public void TryGetEmailAddressTest()
{
ManagedAccount a = new ManagedAccount(Session);
try
{
string email = GetNewEmailAddress();
a.Create("Test User", "testpassword", email, DateTime.UtcNow, AdminSecurityContext);
string address;
Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
Console.WriteLine("Address: {0}", address);
Assert.AreEqual(email, address);
Assert.IsFalse(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
a.VerifyAllEmails();
Assert.IsTrue(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
Assert.AreEqual(email, address);
// add an address, make it principal
TransitAccountEmail t_instance = new TransitAccountEmail();
t_instance.Address = GetNewEmailAddress();
t_instance.AccountId = a.Id;
ManagedAccountEmail m_instance = new ManagedAccountEmail(Session);
t_instance.Id = m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
Session.Flush();
a.Instance.AccountEmails = Session.CreateCriteria(typeof(AccountEmail))
.Add(Expression.Eq("Account.Id", a.Id))
.List <AccountEmail>();
m_instance.Confirm(AdminSecurityContext);
a.VerifyAllEmails();
t_instance.Principal = true;
m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
Console.WriteLine("Address: {0}", address);
Assert.AreEqual(address, t_instance.Address);
}
finally
{
a.Delete(AdminSecurityContext);
}
}
public void RunCleanupStaleAccounts(ISession session, ManagedSecurityContext sec)
{
// fetch accounts that have not been logged in for two months and that don't have a verified e-mail
IEnumerable<Account> accounts = session.CreateQuery(
string.Format(
"FROM Account account" +
" WHERE NOT EXISTS ( " +
" FROM AccountEmail AS email" +
" WHERE email.Account = account" +
" AND email.Verified = 1" +
") AND account.LastLogin < '{0}'", DateTime.UtcNow.AddMonths(-2).ToString(DateTimeFormatInfo.InvariantInfo)))
.Enumerable<Account>();
IEnumerator<Account> enumerator = accounts.GetEnumerator();
while (enumerator.MoveNext() && ! IsStopping)
{
Account account = enumerator.Current;
try
{
ManagedAccount ma = new ManagedAccount(session, account);
bool bDelete = false;
// delete an account without any e-mail addresses (openid)
if (account.AccountEmails == null || account.AccountEmails.Count == 0)
{
bDelete = true;
}
if (account.AccountEmails != null && !bDelete)
{
// see if there exists another account with the same verified e-mail address
// someone either tried to hijack this account or tried to register again with the same e-mail and succeeded
foreach (AccountEmail email in account.AccountEmails)
{
if (IsStopping)
break;
IList verifiedemails = session.CreateCriteria(typeof(AccountEmail))
.Add(Expression.Eq("Verified", true))
.Add(Expression.Eq("Address", email.Address))
.SetMaxResults(1)
.List();
if (verifiedemails.Count > 0)
{
// there exists another account that has the same address, verified
// user has subscribed twice and verified another account
bDelete = true;
break;
}
}
}
if (account.AccountEmails != null && !bDelete)
{
foreach (AccountEmail email in account.AccountEmails)
{
if (IsStopping)
break;
// if we have never resent the e-mail confirmation, do it now
if (email.Created == email.Modified)
{
ManagedAccountEmail mae = new ManagedAccountEmail(session, email);
email.Modified = DateTime.UtcNow;
session.Save(email);
mae.Confirm(sec);
}
else if (email.Modified < DateTime.UtcNow.AddDays(-14))
{
// we have sent another confirmation earlier than two weeks ago
bDelete = true;
break;
}
}
}
if (bDelete)
{
ma.Delete(ManagedAccount.GetAdminSecurityContext(session));
}
session.Flush();
}
catch (ThreadAbortException)
{
throw;
}
catch (Exception ex)
{
EventLogManager.WriteEntry(string.Format("Error processing reminder for account {0} ({1}): {2}",
account.Id, account.Name, ex.Message), EventLogEntryType.Warning);
}
}
}
public void RunCleanupStaleAccounts(ISession session, ManagedSecurityContext sec)
{
// fetch accounts that have not been logged in for two months and that don't have a verified e-mail
IEnumerable <Account> accounts = session.CreateQuery(
string.Format(
"FROM Account account" +
" WHERE NOT EXISTS ( " +
" FROM AccountEmail AS email" +
" WHERE email.Account = account" +
" AND email.Verified = 1" +
") AND account.LastLogin < '{0}'", DateTime.UtcNow.AddMonths(-2).ToString(DateTimeFormatInfo.InvariantInfo)))
