/// <summary> /// Handles the Click event of the btnUserInfoNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnUserInfoNext_Click(object sender, EventArgs e) { Password = tbPassword.Text; if (Page.IsValid) { if (!IsOldEnough()) { ShowErrorMessage( string.Format("We are sorry, you must be at least {0} years old to create an account.", GetAttributeValue(AttributeKeys.MinimumAge)) ); return; } if (UserLoginService.IsPasswordValid(tbPassword.Text)) { var userLoginService = new Rock.Model.UserLoginService(new RockContext()); var userLogin = userLoginService.GetByUserName(tbUserName.Text); if (userLogin == null) { DisplayDuplicates(Direction.Forward); } else { ShowErrorMessage("Username already exists"); } } else { ShowErrorMessage(UserLoginService.FriendlyPasswordRules()); } } }
/// <summary> /// Handles the Click event of the btnDuplicatesNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnDuplicatesNext_Click(object sender, EventArgs e) { int personId = Request.Form["DuplicatePerson"].AsInteger(); if (personId > 0) { var userLoginService = new Rock.Model.UserLoginService(new RockContext()); var userLogins = userLoginService.GetByPersonId(personId) .Where(l => l.IsLockedOut != true) .ToList(); if (userLogins.Any(ul => !AuthenticationContainer.GetComponent(ul.EntityType.Name).RequiresRemoteAuthentication)) { DisplaySendLogin(personId, Direction.Forward); } else { DisplayConfirmation(personId); } } else { DisplaySuccess(CreateUser(CreatePerson(), true)); } }
/// <summary> /// Handles the Click event of the btnChange control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnChange_Click( object sender, EventArgs e ) { var userLoginService = new UserLoginService(); var userLogin = userLoginService.GetByUserName( tbUserName.Text ); if ( userLogin != null ) { if ( UserLoginService.IsPasswordValid( tbPassword.Text ) ) { if ( userLoginService.ChangePassword( userLogin, tbOldPassword.Text, tbPassword.Text ) ) { userLoginService.Save( userLogin, CurrentPersonId ); lSuccess.Text = GetAttributeValue( "SuccessCaption" ); pnlEntry.Visible = false; pnlSuccess.Visible = true; } else DisplayError( "InvalidPasswordCaption" ); } else { InvalidPassword(); } } else DisplayError( "InvalidUserNameCaption" ); }
/// <summary> /// Handles the Click event of the btnUserInfoNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnUserInfoNext_Click(object sender, EventArgs e) { Password = tbPassword.Text; if (Page.IsValid) { if (UserLoginService.IsPasswordValid(tbPassword.Text)) { var userLoginService = new Rock.Model.UserLoginService(new RockContext()); var userLogin = userLoginService.GetByUserName(tbUserName.Text); if (userLogin == null) { DisplayDuplicates(Direction.Forward); } else { ShowErrorMessage("Username already exists"); } } else { ShowErrorMessage(UserLoginService.FriendlyPasswordRules()); } } }
private Rock.Model.UserLogin CreateUser(Person person, bool confirmed) { var userLoginService = new Rock.Model.UserLoginService(); return(userLoginService.Create(person, Rock.Model.AuthenticationServiceType.Internal, EntityTypeCache.Read(Rock.SystemGuid.EntityType.AUTHENTICATION_DATABASE.AsGuid()).Id, tbUserName.Text, Password, confirmed, CurrentPersonId)); }
/// <summary> /// Handles the Click event of the btnUserInfoNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnUserInfoNext_Click(object sender, EventArgs e) { Password = tbPassword.Text; if (Page.IsValid) { if (!IsOldEnough()) { ShowErrorMessage( string.Format( "We are sorry, you must be at least {0} years old to create an account.", GetAttributeValue(AttributeKey.MinimumAge))); return; } if (ValidateUsernameAsEmail) { var match = System.Text.RegularExpressions.Regex.Match(tbUserName.Text, @"\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*"); if (!match.Success) { ShowErrorMessage("User name must be a valid email address."); return; } } else { var regexString = Rock.Web.Cache.GlobalAttributesCache.Get().GetValue("core.ValidUsernameRegularExpression"); var match = System.Text.RegularExpressions.Regex.Match(tbUserName.Text, regexString); if (!match.Success) { ShowErrorMessage(GetAttributeValue(AttributeKey.UsernameFieldLabel) + " is not valid. " + Rock.Web.Cache.GlobalAttributesCache.Get().GetValue("core.ValidUsernameCaption")); return; } } if (UserLoginService.IsPasswordValid(tbPassword.Text)) { var userLoginService = new Rock.Model.UserLoginService(new RockContext()); var userLogin = userLoginService.GetByUserName(tbUserName.Text); if (userLogin == null) { DisplayDuplicates(Direction.Forward); } else { ShowErrorMessage("That " + GetAttributeValue(AttributeKey.UsernameFieldLabel) + " is already taken."); } } else { ShowErrorMessage(UserLoginService.FriendlyPasswordRules()); } } }
protected void btnSend_Click( object sender, EventArgs e ) { var mergeObjects = new Dictionary<string, object>(); var url = LinkedPageUrl( "ConfirmationPage" ); if ( string.IsNullOrWhiteSpace( url ) ) { url = ResolveRockUrl( "~/ConfirmAccount" ); } mergeObjects.Add( "ConfirmAccountUrl", RootPath + url.TrimStart( new char[] { '/' } ) ); var personDictionaries = new List<IDictionary<string, object>>(); var personService = new PersonService(); var userLoginService = new UserLoginService(); foreach ( Person person in personService.GetByEmail( tbEmail.Text ) ) { var users = new List<IDictionary<string,object>>(); foreach ( UserLogin user in userLoginService.GetByPersonId( person.Id ) ) { if ( user.EntityType != null ) { var component = AuthenticationContainer.GetComponent( user.EntityType.Name ); if ( component.ServiceType == AuthenticationServiceType.Internal ) { users.Add( user.ToDictionary() ); } } } if (users.Count > 0) { IDictionary<string,object> personDictionary = person.ToDictionary(); personDictionary.Add("Users", users.ToArray()); personDictionaries.Add( personDictionary ); } } if ( personDictionaries.Count > 0 ) { mergeObjects.Add( "Persons", personDictionaries.ToArray() ); var recipients = new Dictionary<string, Dictionary<string, object>>(); recipients.Add( tbEmail.Text, mergeObjects ); Email email = new Email( GetAttributeValue( "EmailTemplate" ) ); email.Send( recipients ); pnlEntry.Visible = false; pnlSuccess.Visible = true; } else pnlWarning.Visible = true; }
/// <summary> /// Handles the Click event of the btnSend control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnSend_Click( object sender, EventArgs e ) { var url = LinkedPageUrl( "ConfirmationPage" ); if ( string.IsNullOrWhiteSpace( url ) ) { url = ResolveRockUrl( "~/ConfirmAccount" ); } var mergeObjects = GlobalAttributesCache.GetMergeFields( CurrentPerson ); mergeObjects.Add( "ConfirmAccountUrl", RootPath + url.TrimStart( new char[] { '/' } ) ); var results = new List<IDictionary<string, object>>(); var rockContext = new RockContext(); var personService = new PersonService( rockContext ); var userLoginService = new UserLoginService( rockContext ); foreach ( Person person in personService.GetByEmail( tbEmail.Text ) .Where( p => p.Users.Any())) { var users = new List<UserLogin>(); foreach ( UserLogin user in userLoginService.GetByPersonId( person.Id ) ) { if ( user.EntityType != null ) { var component = AuthenticationContainer.GetComponent( user.EntityType.Name ); if ( !component.RequiresRemoteAuthentication ) { users.Add( user ); } } } var resultsDictionary = new Dictionary<string, object>(); resultsDictionary.Add( "Person", person); resultsDictionary.Add( "Users", users ); results.Add( resultsDictionary ); } if ( results.Count > 0 ) { mergeObjects.Add( "Results", results.ToArray() ); var recipients = new List<RecipientData>(); recipients.Add( new RecipientData( tbEmail.Text, mergeObjects ) ); Email.Send( GetAttributeValue( "EmailTemplate" ).AsGuid(), recipients, ResolveRockUrlIncludeRoot( "~/" ), ResolveRockUrlIncludeRoot( "~~/" ) ); pnlEntry.Visible = false; pnlSuccess.Visible = true; } else { pnlWarning.Visible = true; } }
