/// <summary>
/// Initializes a new instance of the <see cref="Email"/> class.
/// </summary>
/// <param name="summary">The summary.</param>
/// <param name="plainTextView">The plain text view.</param>
/// <param name="htmlView">The HTML view.</param>
public Email(UserSummary summary,string plainTextView,string htmlView)
{
if (summary == null || (string.IsNullOrEmpty(summary.ExistingEmail) && string.IsNullOrEmpty(summary.NewEmail)))
throw new EmailException(null, "The UserSummary for the email is null or has an empty email");
if (string.IsNullOrEmpty(plainTextView))
throw new EmailException(null, "No plain text view can be found for {0}", GetType().Name);
if (string.IsNullOrEmpty(htmlView))
throw new EmailException(null, "No HTML view can be found for {0}", GetType().Name);
UserSummary = summary;
PlainTextView = plainTextView;
HtmlView = htmlView;
ReplaceTokens(summary);
}
/// <summary>
/// Changes the username of a user to a new username.
/// </summary>
/// <param name="summary">The user details to change. The password property is ignored for this object - use ChangePassword instead.</param>
/// <returns>
/// true if the change was successful;false if the new username already exists in the system.
/// </returns>
/// <exception cref="SecurityException">An NHibernate (database) error occurred while changing the email/username.</exception>
public override bool UpdateUser(UserSummary summary)
{
try
{
User user;
// These checks is run in the UserSummary object by MVC - but doubled up in here for _when_ the API is used without MVC.
if (summary.ExistingEmail != summary.NewEmail)
{
user = Users.FirstOrDefault(u => u.Email == summary.NewEmail);
if (user != null)
throw new SecurityException(null, "The email provided already exists.");
}
if (summary.ExistingUsername != summary.NewUsername)
{
user = Users.FirstOrDefault(u => u.Username == summary.NewUsername);
if (user != null)
throw new SecurityException(null, "The username provided already exists.");
}
user = Users.FirstOrDefault(u => u.Id == summary.Id);
if (user == null)
throw new SecurityException(null, "The user does not exist.");
// Update the profile details
user.Firstname = summary.Firstname;
user.Lastname = summary.Lastname;
NHibernateRepository.Current.SaveOrUpdate<User>(user);
// Save the email
if (summary.ExistingEmail != summary.NewEmail)
{
user = Users.FirstOrDefault(u => u.Email == summary.ExistingEmail);
if (user != null)
{
user.Email = summary.NewEmail;
NHibernateRepository.Current.SaveOrUpdate<User>(user);
}
else
{
return false;
}
}
// Save the username
if (summary.ExistingUsername != summary.NewUsername)
{
user = Users.FirstOrDefault(u => u.Username == summary.ExistingUsername);
if (user != null)
{
user.Username = summary.NewUsername;
NHibernateRepository.Current.SaveOrUpdate<User>(user);
//
// Update the PageContent.EditedBy history
//
IList<PageContent> pageContents = PageContents.Where(p => p.EditedBy == summary.ExistingUsername).ToList();
for (int i = 0; i < pageContents.Count; i++)
{
NHibernateUtil.Initialize(pageContents[i].Page); // force the proxy to hydrate
pageContents[i].EditedBy = summary.NewUsername;
NHibernateRepository.Current.SaveOrUpdate<PageContent>(pageContents[i]);
}
//
// Update all Page.CreatedBy and Page.ModifiedBy
//
IList<Page> pages = Pages.Where(p => p.CreatedBy == summary.ExistingUsername).ToList();
for (int i = 0; i < pages.Count; i++)
{
pages[i].CreatedBy = summary.NewUsername;
NHibernateRepository.Current.SaveOrUpdate<Page>(pages[i]);
}
pages = Pages.Where(p => p.ModifiedBy == summary.ExistingUsername).ToList();
for (int i = 0; i < pages.Count; i++)
{
pages[i].ModifiedBy = summary.NewUsername;
NHibernateRepository.Current.SaveOrUpdate<Page>(pages[i]);
}
}
else
{
return false;
}
}
return true;
}
catch (HibernateException ex)
{
throw new SecurityException(ex, "An error occurred updating the user {0} ", summary.ExistingEmail);
}
}
/// <summary>
/// Creates a user in the system without setting the <see cref="User.IsActivated"/>, in other words for a user confirmation email.
