예제 #1
0
        /// <summary>
        /// Returns the contents of the file specified in the migrated key - if it exists
        /// If the file doesn't exist, then just return the default value
        /// </summary>
        /// <param name="migratedKey"></param>
        /// <param name="defaultValue"></param>
        /// <returns></returns>
        private string GetMigratedXSLT(string migratedKey, string defaultValue)
        {
            string result = defaultValue;

            try
            {
                string url = Utils.GetWebProperty(migratedKey, "", _web);

                if (!String.IsNullOrEmpty(url))
                {
                    url = Utils.GetAbsoluteURL(_web, url);
                    string     contents = string.Empty;
                    WebRequest request  = WebRequest.Create(url);
                    request.Credentials = CredentialCache.DefaultCredentials;
                    using (WebResponse response = request.GetResponse())
                    {
                        using (StreamReader reader = new StreamReader(response.GetResponseStream()))
                        {
                            result = reader.ReadToEnd();
                        }
                        response.Close();
                    }
                }
            }
            catch
            {
            }

            return(result);
        }
        public static bool CopyToReviewList(MembershipRequest request)
        {
            SPList     reviewList;
            SPListItem reviewItem = null;
            bool       result     = false;

            try
            {
                SPSecurity.RunWithElevatedPrivileges(delegate()
                {
                    using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
                    {
                        SPWeb web = site.RootWeb;
                        if (web != null)
                        {
                            site.AllowUnsafeUpdates = true;
                            web.AllowUnsafeUpdates  = true;
                            reviewList = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
                            if (reviewList != null)
                            {
                                using (SPWeb currentWeb = site.OpenWeb(SPContext.Current.Web.ID))
                                {
                                    if (!MembershipRequest.SendPendingMembershipEmail(request, currentWeb))
                                    {
                                        return;
                                    }
                                }

                                reviewItem = reviewList.Items.Add();

                                reviewItem[MembershipReviewListFields.DATESUBMITTED]           = DateTime.Now;
                                reviewItem[MembershipReviewListFields.EMAIL]                   = request.UserEmail;
                                reviewItem[MembershipReviewListFields.REQUESTID]               = Guid.NewGuid();
                                reviewItem[MembershipReviewListFields.FIRSTNAME]               = request.FirstName;
                                reviewItem[MembershipReviewListFields.LASTNAME]                = request.LastName;
                                reviewItem[MembershipReviewListFields.STATUS]                  = MembershipStatus.Pending.ToString();
                                reviewItem[MembershipReviewListFields.USERNAME]                = request.UserName;
                                reviewItem[MembershipReviewListFields.RECOVERPASSWORDQUESTION] = request.PasswordQuestion;;
                                reviewItem[MembershipReviewListFields.RECOVERPASSWORDANSWER]   = request.PasswordAnswer;
                                reviewItem[MembershipReviewListFields.DEFAULTGROUP]            = request.DefaultGroup;
                                reviewItem.Update();
                                reviewList.Update();
                                /* bms Removed called to SendPendingMembershipEmail due to call on ItemAdded */
                                result = true;
                            }
                            else
                            {
                                Utils.LogError("Unable to find Membership Review List");
                            }
                        }
                    }
                });
            }
            catch (Exception ex)
            {
                Utils.LogError(ex);
            }

            return(result);
        }
        protected override void CreateChildControls()
        {
            // return when user is not a forms based user
            IClaimsIdentity claimsIdentity = (HttpContext.Current.User != null) ? (HttpContext.Current.User.Identity as IClaimsIdentity) : null;

            if (claimsIdentity != null)
            {
                SPClaimProviderManager mgr = SPClaimProviderManager.Local;
                SPClaim sPClaim            = mgr.DecodeClaimFromFormsSuffix(claimsIdentity.Name);
                if (SPOriginalIssuers.GetIssuerType(sPClaim.OriginalIssuer) == SPOriginalIssuerType.Windows)
                {
                    return;
                }
            }


            string changePasswordPage = "";