/// <summary> /// Handles the Click event of the btnChange control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnChange_Click( object sender, EventArgs e ) { RockContext rockContext = new RockContext(); var userLoginService = new UserLoginService( rockContext ); var userLogin = userLoginService.GetByUserName( tbUserName.Text ); if ( userLogin != null ) { if ( UserLoginService.IsPasswordValid( tbPassword.Text ) ) { var component = Rock.Security.AuthenticationContainer.GetComponent( userLogin.EntityType.Name ); if ( component.SupportsChangePassword ) { string warningMessage; if ( component.ChangePassword( userLogin, tbOldPassword.Text, tbPassword.Text, out warningMessage ) ) { rockContext.SaveChanges(); lSuccess.Text = GetAttributeValue( "SuccessCaption" ); pnlEntry.Visible = false; pnlSuccess.Visible = true; } else { if ( string.IsNullOrWhiteSpace( warningMessage ) ) { DisplayErrorFromAttribute( "InvalidPasswordCaption" ); } else { DisplayErrorText( warningMessage ); } } } else { // shouldn't happen, but just in case DisplayErrorFromAttribute( "ChangePasswordNotSupportedCaption" ); pnlChangePassword.Visible = false; } } else { InvalidPassword(); } } else { DisplayErrorFromAttribute( "InvalidUserNameCaption" ); } }
protected virtual Rock.Model.UserLogin CurrentUser() { var principal = ControllerContext.Request.GetUserPrincipal(); if (principal != null && principal.Identity != null) { var userLoginService = new Rock.Model.UserLoginService(); var userLogin = userLoginService.GetByUserName(principal.Identity.Name); if (userLogin != null) { return(userLogin); } } return(null); }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting( HttpActionContext actionContext ) { string controllerClassName = actionContext.ActionDescriptor.ControllerDescriptor.ControllerType.FullName; string actionMethod = actionContext.Request.Method.Method; string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate; ISecured item = Rock.Web.Cache.RestActionCache.Read( actionMethod + actionPath ); if ( item == null ) { item = Rock.Web.Cache.RestControllerCache.Read( controllerClassName ); if ( item == null ) { item = new RestController(); } } Person person = null; if ( actionContext.Request.Properties.Keys.Contains( "Person" ) ) { person = actionContext.Request.Properties["Person"] as Person; } else { var principal = actionContext.Request.GetUserPrincipal(); if ( principal != null && principal.Identity != null ) { var userLoginService = new Rock.Model.UserLoginService( new RockContext() ); var userLogin = userLoginService.GetByUserName( principal.Identity.Name ); if ( userLogin != null ) { person = userLogin.Person; actionContext.Request.Properties.Add( "Person", person ); } } } string action = actionMethod.Equals( "GET", StringComparison.OrdinalIgnoreCase ) ? Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT; if ( !item.IsAuthorized( action, person ) ) { actionContext.Response = new HttpResponseMessage( HttpStatusCode.Unauthorized ); } }
/// <summary> /// Authenticates the specified user name and password /// </summary> /// <param name="user">The user.</param> /// <param name="password">The password.</param> /// <returns></returns> public override bool Authenticate( UserLogin user, string password ) { var passwordIsCorrect = CheckF1Password( user.UserName, password ); if ( passwordIsCorrect ) { using ( var rockContext = new RockContext() ) { var userLoginService = new UserLoginService( rockContext ); var userFromService = userLoginService.Get( user.Id ); var databaseGuid = Rock.SystemGuid.EntityType.AUTHENTICATION_DATABASE.AsGuid(); userFromService.EntityTypeId = EntityTypeCache.Read( databaseGuid ).Id; userLoginService.SetPassword( userFromService, password ); rockContext.SaveChanges(); } } return passwordIsCorrect; }
/// <summary> /// Handles the Delete event of the gRestKeyList control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="RowEventArgs"/> instance containing the event data.</param> protected void gRestKeyList_Delete( object sender, RowEventArgs e ) { var rockContext = new RockContext(); var personService = new PersonService( rockContext ); var userLoginService = new UserLoginService( rockContext ); var restUser = personService.Get( e.RowKeyId ); if ( restUser != null ) { restUser.RecordStatusValueId = DefinedValueCache.Read( new Guid( Rock.SystemGuid.DefinedValue.PERSON_RECORD_STATUS_INACTIVE ) ).Id; // remove all user logins for key foreach ( var login in restUser.Users.ToList() ) { userLoginService.Delete( login ); } rockContext.SaveChanges(); } BindGrid(); }
public override void OnAuthorization( HttpActionContext actionContext ) { // See if user is logged in var principal = System.Threading.Thread.CurrentPrincipal; if ( principal != null && principal.Identity != null && !String.IsNullOrWhiteSpace(principal.Identity.Name)) { var userLoginService = new UserLoginService(); var user = userLoginService.GetByUserName(principal.Identity.Name); if ( user != null ) { actionContext.Request.SetUserPrincipal( principal ); return; } } // If not, see if there's a valid token string authToken = null; if (actionContext.Request.Headers.Contains("Authorization-Token")) authToken = actionContext.Request.Headers.GetValues( "Authorization-Token" ).FirstOrDefault(); if ( String.IsNullOrWhiteSpace( authToken ) ) { string queryString = actionContext.Request.RequestUri.Query; authToken = System.Web.HttpUtility.ParseQueryString(queryString).Get("apikey"); } if (! String.IsNullOrWhiteSpace( authToken ) ) { var userLoginService = new UserLoginService(); var userLogin = userLoginService.Queryable().Where( u => u.ApiKey == authToken ).FirstOrDefault(); if ( userLogin != null ) { var identity = new GenericIdentity( userLogin.UserName ); principal = new GenericPrincipal(identity, null); actionContext.Request.SetUserPrincipal( principal ); return; } } actionContext.Response = actionContext.Request.CreateErrorResponse( HttpStatusCode.Unauthorized, "The Rock API requires that requests include either an Authorization-Token, and ApiKey querystring parameter, or are made by a logged-in user" ); }
/// <summary> /// Handles the Click event of the btnDuplicatesNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnDuplicatesNext_Click(object sender, EventArgs e) { if (tbRockFullName.Text.IsNotNullOrWhiteSpace()) { /* 03/22/2021 MDP * * see https://app.asana.com/0/1121505495628584/1200018171012738/f on why this is done * */ nbRockFullName.Visible = true; nbRockFullName.NotificationBoxType = NotificationBoxType.Validation; nbRockFullName.Text = "Invalid Form Value"; return; } int personId = Request.Form["DuplicatePerson"].AsInteger(); if (personId > 0) { var userLoginService = new Rock.Model.UserLoginService(new RockContext()); var userLogins = userLoginService.GetByPersonId(personId) .Where(l => l.IsLockedOut != true) .ToList(); if (userLogins.Any(ul => !AuthenticationContainer.GetComponent(ul.EntityType.Name).RequiresRemoteAuthentication)) { DisplaySendLogin(personId, Direction.Forward); } else { DisplayConfirmation(personId); } } else { DisplaySuccess(CreateUser(CreatePerson(), true)); } }
