コード例 #1
0
        public override ClaimsPrincipal Authenticate(string resourceName, ClaimsPrincipal incomingPrincipal)
        {
            if (!incomingPrincipal.Identity.IsAuthenticated)
            {
                return(base.Authenticate(resourceName, incomingPrincipal));
            }
            int?id = new Users().GetUserByIdFromUserName(incomingPrincipal.Identity.Name);

            if ((id ?? 0) > 0)
            {
                var             sec          = new LoginSecurity();
                var             authUser     = new Users().GetUserById(id ?? 0);
                UserSettingData userSettings = new Users().GetUserSettings(authUser.Users[0].UserId);

                if (userSettings.UserSettings.Rows.Count > 0)
                {
                    System.Text.StringBuilder userInfos = new System.Text.StringBuilder();
                    userInfos.Append(authUser.Users[0].UserName + ",");
                    userInfos.Append(authUser.Users[0].UserId + ",");
                    userInfos.Append(authUser.Users[0].FirstName + ",");
                    userInfos.Append(authUser.Users[0].LastName + ",");
                    userInfos.Append(authUser.Users[0].Email + ",");
                    userInfos.Append(userSettings.UserSettings[0].IsAdmin + ",");
                    userInfos.Append(userSettings.UserSettings[0].GlobalSurveyAccess);

                    userInfos.Append("|");

                    int[] userRights = new Users().GetUserSecurityRights(authUser.Users[0].UserId);
                    for (int i = 0; i < userRights.Length; i++)
                    {
                        userInfos.Append(userRights[i].ToString());
                        if (i + 1 < userRights.Length)
                        {
                            userInfos.Append(",");
                        }
                    }

                    ((ClaimsIdentity)incomingPrincipal.Identity).AddClaim(new Claim(Votations.NSurvey.Constants.Constants.MyCustomClaimType, userInfos.ToString()));



                    //FormsAuthentication.SetAuthCookie(userInfos.ToString(), false);
                    //NSurveyContext.Current.User = UserFactory.Create().CreatePrincipal(userInfos.ToString());
                    var x = UserFactory.Create().CreatePrincipal((ClaimsIdentity)incomingPrincipal.Identity);


                    //((PageBase)Page).SelectedFolderId = null;
                    // ((Wap)this.Master).RebuildTree();
                    UINavigator.NavigateToFirstAccess(x, -1);
                }
            }

            return(incomingPrincipal);
        }
		private void ApplyChangesButton_Click(object sender, System.EventArgs e)
		{
			if (ValidateFieldOptions())
			{
				if (new Users().IsAdministrator(UserId) && !IsAdminCheckBox.Checked &&  new Users().GetAdminCount() == 1)
				{
					MessageLabel.Visible = true;
                ((PageBase)Page).ShowErrorMessage(MessageLabel,((PageBase)Page).GetPageResource("CannotDeleteLastAdminMessage"));
					return;
				}

				if (_userProvider is INSurveyUserProvider)
				{
					NSurveyUserData userData = new NSurveyUserData();
					NSurveyUserData.UsersRow updatedUser = userData.Users.NewUsersRow();
					updatedUser.UserId = UserId;
					updatedUser.UserName = UserNameTextBox.Text;

					// if no password was specified the old one will be kept
                    if (PasswordTextBox.Text.Length > 0)
                    {
                        if (!Regex.IsMatch(PasswordTextBox.Text, @"(?=^.{8,12}$)(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&amp;*()_+}{&quot;:;'?/&gt;.&lt;,])(?!.*\s).*$"))
                        {
                            MessageLabel.Visible = true;
                            ((PageBase)Page).ShowErrorMessage(MessageLabel, ((PageBase)Page).GetPageResource("PasswordRequiredMessage"));
                            return;
                        }
                        else
                        {
                            var sec = new LoginSecurity();
                            updatedUser.PasswordSalt = sec.CreateSaltKey(5);
                            updatedUser.Password = sec.CreatePasswordHash(PasswordTextBox.Text, updatedUser.PasswordSalt);
                        }

                    }
                    else
                    {
                        updatedUser.Password = null;
                        updatedUser.PasswordSalt = null;
                    }
				
					updatedUser.Email = EmailTextBox.Text;
					updatedUser.FirstName = FirstNameTextBox.Text;
					updatedUser.LastName = LastNameTextBox.Text;
					userData.Users.Rows.Add(updatedUser);
					((INSurveyUserProvider)_userProvider).UpdateUser(userData);
				}