            SPSecurity.RunWithElevatedPrivileges(delegate()
            {
                using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
                {
                    MembershipSettings setting = new MembershipSettings(site.RootWeb);

                    if (setting == null || string.IsNullOrEmpty(setting.ChangePasswordPage))
                    {
                        return;
                    }

                    changePasswordPage = setting.ChangePasswordPage;
                }
            });



            // generate return url
            string source = SPUtility.OriginalServerRelativeRequestUrl;
            string target = Utils.GetAbsoluteURL(SPContext.Current.Web, changePasswordPage);

            MenuItemTemplate changePasswordItem = new MenuItemTemplate();

            changePasswordItem.Text        = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Title");
            changePasswordItem.Description = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Desc");
            changePasswordItem.Sequence    = 1;
            changePasswordItem.ClientOnClickNavigateUrl = target + "?Source=" + SPHttpUtility.UrlKeyValueEncode(source);

            this.Controls.Add(changePasswordItem);
        }
        public static MembershipRequest GetMembershipRequest(MembershipUser user, SPWeb web)
        {
            MembershipRequest request = new MembershipRequest();

            request.UserEmail = user.Email;
            request.UserName  = user.UserName;
            request.SiteName  = web.Title;
            request.SiteURL   = web.Url;

            /* These are the possible set of URLs that are provided to the user and developer in the XSLT */
            MembershipSettings settings = new MembershipSettings(web);

            request.ChangePasswordURL   = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
            request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
            request.ThankYouURL         = Utils.GetAbsoluteURL(web, settings.ThankYouPage);

            return(request);
        }
        private static MembershipRequest GetMembershipRequest(SPWeb web, SPListItem item, string password)
        {
            MembershipSettings settings = new MembershipSettings(web);
            MembershipRequest  request  = new MembershipRequest();

            /* These are the core fields that are part of the membership provider request */
            request.FirstName = item[MembershipReviewListFields.FIRSTNAME].ToString();
            request.LastName  = item[MembershipReviewListFields.LASTNAME].ToString();
            request.Password  = password;
            /* bms Updated the web property of Title for the site name instead of Name */
            request.SiteName  = web.Title;
            request.SiteURL   = web.Url;
            request.UserEmail = item[MembershipReviewListFields.EMAIL].ToString();
            request.UserName  = item[MembershipReviewListFields.USERNAME].ToString();

            /* These fields may not be avaliable based on the membership provider */
            if (item[MembershipReviewListFields.RECOVERPASSWORDQUESTION] != null)
            {
                request.PasswordQuestion = item[MembershipReviewListFields.RECOVERPASSWORDQUESTION].ToString();
            }
            if (item[MembershipReviewListFields.RECOVERPASSWORDANSWER] != null)
            {
                request.PasswordAnswer = item[MembershipReviewListFields.RECOVERPASSWORDANSWER].ToString();
            }
            if (item[MembershipReviewListFields.DEFAULTGROUP] != null)
            {
                request.DefaultGroup = item[MembershipReviewListFields.DEFAULTGROUP].ToString();
            }

            /* These are the possible set of URLs that are provided to the user and developer in the XSLT */
            request.ChangePasswordURL   = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
            request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
            request.ThankYouURL         = Utils.GetAbsoluteURL(web, settings.ThankYouPage);

            return(request);
        }
예제 #6
0
        protected override void OnCreatedUser(EventArgs e)
        {
            // Note: this doesn't run using the privileges of the anonymous user, so we elevate them
            // Also, you can't use the original Site even with elevated privileges, otherwise it reverts back to anonymous.
            SPSecurity.RunWithElevatedPrivileges(delegate()
            {
                using (SPSite site2 = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
                {
                    using (SPWeb web2 = site2.OpenWeb(SPContext.Current.Web.ID))
                    {
                        // from this point allowunsafeupdates is required because the call is initiated from a browser with
                        // anonymouse rights only
                        web2.AllowUnsafeUpdates = true;