protected void btnDuplicatesNext_Click(object sender, EventArgs e) { int personId = Int32.Parse(Request.Form["DuplicatePerson"]); if (personId > 0) { var userLoginService = new Rock.Model.UserLoginService(); var userLogins = userLoginService.GetByPersonId(personId).ToList(); if (userLogins.Count > 0) { DisplaySendLogin(personId, Direction.Forward); } else { DisplayConfirmation(personId); } } else { DisplaySuccess(CreateUser(CreatePerson(), true)); } }
public override void OnAuthorization( HttpActionContext actionContext ) { // See if user is logged in var principal = System.Threading.Thread.CurrentPrincipal; if ( principal != null && principal.Identity != null && !String.IsNullOrWhiteSpace(principal.Identity.Name)) { //var userLoginService = new UserLoginService(); //var user = userLoginService.GetByUserName(principal.Identity.Name); //if ( user != null ) //{ actionContext.Request.SetUserPrincipal( principal ); return; //} } // If not, see if there's a valid token string authToken = null; if (actionContext.Request.Headers.Contains("Authorization-Token")) authToken = actionContext.Request.Headers.GetValues( "Authorization-Token" ).FirstOrDefault(); if ( String.IsNullOrWhiteSpace( authToken ) ) { string queryString = actionContext.Request.RequestUri.Query; authToken = System.Web.HttpUtility.ParseQueryString(queryString).Get("apikey"); } if (! String.IsNullOrWhiteSpace( authToken ) ) { var userLoginService = new UserLoginService( new Rock.Data.RockContext() ); var userLogin = userLoginService.Queryable().Where( u => u.ApiKey == authToken ).FirstOrDefault(); if ( userLogin != null ) { var identity = new GenericIdentity( userLogin.UserName ); principal = new GenericPrincipal(identity, null); actionContext.Request.SetUserPrincipal( principal ); return; } } }
/// <summary> /// Gets the peron alias. /// </summary> /// <returns></returns> protected virtual Rock.Model.Person GetPerson() { if ( Request.Properties.Keys.Contains( "Person" ) ) { return Request.Properties["Person"] as Person; } var principal = ControllerContext.Request.GetUserPrincipal(); if ( principal != null && principal.Identity != null ) { var userLoginService = new Rock.Model.UserLoginService( new RockContext() ); var userLogin = userLoginService.GetByUserName( principal.Identity.Name ); if ( userLogin != null ) { var person = userLogin.Person; Request.Properties.Add( "Person", person ); return userLogin.Person; } } return null; }
public void Login( [FromBody]LoginParameters loginParameters ) { bool valid = false; var userLoginService = new UserLoginService(); var userLogin = userLoginService.GetByUserName( loginParameters.Username ); if ( userLogin != null && userLogin.EntityType != null) { var component = AuthenticationContainer.GetComponent(userLogin.EntityType.Name); if ( component != null && component.IsActive) { if ( component.Authenticate( userLogin, loginParameters.Password ) ) { valid = true; Rock.Security.Authorization.SetAuthCookie( loginParameters.Username, false, false ); } } } if ( !valid ) { throw new HttpResponseException( HttpStatusCode.Unauthorized ); } }
/// <summary> /// Gets the currently logged in Person /// </summary> /// <param name="rockContext">The rock context.</param> /// <returns></returns> protected virtual Rock.Model.Person GetPerson(RockContext rockContext) { if (Request.Properties.Keys.Contains("Person")) { return(Request.Properties["Person"] as Person); } var principal = ControllerContext.Request.GetUserPrincipal(); if (principal != null && principal.Identity != null) { if (principal.Identity.Name.StartsWith("rckipid=")) { var personService = new Model.PersonService(rockContext ?? new RockContext()); Rock.Model.Person impersonatedPerson = personService.GetByImpersonationToken(principal.Identity.Name.Substring(8), false, null); if (impersonatedPerson != null) { return(impersonatedPerson); } } else { var userLoginService = new Rock.Model.UserLoginService(rockContext ?? new RockContext()); var userLogin = userLoginService.GetByUserName(principal.Identity.Name); if (userLogin != null) { var person = userLogin.Person; Request.Properties.Add("Person", person); return(userLogin.Person); } } } return(null); }
/// <summary> /// Handles the RowDataBound event of the gRestKeyList control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="GridViewRowEventArgs"/> instance containing the event data.</param> protected void gRestKeyList_RowDataBound( object sender, GridViewRowEventArgs e ) { if ( e.Row.RowType == DataControlRowType.DataRow ) { var rockContext = new RockContext(); var restUser = e.Row.DataItem as Person; var noteService = new NoteService( rockContext ); var description = noteService.Queryable().Where( a => a.EntityId == restUser.Id ).FirstOrDefault(); Label lblDescription = e.Row.FindControl( "lblDescription" ) as Label; if ( description != null ) { lblDescription.Text = description.Text; } var userLoginService = new UserLoginService( rockContext ); var userLogin = userLoginService.Queryable().Where( a => a.PersonId == restUser.Id ).FirstOrDefault(); Label lblKey = e.Row.FindControl( "lblKey" ) as Label; if ( userLogin != null ) { lblKey.Text = userLogin.ApiKey; } } }
/// <summary> /// Creates a new <see cref="Rock.Model.UserLogin" /> and saves it to the database. /// </summary> /// <param name="rockContext">The rock context.</param> /// <param name="person">The person.</param> /// <param name="serviceType">Type of the service.</param> /// <param name="entityTypeId">The EntityTypeId of the <see cref="Rock.Model.EntityType"/> for the authentication service that this UserLogin user will use.</param> /// <param name="username">The username.</param> /// <param name="password">The password.</param> /// <param name="isConfirmed">if set to <c>true</c> [is confirmed].</param> /// <param name="isRequirePasswordChange">if set to <c>true</c> [is require password change].</param> /// <returns></returns> /// <exception cref="System.ArgumentOutOfRangeException">username;Username already exists</exception> /// <exception cref="System.ArgumentException"> /// entityTypeId /// or /// Invalid EntityTypeId, entity does not exist;entityTypeId /// or /// Invalid Person, person does not exist;person /// </exception> public static UserLogin Create(RockContext rockContext, Rock.Model.Person person, AuthenticationServiceType serviceType, int entityTypeId, string username, string password, bool isConfirmed, bool isRequirePasswordChange) { if (person != null) { var userLoginService = new UserLoginService(rockContext); var entityType = EntityTypeCache.Get(entityTypeId); if (entityType != null) { UserLogin user = userLoginService.GetByUserName(username); if (user != null) { throw new ArgumentOutOfRangeException("username", "Username already exists"); } DateTime createDate = RockDateTime.Now; user = new UserLogin(); user.Guid = Guid.NewGuid(); user.EntityTypeId = entityTypeId; user.UserName = username; user.IsConfirmed = isConfirmed; user.LastPasswordChangedDateTime = createDate; user.PersonId = person.Id; user.IsPasswordChangeRequired = isRequirePasswordChange; if (serviceType == AuthenticationServiceType.Internal) { var authenticationComponent = AuthenticationContainer.GetComponent(entityType.Name); if (authenticationComponent == null || !authenticationComponent.IsActive) { throw new ArgumentException(string.Format("'{0}' service does not exist, or is not active", entityType.FriendlyName), "entityTypeId"); } user.Password = authenticationComponent.EncodePassword(user, password); } userLoginService.Add(user); rockContext.SaveChanges(); var historyCategory = CategoryCache.Get(Rock.SystemGuid.Category.HISTORY_PERSON_ACTIVITY.AsGuid(), rockContext); if (historyCategory != null) { var changes = new History.HistoryChangeList(); History.EvaluateChange(changes, "User Login", string.Empty, username); HistoryService.SaveChanges(rockContext, typeof(Person), historyCategory.Guid, person.Id, changes); } return(user); } else { throw new ArgumentException("Invalid EntityTypeId, entity does not exist", "entityTypeId"); } } else { throw new ArgumentException("Invalid Person, person does not exist", "person"); } }