				UserSettingData userSettings = new UserSettingData();
				UserSettingData.UserSettingsRow newUserSettings = userSettings.UserSettings.NewUserSettingsRow();
				newUserSettings.UserId = UserId;
				newUserSettings.IsAdmin = IsAdminCheckBox.Checked;
				newUserSettings.GlobalSurveyAccess = HasSurveyAccessCheckBox.Checked;
				userSettings.UserSettings.Rows.Add(newUserSettings);
				new User().UpdateUserSettings(userSettings);

				// Notifiy containers that data has changed
				OnOptionChanged();

                BindSurveyDropDownLists();
				MessageLabel.Visible = true;
((PageBase)Page).ShowNormalMessage(MessageLabel,((PageBase)Page).GetPageResource("UserUpdatedMessage"));
			}
		}
コード例 #3
0
        private void ImportUsersButton_Click(object sender, System.EventArgs e)
        {
            Regex re = new Regex(@"^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}" +
                @"\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\" +
                @".)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$");

            string[] users = ImportUsersTextBox.Text.Split('\n');
            int importCount = 0;
            var sec = new LoginSecurity();
           
            for (int i = 0; i < users.Length; i++)
            {
                string[] user = users[i].Split(',');
                if (user.Length > 4 && user[0].Trim().Length > 0 && user[1].Trim().Length > 0)
                {
                    // Check if user already exists in the db
                    if (new Users().GetUserByIdFromUserName(user[0]) == -1)
                    {
                        NSurveyUserData userData = new NSurveyUserData();
                        NSurveyUserData.UsersRow newUser = userData.Users.NewUsersRow();
                        newUser.UserName = user[0].Trim();
                     
                        string password = user[1].Trim();

                        newUser.PasswordSalt =sec.CreateSaltKey(5);
                        newUser.Password = sec.CreatePasswordHash(password, newUser.PasswordSalt);

                        newUser.Email = user[4].Length > 0 && re.IsMatch(user[4].Trim()) ?
                            user[4].Trim() : null;
                        newUser.FirstName = user[3].Length > 0 ? user[3].Trim() : null;
                        newUser.LastName = user[2].Length > 0 ? user[2].Trim() : null;
                        userData.Users.Rows.Add(newUser);
                        ((INSurveyUserProvider)_userProvider).AddUser(userData);
                        if (userData.Users[0].UserId > 0) importCount++;
                        AddUserSettings(userData.Users[0].UserId);
                        AddUserRoles(userData.Users[0].UserId);
                        if (!HasSurveyAccessCheckBox.Checked)
                        {
                            AddUserSurveys(userData.Users[0].UserId);
                        }
                    }
                }
            }

            MessageLabel.Visible = true;
            if(importCount>0)
((PageBase)Page).ShowNormalMessage(MessageLabel,((PageBase)Page).GetPageResource("UserImportedMessage"));
            else
            ((PageBase)Page).ShowErrorMessage(MessageLabel, ((PageBase)Page).GetPageResource("NoUserImportedMessage"));
            ImportUsersTextBox.Text = string.Empty;
            UserRolesListBox.Items.Clear();
            UserSurveysListBox.Items.Clear();
            BindSurveyDropDownLists();
        }
		private void CreateUserButton_Click(object sender, System.EventArgs e)
		{
			if (ValidateFieldOptions())
			{
				NSurveyUserData userData = new NSurveyUserData();
				NSurveyUserData.UsersRow newUser = userData.Users.NewUsersRow();

				if (_userProvider is INSurveyUserProvider)
				{
					//if (PasswordTextBox.Text.Length == 0)                    
                    if (!Regex.IsMatch(PasswordTextBox.Text, @"(?=^.{8,12}$)(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&amp;*()_+}{&quot;:;'?/&gt;.&lt;,])(?!.*\s).*$"))

