public ContentResult UnAssignMemberRoleByID(long MemberID, long[] UnAssignRoles)
{
Member member = Members.GetBy(MemberID);
foreach (long RoleID in UnAssignRoles)
{
Role role = Roles.GetBy(RoleID);
// Ignore admin in admins role
if (member.Name.ToLower() == "admin" && role.Name.ToLower() == "admins")
{
}
else
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = MemberID;
memberrole.RoleID = RoleID;
memberrole.Delete();
}
}
String Json = Roles.JsonCollection(Roles.GetByMember(MemberID));
return(Content(Json, TypeJson));
}
public ContentResult UnAssignMemberRolesByName(string Email, string[] UnAssignRoles)
{
Member Member = Members.GetByEmail(Email);
foreach (string RoleName in UnAssignRoles)
{
Role Role = Roles.GetBy(RoleName);
// Ignore admin in admins role
if (Member.Name.ToLower() == "admin" && Role.Name.ToLower() == "admins")
{
}
else
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = Member.MemberID;
memberrole.RoleID = Role.RoleID;
memberrole.Delete();
}
}
String Json = Roles.JsonCollection(Roles.GetByMember(Member.MemberID));
return(Content(Json, TypeJson));
}
public ActionResult Activate()
{
if (AppSession.Parameters.RegistrationSelfActivation.Value == "false")
{
if (AppSession.IsMemberInAdminRole)
{
}
else
{
string ReturnUrl = AppSession.ReturnUrl;
ReturnUrl = (ReturnUrl != null && ReturnUrl.Length > 0) ? ReturnUrl : ((AppSession.Parameters.RulesRedirectAfterLogin.Value != null && AppSession.Parameters.RulesRedirectAfterLogin.Value.Length > 0) ? AppSession.Parameters.RulesRedirectAfterLogin.Value : Url.Content("~/"));
AuditEvent.AppEventError(AppSession.Parameters.GeneralAdminEmail.Value, "Somebody tries to activate an account but it was switched off. ", AuditEvent.GetSessionDetails());
return new RedirectResult(ReturnUrl);
}
}
string Token = Request.QueryString["t"];
RequestResultModel model = new RequestResultModel();
model.Title = GetLabel("Account.Controller.Warning");
model.Message = GetLabel("Account.Controller.WrongActiveLink");
model.InfoType = RequestResultInfoType.Information;
if (Token != null && Token.Length > 0)
{
try
{
// Review activation token
ActionToken actionToken = ActionTokens.GetBy(Token, ActionTokenTypes.SelfActivation);
if (actionToken.ActionID <= 0)
{
string ReturnUrl = AppSession.ReturnUrl;
ReturnUrl = (ReturnUrl != null && ReturnUrl.Length > 0) ? ReturnUrl : ((AppSession.Parameters.RulesRedirectAfterLogin.Value != null && AppSession.Parameters.RulesRedirectAfterLogin.Value.Length > 0) ? AppSession.Parameters.RulesRedirectAfterLogin.Value : Url.Content("~/"));
AuditEvent.AppEventWarning(AppSession.Parameters.GeneralAdminEmail.Value, "Somebody tries to activate an account but token doesn't exist.", AuditEvent.GetSessionDetails());
return new RedirectResult(ReturnUrl);
}
if (actionToken.ReturnURL != null && actionToken.ReturnURL.Length > 0)
AppSession.ReturnUrl = actionToken.ReturnURL;
Member Member = Members.GetByEmail(actionToken.Email);
if (Member.MemberID > 0)
{
// Remove registration roles
string[] RoleNames = AppParams.RegistrationMemberRegistrationToRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (String RoleName in RoleNames)
{
Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim());
if (role.RoleID > 0)
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = Member.MemberID;
memberrole.RoleID = role.RoleID;
memberrole.Delete();
}
}
// Add activation roles
RoleNames = AppParams.RegistrationMemberActivationToRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (String RoleName in RoleNames)
{
Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim());
if (role.RoleID > 0)
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = Member.MemberID;
memberrole.RoleID = role.RoleID;
memberrole.Save();
}
}
string ReturnURL = actionToken.ReturnURL;
// AuditEvent.AppEventInfo(Member.Email, "ActionToken.ReturnURL = " + actionToken.ReturnURL + " Session back URL: " + AppSession.ReturnUrl);
actionToken.Delete();
try
{
if (!SendActivationDoneEmail(Member.Name, Member.Email, ReturnURL))
{
AuditEvent.AppEventError(Member.Email, "Activation notification e-mail has not been send!", AuditEvent.GetSessionDetails());