/// <summary> /// Shows the detail. /// </summary> /// <param name="restUserId">The rest user identifier.</param> public void ShowDetail( int restUserId ) { var rockContext = new RockContext(); Person restUser = null; if ( !restUserId.Equals( 0 ) ) { restUser = new PersonService( rockContext ).Get( restUserId ); } if ( restUser == null ) { restUser = new Person { Id = 0 }; } bool editAllowed = restUser.IsAuthorized( Authorization.EDIT, CurrentPerson ); hfRestUserId.Value = restUser.Id.ToString(); lTitle.Text = ActionTitle.Edit( "REST Key" ).FormatAsHtmlTitle(); if ( restUser.Id > 0 ) { tbName.Text = restUser.LastName; cbActive.Checked = false; var activeStatusId = DefinedValueCache.Read( Rock.SystemGuid.DefinedValue.PERSON_RECORD_STATUS_ACTIVE.AsGuid() ).Id; if ( restUser.RecordStatusValueId == activeStatusId ) { cbActive.Checked = true; } var noteService = new NoteService( rockContext ); var description = noteService.Queryable().Where( a => a.EntityId == restUser.Id ).FirstOrDefault(); if ( description != null ) { tbDescription.Text = description.Text; } var userLoginService = new UserLoginService( rockContext ); var userLogin = userLoginService.Queryable().Where( a => a.PersonId == restUser.Id ).FirstOrDefault(); if ( userLogin != null ) { tbKey.Text = userLogin.ApiKey; } } }
/// <summary> /// Handles the Click event of the lbSave control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void lbSave_Click( object sender, EventArgs e ) { var rockContext = new RockContext(); var userLoginService = new UserLoginService( rockContext ); var userLogin = userLoginService.Queryable().Where( a => a.ApiKey == tbKey.Text ).FirstOrDefault(); if ( userLogin != null && userLogin.PersonId != int.Parse( hfRestUserId.Value ) ) { // this key already exists in the database. Show the error and get out of here. nbWarningMessage.Text = "This API Key already exists. Please enter a different one, or generate one by clicking the 'Generate Key' button below. "; nbWarningMessage.Visible = true; return; } rockContext.WrapTransaction( () => { var personService = new PersonService( rockContext ); var changes = new List<string>(); var restUser = new Person(); if ( int.Parse( hfRestUserId.Value ) != 0 ) { restUser = personService.Get( int.Parse( hfRestUserId.Value ) ); } else { personService.Add( restUser ); rockContext.SaveChanges(); restUser.Aliases.Add( new PersonAlias { AliasPersonId = restUser.Id, AliasPersonGuid = restUser.Guid } ); } // the rest user name gets saved as the last name on a person History.EvaluateChange( changes, "Last Name", restUser.LastName, tbName.Text ); restUser.LastName = tbName.Text; restUser.RecordTypeValueId = DefinedValueCache.Read( Rock.SystemGuid.DefinedValue.PERSON_RECORD_TYPE_RESTUSER.AsGuid() ).Id; if ( cbActive.Checked ) { restUser.RecordStatusValueId = DefinedValueCache.Read( Rock.SystemGuid.DefinedValue.PERSON_RECORD_STATUS_ACTIVE.AsGuid() ).Id; } else { restUser.RecordStatusValueId = DefinedValueCache.Read( Rock.SystemGuid.DefinedValue.PERSON_RECORD_STATUS_INACTIVE.AsGuid() ).Id; } if ( restUser.IsValid ) { if ( rockContext.SaveChanges() > 0 ) { if ( changes.Any() ) { HistoryService.SaveChanges( rockContext, typeof( Person ), Rock.SystemGuid.Category.HISTORY_PERSON_DEMOGRAPHIC_CHANGES.AsGuid(), restUser.Id, changes ); } } } // the description gets saved as a system note for the person var noteType = new NoteTypeService( rockContext ) .Get( Rock.SystemGuid.NoteType.PERSON_TIMELINE.AsGuid() ); var noteService = new NoteService( rockContext ); var note = noteService.Get( noteType.Id, restUser.Id ).FirstOrDefault(); if ( note == null ) { note = new Note(); noteService.Add( note ); } note.NoteTypeId = noteType.Id; note.EntityId = restUser.Id; note.Text = tbDescription.Text; rockContext.SaveChanges(); // the key gets saved in the api key field of a user login (which you have to create if needed) var entityType = new EntityTypeService( rockContext ) .Get( "Rock.Security.Authentication.Database" ); userLogin = userLoginService.GetByPersonId( restUser.Id ).FirstOrDefault(); if ( userLogin == null ) { userLogin = new UserLogin(); userLoginService.Add( userLogin ); } if ( string.IsNullOrWhiteSpace( userLogin.UserName ) ) { userLogin.UserName = Guid.NewGuid().ToString(); } userLogin.IsConfirmed = true; userLogin.ApiKey = tbKey.Text; userLogin.PersonId = restUser.Id; userLogin.EntityTypeId = entityType.Id; rockContext.SaveChanges(); } ); NavigateToParentPage(); }
/// <summary> /// Handles the Click event of the lbGenerate control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void lbGenerate_Click( object sender, EventArgs e ) { // Generate a unique random 12 digit api key var rockContext = new RockContext(); var userLoginService = new UserLoginService( rockContext ); var key = string.Empty; var isGoodKey = false; while ( isGoodKey == false ) { key = GenerateKey(); var userLogins = userLoginService.Queryable().Where( a => a.ApiKey == key ); if ( userLogins.Count() == 0 ) { // no other user login has this key. isGoodKey = true; } } tbKey.Text = key; }
/// <summary> /// Enables processing of HTTP Web requests by a custom HttpHandler that implements the <see cref="T:System.Web.IHttpHandler" /> interface. /// </summary> /// <param name="context">An <see cref="T:System.Web.HttpContext" /> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param> public void ProcessRequest(HttpContext context) { Guid?communicationGuid = context.Request.QueryString["c"].AsGuidOrNull(); if (communicationGuid.HasValue) { var rockContext = new RockContext(); var communication = new CommunicationService(rockContext).Get(communicationGuid.Value); if (communication != null) { var mergeFields = Rock.Lava.LavaHelper.GetCommonMergeFields(null); mergeFields.Add("Communication", communication); Person person = null; string encodedKey = context.Request.QueryString["p"]; if (!string.IsNullOrWhiteSpace(encodedKey)) { // first try and see if we can use the new GetByPersonActionIdentifier() otherwise // fall-back to the old GetByImpersonationToken method. var personService = new PersonService(rockContext); person = personService.GetByPersonActionIdentifier(encodedKey, "Unsubscribe"); if (person == null) { // TODO: Support for trying via impersonation token should be removed once we get to Rock v11 