public static MembershipUserCollection FindUsersByEmail(string emailToMatch,
int pageIndex,
int pageSize,
out int totalRecords)
{
SecUtility.CheckParameter(ref emailToMatch,
false,
false,
false,
0,
"emailToMatch");
if (pageIndex < 0)
{
throw new ArgumentException(SR.GetString(SR.PageIndex_bad), "pageIndex");
}
if (pageSize < 1)
{
throw new ArgumentException(SR.GetString(SR.PageSize_bad), "pageSize");
}
return(Provider.FindUsersByEmail(emailToMatch,
pageIndex,
pageSize,
out totalRecords));
}
/// <summary>
/// Initializes the provider.
/// </summary>
/// <param name="name">The friendly name of the provider.</param>
/// <param name="config">A collection of the name/value pairs representing the provider-specific attributes specified in the configuration for this provider.</param>
/// <exception cref="T:System.ArgumentNullException">The name of the provider is null.</exception>
/// <exception cref="T:System.InvalidOperationException">An attempt is made to call
/// <see cref="M:System.Configuration.Provider.ProviderBase.Initialize(System.String,System.Collections.Specialized.NameValueCollection)"></see> on a provider
/// after the provider has already been initialized.</exception>
/// <exception cref="T:System.ArgumentException">The name of the provider has a length of zero.</exception>
public override void Initialize(string name, NameValueCollection config)
{
// Initialize values from web.config
if (config == null)
{
throw new ArgumentNullException("config");
}
if (name == null || name.Length == 0)
{
name = "UmbracoMemberRoleProvider";
}
if (String.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "Umbraco Member Role provider");
}
// Initialize the abstract base class.
base.Initialize(name, config);
this._applicationName = config["applicationName"];
if (string.IsNullOrEmpty(this._applicationName))
{
this._applicationName = SecUtility.GetDefaultAppName();
}
}
public static MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
if (!SecUtility.ValidateParameter(ref username, true, true, true, 0))
{
status = MembershipCreateStatus.InvalidUserName;
return(null);
}
if (!SecUtility.ValidatePasswordParameter(ref password, 0))
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (!SecUtility.ValidateParameter(ref email, false, false, false, 0))
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
if (!SecUtility.ValidateParameter(ref passwordQuestion, false, true, false, 0))
{
status = MembershipCreateStatus.InvalidQuestion;
return(null);
}
if (!SecUtility.ValidateParameter(ref passwordAnswer, false, true, false, 0))
{
status = MembershipCreateStatus.InvalidAnswer;
return(null);
}
return(Provider.CreateUser(username, password, email, passwordQuestion, passwordAnswer, isApproved, providerUserKey, out status));
}
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "usernameToMatch");
try
{
var role = (from r in _session.Roles
where r.RoleName == roleName
select r).SingleOrDefault();
if (role == null)
{
throw new ProviderException(StringResources.GetString(StringResources.Provider_role_not_found, roleName));
}
var users = from u in _session.Users
where u.UserName == usernameToMatch &&
u.Roles.Any(r => r.RoleName == roleName)
select u;
if (users == null || !users.Any())
{
return(new string[0]);
}
return(users.Select(u => u.UserName).ToArray());
}
catch
{
throw;
}
}
/// <summary>
/// Validates a user by making sure their username and password are correct in the system. Regardless of the web.config settings,
/// the password information (salt, format) are taken from the database and then compared
/// </summary>
/// <param name="username">Unique username</param>
/// <param name="password">Password to be compared against database.</param>
/// <returns>true if user entered valid information</returns>
public override bool ValidateUser(string username, string password)
{
//Validate the username and password being entered
if (!SecUtility.ValidateParameter(ref username,
true,
true,
false,
255))
{
return(false);
}
if (!SecUtility.ValidateParameter(ref password,
true,
true,
false,
128))
{
return(false);
}
int status;
return(CheckPassword(username, password, out status));
}
public static MembershipUserCollection FindUsersByName(string usernameToMatch)
{
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 0, "usernameToMatch");
int totalRecords = 0;
return(Provider.FindUsersByName(usernameToMatch, 0, 0x7fffffff, out totalRecords));
