private void modifyData()
 {
     var password = new Password( newPassword.Value );
     FormsAuthStatics.SystemProvider.InsertOrUpdateUser(
         AppTools.User.UserId,
         AppTools.User.Email,
         AppTools.User.Role.RoleId,
         AppTools.User.LastRequestDateTime,
         password.Salt,
         password.ComputeSaltedHash(),
         false );
     AddStatusMessage( StatusMessageType.Info, "Your password has been successfully changed. Use it the next time you log in." );
 }
        /// <summary>
        /// Call this during LoadData.
        /// </summary>
        /// <param name="userId"></param>
        /// <param name="vl"></param>
        /// <param name="availableRoles">Pass a restricted list of <see cref="Role"/>s the user may select. Otherwise, Roles available 
        /// in the System Provider are used.</param>
        /// <param name="validationPredicate">If the function returns true, validation continues.</param>
        public void LoadData( int? userId, ValidationList vl, List<Role> availableRoles = null, Func<bool> validationPredicate = null )
        {
            availableRoles = ( availableRoles != null ? availableRoles.OrderBy( r => r.Name ) : UserManagementStatics.SystemProvider.GetRoles() ).ToList();

            user = userId.HasValue ? UserManagementStatics.GetUser( userId.Value, true ) : null;
            if( includePasswordControls() && user != null )
                facUser = FormsAuthStatics.GetUser( user.UserId, true );

            Func<bool> validationShouldRun = () => validationPredicate == null || validationPredicate();

            var b = FormItemBlock.CreateFormItemTable( heading: "Security Information" );

            b.AddFormItems(
                FormItem.Create(
                    "Email address",
                    new EwfTextBox( user != null ? user.Email : "" ),
                    validationGetter: control => new EwfValidation(
                                                     ( pbv, validator ) => {
                                                         if( validationShouldRun() )
                                                             Email = validator.GetEmailAddress( new ValidationErrorHandler( "email address" ), control.GetPostBackValue( pbv ), false );
                                                     },
                                                     vl ) ) );

            if( includePasswordControls() ) {
                var group = new RadioButtonGroup( false );

                var keepPassword = FormItem.Create(
                    "",
                    group.CreateInlineRadioButton( true, label: userId.HasValue ? "Keep the current password" : "Do not create a password" ),
                    validationGetter: control => new EwfValidation(
                                                     ( pbv, validator ) => {
                                                         if( !validationShouldRun() || !control.IsCheckedInPostBack( pbv ) )
                                                             return;
                                                         if( user != null ) {
                                                             Salt = facUser.Salt;
                                                             SaltedPassword = facUser.SaltedPassword;
                                                             MustChangePassword = facUser.MustChangePassword;
                                                         }
                                                         else
                                                             genPassword( false );
                                                     },
                                                     vl ) );

                var generatePassword = FormItem.Create(
                    "",
                    group.CreateInlineRadioButton( false, label: "Generate a " + ( userId.HasValue ? "new, " : "" ) + "random password and email it to the user" ),
                    validationGetter: control => new EwfValidation(
                                                     ( pbv, validator ) => {
                                                         if( validationShouldRun() && control.IsCheckedInPostBack( pbv ) )
                                                             genPassword( true );
                                                     },
                                                     vl ) );

                var newPassword = new DataValue<string>();
                var confirmPassword = new DataValue<string>();
                var newPasswordTable = EwfTable.Create( style: EwfTableStyle.StandardExceptLayout );
                newPasswordTable.AddItem(
                    new EwfTableItem(
                        "Password",
                        FormItem.Create(
                            "",
                            new EwfTextBox( "", masksCharacters: true, disableBrowserAutoComplete: true ) { Width = Unit.Pixel( 200 ) },
                            validationGetter: control => new EwfValidation( ( pbv, v ) => newPassword.Value = control.GetPostBackValue( pbv ), vl ) ).ToControl() ) );
                newPasswordTable.AddItem(
                    new EwfTableItem(
                        "Password again",
                        FormItem.Create(
                            "",
                            new EwfTextBox( "", masksCharacters: true, disableBrowserAutoComplete: true ) { Width = Unit.Pixel( 200 ) },
                            validationGetter: control => new EwfValidation( ( pbv, v ) => confirmPassword.Value = control.GetPostBackValue( pbv ), vl ) ).ToControl() ) );

                var providePasswordRadio = group.CreateBlockRadioButton( false, label: "Provide a " + ( userId.HasValue ? "new " : "" ) + "password" );
                providePasswordRadio.NestedControls.Add( newPasswordTable );
                var providePassword = FormItem.Create(
                    "",
                    providePasswordRadio,
                    validationGetter: control => new EwfValidation(
                                                     ( pbv, validator ) => {
                                                         if( !validationShouldRun() || !control.IsCheckedInPostBack( pbv ) )
                                                             return;
                                                         FormsAuthStatics.ValidatePassword( validator, newPassword, confirmPassword );
                                                         var p = new Password( newPassword.Value );
                                                         Salt = p.Salt;
                                                         SaltedPassword = p.ComputeSaltedHash();
                                                         MustChangePassword = false;
                                                     },
                                                     vl ) );

                b.AddFormItems(
                    FormItem.Create( "Password", ControlStack.CreateWithControls( true, keepPassword.ToControl(), generatePassword.ToControl(), providePassword.ToControl() ) ) );
            }

            b.AddFormItems(
                FormItem.Create(
                    "Role",
                    SelectList.CreateDropDown(
                        from i in availableRoles select SelectListItem.Create( i.RoleId as int?, i.Name ),
                        user != null ? user.Role.RoleId as int? : null ),
                    validationGetter: control => new EwfValidation(
                                                     ( pbv, validator ) => {
                                                         if( validationShouldRun() )
                                                             RoleId = control.ValidateAndGetSelectedItemIdInPostBack( pbv, validator ) ?? default ( int );
                                                     },
                                                     vl ) ) );

            Controls.Add( b );
        }
        /// <summary>
        /// Resets the password of the given user and sends a message with the new password to their email address. Do not call if the system does not implement the
        /// forms authentication capable user management provider.
        /// </summary>
        public static void ResetAndSendPassword( int userId )
        {
            User user = SystemProvider.GetUser( userId );

            // reset the password
            var newPassword = new Password();
            SystemProvider.InsertOrUpdateUser( userId, user.Email, user.Role.RoleId, user.LastRequestDateTime, newPassword.Salt, newPassword.ComputeSaltedHash(), true );

            // send the email
            SendPassword( user.Email, newPassword.PasswordText );
        }
 private void genPassword( bool emailPassword )
 {
     var password = new Password();
     Salt = password.Salt;
     SaltedPassword = password.ComputeSaltedHash();
     MustChangePassword = true;
     if( emailPassword )
         passwordToEmail = password.PasswordText;
 }