/// </summary>
/// <param name="user">The user details to signup.</param>
/// <param name="completed">Called once the signup (e.g. email is sent) is complete. Pass Null for no action.</param>
/// <returns>
/// The activation key for the signup.
/// </returns>
public override string Signup(UserSummary summary, Action completed)
{
if (summary == null)
throw new SecurityException("The summary provided to Signup is null.", null);
try
{
// Create the new user
summary.ActivationKey = Guid.NewGuid().ToString();
User user = new User();
user.Username = summary.NewUsername;
user.ActivationKey = summary.ActivationKey;
user.Email = summary.NewEmail;
user.Firstname = summary.Firstname;
user.Lastname = summary.Lastname;
user.SetPassword(summary.Password);
user.IsEditor = true;
user.IsAdmin = false;
user.IsActivated = false;
NHibernateRepository.Current.SaveOrUpdate<User>(user);
if (completed != null)
completed();
return user.ActivationKey;
}
catch (HibernateException ex)
{
throw new SecurityException(ex, "An error occurred with the signup of {0}", summary.NewEmail);
}
}
public ResetPasswordEmail(UserSummary summary)
: base(summary, _plainTextContent, _htmlContent)
{
}
/// <summary>
/// Replaces all tokens in the html and plain text views.
/// </summary>
/// <param name="summary"></param>
protected virtual void ReplaceTokens(UserSummary summary)
{
HtmlView = HtmlView.Replace("{FIRSTNAME}", summary.Firstname);
HtmlView = HtmlView.Replace("{LASTNAME}", summary.Lastname);
HtmlView = HtmlView.Replace("{EMAIL}", summary.NewEmail);
HtmlView = HtmlView.Replace("{USERNAME}", summary.NewUsername);
HtmlView = HtmlView.Replace("{SITEURL}", RoadkillSettings.SiteUrl);
HtmlView = HtmlView.Replace("{ACTIVATIONKEY}", summary.ActivationKey);
HtmlView = HtmlView.Replace("{RESETKEY}", summary.PasswordResetKey);
HtmlView = HtmlView.Replace("{USERID}", summary.Id.ToString());
HtmlView = HtmlView.Replace("{SITENAME}", RoadkillSettings.SiteName);
HtmlView = HtmlView.Replace("{REQUEST_IP}", HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]);
PlainTextView = PlainTextView.Replace("{FIRSTNAME}", summary.Firstname);
PlainTextView = PlainTextView.Replace("{LASTNAME}", summary.Lastname);
PlainTextView = PlainTextView.Replace("{EMAIL}", summary.NewEmail);
PlainTextView = PlainTextView.Replace("{USERNAME}", summary.NewUsername);
PlainTextView = PlainTextView.Replace("{SITEURL}", RoadkillSettings.SiteUrl);
PlainTextView = PlainTextView.Replace("{ACTIVATIONKEY}", summary.ActivationKey);
PlainTextView = PlainTextView.Replace("{RESETKEY}", summary.PasswordResetKey);
PlainTextView = PlainTextView.Replace("{USERID}", summary.Id.ToString());
PlainTextView = PlainTextView.Replace("{SITENAME}", RoadkillSettings.SiteName);
PlainTextView = PlainTextView.Replace("{REQUEST_IP}", HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]);
}
/// <summary> /// Changes the email(username) of user to a new email address. /// </summary> /// <param name="email">The existing email address or username of the user.</param> /// <param name="newEmail">The new email/username.</param> /// <returns>true if the change was successful;false if the new email address already exists in the system.</returns> public abstract bool UpdateUser(UserSummary summary);
public SignupEmail(UserSummary summary)
: base(summary, _plainTextContent, _htmlContent)
{
}
/// <exception cref="NotImplementedException">This feature is not available with the <see cref="ActiveDirectoryUserManager"/></exception>
public override bool UpdateUser(UserSummary summary)
{
throw new NotImplementedException();
}
/// <summary> /// Creates a user in the system without setting the <see cref="User.IsActivated"/>, in other words for a user confirmation email. /// </summary> /// <param name="user">The user details to signup.</param> /// <param name="completed">Called once the signup (e.g. email is sent) is complete. Pass Null for no action.</param> /// <returns>The activation key for the signup.</returns> public abstract string Signup(UserSummary summary, Action completed);
public void Signup_And_Activate()
{
// Signup
UserSummary summary = new UserSummary();
summary.Firstname = "Harry";
summary.Lastname = "Houdini";
summary.NewEmail = "harry@localhost";
summary.NewUsername = "******";
summary.Password = "******";
string key = UserManager.Current.Signup(summary,null);
Assert.IsNotNull(key);
User actual = UserManager.Current.GetUser("harry@localhost");
Assert.IsNotNull(actual);
Assert.AreEqual(key,actual.ActivationKey);
//
// Activate
//
Assert.IsTrue(UserManager.Current.ActivateUser(key));
actual = UserManager.Current.GetUser("harry@localhost");
Assert.IsNotNull(actual);
Assert.IsTrue(actual.IsActivated);
}
/// <exception cref="NotImplementedException">This feature is not available with the <see cref="ActiveDirectoryUserManager"/></exception>
public override string Signup(UserSummary summary, Action completed)
{
throw new NotImplementedException();
}
/// <summary>
/// Ensures the two passwords match.