.Enumerable <Account>();
IEnumerator <Account> enumerator = accounts.GetEnumerator();
while (enumerator.MoveNext() && !IsStopping)
{
Account account = enumerator.Current;
try
{
ManagedAccount ma = new ManagedAccount(session, account);
bool bDelete = false;
// delete an account without any e-mail addresses (openid)
if (account.AccountEmails == null || account.AccountEmails.Count == 0)
{
bDelete = true;
}
if (account.AccountEmails != null && !bDelete)
{
// see if there exists another account with the same verified e-mail address
// someone either tried to hijack this account or tried to register again with the same e-mail and succeeded
foreach (AccountEmail email in account.AccountEmails)
{
if (IsStopping)
{
break;
}
IList verifiedemails = session.CreateCriteria(typeof(AccountEmail))
.Add(Expression.Eq("Verified", true))
.Add(Expression.Eq("Address", email.Address))
.SetMaxResults(1)
.List();
if (verifiedemails.Count > 0)
{
// there exists another account that has the same address, verified
// user has subscribed twice and verified another account
bDelete = true;
break;
}
}
}
if (account.AccountEmails != null && !bDelete)
{
foreach (AccountEmail email in account.AccountEmails)
{
if (IsStopping)
{
break;
}
// if we have never resent the e-mail confirmation, do it now
if (email.Created == email.Modified)
{
ManagedAccountEmail mae = new ManagedAccountEmail(session, email);
email.Modified = DateTime.UtcNow;
session.Save(email);
mae.Confirm(sec);
}
else if (email.Modified < DateTime.UtcNow.AddDays(-14))
{
// we have sent another confirmation earlier than two weeks ago
bDelete = true;
break;
}
}
}
if (bDelete)
{
ma.Delete(ManagedAccount.GetAdminSecurityContext(session));
}
session.Flush();
}
catch (ThreadAbortException)
{
throw;
}
catch (Exception ex)
{
EventLogManager.WriteEntry(string.Format("Error processing reminder for account {0} ({1}): {2}",
account.Id, account.Name, ex.Message), EventLogEntryType.Warning);
}
}
}
public void ConfirmAccountEmail(string ticket, int id)
{
using (SnCore.Data.Hibernate.Session.OpenConnection())
{
ISession session = SnCore.Data.Hibernate.Session.Current;
ManagedSecurityContext sec = new ManagedSecurityContext(session, ticket);
ManagedAccountEmail e = new ManagedAccountEmail(session, id);
e.Confirm(sec);
SnCore.Data.Hibernate.Session.Flush();
}
}
public int CreateOrUpdateAccountEmail(string ticket, TransitAccountEmail tae)
{
int id = WebServiceImpl<TransitAccountEmail, ManagedAccountEmail, AccountEmail>.CreateOrUpdate(
ticket, tae);
if (tae.Id == 0)
{
using (SnCore.Data.Hibernate.Session.OpenConnection())
{
ISession session = SnCore.Data.Hibernate.Session.Current;
ManagedSecurityContext sec = new ManagedSecurityContext(session, ticket);
ManagedAccountEmail m_instance = new ManagedAccountEmail(session, id);
m_instance.Confirm(sec);
SnCore.Data.Hibernate.Session.Flush();
}
}
return id;
}
public void TryGetEmailAddressTest()
{
ManagedAccount a = new ManagedAccount(Session);
try
{
string email = GetNewEmailAddress();
a.Create("Test User", "testpassword", email, DateTime.UtcNow, AdminSecurityContext);
string address;
Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
Console.WriteLine("Address: {0}", address);
Assert.AreEqual(email, address);
Assert.IsFalse(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
a.VerifyAllEmails();
Assert.IsTrue(a.TryGetVerifiedEmailAddress(out address, AdminSecurityContext));
Assert.AreEqual(email, address);
// add an address, make it principal
TransitAccountEmail t_instance = new TransitAccountEmail();
t_instance.Address = GetNewEmailAddress();
t_instance.AccountId = a.Id;
ManagedAccountEmail m_instance = new ManagedAccountEmail(Session);
t_instance.Id = m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
Session.Flush();
a.Instance.AccountEmails = Session.CreateCriteria(typeof(AccountEmail))
.Add(Expression.Eq("Account.Id", a.Id))
.List<AccountEmail>();
m_instance.Confirm(AdminSecurityContext);
a.VerifyAllEmails();
t_instance.Principal = true;
m_instance.CreateOrUpdate(t_instance, a.GetSecurityContext());
Assert.IsTrue(a.TryGetActiveEmailAddress(out address, AdminSecurityContext));
Console.WriteLine("Address: {0}", address);
Assert.AreEqual(address, t_instance.Address);
}
finally
{
a.Delete(AdminSecurityContext);
}
}