = EmailAddress.ToUpper(); DataTable result = ATransaction.DataBaseObj.SelectDT(sql, "user", ATransaction, parameters); if (result.Rows.Count == 1) { AUserID = result.Rows[0][0].ToString(); } else { TLogging.Log("Login with E-Mail address failed for " + EmailAddress + ". " + "We found " + result.Rows.Count.ToString() + " matching rows for this address."); } } try { UserDR = LoadUser(AUserID, out PetraPrincipal, ATransaction); } catch (EUserNotExistantException) { TPetraIdentity PetraIdentity = new TPetraIdentity( "SYSADMIN", "", "", "", "", DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, 0, -1, -1, false, false, false); UserInfo.GUserInfo = new TPetraPrincipal(PetraIdentity, null); // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_NONEXISTING_USER, String.Format(Catalog.GetString( "User with User ID '{0}' attempted to log in, but there is no user account for this user! "), AUserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw; } UserInfo.GUserInfo = PetraPrincipal; if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // Login via server admin console authenticated by file token APassword = String.Empty; } // // (1) Check user-supplied password // else if (UserAuthenticationMethod == "OpenPetraDBSUser") { if (!TPasswordHelper.EqualsAntiTimingAttack( Convert.FromBase64String( CreateHashOfPassword(APassword, UserDR.PasswordSalt, UserDR.PwdSchemeVersion)), Convert.FromBase64String(UserDR.PasswordHash))) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(StrInvalidUserIDPassword); } } } else { AuthenticationAssembly = LoadAuthAssembly(UserAuthenticationMethod); if (!AuthenticationAssembly.AuthenticateUser(EmailAddress, APassword, out AuthAssemblyErrorMessage)) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(AuthAssemblyErrorMessage); } } } // // (2) Check if the User Account is Locked or if the user is 'Retired'. If either is true then deny the login!!! // // IMPORTANT: We perform these checks only AFTER the check for the correctness of the password so that every // log-in attempt that gets rejected on grounds of a wrong password takes the same amount of time (to help prevent // an attack vector called 'timing attack') if (PetraPrincipal.PetraIdentity.AccountLocked || PetraPrincipal.PetraIdentity.Retired) { if (PetraPrincipal.PetraIdentity.AccountLocked) { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_LOCKED_USER, Catalog.GetString("User attempted to log in, but the user account was locked! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserAccountLockedException(StrInvalidUserIDPassword); } else { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_RETIRED_USER, Catalog.GetString("User attempted to log in, but the user is retired! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserRetiredException(StrInvalidUserIDPassword); } } // // (3) Check SystemLoginStatus (whether the general use of the OpenPetra application is enabled/disabled) in the // SystemStatus table (this table always holds only a single record) // SSystemStatusTable SystemStatusDT; SystemStatusDT = SSystemStatusAccess.LoadAll(ATransaction); if (SystemStatusDT[0].SystemLoginStatus) { ASystemEnabled = true; } else { ASystemEnabled = false; // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { PetraPrincipal.LoginMessage = String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + StrSystemDisabled2Admin; } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_WHEN_SYSTEM_WAS_DISABLED, Catalog.GetString("User wanted to log in, but the System was disabled. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); TLoginLog.RecordUserLogout(AUserID, AProcessID, ATransaction); throw new ESystemDisabledException(String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + String.Format(StrSystemDisabled2, StringHelper.DateToLocalizedString(SystemStatusDT[0].SystemAvailableDate.Value), SystemStatusDT[0].SystemAvailableDate.Value.AddSeconds(SystemStatusDT[0].SystemAvailableTime).ToShortTimeString())); } } // // (4) Save successful login! // LoginDateTime = DateTime.Now; UserDR.LastLoginDate = LoginDateTime; UserDR.LastLoginTime = Conversions.DateTimeToInt32Time(LoginDateTime); UserDR.FailedLogins = 0; // this needs resetting! // Upgrade the user's password hashing scheme if it is older than the current password hashing scheme if (APassword != String.Empty && UserDR.PwdSchemeVersion < TPasswordHelper.CurrentPasswordSchemeNumber) { TMaintenanceWebConnector.SetNewPasswordHashAndSaltForUser(UserDR, APassword, AClientComputerName, AClientIPAddress, ATransaction); } SaveUser(AUserID, (SUserTable)UserDR.Table, ATransaction); PetraPrincipal.PetraIdentity.CurrentLogin = LoginDateTime; //PetraPrincipal.PetraIdentity.FailedLogins = 0; // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL_SYSADMIN, Catalog.GetString("User login - SYSADMIN privileges. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL, Catalog.GetString("User login. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } PetraPrincipal.ProcessID = AProcessID; AProcessID = 0; // // (5) Check if a password change is requested for this user // if (UserDR.PasswordNeedsChange) { // The user needs to change their password before they can use OpenPetra PetraPrincipal.LoginMessage = SharedConstants.LOGINMUSTCHANGEPASSWORD; } return(PetraPrincipal); }