person = personService.GetByImpersonationToken(encodedKey, true, null); } } if (person == null) { var principal = context.User; if (principal != null && principal.Identity != null) { var userLoginService = new Rock.Model.UserLoginService(new RockContext()); var userLogin = userLoginService.GetByUserName(principal.Identity.Name); if (userLogin != null) { var currentPerson = userLogin.Person; // if a person wasn't specified in the URL, then only show it if the current person has EDIT auth to the communication if (communication.IsAuthorized(Authorization.EDIT, currentPerson)) { person = currentPerson; } } } } if (person != null) { mergeFields.Add("Person", person); var recipient = new CommunicationRecipientService(rockContext).Queryable() .Where(r => r.CommunicationId == communication.Id && r.PersonAlias != null && r.PersonAlias.PersonId == person.Id) .FirstOrDefault(); if (recipient != null) { // Add any additional merge fields created through a report foreach (var mergeField in recipient.AdditionalMergeValues) { if (!mergeFields.ContainsKey(mergeField.Key)) { mergeFields.Add(mergeField.Key, mergeField.Value); } } } context.Response.ContentType = "text/html"; context.Response.Write(GetHtmlPreview(communication, mergeFields)); if (recipient != null) { // write an 'opened' interaction var interactionService = new InteractionService(rockContext); InteractionComponent interactionComponent = new InteractionComponentService(rockContext) .GetComponentByEntityId(Rock.SystemGuid.InteractionChannel.COMMUNICATION.AsGuid(), communication.Id, communication.Subject); rockContext.SaveChanges(); var ipAddress = Rock.Web.UI.RockPage.GetClientIpAddress(); var userAgent = context.Request.UserAgent ?? ""; UAParser.ClientInfo client = UAParser.Parser.GetDefault().Parse(userAgent); var clientOs = client.OS.ToString(); var clientBrowser = client.UA.ToString(); var clientType = InteractionDeviceType.GetClientType(userAgent); interactionService.AddInteraction(interactionComponent.Id, recipient.Id, "Opened", "", recipient.PersonAliasId, RockDateTime.Now, clientBrowser, clientOs, clientType, userAgent, ipAddress, null); rockContext.SaveChanges(); } return; } } } context.Response.ContentType = "text/plain"; context.Response.Write("Sorry, the communication you requested does not exist, or you are not authorized to view it."); return; }
private UserLogin SetNewPassword( UserLogin user, string rawPassword ) { string hash = EncodeBcrypt( rawPassword ); if ( hash == null ) { throw new NotImplementedException( "Could not generate hash from password." ); } using ( var context = new RockContext() ) { var userService = new UserLoginService( context ); var contextUser = userService.Get( user.Id ); contextUser.Password = hash; context.SaveChanges(); return contextUser; } }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting(HttpActionContext actionContext) { var controller = actionContext.ActionDescriptor.ControllerDescriptor; string controllerClassName = controller.ControllerType.FullName; string actionMethod = actionContext.Request.Method.Method; string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate.Replace("{controller}", controller.ControllerName); //// find any additional arguments that aren't part of the RouteTemplate that qualified the action method //// for example: ~/person/search?name={name}&includeHtml={includeHtml}&includeDetails={includeDetails}&includeBusinesses={includeBusinesses} //// is a different action method than ~/person/search?name={name} var routeQueryParams = actionContext.ActionArguments.Where(a => !actionPath.Contains("{" + a.Key + "}")); if (routeQueryParams.Any()) { var actionPathQueryString = routeQueryParams.Select(a => string.Format("{0}={{{0}}}", a.Key)).ToList().AsDelimited("&"); actionPath += "?" + actionPathQueryString; } ISecured item = RestActionCache.Get(actionMethod + actionPath); if (item == null) { item = RestControllerCache.Get(controllerClassName); if (item == null) { item = new RestController(); } } Person person = null; if (actionContext.Request.Properties.Keys.Contains("Person")) { person = actionContext.Request.Properties["Person"] as Person; } else { var principal = actionContext.Request.GetUserPrincipal(); if (principal != null && principal.Identity != null) { using (var rockContext = new RockContext()) { string userName = principal.Identity.Name; UserLogin userLogin = null; if (userName.StartsWith("rckipid=")) { Rock.Model.PersonService personService = new Model.PersonService(rockContext); Rock.Model.Person impersonatedPerson = personService.GetByImpersonationToken(userName.Substring(8), false, null); if (impersonatedPerson != null) { userLogin = impersonatedPerson.GetImpersonatedUser(); } } else { var userLoginService = new Rock.Model.UserLoginService(rockContext); userLogin = userLoginService.GetByUserName(userName); } if (userLogin != null) { person = userLogin.Person; actionContext.Request.Properties.Add("Person", person); } } } } string action = actionMethod.Equals("GET", StringComparison.OrdinalIgnoreCase) ? Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT; if (!item.IsAuthorized(action, person)) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); } }
/// <summary> /// Handles the Click event of the btnSend control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnSend_Click( object sender, EventArgs e ) { var url = LinkedPageUrl( "ConfirmationPage" ); if ( string.IsNullOrWhiteSpace( url ) ) { url = ResolveRockUrl( "~/ConfirmAccount" ); } var mergeFields = Rock.Lava.LavaHelper.GetCommonMergeFields( this.RockPage, this.CurrentPerson ); mergeFields.Add( "ConfirmAccountUrl", RootPath + url.TrimStart( new char[] { '/' } ) ); var results = new List<IDictionary<string, object>>(); var rockContext = new RockContext(); var personService = new PersonService( rockContext ); var userLoginService = new UserLoginService( rockContext ); bool hasAccountWithPasswordResetAbility = false; List<string> accountTypes = new List<string>(); foreach ( Person person in personService.GetByEmail( tbEmail.Text ) .Where( p => p.Users.Any())) { var users = new List<UserLogin>(); foreach ( UserLogin user in userLoginService.GetByPersonId( person.Id ) ) { if ( user.EntityType != null ) { var component = AuthenticationContainer.GetComponent( user.EntityType.Name ); if ( !component.RequiresRemoteAuthentication ) { users.Add( user ); hasAccountWithPasswordResetAbility = true; } accountTypes.Add( user.EntityType.FriendlyName ); } } var resultsDictionary = new Dictionary<string, object>(); resultsDictionary.Add( "Person", person); resultsDictionary.Add( "Users", users ); results.Add( resultsDictionary ); } if ( results.Count > 0 && hasAccountWithPasswordResetAbility ) { mergeFields.Add( "Results", results.ToArray() ); var recipients = new List<RecipientData>(); recipients.Add( new RecipientData( tbEmail.Text, mergeFields ) ); Email.Send( GetAttributeValue( "EmailTemplate" ).AsGuid(), recipients, ResolveRockUrlIncludeRoot( "~/" ), ResolveRockUrlIncludeRoot( "~~/" ), false ); pnlEntry.Visible = false; pnlSuccess.Visible = true; } else if (results.Count > 0 ) { // the person has user accounts but none of them are allowed to have their passwords reset (Facebook/Google/etc) lWarning.Text = string.Format( @"<p>We were able to find the following accounts for this email, but none of them are able to be reset from this website.</p> <p>Accounts:<br /> {0}</p> <p>To create a new account with a username and password please see our <a href='{1}'>New Account</a> page.</p>" , string.Join( ",", accountTypes ) , ResolveRockUrl( "~/NewAccount" ) ); pnlWarning.Visible = true; } else { pnlWarning.Visible = true; } }