}
private void CheckSchemaVersion(SqlConnection connection)
{
string[] features = { "Health Monitoring" };
string version = "1";
SecUtility.CheckSchemaVersion(this, connection, features, version, ref _SchemaVersionCheck);
}
private void CheckSchemaVersion(SqlConnection connection)
{
string[] features = new string[] { "Personalization" };
string version = "1";
SecUtility.CheckSchemaVersion(this, connection, features, version, ref this._SchemaVersionCheck);
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
public override ProfileInfoCollection FindProfilesByUserName(ProfileAuthenticationOption authenticationOption, string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)
{
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "username");
SqlParameter[] args = new SqlParameter[1];
args[0] = CreateInputParam("@UserNameToMatch", SqlDbType.NVarChar, usernameToMatch);
return(GetProfilesForQuery(args, authenticationOption, pageIndex, pageSize, out totalRecords));
}
public static ProfileInfoCollection FindProfilesByUserName(ProfileAuthenticationOption authenticationOption, string usernameToMatch)
{
int num;
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 0, "usernameToMatch");
return(Provider.FindProfilesByUserName(authenticationOption, usernameToMatch, 0, 0x7fffffff, out num));
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool RoleExists(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
bool found = false;
object role = null;
try {
role = GetRole(roleName);
found = (role != null);
} catch (TargetInvocationException e) {
// "Element not found" error is expected
COMException ce = (e.InnerException as COMException);
if (ce != null && (uint)ce.ErrorCode == 0x80070490)
{
return(false);
}
throw;
} finally {
if (role != null)
{
Marshal.FinalReleaseComObject(role);
}
}
return(found);
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
HttpRuntime.CheckAspNetHostingPermission(AspNetHostingPermissionLevel.Medium, SR.API_not_supported_at_this_level);
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
InitApp();
if (throwOnPopulatedRole)
{
string[] users;
try
{
users = GetUsersInRole(roleName);
}
catch
{
return(false);
}
if (users.Length != 0)
{
throw new ProviderException(SR.GetString(SR.Role_is_not_empty));
}
}
object[] args = new object[2];
args[0] = roleName;
args[1] = null;
CallMethod(_ObjAzScope != null ? _ObjAzScope : _ObjAzApplication, "DeleteRole", args);
args[0] = 0;
args[1] = null;
CallMethod(_ObjAzScope != null ? _ObjAzScope : _ObjAzApplication, "Submit", args);
return(true);
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override void CreateRole(string roleName)
{
HttpRuntime.CheckAspNetHostingPermission(AspNetHostingPermissionLevel.Medium, SR.API_not_supported_at_this_level);
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
InitApp();
object[] args = new object[2];
args[0] = roleName;
args[1] = null;
object role = CallMethod(_ObjAzScope != null ? _ObjAzScope : _ObjAzApplication, "CreateRole", args);
args[0] = 0;
args[1] = null;
try {
try {
CallMethod(role, "Submit", args);
} finally {
//
// Release the handle to the underlying object
//
Marshal.FinalReleaseComObject(role);
}
} catch {
throw;
}
}
public static void AddUsersToRoles(string[] usernames, string[] roleNames)
{
EnsureEnabled();
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 0, "roleNames");
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 0, "usernames");
Provider.AddUsersToRoles(usernames, roleNames);
try
{
RolePrincipal currentUser = GetCurrentUser() as RolePrincipal;
if (((currentUser != null) && (currentUser.ProviderName == Provider.Name)) && currentUser.IsRoleListCached)
{
foreach (string str in usernames)
{
if (System.Web.Util.StringUtil.EqualsIgnoreCase(currentUser.Identity.Name, str))
{
currentUser.SetDirty();
return;
}
}
}
}
catch
{
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public static ProfileInfoCollection FindInactiveProfilesByUserName(ProfileAuthenticationOption authenticationOption,
string usernameToMatch,
DateTime userInactiveSinceDate,
int pageIndex,
int pageSize,
out int totalRecords)
{
if (pageIndex < 0)
{
throw new ArgumentException(SR.GetString(SR.PageIndex_bad), "pageIndex");
}
if (pageSize < 1)
{
throw new ArgumentException(SR.GetString(SR.PageSize_bad), "pageSize");
}
SecUtility.CheckParameter(ref usernameToMatch,
true,