/// <summary> /// Lock the SYSADMIN user /// </summary> /// <remarks>Gets called from TServerManager.LockSysadmin() Method, which is used to /// lock the SYSADMIN user while the instance is not assigned to a customer yet.</remarks> public bool LockSysadmin() { return(TMaintenanceWebConnector.LockSysadmin()); }
public static bool PerformUserAuthentication(String AUserID, String APassword, string AClientComputerName, string AClientIPAddress, out Boolean ASystemEnabled, TDBTransaction ATransaction) { SUserRow UserDR; DateTime LoginDateTime; TPetraPrincipal PetraPrincipal = null; string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); IUserAuthentication AuthenticationAssembly; string AuthAssemblyErrorMessage; Int32 AProcessID = -1; ASystemEnabled = true; CheckDatabaseVersion(ATransaction.DataBaseObj); string EmailAddress = AUserID; try { UserDR = LoadUser(AUserID, out PetraPrincipal, ATransaction); } catch (EUserNotExistantException) { // pass ATransaction UserInfo.SetUserInfo(new TPetraPrincipal("SYSADMIN")); // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_NONEXISTING_USER, String.Format(Catalog.GetString( "User with User ID '{0}' attempted to log in, but there is no user account for this user! "), AUserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw; } // pass ATransaction UserInfo.SetUserInfo(PetraPrincipal); if (AUserID == "SELFSERVICE") { APassword = String.Empty; } else if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // Login via server admin console authenticated by file token APassword = String.Empty; } // // (1) Check user-supplied password // else if (UserAuthenticationMethod == "OpenPetraDBSUser") { if (!TPasswordHelper.EqualsAntiTimingAttack( Convert.FromBase64String( CreateHashOfPassword(APassword, UserDR.PasswordSalt, UserDR.PwdSchemeVersion)), Convert.FromBase64String(UserDR.PasswordHash))) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(StrInvalidUserIDPassword); } } } else { AuthenticationAssembly = LoadAuthAssembly(UserAuthenticationMethod); if (!AuthenticationAssembly.AuthenticateUser(EmailAddress, APassword, out AuthAssemblyErrorMessage)) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(AuthAssemblyErrorMessage); } } } // // (2) Check if the User Account is Locked or if the user is 'Retired'. If either is true then deny the login!!! // // IMPORTANT: We perform these checks only AFTER the check for the correctness of the password so that every // log-in attempt that gets rejected on grounds of a wrong password takes the same amount of time (to help prevent // an attack vector called 'timing attack') if (UserDR.AccountLocked || UserDR.Retired) { if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // this is ok. we need to be able to activate the sysadmin account on SetInitialSysadminEmail } else if (UserDR.AccountLocked) { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_LOCKED_USER, Catalog.GetString("User attempted to log in, but the user account was locked! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserAccountLockedException(StrInvalidUserIDPassword); } else { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_RETIRED_USER, Catalog.GetString("User attempted to log in, but the user is retired! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserRetiredException(StrInvalidUserIDPassword); } } // // (3) Check SystemLoginStatus (whether the general use of the OpenPetra application is enabled/disabled) in the // SystemStatus table (this table always holds only a single record) // SSystemStatusTable SystemStatusDT; SystemStatusDT = SSystemStatusAccess.LoadAll(ATransaction); if (SystemStatusDT[0].SystemLoginStatus) { ASystemEnabled = true; } else { ASystemEnabled = false; // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { PetraPrincipal.LoginMessage = String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + StrSystemDisabled2Admin; } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_WHEN_SYSTEM_WAS_DISABLED, Catalog.GetString("User wanted to log in, but the System was disabled. