public void AlterUser(UserInfo userInfo, string identifier) { var userName = userInfo.Name; var userExpr = SqlExpression.Constant(DataObject.String(userName)); // Delete the current username from the 'password' table var table = QueryContext.GetMutableTable(SystemSchema.PasswordTableName); var c1 = table.GetResolvedColumnName(0); var t = table.SimpleSelect(QueryContext, c1, SqlExpressionType.Equal, userExpr); if (t.RowCount != 1) throw new SecurityException(String.Format("User '{0}' was not found.", userName)); table.Delete(t); // TODO: get the hash algorithm and hash ... var method = userInfo.Identification.Method; var methodArgs = SerializeArguments(userInfo.Identification.Arguments); if (method != "plain") throw new NotImplementedException("Only mechanism implemented right now is plain text (it sucks!)"); // Add the new username table = QueryContext.GetMutableTable(SystemSchema.PasswordTableName); var row = table.NewRow(); row.SetValue(0, userName); row.SetValue(1, method); row.SetValue(2, methodArgs); row.SetValue(3, identifier); table.AddRow(row); }
private static void CreatePublicUser(IQuery query) { var userName = User.PublicName; var userId = new UserIdentification(KnownUserIdentifications.ClearText, "###"); var userInfo = new UserInfo(userName, userId); query.Access().CreateUser(userInfo); }
public static void AlterUserPassword(this IQueryContext queryContext, string username, string password) { if (!queryContext.UserCanAlterUser(username)) throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(username), Privileges.Alter); var userId = UserIdentification.PlainText; var userInfo = new UserInfo(username, userId); queryContext.ForSystemUser().UserManager().AlterUser(userInfo, password); }
public void CreateUser(UserInfo userInfo, string identifier) { if (userInfo == null) throw new ArgumentNullException("userInfo"); if (String.IsNullOrEmpty(identifier)) throw new ArgumentNullException("identifier"); // TODO: make these rules configurable? var userName = userInfo.Name; if (UserExists(userName)) throw new SecurityException(String.Format("User '{0}' is already registered.", userName)); // Add to the key 'user' table var table = QueryContext.GetMutableTable(SystemSchema.UserTableName); var row = table.NewRow(); row[0] = DataObject.String(userName); table.AddRow(row); var method = userInfo.Identification.Method; var methodArgs = SerializeArguments(userInfo.Identification.Arguments); if (method != "plain") throw new NotImplementedException("Only mechanism implemented right now is plain text (it sucks!)"); table = QueryContext.GetMutableTable(SystemSchema.PasswordTableName); row = table.NewRow(); row.SetValue(0, userName); row.SetValue(1, method); row.SetValue(2, methodArgs); row.SetValue(3, identifier); table.AddRow(row); }
public static User CreateUser(this IQueryContext context, string userName, string password) { if (String.IsNullOrEmpty(userName)) throw new ArgumentNullException("userName"); if (String.IsNullOrEmpty(password)) throw new ArgumentNullException("password"); if (!context.UserCanCreateUsers()) throw new MissingPrivilegesException(userName, new ObjectName(userName), Privileges.Create, String.Format("User '{0}' cannot create users.", context.UserName())); if (String.Equals(userName, User.PublicName, StringComparison.OrdinalIgnoreCase)) throw new ArgumentException( String.Format("User name '{0}' is reserved and cannot be registered.", User.PublicName), "userName"); if (userName.Length <= 1) throw new ArgumentException("User name must be at least one character."); if (password.Length <= 1) throw new ArgumentException("The password must be at least one character."); var c = userName[0]; if (c == '#' || c == '@' || c == '$' || c == '&') throw new ArgumentException( String.Format("User name '{0}' is invalid: cannot start with '{1}' character.", userName, c), "userName"); var userId = UserIdentification.PlainText; var userInfo = new UserInfo(userName, userId); context.ForSystemUser().UserManager().CreateUser(userInfo, password); return new User(context, userName); }
public static void CreatePublicUser(this IQueryContext context) { if (!context.User().IsSystem) throw new InvalidOperationException("The @PUBLIC user can be created only by the SYSTEM"); var userName = User.PublicName; var userId = UserIdentification.PlainText; var userInfo = new UserInfo(userName, userId); context.ForSystemUser().UserManager().CreateUser(userInfo, "####"); }
public void CreateUser(UserInfo userInfo) { if (userInfo == null) throw new ArgumentNullException("userInfo"); // TODO: make these rules configurable? var userName = userInfo.Name; if (UserExists(userName)) throw new SecurityException(String.Format("User '{0}' is already registered.", userName)); using (var query = Session.CreateQuery()) { // Add to the key 'user' table var table = query.Access().GetMutableTable(UserTableName); var row = table.NewRow(); row[0] = Field.String(userName); table.AddRow(row); var method = userInfo.Identification.Method; var methodArgs = SerializeArguments(userInfo.Identification.Arguments); var token = userInfo.Identification.Token; table = query.Access().GetMutableTable(PasswordTableName); row = table.NewRow(); row.SetValue(0, userName); row.SetValue(1, method); row.SetValue(2, methodArgs); row.SetValue(3, token); table.AddRow(row); } }
public void AlterUser(UserInfo userInfo) { using (var query = Session.CreateQuery()) { var userName = userInfo.Name; var userExpr = SqlExpression.Constant(Field.String(userName)); // Delete the current username from the 'password' table var table = query.Access().GetMutableTable(PasswordTableName); var c1 = table.GetResolvedColumnName(0); var t = table.SimpleSelect(query, c1, SqlExpressionType.Equal, userExpr); if (t.RowCount != 1) throw new SecurityException(String.Format("User '{0}' was not found.", userName)); table.Delete(t); // TODO: get the hash algorithm and hash ... var method = userInfo.Identification.Method; var methodArgs = SerializeArguments(userInfo.Identification.Arguments); var token = userInfo.Identification.Token; // Add the new username table = query.Access().GetMutableTable(PasswordTableName); var row = table.NewRow(); row.SetValue(0, userName); row.SetValue(1, method); row.SetValue(2, methodArgs); row.SetValue(3, token); table.AddRow(row); } }