                        MembershipRequest request = new MembershipRequest();
                        request.UserEmail         = this.Email;
                        request.UserName          = this.UserName;
                        if (System.Web.Security.Membership.RequiresQuestionAndAnswer)
                        {
                            request.PasswordQuestion = this.Question;
                            request.PasswordAnswer   = this.Answer;
                        }
                        request.FirstName    = this.FirstName;
                        request.LastName     = this.LastName;
                        request.DefaultGroup = this._DefaultGroup;

                        request.SiteName = web2.Title;
                        request.SiteURL  = web2.Url;

                        MembershipSettings settings = new MembershipSettings(web2);

                        if (settings.ReviewMembershipRequests)
                        {
                            request.LoginCreatedUser = false;

                            if (!MembershipRequest.CopyToReviewList(request))
                            {
                                lblError.Text = this.UnknownErrorMessage;
                                return;
                            }
                        }
                        else
                        {
                            #region Process new user request if we're NOT using the Request List

                            if (!AutoGeneratePassword)
                            {
                                request.Password = this.Password;
                            }

                            request.ChangePasswordURL = Utils.GetAbsoluteURL(web2, settings.ChangePasswordPage);
                            request.LoginCreatedUser  = SPLoginCreatedUser;

                            try
                            {
                                MembershipRequest.ApproveMembership(request, web2);
                            }
                            catch (Exception ex)
                            {
                                Utils.LogError(ex);
                                this.lblCompleteSuccess.Text = this.UnknownErrorMessage;
                                return;
                            }


                            #endregion
                        }
                        this.MoveTo(this.CompleteStep);
                    }
                }
            });
        }
        public static void ApproveMembership(MembershipRequest request, SPWeb web)
        {
            Hashtable xsltValues;
            MembershipCreateStatus createStatus;
            SPListItem             debuggingInfoItem = null;
            MembershipSettings     settings          = new MembershipSettings(web);
            MembershipProvider     membership        = Utils.BaseMembershipProvider(web.Site);

            /* This is just for debugging */
            try
            {
                SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));

                if (memberlist.Fields.ContainsField("LastError"))
                {
                    foreach (SPListItem addItem in memberlist.Items)
                    {
                        if (addItem["User Name"].ToString() == request.UserName)
                        {
                            debuggingInfoItem = addItem;
                            /* bms added break to only loop through items needed */
                            break;
                        }
                    }
                }
            }
            catch
            {
            }
            /* Above is for debugging */

            try
            {
                if (string.IsNullOrEmpty(request.UserName))
                {
                    throw new Exception("User name must not be null or empty.");
                }

                /* rdcpro: Allows providers that don't have password and question */
                if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordQuestion))
                {
                    throw new Exception("You must specify a password question.");
                }

                if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordAnswer))
                {
                    throw new Exception("You must specify a password answer.");
                }

                if (string.IsNullOrEmpty(request.UserEmail))
                {
                    throw new Exception("Email address must not be null or empty.");
                }
                //create account
                /* bms Create password at a minimum of 7 characters or Min from provider if greater */
                int passwordLength = 14;
                if (passwordLength < membership.MinRequiredPasswordLength)
                {
                    passwordLength = membership.MinRequiredPasswordLength;
                }
                if (passwordLength < membership.MinRequiredNonAlphanumericCharacters)
                {
                    passwordLength = membership.MinRequiredNonAlphanumericCharacters;
                }
                if (String.IsNullOrEmpty(request.Password))
                {
                    request.Password = System.Web.Security.Membership.GeneratePassword(passwordLength, membership.MinRequiredNonAlphanumericCharacters);
                }
                MembershipUser existingUser = Utils.BaseMembershipProvider(web.Site).GetUser(request.UserName, false);
                if (existingUser != null)
                {
                    membership.DeleteUser(request.UserName, true);
                }
                MembershipUser newUser;
                //This section is to transaction Creating the user and sending the email
                try
                {
                    // rdcpro: Changes to support providers that don't require question and answer.
                    if (membership.RequiresQuestionAndAnswer)
                    {
                        //membership.CreateUser(request.UserName, tempPassword, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, out createStatus);
                        newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, null, out createStatus);
                    }
                    else
                    {
                        //  With this method the MembershipCreateUserException will take care of things if the user can't be created, so no worry that createStatus is set to success
                        //membership.CreateUser(.CreateUser(request.UserName, tempPassword, request.UserEmail);
                        newUser      = membership.CreateUser(request.UserName, request.Password, request.UserEmail, null, null, true, null, out createStatus);
                        createStatus = MembershipCreateStatus.Success;
                    }

