/// <summary> /// Modifica password per l'utente /// </summary> /// <param name="credentials"></param> /// <returns></returns> private static void InternalChangePassword(ChangePwdSecurityCredentials credentials) { Dpa.DataAccess.Database db = RubricaDatabase.CreateDatabase(); using (IDbConnection connection = db.GetConnection()) { connection.Open(); using (IDbTransaction transaction = connection.BeginTransaction()) { using (Dpa.DataAccess.DBCommandWrapper cw = db.GetStoredProcCommandWrapper(RubricaDatabase.GetSpNameForPackage(SP_CHANGE_PWD))) { cw.AddInParameter("pNomeUtente", DbType.String, credentials.UserName); cw.AddInParameter("pPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.Password)); cw.AddInParameter("pNewPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.NewPassword)); db.ExecuteNonQuery(cw); if (cw.RowsAffected == 0) { throw new ApplicationException(Properties.Resources.ConcurrencyException); } else { transaction.Commit(); } } } } }
/// <summary> /// /// </summary> /// <param name="utente"></param> /// <returns></returns> private static Utente InternalInsert(Utente utente) { Dpa.DataAccess.Database db = RubricaDatabase.CreateDatabase(); utente.DataCreazione = DateTime.Now; utente.DataUltimaModifica = utente.DataCreazione; using (IDbConnection connection = db.GetConnection()) { connection.Open(); using (IDbTransaction transaction = connection.BeginTransaction()) { using (Dpa.DataAccess.DBCommandWrapper cw = db.GetStoredProcCommandWrapper(RubricaDatabase.GetSpNameForPackage(SP_INSERT))) { cw.AddInParameter("pNomeUtente", DbType.String, utente.Nome); cw.AddInParameter("pPassword", DbType.String, SecurityCredentials.GetPasswordHash(utente.Nome, utente.Password)); cw.AddInParameter("pAmministratore", DbType.AnsiStringFixedLength, (utente.Amministratore ? "1" : "0")); cw.AddInParameter("pDataCreazione", DbType.DateTime, utente.DataCreazione); cw.AddInParameter("pDataUltimaModifica", DbType.DateTime, utente.DataUltimaModifica); cw.AddOutParameter("pId", DbType.Int32, 0); db.ExecuteNonQuery(cw, transaction); if (cw.RowsAffected == 0) { throw new ApplicationException(Properties.Resources.ConcurrencyException); } else { // Reperimento identity utente.Id = Convert.ToInt32(cw.GetParameterValue("pId")); transaction.Commit(); } } } } return(utente); }