/// <summary> /// Shows the edit. /// </summary> /// <param name="attributeId">The attribute id.</param> protected void ShowEdit( int userLoginId ) { UserLogin userLogin = null; if (userLoginId > 0) { userLogin = new UserLoginService().Get( userLoginId ); } if (userLogin == null) { userLogin = new UserLogin { Id = 0, IsConfirmed = true }; } tbUserName.Text = userLogin.UserName; cbIsConfirmed.Checked = userLogin.IsConfirmed ?? false; cbIsLockedOut.Checked = userLogin.IsLockedOut ?? false; if ( userLogin.EntityType != null ) { compProvider.SetValue( userLogin.EntityType.Guid.ToString() ); } hfIdValue.Value = userLogin.Id.ToString(); SetPasswordState(); mdDetails.Show(); }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting(HttpActionContext actionContext) { var controller = actionContext.ActionDescriptor.ControllerDescriptor; string controllerClassName = controller.ControllerType.FullName; string actionMethod = actionContext.Request.Method.Method; string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate.Replace("{controller}", controller.ControllerName); ISecured item = Rock.Web.Cache.RestActionCache.Read(actionMethod + actionPath); if (item == null) { item = Rock.Web.Cache.RestControllerCache.Read(controllerClassName); if (item == null) { item = new RestController(); } } Person person = null; if (actionContext.Request.Properties.Keys.Contains("Person")) { person = actionContext.Request.Properties["Person"] as Person; } else { var principal = actionContext.Request.GetUserPrincipal(); if (principal != null && principal.Identity != null) { using (var rockContext = new RockContext()) { string userName = principal.Identity.Name; UserLogin userLogin = null; if (userName.StartsWith("rckipid=")) { Rock.Model.PersonService personService = new Model.PersonService(rockContext); Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey(userName.Substring(8)); if (impersonatedPerson != null) { userLogin = impersonatedPerson.GetImpersonatedUser(); } } else { var userLoginService = new Rock.Model.UserLoginService(rockContext); userLogin = userLoginService.GetByUserName(userName); } if (userLogin != null) { person = userLogin.Person; actionContext.Request.Properties.Add("Person", person); } } } } string action = actionMethod.Equals("GET", StringComparison.OrdinalIgnoreCase) ? Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT; if (!item.IsAuthorized(action, person)) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); } }
/// <summary> /// Displays the sent login. /// </summary> /// <param name="direction">The direction.</param> private void DisplaySentLogin( Direction direction ) { var rockContext = new RockContext(); PersonService personService = new PersonService( rockContext ); Person person = personService.Get( hfSendPersonId.Value.AsInteger() ?? 0 ); if ( person != null ) { string url = LinkedPageUrl( "ConfirmationPage" ); if ( string.IsNullOrWhiteSpace( url ) ) { url = ResolveRockUrl( "~/ConfirmAccount" ); } var mergeObjects = new Dictionary<string, object>(); mergeObjects.Add( "ConfirmAccountUrl", RootPath + url.TrimStart( new char[] { '/' } ) ); var personDictionaries = new List<IDictionary<string, object>>(); var users = new List<UserLogin>(); var userLoginService = new UserLoginService( rockContext ); foreach ( UserLogin user in userLoginService.GetByPersonId( person.Id ) ) { if ( user.EntityType != null ) { var component = AuthenticationContainer.GetComponent( user.EntityType.Name ); if ( component.ServiceType == AuthenticationServiceType.Internal ) { users.Add( user ); } } } if ( users.Count > 0 ) { var personDictionary = person.ToLiquid() as Dictionary<string, object>; if ( personDictionary.Keys.Contains( "Users" ) ) { personDictionary["Users"] = users; } else { personDictionary.Add( "Users", users ); } personDictionaries.Add( personDictionary ); } mergeObjects.Add( "Persons", personDictionaries.ToArray() ); var recipients = new Dictionary<string, Dictionary<string, object>>(); recipients.Add( person.Email, mergeObjects ); Email.Send( GetAttributeValue( "ForgotUsernameTemplate" ).AsGuid(), recipients, ResolveRockUrl( "~/" ), ResolveRockUrl( "~~/" ) ); } else { ShowErrorMessage( "Invalid Person" ); } ShowPanel( 3 ); }
/// <summary> /// Handles the Click event of the btnUserInfoNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnUserInfoNext_Click( object sender, EventArgs e ) { Password = tbPassword.Text; PasswordConfirm = tbPasswordConfirm.Text; if ( Page.IsValid ) { if ( UserLoginService.IsPasswordValid( Password ) ) { var userLoginService = new Rock.Model.UserLoginService( new RockContext() ); var userLogin = userLoginService.GetByUserName( tbUserName.Text ); if ( userLogin == null ) { DisplayDuplicates( Direction.Forward ); } else { ShowErrorMessage( "Username already exists" ); } } else { ShowErrorMessage( UserLoginService.FriendlyPasswordRules() ); } } }
/// <summary> /// Updates the last login and writes to the person's history log /// </summary> /// <param name="userName">Name of the user.</param> public static void UpdateLastLogin(string userName) { if (!string.IsNullOrWhiteSpace(userName)) { using (var rockContext = new RockContext()) { int? personId = null; bool impersonated = userName.StartsWith("rckipid="); if (!impersonated) { var userLogin = new UserLoginService(rockContext).GetByUserName(userName); if (userLogin != null) { userLogin.LastLoginDateTime = RockDateTime.Now; personId = userLogin.PersonId; } } else { var impersonationToken = userName.Substring(8); personId = new PersonService(rockContext).GetByImpersonationToken(impersonationToken, false, null)?.Id; } if (personId.HasValue) { var relatedDataBuilder = new System.Text.StringBuilder(); int?relatedEntityTypeId = null; int?relatedEntityId = null; if (impersonated) { var impersonatedByUser = HttpContext.Current?.Session["ImpersonatedByUser"] as UserLogin; relatedEntityTypeId = EntityTypeCache.GetId <Rock.Model.Person>(); relatedEntityId = impersonatedByUser?.PersonId; if (impersonatedByUser != null) { relatedDataBuilder.Append($" impersonated by { impersonatedByUser.Person.FullName }"); } } if (HttpContext.Current != null && HttpContext.Current.Request != null) { string cleanUrl = PersonToken.ObfuscateRockMagicToken(HttpContext.Current.Request.Url.AbsoluteUri); // obfuscate the url specified in the returnurl, just in case it contains any sensitive information (like a rckipid) Regex returnurlRegEx = new Regex(@"returnurl=([^&]*)"); cleanUrl = returnurlRegEx.Replace(cleanUrl, "returnurl=XXXXXXXXXXXXXXXXXXXXXXXXXXXX"); relatedDataBuilder.AppendFormat(" to <span class='field-value'>{0}</span>, from <span class='field-value'>{1}</span>", cleanUrl, HttpContext.Current.Request.UserHostAddress); } var historyChangeList = new History.HistoryChangeList(); var historyChange = historyChangeList.AddChange(History.HistoryVerb.Login, History.HistoryChangeType.Record, userName); if (relatedDataBuilder.Length > 0) { historyChange.SetRelatedData(relatedDataBuilder.ToString(), null, null); } HistoryService.SaveChanges(rockContext, typeof(Rock.Model.Person), Rock.SystemGuid.Category.HISTORY_PERSON_ACTIVITY.AsGuid(), personId.Value, historyChangeList, true); } } } }