}
}
catch (Exception ex)
{
AuditEvent.AppEventError(Member.Email, "Activation: Something went wrong with e-mail notification: " + ex.Message, AuditEvent.GetSessionDetails(ex.StackTrace), true);
}
model.Title = GetLabel("Account.Controller.Congrat");
model.Message = GetLabel("Account.Controller.Activated").Replace("{{name}}", actionToken.Email);
model.InfoType = RequestResultInfoType.Success;
AuditEvent.AppEventSuccess(Member.Email, String.Format(AuditEvent.AccountActivated, Member.Name, Member.Email));
}
}
catch (Exception ex)
{
AuditEvent.AppEventError(AppSession.Parameters.GeneralAdminEmail.Value, "Something wrong with activation: " + ex.Message, AuditEvent.GetSessionDetails(ex.StackTrace),true);
}
}
else
{
AuditEvent.AppEventWarning(AppSession.Parameters.GeneralAdminEmail.Value, String.Format(AuditEvent.AccountWrongActiveLink, Token));
}
return View("ActivateAccount", model);
}
public bool Authenticate(ref String Email, String Password)
{
bool LDAPAuthSuccess = false;
bool IsClassicAuth = AppSession.Parameters.LDAPUseOnly.Value == "false";
bool IsLDAPAuth = AppSession.Parameters.LDAPEnabled.Value == "true";
//LDAP Auth
if (AppSession.Parameters.LDAPEnabled.Value == "true" && Email.IndexOf("@"+AppSession.Parameters.LDAPDomain.Value) > 0)
{
LDAPTools ldapTools = new LDAPTools();
ldapTools.UserName = Email;
ldapTools.Password = Password;
ldapTools.DirectoryPath = AppSession.Parameters.LDAPPath.Value;
if (ldapTools.Authenticate())
{
LDAPAuthSuccess = true;
string memberName = ldapTools.MemberInfo.DisplayName;
string memberAllGroups = ldapTools.GetGroups();
///////////////////////////////////////////////////////////////////////////////////////////////////////////
// The member email will be changed because the first part of e-mail can be different with user network id.
///////////////////////////////////////////////////////////////////////////////////////////////////////////
Email = ldapTools.MemberInfo.Email;
Member memberNew = Members.GetByEmail(Email);
if (memberNew.MemberID <= 0)
{
memberNew.Name = memberName;
memberNew.Email = Email;
memberNew.Password = StringTool.RandomString(80);
memberNew.IsBuiltIn = false;
memberNew.Created = DateTime.UtcNow;
memberNew.Save();
string Message = String.Format("LDAP member added: {0} {1}", memberName, Email);
AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message , null, true);
// Add signin/sign up domain.
Domain _domain = Domains.GetByName(AppSession.SignUpDomain);
if (_domain.DomainID > 0)
{
MemberDomain _memberDomain = new MemberDomain();
_memberDomain.DomainID = _domain.DomainID;
_memberDomain.MemberID = memberNew.MemberID;
_memberDomain.Save();
}
// Create LDAP settings roles
if (AppSession.Parameters.LDAPAddToRoles.Value != null && AppSession.Parameters.LDAPAddToRoles.Value.Length > 0)
{
string[] memberRoles = AppSession.Parameters.LDAPAddToRoles.Value.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
foreach (string memberRole in memberRoles)
{
Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberRole);
if (_role.RoleID > 0)
{
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = _role.RoleID;
_memberRole.Save();
}
}
}
}
// Create LDAP specific roles
if (memberAllGroups != null && memberAllGroups.Length > 0 && AppSession.Parameters.LDAPAddRoleGroup.Value == "true")
{
string[] memberGroups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries);
foreach (string memberGroup in memberGroups)
{
Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberGroup);
if (_role.RoleID <= 0)
{
_role.Name = memberGroup;
_role.Settings = "LDAP role reflection. Keep key word: [LDAP-Auto-Role] to be synchronized.";
_role.BackColor = "6bbb54";
_role.ForeColor = "ffffff";
_role.Save();
string Message = String.Format("LDAP role added: {0}", _role.Name);
AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true);
};
if (_role.RoleID > 0)
{
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = _role.RoleID;
_memberRole.Save();
}
}
}
// Synchronize members roles with LDAP [LDAP-Auto-Role] key words.