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); TLoginLog.RecordUserLogout(AUserID, AProcessID, ATransaction); throw new ESystemDisabledException(String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + String.Format(StrSystemDisabled2, StringHelper.DateToLocalizedString(SystemStatusDT[0].SystemAvailableDate.Value), SystemStatusDT[0].SystemAvailableDate.Value.AddSeconds(SystemStatusDT[0].SystemAvailableTime).ToShortTimeString())); } } // // (3b) Check if the license is valid // string LicenseCheckUrl = TAppSettingsManager.GetValue("LicenseCheck.Url", String.Empty, false); string LicenseUser = TAppSettingsManager.GetValue("Server.DBName"); if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // don't check for the license, since this is called when upgrading the server as well. LicenseCheckUrl = String.Empty; } if ((LicenseCheckUrl != String.Empty) && (LicenseUser != "openpetra")) { string url = LicenseCheckUrl + LicenseUser; string result = THTTPUtils.ReadWebsite(url); bool valid = result.Contains("\"valid\":true"); bool gratis = result.Contains("\"gratis\":true"); if (!valid && !gratis) { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_WHEN_SYSTEM_WAS_DISABLED, Catalog.GetString("User wanted to log in, but the license is expired. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); TLoginLog.RecordUserLogout(AUserID, AProcessID, ATransaction); throw new ELicenseExpiredException("LICENSE_EXPIRED"); } } // // (4) Save successful login! // LoginDateTime = DateTime.Now; UserDR.LastLoginDate = LoginDateTime; UserDR.LastLoginTime = Conversions.DateTimeToInt32Time(LoginDateTime); UserDR.FailedLogins = 0; // this needs resetting! // Upgrade the user's password hashing scheme if it is older than the current password hashing scheme if (APassword != String.Empty && UserDR.PwdSchemeVersion < TPasswordHelper.CurrentPasswordSchemeNumber) { TMaintenanceWebConnector.SetNewPasswordHashAndSaltForUser(UserDR, APassword, AClientComputerName, AClientIPAddress, ATransaction); } SaveUser(AUserID, (SUserTable)UserDR.Table, ATransaction); // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL_SYSADMIN, Catalog.GetString("User login - SYSADMIN privileges. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL, Catalog.GetString("User login. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } PetraPrincipal.ProcessID = AProcessID; AProcessID = 0; // // (5) Check if a password change is requested for this user // if (UserDR.PasswordNeedsChange) { // The user needs to change their password before they can use OpenPetra PetraPrincipal.LoginMessage = SharedConstants.LOGINMUSTCHANGEPASSWORD; } return(true); }
public static bool RunFirstSetup( string AUserID, string AFirstName, string ALastName, string ALanguageCode, string AEmailAddress, List <string> AInitialModulePermissions, string AInitialPassword, Int64 ASiteKey, bool AEnableSelfSignup, out TVerificationResultCollection AVerificationResult) { bool result = true; AVerificationResult = new TVerificationResultCollection(); TVerificationResult VerificationResult = null; TVerificationResultCollection VerificationResultCollection = new TVerificationResultCollection(); if (AInitialPassword != String.Empty) { // check if password is valid, it meets the criteria if (!TSharedSysManValidation.CheckPasswordQuality(AInitialPassword, out VerificationResult)) { AVerificationResult.Add(VerificationResult); return(false); } } result = TMaintenanceWebConnector.SaveUserAndModulePermissions( AUserID, AFirstName, ALastName, AEmailAddress, ALanguageCode, false, false, false, AInitialModulePermissions, 0, out VerificationResultCollection); if (result != false) { TDBTransaction t = new TDBTransaction(); TDataBase db = DBAccess.Connect("RunFirstSetup"); bool SubmitOK = false; db.WriteTransaction(ref t, ref SubmitOK, delegate { if (AInitialPassword != String.Empty) { result = TMaintenanceWebConnector.SetUserPassword(AUserID, AInitialPassword, false, false, String.Empty, String.Empty, out VerificationResultCollection); } else { // TODO send welcoming Email, with link for setting the password } if (result) { TSystemDefaults defaults = new TSystemDefaults(db); defaults.SetSystemDefault(SharedConstants.SYSDEFAULT_SITEKEY, ASiteKey.ToString(), db); defaults.SetSystemDefault(SharedConstants.SYSDEFAULT_SELFSIGNUPENABLED, AEnableSelfSignup.ToString(), db); GLSetupTDS GLMainDS = new GLSetupTDS(); SubmitOK = TGLSetupWebConnector.CreateSite(ref GLMainDS, "Default Site", ASiteKey, t); if (SubmitOK) { GLSetupTDSAccess.SubmitChanges(GLMainDS, db, t); } } }); db.CloseDBConnection(); } if (!result) { if (VerificationResultCollection.HasCriticalErrors) { AVerificationResult = VerificationResultCollection; } else { AVerificationResult.Add(VerificationResult); } } return(result); }