/// <summary> /// Returns the <see cref="Rock.Model.UserLogin"/> of the user who is currently logged in, and updates their last activity date if userIsOnline=true /// </summary> /// <param name="userIsOnline">A <see cref="System.Boolean"/> value that returns the logged in user if <c>true</c>; otherwise can return the impersonated user</param> /// <returns>The current <see cref="Rock.Model.UserLogin"/></returns> public static UserLogin GetCurrentUser(bool userIsOnline) { var rockContext = new RockContext(); string userName = UserLogin.GetCurrentUserName(); if (userName != string.Empty) { if (userName.StartsWith("rckipid=")) { Rock.Model.PersonTokenService personTokenService = new Model.PersonTokenService(rockContext); Rock.Model.PersonToken personToken = personTokenService.GetByImpersonationToken(userName.Substring(8)); if (personToken?.PersonAlias?.Person != null) { return(personToken.PersonAlias.Person.GetImpersonatedUser()); } } else { var userLoginService = new UserLoginService(rockContext); UserLogin user = userLoginService.GetByUserName(userName); if (user != null && userIsOnline) { // Save last activity date var transaction = new Rock.Transactions.UserLastActivityTransaction(); transaction.UserId = user.Id; transaction.LastActivityDate = RockDateTime.Now; if ((user.IsConfirmed ?? true) && !(user.IsLockedOut ?? false)) { if (HttpContext.Current != null && HttpContext.Current.Session != null) { HttpContext.Current.Session["RockUserId"] = user.Id; } // see if there is already a LastActivitytransaction queued for this user, and just update its LastActivityDate instead of adding another to the queue var userLastActivity = Rock.Transactions.RockQueue.TransactionQueue.ToArray().OfType <Rock.Transactions.UserLastActivityTransaction>() .Where(a => a.UserId == transaction.UserId).FirstOrDefault(); if (userLastActivity != null) { userLastActivity.LastActivityDate = transaction.LastActivityDate; } else { Rock.Transactions.RockQueue.TransactionQueue.Enqueue(transaction); } } else { transaction.IsOnLine = false; Rock.Transactions.RockQueue.TransactionQueue.Enqueue(transaction); Authorization.SignOut(); return(null); } } return(user); } } return(null); }
/// <summary> /// Gets the name of the facebook user. /// </summary> /// <param name="facebookUser">The facebook user.</param> /// <param name="syncFriends">if set to <c>true</c> [synchronize friends].</param> /// <param name="accessToken">The access token.</param> /// <returns></returns> public static string GetFacebookUserName( FacebookUser facebookUser, bool syncFriends = false, string accessToken = "" ) { string username = string.Empty; string facebookId = facebookUser.id; string facebookLink = facebookUser.link; string userName = "******" + facebookId; UserLogin user = null; using ( var rockContext = new RockContext() ) { // Query for an existing user var userLoginService = new UserLoginService( rockContext ); user = userLoginService.GetByUserName( userName ); // If no user was found, see if we can find a match in the person table if ( user == null ) { // Get name/email from Facebook login string lastName = facebookUser.last_name.ToStringSafe(); string firstName = facebookUser.first_name.ToStringSafe(); string email = string.Empty; try { email = facebookUser.email.ToStringSafe(); } catch { } Person person = null; // If person had an email, get the first person with the same name and email address. if ( !string.IsNullOrWhiteSpace( email ) ) { var personService = new PersonService( rockContext ); var people = personService.GetByMatch( firstName, lastName, email ); if ( people.Count() == 1) { person = people.First(); } } var personRecordTypeId = DefinedValueCache.Read( SystemGuid.DefinedValue.PERSON_RECORD_TYPE_PERSON.AsGuid() ).Id; var personStatusPending = DefinedValueCache.Read( SystemGuid.DefinedValue.PERSON_RECORD_STATUS_PENDING.AsGuid() ).Id; rockContext.WrapTransaction( () => { if ( person == null ) { person = new Person(); person.IsSystem = false; person.RecordTypeValueId = personRecordTypeId; person.RecordStatusValueId = personStatusPending; person.FirstName = firstName; person.LastName = lastName; person.Email = email; person.IsEmailActive = true; person.EmailPreference = EmailPreference.EmailAllowed; try { if ( facebookUser.gender.ToString() == "male" ) { person.Gender = Gender.Male; } else if ( facebookUser.gender.ToString() == "female" ) { person.Gender = Gender.Female; } else { person.Gender = Gender.Unknown; } } catch { } if ( person != null ) { PersonService.SaveNewPerson( person, rockContext, null, false ); } } if ( person != null ) { int typeId = EntityTypeCache.Read( typeof( Facebook ) ).Id; user = UserLoginService.Create( rockContext, person, AuthenticationServiceType.External, typeId, userName, "fb", true ); } } ); } if ( user != null ) { username = user.UserName; if ( user.PersonId.HasValue ) { var converter = new ExpandoObjectConverter(); var personService = new PersonService( rockContext ); var person = personService.Get( user.PersonId.Value ); if ( person != null ) { // If person does not have a photo, try to get their Facebook photo if ( !person.PhotoId.HasValue ) { var restClient = new RestClient( string.Format( "https://graph.facebook.com/v2.2/{0}/picture?redirect=false&type=square&height=400&width=400", facebookId ) ); var restRequest = new RestRequest( Method.GET ); restRequest.RequestFormat = DataFormat.Json; restRequest.AddHeader( "Accept", "application/json" ); var restResponse = restClient.Execute( restRequest ); if ( restResponse.StatusCode == HttpStatusCode.OK ) { dynamic picData = JsonConvert.DeserializeObject<ExpandoObject>( restResponse.Content, converter ); bool isSilhouette = picData.data.is_silhouette; string url = picData.data.url; // If Facebook returned a photo url if ( !isSilhouette && !string.IsNullOrWhiteSpace( url ) ) { // Download the photo from the url provided restClient = new RestClient( url ); restRequest = new RestRequest( Method.GET ); restResponse = restClient.Execute( restRequest ); if ( restResponse.StatusCode == HttpStatusCode.OK ) { var bytes = restResponse.RawBytes; // Create and save the image BinaryFileType fileType = new BinaryFileTypeService( rockContext ).Get( Rock.SystemGuid.BinaryFiletype.PERSON_IMAGE.AsGuid() ); if ( fileType != null ) { var binaryFileService = new BinaryFileService( rockContext ); var binaryFile = new BinaryFile(); binaryFileService.Add( binaryFile ); binaryFile.IsTemporary = false; binaryFile.BinaryFileType = fileType; binaryFile.MimeType = "image/jpeg"; binaryFile.FileName = user.Person.NickName + user.Person.LastName + ".jpg"; binaryFile.ContentStream = new MemoryStream( bytes ); rockContext.SaveChanges(); person.PhotoId = binaryFile.Id; rockContext.SaveChanges(); } } } } } // Save the facebook social media link var facebookAttribute = AttributeCache.Read( Rock.SystemGuid.Attribute.PERSON_FACEBOOK.AsGuid() ); if ( facebookAttribute != null ) { person.LoadAttributes( rockContext ); person.SetAttributeValue( facebookAttribute.Key, facebookLink ); person.SaveAttributeValues( rockContext ); } if ( syncFriends && !string.IsNullOrWhiteSpace( accessToken ) ) { // Get the friend list (only includes friends who have also authorized this app) var restRequest = new RestRequest( Method.GET ); restRequest.AddParameter( "access_token", accessToken ); restRequest.RequestFormat = DataFormat.Json; restRequest.AddHeader( "Accept", "application/json" ); var restClient = new RestClient( string.Format( "https://graph.facebook.com/v2.2/{0}/friends", facebookId ) ); var restResponse = restClient.Execute( restRequest ); if ( restResponse.StatusCode == HttpStatusCode.OK ) { // Get a list of the facebook ids for each friend dynamic friends = JsonConvert.DeserializeObject<ExpandoObject>( restResponse.Content, converter ); var facebookIds = new List<string>(); foreach ( var friend in friends.data ) { facebookIds.Add( friend.id ); } // Queue a transaction to add/remove friend relationships in Rock var transaction = new Rock.Transactions.UpdateFacebookFriends( person.Id, facebookIds ); Rock.Transactions.RockQueue.TransactionQueue.Enqueue( transaction ); } } } } } return username; } }