					{
						MessageLabel.Visible = true;
                        ((PageBase)Page).ShowErrorMessage(MessageLabel,((PageBase)Page).GetPageResource("PasswordRequiredMessage"));
						return;
					}

					newUser.UserName = UserNameTextBox.Text;
                    var sec = new LoginSecurity();
                    newUser.PasswordSalt = sec.CreateSaltKey(5);
					newUser.Password = sec.CreatePasswordHash(PasswordTextBox.Text,newUser.PasswordSalt);
					newUser.Email = EmailTextBox.Text;
					newUser.FirstName = FirstNameTextBox.Text;
					newUser.LastName = LastNameTextBox.Text;
					userData.Users.Rows.Add(newUser);
					((INSurveyUserProvider)_userProvider).AddUser(userData);
				}

				if (userData.Users.Rows.Count > 0)
				{
					UserSettingData userSettings = new UserSettingData();
					UserSettingData.UserSettingsRow newUserSettings = userSettings.UserSettings.NewUserSettingsRow();
					newUserSettings.UserId = userData.Users[0].UserId;
					newUserSettings.IsAdmin = IsAdminCheckBox.Checked;
					newUserSettings.GlobalSurveyAccess = HasSurveyAccessCheckBox.Checked;
					userSettings.UserSettings.Rows.Add(newUserSettings);
					new User().AddUserSettings(userSettings);
				}
				UINavigator.NavigateToUserManager(((PageBase)Page).getSurveyId(),((PageBase)Page).MenuIndex);
			}

		}
コード例 #5
0
        private void ValidateCredentialsButton_Click(object sender, System.EventArgs e)
        {
            string enteredPwd = PasswordTextBox.Text.Trim();
            string enteredUname = LoginTextBox.Text.Trim();
            if (enteredUname.Length > 0 && enteredPwd.Length > 0)
            {
                string encryptedPwd;

                int? id = new Users().GetUserByIdFromUserName(LoginTextBox.Text);


                if ((id ?? 0) > 0)
                {
                    var sec = new LoginSecurity();
                    var user = new Users().GetUserById(id ?? 0);
                    string pwd = user.Users[0].Password;
                    string salt = user.Users[0].IsPasswordSaltNull() ? null : user.Users[0].PasswordSalt;
                    if (string.IsNullOrEmpty(salt))// Unhashed old style .Create salted password and update
                    {
                        encryptedPwd = new User().EncryptUserPassword(enteredPwd);
                        salt = sec.CreateSaltKey(5);
                    }
                    else
                    {
                        salt = user.Users[0].PasswordSalt;
                        encryptedPwd = sec.CreatePasswordHash(enteredPwd, salt);
                    }

                    if (user.Users[0].Password == encryptedPwd)
                    {

                        var authUser = user;
                        UserSettingData userSettings = new Users().GetUserSettings(authUser.Users[0].UserId);

                        if (userSettings.UserSettings.Rows.Count > 0)
                        {
                            System.Text.StringBuilder userInfos = new System.Text.StringBuilder();
                            userInfos.Append(authUser.Users[0].UserName + ",");
                            userInfos.Append(authUser.Users[0].UserId + ",");
                            userInfos.Append(authUser.Users[0].FirstName + ",");
                            userInfos.Append(authUser.Users[0].LastName + ",");
                            userInfos.Append(authUser.Users[0].Email + ",");
                            userInfos.Append(userSettings.UserSettings[0].IsAdmin + ",");
                            userInfos.Append(userSettings.UserSettings[0].GlobalSurveyAccess);

                            userInfos.Append("|");

                            int[] userRights = new Users().GetUserSecurityRights(authUser.Users[0].UserId);
                            for (int i = 0; i < userRights.Length; i++)
                            {
                                userInfos.Append(userRights[i].ToString());
                                if (i + 1 < userRights.Length)
                                {
                                    userInfos.Append(",");
                                }

                            }

                            if (authUser.Users[0].IsPasswordSaltNull())
                            {
                                authUser.Users[0].PasswordSalt = salt;
                                authUser.Users[0].Password = sec.CreatePasswordHash(enteredPwd, salt);
                                ((INSurveyUserProvider)_userProvider).UpdateUser(authUser);
                            }

                            FormsAuthentication.SetAuthCookie(userInfos.ToString(), false);

                            var x = UserFactory.Create().CreatePrincipal(userInfos.ToString());


                            // ((Wap)this.Master).isTreeStale = true;

                            ((PageBase)Page).SelectedFolderId = null;
                            // ((Wap)this.Master).RebuildTree();
                            UINavigator.NavigateToFirstAccess(x, -1);
                        }
                    }
                }
            }

            MessageLabel.Visible = true;
            ((PageBase)Page).ShowErrorMessage(MessageLabel, ((PageBase)Page).GetPageResource("InvalidLoginPasswordMessage"));
        }