/// </summary>
public static ValidationResult VerifyPasswordsMatch(UserSummary user, ValidationContext context)
{
// A blank password indicates no change is occuring.
if (!(user.IsNew && user.Id == null) && string.IsNullOrEmpty(user.Password))
{
return ValidationResult.Success;
}
if (user.Password == user.PasswordConfirmation)
{
return ValidationResult.Success;
}
else
{
return new ValidationResult(SiteStrings.User_Validation_PasswordsDontMatch);
}
}
/// <summary>
/// Ensures the password is minimum length and strength set by the Membership provider.
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public static ValidationResult VerifyPassword(UserSummary user, ValidationContext context)
{
// A blank password indicates no change is occuring.
if (!(user.IsNew && user.Id == null) && string.IsNullOrEmpty(user.Password))
{
return ValidationResult.Success;
}
else
{
if (string.IsNullOrEmpty(user.Password) || user.Password.Length < RoadkillSettings.MinimumPasswordLength)
{
return new ValidationResult(string.Format(SiteStrings.User_Validation_PasswordTooShort, RoadkillSettings.MinimumPasswordLength));
}
}
return ValidationResult.Success;
}
/// <summary>
/// Checks if the <see cref="NewUsername"/> provided is already a user in the system.
/// </summary>
/// <param name="user"></param>
/// <returns><see cref="ValidationResult.Success"/> if the username hasn't changed,
/// or if it has and the new username doesn't already exist.</returns>
public static ValidationResult VerifyNewUsername(UserSummary user, ValidationContext context)
{
if ((user.IsNew && user.Id == null) || user.ExistingUsername != user.NewUsername)
{
if (UserManager.Current.UserNameExists(user.NewUsername))
{
return new ValidationResult(string.Format(SiteStrings.User_Validation_UsernameExists, user.NewUsername));
}
else if (!string.IsNullOrEmpty(user.NewUsername) && user.NewUsername.Trim().Length == 0)
{
return new ValidationResult(string.Format(SiteStrings.User_Validation_UsernameEmpty, user.NewUsername));
}
}
return ValidationResult.Success;
}
/// <summary>
/// Checks if the <see cref="NewEmail"/> provided is already a user in the system.
/// </summary>
/// <param name="user"></param>
/// <returns><see cref="ValidationResult.Success"/> if the email hasn't changed,
/// or if it has and the new email doesn't already exist.</returns>
public static ValidationResult VerifyNewEmail(UserSummary user, ValidationContext context)
{
// Only check if the username has changed
if ((user.IsNew && user.Id == null) || user.ExistingEmail != user.NewEmail)
{
if (UserManager.Current.UserExists(user.NewEmail))
{
return new ValidationResult(string.Format(SiteStrings.User_Validation_EmailExists, user.NewEmail));
}
}
return ValidationResult.Success;
}
/// <summary>
/// Checks if the <see cref="Id"/> is empty.
/// </summary>
/// <param name="user"></param>
/// <returns><see cref="ValidationResult.Success"/> if the ID isn't empty or if the user is new,
/// otherwise an error message.</returns>
public static ValidationResult VerifyId(UserSummary user, ValidationContext context)
{
if (user.Id == Guid.Empty)
{
if (user.IsNew)
{
return ValidationResult.Success;
}
else
{
return new ValidationResult("The User ID is empty");
}
}
else
{
return ValidationResult.Success;
}
}