public override void RemoveUsersFromRoles(string[] usernames, string[] rolenames)
{
foreach (string rolename in rolenames)
{
if (!(RoleExists(rolename)))
{
throw new ProviderException(String.Format("Role \'{0}\' not found.", rolename));
}
}
foreach (string username in usernames)
{
foreach (string rolename in rolenames)
{
if (!(IsUserInRole(username, rolename)))
{
throw new ProviderException(String.Format("User \'{0}\' is not in role \'{1}\'.", username, rolename));
}
}
}
foreach (string username in usernames)
{
ForgetUserRoles(username);
foreach (string rolename in rolenames)
{
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.RemoveUserFromRole))
{
sql.AssignParameter("UserName", username);
sql.AssignParameter("RoleName", rolename);
sql.ExecuteNonQuery();
}
}
}
}
public override bool ChangePassword(string username, string oldPwd, string newPwd)
{
if (!(ValidateUser(username, oldPwd)))
{
return(false);
}
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPwd, false);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new MembershipPasswordException("Change of password canceled due to new password validation failure.");
}
}
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.ChangePassword))
{
sql.AssignParameter("Password", EncodePassword(newPwd));
sql.AssignParameter("UserName", username);
return(sql.ExecuteNonQuery() == 1);
}
}
public override void AddUsersToRoles(string[] usernames, string[] rolenames)
{
foreach (string rolename in rolenames)
{
if (!(RoleExists(rolename)))
{
throw new ProviderException(String.Format("Role name \'{0}\' not found.", rolename));
}
}
foreach (string username in usernames)
{
if (username.Contains(","))
{
throw new ArgumentException("User names cannot contain commas.");
}
foreach (string rolename in rolenames)
{
if (IsUserInRole(username, rolename))
{
throw new ProviderException(String.Format("User \'{0}\' is already in role \'{1}\'.", username, rolename));
}
}
}
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.AddUserToRole))
foreach (string username in usernames)
{
ForgetUserRoles(username);
foreach (string rolename in rolenames)
{
sql.AssignParameter("UserName", username);
sql.AssignParameter("RoleName", rolename);
sql.ExecuteNonQuery();
}
}
}
public override bool IsUserInRole(string username, string rolename)
{
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.IsUserInRole))
{
sql.AssignParameter("UserName", username);
sql.AssignParameter("RoleName", rolename);
return(Convert.ToInt32(sql.ExecuteScalar()) > 0);
}
}
public override void UpdateUser(MembershipUser user)
{
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.UpdateUser))
{
sql.AssignParameter("Email", user.Email);
sql.AssignParameter("UserName", user.UserName);
sql.ExecuteNonQuery();
}
}
public override string[] FindUsersInRole(string rolename, string usernameToMatch)
{
List <string> users = new List <string>();
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.FindUsersInRole))
{
sql.AssignParameter("UserName", usernameToMatch);
sql.AssignParameter("RoleName", rolename);
while (sql.Read())
{
users.Add(Convert.ToString(sql["UserName"]));
}
}
return(users.ToArray());
}
public override string ResetPassword(string username, string answer)
{
if (!(EnablePasswordReset))
{
throw new NotSupportedException("Password reset is not enabled.");
}
string newPassword = Membership.GeneratePassword(this._newPasswordLength, MinRequiredNonAlphanumericCharacters);
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, false);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new MembershipPasswordException("Reset password canceled due to password validation failure.");
}
}
string passwordAnswer = String.Empty;
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetPassword))
{
sql.AssignParameter("UserName", username);
if (sql.Read())
{
}
else
{
throw new MembershipPasswordException("User is not found.");
}
}
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.ResetPassword))
{
sql.AssignParameter("Password", EncodePassword(newPassword));
sql.AssignParameter("UserName", username);
if (sql.ExecuteNonQuery() > 0)
{
return(newPassword);
}
else
{
throw new MembershipPasswordException("User is not found or locked out. Password has not been reset.");
}
}
}
public override string[] GetRolesForUser(string username)
{
List <string> roles = null;
string userRolesKey = String.Format("ApplicationRoleProvider_{0}_Roles", username);
bool contextIsAvailable = (HttpContext.Current != null);
if (contextIsAvailable)
{
roles = ((List <string>)(HttpContext.Current.Items[userRolesKey]));
}
if (roles == null)
{
roles = new List <string>();
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.GetRolesForUser))
{
sql.AssignParameter("UserName", username);
while (sql.Read())
{
roles.Add(Convert.ToString(sql["RoleName"]));
}
if (contextIsAvailable)
{
HttpContext.Current.Items[userRolesKey] = roles;
}
}
}
return(roles.ToArray());
}
public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords)
{
MembershipUserCollection users = new MembershipUserCollection();
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.CountUsersByEmail))
{
sql.AssignParameter("UserName", emailToMatch);