List<Role> _roles = Web.Admin.Logic.Collections.Roles.GetByMemberKeyWordInDescription(memberNew.MemberID, "[LDAP-Auto-Role]");
string[] _groups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries);
foreach (Web.Admin.Logic.Objects.Role _role in _roles)
{
if (_groups != null && _groups.Length > 0)
{
if (_groups.Where(t => t.Trim().ToLower() == _role.Name.Trim().ToLower()).FirstOrDefault() == default(String))
{
Web.Admin.Logic.Objects.Role removeRoleFromUser = Web.Admin.Logic.Collections.Roles.GetBy(_role.Name);
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = removeRoleFromUser.RoleID;
_memberRole.Delete();
}
}
else
{
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = _role.RoleID;
_memberRole.Delete();
}
}
}
}
//Classic Auth
Member member = Members.GetByEmail(Email);
if (member.MemberID > 0)
{
if ( (IsLDAPAuth && LDAPAuthSuccess) ||
(IsClassicAuth && Member.ComputePasswordHash(Password) == member.Password)
)
{
MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID);
if (Attempt.AttemptID > 0)
{
Attempt.IsAttemptValid = 0;
Attempt.Save();
}
// Add signin/sign up domain.
Domain _domain = Domains.GetByName(AppSession.SignUpDomain);
if (_domain.DomainID > 0)
{
MemberDomain _memberDomain = new MemberDomain();
_memberDomain.DomainID = _domain.DomainID;
_memberDomain.MemberID = member.MemberID;
_memberDomain.Save();
}
member.UpdateLoginTime();
return true;
}
else
{
MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID);
if (Attempt.MemberID <= 0)
{
Attempt.MemberID = member.MemberID;
Attempt.AttemptType = MemberAttemptTypes.LoginPasswordFailed;
Attempt.IsAttemptValid = 1;
}
if (Attempt.Attempts > 0)
Attempt.Attempts++;
else
Attempt.Attempts = 1;
Attempt.Save();
if (AppSession.Parameters.RulesPasswordFailedRoles.Value != null && AppSession.Parameters.RulesPasswordFailedRoles.Value.Length > 0 && !AppSession.IsMemberInAdminRole)
{
Parameter Param = AppSession.Parameters.RulesPasswordFailedAttempts;
long value = -1;
bool result = long.TryParse(Param.Value, out value);
if (result && value > 0 && Attempt.Attempts >= value)
{
string[] RoleNames = AppSession.Parameters.RulesPasswordFailedRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (String RoleName in RoleNames)
{
Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName);
if (role.RoleID > 0)
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = member.MemberID;
memberrole.RoleID = role.RoleID;
memberrole.Save();
}
}
}
}
return false;
}
}
else
return false;
}
public JsonResult AssignRoleMembers(long RoleID, int[] AssignMembers, bool Assign)
{
MemberListModel _model = new MemberListModel();
foreach (int MemberID in AssignMembers)
{
Web.Admin.Logic.Objects.Member Member = Web.Admin.Logic.Collections.Members.GetBy(MemberID);
Web.Admin.Logic.Objects.Role Role = Web.Admin.Logic.Collections.Roles.GetBy(RoleID);
if (RoleID > 0)
{
if (Member.IsBuiltIn)
{
if (Member.Name.Trim().ToLower() == "admin" && Role.Name.Trim().ToLower() == "admins")
{
AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberNoRemovedAdminFromRole, Member.Name, Member.Email, Role.Name));
continue;
}
}
else
{
MemberRole _roleMember = new MemberRole();
_roleMember.MemberID = MemberID;
_roleMember.RoleID = RoleID;
if (Role.Name.ToLower() == "blocked")
ResetPasswordfailedAttemps(MemberID);
if (Assign)
{
_roleMember.Save();
AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberAssigToRole, Member.Name, Member.Email, Role.Name));
}
else
{
_roleMember.Delete();
AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberRemovedFromRole, Member.Name, Member.Email, Role.Name));
}
}
}
else if (!Assign)
{
if (Member.IsBuiltIn)
{
AuditEvent.AppEventWarning(Profile.Member.Email, String.Format(AuditEvent.MemberNoRemovedAdminFromRole, Member.Name, Member.Email, Role.Name));
continue;
}
else
{
MemberRole _roleMember = new MemberRole();
_roleMember.MemberID = MemberID;
_roleMember.DeleteAll();
ResetPasswordfailedAttemps(MemberID);
AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberRemovedFromAllRole, Member.Name, Member.Email));
}
}
}
_model.Role = Roles.GetBy(RoleID);
return Json(new
{
Html = ""
}, JsonRequestBehavior.AllowGet);
}
public JsonResult RemoveFromRole(long MemberID, long RoleID)
{
Member member = Web.Admin.Logic.Collections.Members.GetBy(MemberID);
Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleID);
// Ignore admin in admins role
if (member.Name.ToLower() == "admin" && role.Name.ToLower() == "admins")
{
AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberNoRemovedAdminFromRole, member.Name, member.Email, role.Name));
}
else
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = MemberID;
memberrole.RoleID = RoleID;
memberrole.Delete();
AuditEvent.AppEventSuccess(Profile.Member.Email, String.Format(AuditEvent.MemberRemovedFromRole, member.Name, member.Email, role.Name));
}
if (role.Name.ToLower() == "blocked")
{
MemberAttempt MemberAttempt = MemberAttempts.GetValid(MemberID, DateTime.Now, MemberAttemptTypes.LoginPasswordFailed);
if (MemberAttempt.AttemptID > 0)
{
MemberAttempt.Attempts = 0;
MemberAttempt.Save();
}
}
MemberListModel model = new MemberListModel();
model.Members.Add(member);
return Json(new
{
Html = this.RenderPartialView(@"_MemberRoleList", model),
}, JsonRequestBehavior.AllowGet);
}
public bool Authenticate(ref String Email, String Password)
{
bool LDAPAuthSuccess = false;
bool IsClassicAuth = AppSession.Parameters.LDAPUseOnly.Value == "false";
bool IsLDAPAuth = AppSession.Parameters.LDAPEnabled.Value == "true";
//LDAP Auth
if (AppSession.Parameters.LDAPEnabled.Value == "true" && Email.IndexOf("@" + AppSession.Parameters.LDAPDomain.Value) > 0)
{
LDAPTools ldapTools = new LDAPTools();
ldapTools.UserName = Email;
ldapTools.Password = Password;
ldapTools.DirectoryPath = AppSession.Parameters.LDAPPath.Value;
if (ldapTools.Authenticate())
{
LDAPAuthSuccess = true;
string memberName = ldapTools.MemberInfo.DisplayName;
string memberAllGroups = ldapTools.GetGroups();
///////////////////////////////////////////////////////////////////////////////////////////////////////////
// The member email will be changed because the first part of e-mail can be different with user network id.
///////////////////////////////////////////////////////////////////////////////////////////////////////////
Email = ldapTools.MemberInfo.Email;
Member memberNew = Members.GetByEmail(Email);
if (memberNew.MemberID <= 0)
{
memberNew.Name = memberName;
memberNew.Email = Email;
memberNew.Password = StringTool.RandomString(80);
memberNew.IsBuiltIn = false;
memberNew.Created = DateTime.UtcNow;
memberNew.Save();
string Message = String.Format("LDAP member added: {0} {1}", memberName, Email);
AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true);
// Add signin/sign up domain.