true,
false,
0,
"usernameToMatch");
return(Provider.FindInactiveProfilesByUserName(authenticationOption, usernameToMatch, userInactiveSinceDate, pageIndex, pageSize, out totalRecords));
}
public bool DeleteUser(string username)
{
SecUtility.CheckParameter(ref username, true, true, true, 256, "username");
int count = SqlHelper.ExecuteNonQuery(CommandType.Text, "delete from tbOper where cnvcOperName='" + username + "'");
return(count > 0 ? true : false);
}
public static MembershipUserCollection FindUsersByEmail(string emailToMatch)
{
SecUtility.CheckParameter(ref emailToMatch, false, false, false, 0, "emailToMatch");
int totalRecords = 0;
return(FindUsersByEmail(emailToMatch, 0, 0x7fffffff, out totalRecords));
}
static public void RemoveUsersFromRole(string[] usernames, string roleName)
{
EnsureEnabled();
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
SecUtility.CheckArrayParameter(ref usernames,
true,
true,
true,
0,
"usernames");
Provider.RemoveUsersFromRoles(usernames, new string[] { roleName });
try
{
RolePrincipal user = GetCurrentUser() as RolePrincipal;
if (user != null && user.ProviderName == Provider.Name && user.IsRoleListCached)
{
foreach (string username in usernames)
{
if (StringUtil.EqualsIgnoreCase(user.Identity.Name, username))
{
user.SetDirty();
break;
}
}
}
}
catch { }
}
public override bool RoleExists(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
bool flag = false;
object o = null;
try
{
o = this.GetRole(roleName);
flag = o != null;
}
catch (TargetInvocationException exception)
{
COMException innerException = exception.InnerException as COMException;
if ((innerException == null) || (innerException.ErrorCode != -2147023728))
{
throw;
}
return(false);
}
finally
{
if (o != null)
{
Marshal.FinalReleaseComObject(o);
}
}
return(flag);
}
public static string[] FindUsersInRole(string roleName, string usernameToMatch)
{
EnsureEnabled();
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 0, "usernameToMatch");
return(Provider.FindUsersInRole(roleName, usernameToMatch));
}
public override void CreateRole(string roleName)
{
HttpRuntime.CheckAspNetHostingPermission(AspNetHostingPermissionLevel.Medium, "API_not_supported_at_this_level");
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
this.InitApp();
object[] args = new object[] { roleName, null };
object objectToCallOn = this.CallMethod((this._ObjAzScope != null) ? this._ObjAzScope : this._ObjAzApplication, "CreateRole", args);
args[0] = 0;
args[1] = null;
try
{
try
{
this.CallMethod(objectToCallOn, "Submit", args);
}
finally
{
Marshal.FinalReleaseComObject(objectToCallOn);
}
}
catch
{
throw;
}
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
HttpRuntime.CheckAspNetHostingPermission(AspNetHostingPermissionLevel.Medium, "API_not_supported_at_this_level");
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
this.InitApp();
if (throwOnPopulatedRole)
{
string[] usersInRole;
try
{
usersInRole = this.GetUsersInRole(roleName);
}
catch
{
return(false);
}
if (usersInRole.Length != 0)
{
throw new ProviderException(System.Web.SR.GetString("Role_is_not_empty"));
}
}
object[] args = new object[] { roleName, null };
this.CallMethod((this._ObjAzScope != null) ? this._ObjAzScope : this._ObjAzApplication, "DeleteRole", args);
args[0] = 0;
args[1] = null;
this.CallMethod((this._ObjAzScope != null) ? this._ObjAzScope : this._ObjAzApplication, "Submit", args);
return(true);
}
public override string[] GetUsersInRole(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
try
{
using (var session = new MongoSession(_connectionString))
{
var role = (from r in session.Roles
where r.RoleName == roleName
select r).SingleOrDefault();
if (role == null)
{
throw new ProviderException(StringResources.GetString(StringResources.Provider_role_not_found, roleName));
}
var users = from u in session.Users
where u.Roles.Any(r => r.RoleName == roleName)
select u;
if (users == null || !users.Any())
{
return(new string[0]);
}
return(users.Select(u => u.UserName).ToArray());
}
}
catch
{
throw;
}
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
try
{
using (var session = new MongoSession(_connectionString))
{
var role = (from r in session.Roles
where r.RoleName == roleName
select r).SingleOrDefault();
var users = session.Users
.Where(u => u.Roles != null)
.Where(u => u.Roles.Any(r => r.RoleName == roleName));
if (users.Any() && throwOnPopulatedRole)
