public void AlterUser(UserInfo userInfo, string identifier)
{
var userName = userInfo.Name;
var userExpr = SqlExpression.Constant(DataObject.String(userName));
// Delete the current username from the 'password' table
var table = QueryContext.GetMutableTable(SystemSchema.PasswordTableName);
var c1 = table.GetResolvedColumnName(0);
var t = table.SimpleSelect(QueryContext, c1, SqlExpressionType.Equal, userExpr);
if (t.RowCount != 1)
throw new SecurityException(String.Format("User '{0}' was not found.", userName));
table.Delete(t);
// TODO: get the hash algorithm and hash ...
var method = userInfo.Identification.Method;
var methodArgs = SerializeArguments(userInfo.Identification.Arguments);
if (method != "plain")
throw new NotImplementedException("Only mechanism implemented right now is plain text (it sucks!)");
// Add the new username
table = QueryContext.GetMutableTable(SystemSchema.PasswordTableName);
var row = table.NewRow();
row.SetValue(0, userName);
row.SetValue(1, method);
row.SetValue(2, methodArgs);
row.SetValue(3, identifier);
table.AddRow(row);
}
private static void CreatePublicUser(IQuery query)
{
var userName = User.PublicName;
var userId = new UserIdentification(KnownUserIdentifications.ClearText, "###");
var userInfo = new UserInfo(userName, userId);
query.Access().CreateUser(userInfo);
}
public static void AlterUserPassword(this IQueryContext queryContext, string username, string password)
{
if (!queryContext.UserCanAlterUser(username))
throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(username), Privileges.Alter);
var userId = UserIdentification.PlainText;
var userInfo = new UserInfo(username, userId);
queryContext.ForSystemUser().UserManager().AlterUser(userInfo, password);
}
public void CreateUser(UserInfo userInfo, string identifier)
{
if (userInfo == null)
throw new ArgumentNullException("userInfo");
if (String.IsNullOrEmpty(identifier))
throw new ArgumentNullException("identifier");
// TODO: make these rules configurable?
var userName = userInfo.Name;
if (UserExists(userName))
throw new SecurityException(String.Format("User '{0}' is already registered.", userName));
// Add to the key 'user' table
var table = QueryContext.GetMutableTable(SystemSchema.UserTableName);
var row = table.NewRow();
row[0] = DataObject.String(userName);
table.AddRow(row);
var method = userInfo.Identification.Method;
var methodArgs = SerializeArguments(userInfo.Identification.Arguments);
if (method != "plain")
throw new NotImplementedException("Only mechanism implemented right now is plain text (it sucks!)");
table = QueryContext.GetMutableTable(SystemSchema.PasswordTableName);
row = table.NewRow();
row.SetValue(0, userName);
row.SetValue(1, method);
row.SetValue(2, methodArgs);
row.SetValue(3, identifier);
table.AddRow(row);
}
public static User CreateUser(this IQueryContext context, string userName, string password)
{
if (String.IsNullOrEmpty(userName))
throw new ArgumentNullException("userName");
if (String.IsNullOrEmpty(password))
throw new ArgumentNullException("password");
if (!context.UserCanCreateUsers())
throw new MissingPrivilegesException(userName, new ObjectName(userName), Privileges.Create,
String.Format("User '{0}' cannot create users.", context.UserName()));
if (String.Equals(userName, User.PublicName, StringComparison.OrdinalIgnoreCase))
throw new ArgumentException(
String.Format("User name '{0}' is reserved and cannot be registered.", User.PublicName), "userName");
if (userName.Length <= 1)
throw new ArgumentException("User name must be at least one character.");
if (password.Length <= 1)
throw new ArgumentException("The password must be at least one character.");
var c = userName[0];
if (c == '#' || c == '@' || c == '$' || c == '&')
throw new ArgumentException(
String.Format("User name '{0}' is invalid: cannot start with '{1}' character.", userName, c), "userName");
var userId = UserIdentification.PlainText;
var userInfo = new UserInfo(userName, userId);
context.ForSystemUser().UserManager().CreateUser(userInfo, password);
return new User(context, userName);
}
public static void CreatePublicUser(this IQueryContext context)
{
if (!context.User().IsSystem)
throw new InvalidOperationException("The @PUBLIC user can be created only by the SYSTEM");
var userName = User.PublicName;
var userId = UserIdentification.PlainText;
var userInfo = new UserInfo(userName, userId);
context.ForSystemUser().UserManager().CreateUser(userInfo, "####");
}
public void CreateUser(UserInfo userInfo)
{
if (userInfo == null)
throw new ArgumentNullException("userInfo");
// TODO: make these rules configurable?
var userName = userInfo.Name;
if (UserExists(userName))
throw new SecurityException(String.Format("User '{0}' is already registered.", userName));
using (var query = Session.CreateQuery()) {
// Add to the key 'user' table
var table = query.Access().GetMutableTable(UserTableName);
var row = table.NewRow();
row[0] = Field.String(userName);
table.AddRow(row);
var method = userInfo.Identification.Method;
var methodArgs = SerializeArguments(userInfo.Identification.Arguments);
var token = userInfo.Identification.Token;
table = query.Access().GetMutableTable(PasswordTableName);
row = table.NewRow();
row.SetValue(0, userName);
row.SetValue(1, method);
row.SetValue(2, methodArgs);
row.SetValue(3, token);
table.AddRow(row);
}
}
public void AlterUser(UserInfo userInfo)
{
using (var query = Session.CreateQuery()) {
var userName = userInfo.Name;
var userExpr = SqlExpression.Constant(Field.String(userName));
// Delete the current username from the 'password' table
var table = query.Access().GetMutableTable(PasswordTableName);
var c1 = table.GetResolvedColumnName(0);
var t = table.SimpleSelect(query, c1, SqlExpressionType.Equal, userExpr);
if (t.RowCount != 1)
throw new SecurityException(String.Format("User '{0}' was not found.", userName));
table.Delete(t);
// TODO: get the hash algorithm and hash ...
var method = userInfo.Identification.Method;
var methodArgs = SerializeArguments(userInfo.Identification.Arguments);
var token = userInfo.Identification.Token;
// Add the new username
table = query.Access().GetMutableTable(PasswordTableName);
var row = table.NewRow();
row.SetValue(0, userName);
row.SetValue(1, method);
row.SetValue(2, methodArgs);
row.SetValue(3, token);
table.AddRow(row);
}
}