totalRecords = Convert.ToInt32(sql.ExecuteScalar());
}
if (totalRecords > 0)
{
int counter = 0;
int startIndex = (pageSize * pageIndex);
int endIndex = ((startIndex + pageSize)
- 1);
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.FindUsersByEmail))
{
sql.AssignParameter("Email", emailToMatch);
while (sql.Read())
{
if (counter >= startIndex)
{
users.Add(GetUser(sql));
}
if (counter >= endIndex)
{
break;
}
counter++;
}
}
}
return(users);
}
private void UpdateFailureCount(string username, string failureType)
{
int failureCount = 0;
DateTime windowStart = DateTime.Now;
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetUser))
{
sql.AssignParameter("UserName", username);
if (!(sql.Read()))
{
return;
}
if (failureType == "Password")
{
}
if (failureType == "PasswordAnswer")
{
}
}
DateTime windowEnd = windowStart.AddMinutes(PasswordAttemptWindow);
if ((failureCount == 0) || (DateTime.Now > windowEnd))
{
}
else
{
failureCount++;
if (failureCount > MaxInvalidPasswordAttempts)
{
}
}
}
public override string GetPassword(string username, string answer)
{
if (!(EnablePasswordRetrieval))
{
throw new ProviderException("Password retrieval is not enabled.");
}
if (PasswordFormat == MembershipPasswordFormat.Hashed)
{
throw new ProviderException("Cannot retrieve hashed passwords.");
}
string password = String.Empty;
string passwordAnswer = String.Empty;
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetPassword))
{
sql.AssignParameter("UserName", username);
if (sql.Read())
{
password = Convert.ToString(sql["Password"]);
}
else
{
throw new MembershipPasswordException("User name is not found.");
}
}
if (PasswordFormat == MembershipPasswordFormat.Encrypted)
{
password = DecodePassword(password);
}
return(password);
}
public override bool ValidateUser(string username, string password)
{
bool isValid = false;
string pwd = null;
bool isApproved = true;
username = username.Trim();
password = password.Trim();
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetPassword))
{
sql.AssignParameter("UserName", username);
if (sql.Read())
{
pwd = Convert.ToString(sql["Password"]);
}
else
{
return(false);
}
}
if (CheckPassword(password, pwd))
{
if (isApproved)
{
isValid = true;
}
}
else
{
UpdateFailureCount(username, "Password");
}
return(isValid);
}
public override bool DeleteUser(string username, bool deleteAllRelatedData)
{
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.DeleteUser))
{
sql.AssignParameter("UserName", username);
return(sql.ExecuteNonQuery() > 0);
}
}
public override bool RoleExists(string rolename)
{
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.RoleExists))
{
sql.AssignParameter("RoleName", rolename);
return(Convert.ToInt32(sql.ExecuteScalar()) > 0);
}
}
public override string GetUserNameByEmail(string email)
{
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetUserNameByEmail))
{
sql.AssignParameter("Email", email);
return(Convert.ToString(sql.ExecuteScalar()));
}
}
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (RequiresUniqueEmail && !(String.IsNullOrEmpty(GetUserNameByEmail(email))))
{
status = MembershipCreateStatus.DuplicateEmail;
return(null);
}
if (GetUser(username, false) != null)
{
status = MembershipCreateStatus.DuplicateUserName;
}
else
{
DateTime creationDate = DateTime.Now;
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.CreateUser))
{
sql.AssignParameter("UserName", username);
sql.AssignParameter("Password", EncodePassword(password));
sql.AssignParameter("Email", email);
if (sql.ExecuteNonQuery() > 0)
{
status = MembershipCreateStatus.Success;
return(GetUser(username, false));
}
else
{
status = MembershipCreateStatus.UserRejected;
}
}
}
return(null);
}
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
MembershipUser u = null;
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetUserByProviderKey))
{
sql.AssignParameter("UserID", providerUserKey);
if (sql.Read())
{
u = GetUser(sql);
}
}
return(u);
}
public override MembershipUser GetUser(string username, bool userIsOnline)
{
MembershipUser u = null;
using (SqlStatement sql = CreateSqlStatement(MembershipProviderSqlStatement.GetUser))
{
sql.AssignParameter("UserName", username);
if (sql.Read())
{
u = GetUser(sql);
}
}
return(u);
}
public override void CreateRole(string rolename)
{
if (rolename.Contains(","))
{
throw new ArgumentException("Role names cannot contain commas.");
}
if (RoleExists(rolename))
{
throw new ProviderException("Role already exists.");
}
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.CreateRole))
{
sql.AssignParameter("RoleName", rolename);
sql.ExecuteNonQuery();
}
}
public override bool DeleteRole(string rolename, bool throwOnPopulatedRole)
{
if (!(RoleExists(rolename)))
{
throw new ProviderException("Role does not exist.");
}
if (throwOnPopulatedRole && (GetUsersInRole(rolename).Length > 0))
{
throw new ProviderException("Cannot delete a pouplated role.");
}
using (SqlStatement sql = CreateSqlStatement(RoleProviderSqlStatement.DeleteRole))
{
using (SqlStatement sql2 = CreateSqlStatement(RoleProviderSqlStatement.DeleteRoleUsers))
{
sql2.AssignParameter("RoleName", rolename);
sql2.ExecuteNonQuery();
}
sql.AssignParameter("RoleName", rolename);
sql.ExecuteNonQuery();
}
return(true);
}