Exemplo n.º 1
0
        /// <summary>
        /// Initializes a new instance of the <see cref="Terradue.Tep.WebServer.WebUserTep"/> class.
        /// </summary>
        /// <param name="entity">Entity.</param>
        public WebUserTep(IfyWebContext context, UserTep entity, bool umsso = false) : base(entity)
        {
            if (umsso)
            {
                AuthenticationType umssoauthType = IfyWebContext.GetAuthenticationType(typeof(UmssoAuthenticationType));
                var umssoUser = umssoauthType.GetUserProfile(context, HttpContext.Current.Request, false);
                if (umssoUser != null)
                {
                    this.UmssoEmail = umssoUser.Email;
                }
            }

            //only current user can know the api key
            if (context.UserId == entity.Id)
            {
                this.ApiKey         = entity.ApiKey;
                this.T2ProfileError = HttpContext.Current.Session["t2profileError"] as string;
                if ((string.IsNullOrEmpty(entity.Affiliation) || string.IsNullOrEmpty(entity.Country) || string.IsNullOrEmpty(entity.FirstName) || string.IsNullOrEmpty(entity.LastName)))
                {
                    this.T2ProfileError += (string.IsNullOrEmpty(this.T2ProfileError) ? "" : "\n") + "Profile not complete";
                }
                this.T2ApiKey = entity.GetSessionApiKey();
            }

            if (context.UserId == entity.Id || context.UserLevel == UserLevel.Administrator)
            {
                this.T2Username = entity.TerradueCloudUsername;
                if (context.GetConfigBooleanValue("accounting-enabled"))
                {
                    this.Balance = entity.GetAccountingBalance();
                }
                this.Roles = GetUserCommunityRoles(context, entity);
                if (context.UserLevel == UserLevel.Administrator)
                {
                    if (entity.RegistrationDate == DateTime.MinValue)
                    {
                        entity.LoadRegistrationInfo();
                    }
                    this.RegistrationDate = entity.RegistrationDate;
                }
            }
            else
            {
                this.Email         = null;
                this.Affiliation   = null;
                this.Level         = 0;
                this.AccountStatus = 0;
                this.DomainId      = null;
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// This method allows user to request the confirmation email
        /// </summary>
        /// <param name="request">Request.</param>
        public object Post(SendUserEmailConfirmationEmail request)
        {
            var context = TepWebContext.GetWebContext(PagePrivileges.UserView);

            try {
                context.Open();
                context.LogInfo(this, string.Format("/user/emailconfirm POST"));
                context.LogError(this, string.Format("Email already confirmed for user {0}", context.Username));
                return(new HttpError(System.Net.HttpStatusCode.BadRequest, new InvalidOperationException("Account does not require email confirmation")));
            } catch (PendingActivationException) {
                context.LogDebug(this, string.Format("Pending activation for user {0}", context.Username));
                AuthenticationType umssoauthType = IfyWebContext.GetAuthenticationType(typeof(UmssoAuthenticationType));
                var umssoUser = umssoauthType.GetUserProfile(context, HttpContext.Current.Request, false);
                if (umssoUser == null)
                {
                    context.LogError(this, string.Format("User not logged in UMSSO"));
                    return(new HttpError(System.Net.HttpStatusCode.BadRequest, new UnauthorizedAccessException("Not logged in UM-SSO")));
                }

                if (Request.Headers["Umsso-Person-Email"] != umssoUser.Email)
                {
                    umssoUser.Email = Request.Headers["Umsso-Person-Email"];
                    umssoUser.Store();
                    context.LogError(this, string.Format("Confirmation email and UM-SSO email do not match"));
                }

                string emailFrom = context.GetConfigValue("MailSenderAddress");
                string subject   = context.GetConfigValue("RegistrationMailSubject");
                subject = subject.Replace("$(SITENAME)", context.GetConfigValue("SiteName"));

                string confirmUrl = context.GetConfigValue("EmailConfirmationUrl").Replace("$(BASEURL)", context.GetConfigValue("BaseUrl")).Replace("$(TOKEN)", umssoUser.ActivationToken);
                string body       = context.GetConfigValue("RegistrationMailBody");
                body = body.Replace("$(USERNAME)", umssoUser.Username);
                body = body.Replace("$(SITENAME)", context.GetConfigValue("SiteName"));
                body = body.Replace("$(ACTIVATIONURL)", confirmUrl);

                context.SendMail(emailFrom, umssoUser.Email, subject, body);

                return(new HttpResult(new EmailConfirmationMessage()
                {
                    Status = "sent", Email = umssoUser.Email
                }));
            }
        }
Exemplo n.º 3
0
        /// <summary>
        /// This method allows user to confirm its email adress with a token key
        /// </summary>
        /// <param name="request">Request.</param>
        public object Get(ConfirmUserEmail request)
        {
            var context = TepWebContext.GetWebContext(PagePrivileges.UserView);

            // Let's try to open context
            try {
                context.LogInfo(this, string.Format("/user/emailconfirm GET"));
                context.Open();
                context.LogError(this, string.Format("Email already confirmed for user {0}", context.Username));
                context.Close();
                return(new HttpError(System.Net.HttpStatusCode.MethodNotAllowed, new InvalidOperationException("Email already confirmed")));
            } catch (Exception e) {
                AuthenticationType authType      = IfyWebContext.GetAuthenticationType(typeof(TokenAuthenticationType));
                AuthenticationType umssoauthType = IfyWebContext.GetAuthenticationType(typeof(UmssoAuthenticationType));

                var umssoUser = umssoauthType.GetUserProfile(context, HttpContext.Current.Request, false);

                if (umssoUser == null)
                {
                    context.LogError(this, string.Format("User not logged in EOSSO"));
                    throw new ResourceNotFoundException("Not logged in EO-SSO");
                }

                if (e is PendingActivationException)
                {
                    context.LogDebug(this, string.Format("Pending activation for user {0}", context.Username));
                    // User is logged, now we confirm the email with the token
                    context.LogDebug(this, string.Format("User now logged -- Confirm email with token"));
                    User tokenUser = ((TokenAuthenticationType)authType).AuthenticateUser(context, request.Token);

                    // We must check that the logged user if the one that received the email
                    // If not, we rollback to previous status
                    if (tokenUser.Email != Request.Headers["Umsso-Person-Email"])
                    {
                        tokenUser.AccountStatus = AccountStatusType.PendingActivation;
                        tokenUser.Store();
                        context.LogError(this, string.Format("Confirmation email and UM-SSO email do not match"));
                        return(new HttpError(System.Net.HttpStatusCode.BadRequest, new UnauthorizedAccessException("Confirmation email and UM-SSO email do not match")));
                    }

                    context.LogDebug(this, string.Format("User now logged -- Email confirmed"));

                    //send an email to Support to warn them
                    try {
                        string emailFrom = context.GetConfigValue("MailSenderAddress");
                        string subject   = string.Format("[{0}] - Email verification for user {1}", context.GetConfigValue("SiteName"), umssoUser.Username);
                        string body      = context.GetConfigValue("EmailConfirmedNotification");
                        body = body.Replace("$(USERNAME)", umssoUser.Username);
                        body = body.Replace("$(EMAIL)", umssoUser.Email);
                        context.SendMail(emailFrom, emailFrom, subject, body);
                    } catch (Exception e1) {
                        context.LogError(this, e1.Message, e1);
                    }
                }
                else
                {
                    context.LogError(this, e.Message, e);
                    throw e;
                }
            }

            context.Close();
            return(new WebResponseBool(true));
        }