                    if (debuggingInfoItem != null)
                    {
                        if (debuggingInfoItem.Fields.ContainsField("LastError"))
                        {
                            debuggingInfoItem["LastError"] = "Created User";
                            debuggingInfoItem.SystemUpdate();
                        }
                    }

                    if (createStatus == MembershipCreateStatus.Success)
                    {
                        newUser.IsApproved = true;
                        membership.UpdateUser(newUser);

                        //Add the user to the default group
                        if (!String.IsNullOrEmpty(request.DefaultGroup))
                        {
                            web.SiteGroups[request.DefaultGroup].AddUser(Utils.EncodeUsername(request.UserName.ToLower(), web.Site), request.UserEmail, request.FirstName + " " + request.LastName, "Self Registration");

                            //Login the user if selected
                            if (request.LoginCreatedUser)
                            {
                                Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(new Uri(web.Url), request.UserName, request.Password);
                            }
                        }
                        if (debuggingInfoItem != null)
                        {
                            if (debuggingInfoItem.Fields.ContainsField("LastError"))
                            {
                                if (!String.IsNullOrEmpty(request.DefaultGroup))
                                {
                                    debuggingInfoItem["LastError"] = "Add User Has No Groups";
                                }
                                else
                                {
                                    debuggingInfoItem["LastError"] = "Add User To Groups";
                                }
                                debuggingInfoItem.SystemUpdate();
                            }
                        }

                        //email user to confirm that request is approved
                        xsltValues = new Hashtable(1);
                        xsltValues.Add("fba:MembershipRequest", request);
                        bool bSentMail = Email.SendEmail(web, request.UserEmail, settings.MembershipApprovedEmail, xsltValues);

                        if (!bSentMail)
                        {
                            Utils.LogError("SendEmail failed");
                            throw new Exception("Error sending mail notification");
                        }
                        if (debuggingInfoItem != null)
                        {
                            if (debuggingInfoItem.Fields.ContainsField("LastError"))
                            {
                                debuggingInfoItem["LastError"] = "Sent Email To New User: "******"Error creating user: "******"LastError"))
                        {
                            foreach (SPListItem addItem in memberlist.Items)
                            {
                                if (addItem["User Name"].ToString() == request.UserName)
                                {
                                    addItem["LastError"] = AdduserExp.Message.ToString();
                                    addItem.SystemUpdate();
                                    break;
                                }
                            }
                        }
                    }
                    catch
                    {
                    }

                    // TODO: if CreateUser fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is.
                    // Maybe the list should always have the "LastError" field, or else the status can have an extra error value in addition to pending | approved | rejected
                    // Then in the calling code, we must not delete the item from the list!
                    // Also, if we're handling an exception, we should set the status back to "Pending".
                    // For now, we rethrow the exception which will cause the caller to fail, and prevent the delete.
                    throw new Exception(AdduserExp.Message);
                }
            }
            catch (Exception ex)
            {
                //Add error information to list
                try
                {
                    SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
                    if (memberlist.Fields.ContainsField("LastError"))
                    {
                        foreach (SPListItem addItem in memberlist.Items)
                        {
                            if (addItem["User Name"].ToString() == request.UserName)
                            {
                                // This overwrites anything already in the LastError field.
                                addItem["LastError"] = ex.Message.ToString();
                                addItem.SystemUpdate();
                            }
                        }
                    }
                }
                catch
                {
                }

                Utils.LogError(ex);
                throw new Exception(ex.Message);
            }
        }