{
throw new ProviderException(StringResources.GetString(StringResources.Role_is_not_empty));
}
session.DeleteById <MembershipRole>(role.RoleId);
return(true);
}
}
catch
{
throw;
}
}
public override void CreateRole(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
try
{
using (var session = new MongoSession(_connectionString))
{
var roles = from r in session.Roles
where r.RoleName == roleName
select r;
if (roles.Any())
{
throw new ProviderException(StringResources.GetString(StringResources.Provider_role_already_exists, roleName));
}
var role = new MembershipRole
{
RoleName = roleName,
LoweredRoleName = roleName.ToLowerInvariant()
};
session.Add(role);
}
}
catch
{
throw;
}
}
public override string[] GetRolesForUser(string username)
{
SecUtility.CheckParameter(ref username, true, false, true, 256, "username");
if (username.Length < 1)
{
return(new string[0]);
}
try
{
using (var session = new MongoSession(_connectionString))
{
var user = (from u in session.Users
where u.UserName == username
select u).SingleOrDefault();
if (user == null)
{
return(new string[0]);
}
if (user.Roles == null)
{
return(new string[0]);
}
return(user.Roles.Select(r => r.RoleName).ToArray());
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool IsUserInRole(string username, string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
SecUtility.CheckParameter(ref username, true, false, true, 256, "username");
if (username.Length < 1)
{
return(false);
}
try {
SqlConnectionHolder holder = null;
try {
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_IsUserInRole", holder.Connection);
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int);
p.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p);
cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
cmd.Parameters.Add(CreateInputParam("@UserName", SqlDbType.NVarChar, username));
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.ExecuteNonQuery();
int iStatus = GetReturnValue(cmd);
switch (iStatus)
{
case 0:
return(false);
case 1:
return(true);
case 2:
return(false);
// throw new ProviderException(SR.GetString(SR.Provider_user_not_found));
case 3:
return(false); // throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName));
}
throw new ProviderException(SR.GetString(SR.Provider_unknown_failure));
}
finally
{
if (holder != null)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
}
public override string[] GetRolesForUser(string username)
{
SecUtility.CheckParameter(ref username, true, false, true, 0, "username");
if (username.Length < 1)
{
return(new string[0]);
}
return(this.GetRolesForUserCore(username));
}
public override bool IsUserInRole(string username, string roleName)
{
SecUtility.CheckParameter(ref username, true, false, true, 0, "username");
if (username.Length < 1)
{
return(false);
}
SecUtility.CheckParameter(ref roleName, true, true, true, 0, "roleName");
return(this.IsUserInRoleCore(username, roleName));
}
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
SecUtility.CheckParameter(ref username, true, true, true, 256, "username");
SecUtility.CheckParameter(ref oldPassword, true, true, false, 128, "oldPassword");
SecUtility.CheckParameter(ref newPassword, true, true, false, 128, "newPassword");
//if (!CheckPassword(username, oldPassword, false))
//{
// return false;
//}
if (newPassword.Length < MinRequiredPasswordLength)
{
throw new ArgumentException(SR.GetString(
SR.Password_too_short,
"newPassword",
MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture)));
}
int count = 0;
for (int i = 0; i < newPassword.Length; i++)
{
if (!char.IsLetterOrDigit(newPassword, i))
{
count++;
}
}
if (count < MinRequiredNonAlphanumericCharacters)
{
throw new ArgumentException(SR.GetString(
SR.Password_need_more_non_alpha_numeric_chars,
"newPassword",
MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture)));
}
if (PasswordStrengthRegularExpression.Length > 0)
{
if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression))
{
throw new ArgumentException(SR.GetString(SR.Password_does_not_match_regular_expression,
"newPassword"));
}
}
string pass = EncodePassword(newPassword);
if (pass.Length > 128)
{
throw new ArgumentException(SR.GetString(SR.Membership_password_too_long), "newPassword");
}
return(SqlHelper.ExecuteNonQuery(CommandType.Text, "update tbOper set cnvcPwd = '" + pass + "' where cnvcOperName = '" + username + "'") > 0);
}