Domain _domain = Domains.GetByName(AppSession.SignUpDomain);
if (_domain.DomainID > 0)
{
MemberDomain _memberDomain = new MemberDomain();
_memberDomain.DomainID = _domain.DomainID;
_memberDomain.MemberID = memberNew.MemberID;
_memberDomain.Save();
}
// Create LDAP settings roles
if (AppSession.Parameters.LDAPAddToRoles.Value != null && AppSession.Parameters.LDAPAddToRoles.Value.Length > 0)
{
string[] memberRoles = AppSession.Parameters.LDAPAddToRoles.Value.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
foreach (string memberRole in memberRoles)
{
Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberRole);
if (_role.RoleID > 0)
{
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = _role.RoleID;
_memberRole.Save();
}
}
}
}
// Create LDAP specific roles
if (memberAllGroups != null && memberAllGroups.Length > 0 && AppSession.Parameters.LDAPAddRoleGroup.Value == "true")
{
string[] memberGroups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries);
foreach (string memberGroup in memberGroups)
{
Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberGroup);
if (_role.RoleID <= 0)
{
_role.Name = memberGroup;
_role.Settings = "LDAP role reflection. Keep key word: [LDAP-Auto-Role] to be synchronized.";
_role.BackColor = "6bbb54";
_role.ForeColor = "ffffff";
_role.Save();
string Message = String.Format("LDAP role added: {0}", _role.Name);
AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true);
}
;
if (_role.RoleID > 0)
{
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = _role.RoleID;
_memberRole.Save();
}
}
}
// Synchronize members roles with LDAP [LDAP-Auto-Role] key words.
List <Role> _roles = Web.Admin.Logic.Collections.Roles.GetByMemberKeyWordInDescription(memberNew.MemberID, "[LDAP-Auto-Role]");
string[] _groups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries);
foreach (Web.Admin.Logic.Objects.Role _role in _roles)
{
if (_groups != null && _groups.Length > 0)
{
if (_groups.Where(t => t.Trim().ToLower() == _role.Name.Trim().ToLower()).FirstOrDefault() == default(String))
{
Web.Admin.Logic.Objects.Role removeRoleFromUser = Web.Admin.Logic.Collections.Roles.GetBy(_role.Name);
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = removeRoleFromUser.RoleID;
_memberRole.Delete();
}
}
else
{
MemberRole _memberRole = new MemberRole();
_memberRole.MemberID = memberNew.MemberID;
_memberRole.RoleID = _role.RoleID;
_memberRole.Delete();
}
}
}
}
//Classic Auth
Member member = Members.GetByEmail(Email);
if (member.MemberID > 0)
{
if ((IsLDAPAuth && LDAPAuthSuccess) ||
(IsClassicAuth && Member.ComputePasswordHash(Password) == member.Password)
)
{
MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID);
if (Attempt.AttemptID > 0)
{
Attempt.IsAttemptValid = 0;
Attempt.Save();
}
// Add signin/sign up domain.
Domain _domain = Domains.GetByName(AppSession.SignUpDomain);
if (_domain.DomainID > 0)
{
MemberDomain _memberDomain = new MemberDomain();
_memberDomain.DomainID = _domain.DomainID;
_memberDomain.MemberID = member.MemberID;
_memberDomain.Save();
}
member.UpdateLoginTime();
return(true);
}
else
{
MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID);
if (Attempt.MemberID <= 0)
{
Attempt.MemberID = member.MemberID;
Attempt.AttemptType = MemberAttemptTypes.LoginPasswordFailed;
Attempt.IsAttemptValid = 1;
}
if (Attempt.Attempts > 0)
{
Attempt.Attempts++;
}
else
{
Attempt.Attempts = 1;
}
Attempt.Save();
if (AppSession.Parameters.RulesPasswordFailedRoles.Value != null && AppSession.Parameters.RulesPasswordFailedRoles.Value.Length > 0 && !AppSession.IsMemberInAdminRole)
{
Parameter Param = AppSession.Parameters.RulesPasswordFailedAttempts;
long value = -1;
bool result = long.TryParse(Param.Value, out value);
if (result && value > 0 && Attempt.Attempts >= value)
{
string[] RoleNames = AppSession.Parameters.RulesPasswordFailedRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (String RoleName in RoleNames)
{
Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName);
if (role.RoleID > 0)
{
MemberRole memberrole = new MemberRole();
memberrole.MemberID = member.MemberID;
memberrole.RoleID = role.RoleID;
memberrole.Save();
}
}
}
}
return(false);
}
}
else
{
return(false);
}
}