/// <summary> /// Shows the active users. /// </summary> private void ShowActiveUsers() { int? siteId = GetAttributeValue( "Site" ).AsIntegerOrNull(); if (!siteId.HasValue) { lMessages.Text = "<div class='alert alert-warning'>No site is currently configured.</div>"; return; } else { int? pageViewCount = GetAttributeValue( "PageViewCount" ).AsIntegerOrNull(); if ( !pageViewCount.HasValue || pageViewCount.Value == 0 ) { pageViewCount = 1; } StringBuilder sbUsers = new StringBuilder(); var site = SiteCache.Read( siteId.Value ); lSiteName.Text = "<h4>" + site.Name + "</h4>"; lSiteName.Visible = GetAttributeValue( "ShowSiteNameAsTitle" ).AsBoolean(); lMessages.Text = string.Empty; using ( var rockContext = new RockContext() ) { IQueryable<PageView> pageViewQry = new PageViewService( rockContext ).Queryable( "Page" ); // Query to get who is logged in and last visit was to selected site var activeLogins = new UserLoginService( rockContext ).Queryable( "Person" ) .Where( l => l.PersonId.HasValue && l.IsOnLine == true ) .OrderByDescending( l => l.LastActivityDateTime ) .Select( l => new { login = l, pageViews = pageViewQry .Where( v => v.PersonAlias.PersonId == l.PersonId ) .OrderByDescending( v => v.DateTimeViewed ) .Take( pageViewCount.Value ) } ) .Where( a => a.pageViews.Any() && a.pageViews.FirstOrDefault().SiteId == site.Id ); if ( CurrentUser != null ) { activeLogins = activeLogins.Where( m => m.login.UserName != CurrentUser.UserName ); } foreach ( var activeLogin in activeLogins ) { var login = activeLogin.login; var pageViews = activeLogin.pageViews.ToList(); Guid? latestSession = pageViews.FirstOrDefault().SessionId; string pageViewsHtml = activeLogin.pageViews.ToList() .Where( v => v.SessionId == latestSession ) .Select( v => HttpUtility.HtmlEncode( v.Page.PageTitle ) ).ToList().AsDelimited( "<br> " ); TimeSpan tsLastActivity = login.LastActivityDateTime.HasValue ? RockDateTime.Now.Subtract( login.LastActivityDateTime.Value ) : TimeSpan.MaxValue; string className = tsLastActivity.Minutes <= 5 ? "recent" : "not-recent"; // create link to the person string personLink = login.Person.FullName; if ( GetAttributeValue( "PersonProfilePage" ) != null ) { string personProfilePage = GetAttributeValue( "PersonProfilePage" ); var pageParams = new Dictionary<string, string>(); pageParams.Add( "PersonId", login.Person.Id.ToString() ); var pageReference = new Rock.Web.PageReference( personProfilePage, pageParams ); personLink = string.Format( @"<a href='{0}'>{1}</a>", pageReference.BuildUrl(), login.Person.FullName ); } // determine whether to show last page views if ( GetAttributeValue( "PageViewCount" ).AsInteger() > 0 ) { string format = @" <li class='active-user {0}' data-toggle='tooltip' data-placement='top' title='{2}'> <i class='fa-li fa fa-circle'></i> {1} </li>"; sbUsers.Append( string.Format( format, className, personLink, pageViewsHtml ) ); } else { string format = @" <li class='active-user {0}'> <i class='fa-li fa fa-circle'></i> {1} </li>"; sbUsers.Append( string.Format( format, className, personLink ) ); } } } if ( sbUsers.Length > 0 ) { lUsers.Text = string.Format( @"<ul class='activeusers fa-ul'>{0}</ul>", sbUsers.ToString() ); } else { lMessages.Text = string.Format( "There are no logged in users on the {0} site.", site.Name ); } } }
/// <summary> /// Maps the notes. /// </summary> /// <param name="tableData">The table data.</param> public void MapNotes( IQueryable<Row> tableData ) { var lookupContext = new RockContext(); var categoryService = new CategoryService( lookupContext ); var personService = new PersonService( lookupContext ); var noteTypes = new NoteTypeService( lookupContext ).Queryable().AsNoTracking().ToList(); var personalNoteType = noteTypes.FirstOrDefault( nt => nt.Guid == new Guid( Rock.SystemGuid.NoteType.PERSON_TIMELINE_NOTE ) ); var importedUsers = new UserLoginService( lookupContext ).Queryable().AsNoTracking() .Where( u => u.ForeignId != null ) .ToDictionary( t => t.ForeignId, t => t.PersonId ); var noteList = new List<Note>(); int completed = 0; int totalRows = tableData.Count(); int percentage = ( totalRows - 1 ) / 100 + 1; ReportProgress( 0, string.Format( "Verifying note import ({0:N0} found).", totalRows ) ); foreach ( var row in tableData.Where( r => r != null ) ) { string text = row["Note_Text"] as string; int? individualId = row["Individual_ID"] as int?; int? householdId = row["Household_ID"] as int?; var noteTypeActive = row["NoteTypeActive"] as Boolean?; bool noteArchived = false; if ( row.Columns.FirstOrDefault( v => v.Name.Equals( "IsInactive" ) ) != null ) { /* ===================================================================== * the NoteArchived column *should* work, but OrcaMDF won't read it... * instead check for a manually added column: IsInactive int null * var noteActive = row["NoteArchived"] as Boolean?; * if ( noteActive == null ) throw new NullReferenceException(); /* ===================================================================== */ var rowInactiveValue = row["IsInactive"] as int?; noteArchived = rowInactiveValue.Equals( 1 ); } var personKeys = GetPersonKeys( individualId, householdId ); if ( personKeys != null && !string.IsNullOrWhiteSpace( text ) && noteTypeActive == true && !noteArchived ) { DateTime? dateCreated = row["NoteCreated"] as DateTime?; string noteType = row["Note_Type_Name"] as string; var note = new Note(); note.CreatedDateTime = dateCreated; note.EntityId = personKeys.PersonId; // These replace methods don't like being chained together text = Regex.Replace( text, @"\t|\ ", " " ); text = text.Replace( "-", "-" ); text = text.Replace( "<", "<" ); text = text.Replace( ">", ">" ); text = text.Replace( "&", "&" ); text = text.Replace( """, @"""" ); text = text.Replace( "
", string.Empty ); note.Text = text.Trim(); int? userId = row["NoteCreatedByUserID"] as int?; if ( userId != null && importedUsers.ContainsKey( userId ) ) { var userKeys = ImportedPeople.FirstOrDefault( p => p.PersonId == (int)importedUsers[userId] ); if ( userKeys != null ) { note.CreatedByPersonAliasId = userKeys.PersonAliasId; } } int? matchingNoteTypeId = null; if ( !noteType.StartsWith( "General", StringComparison.InvariantCultureIgnoreCase ) ) { matchingNoteTypeId = noteTypes.Where( nt => nt.Name == noteType ).Select( i => (int?)i.Id ).FirstOrDefault(); } else { matchingNoteTypeId = personalNoteType.Id; } if ( matchingNoteTypeId != null ) { note.NoteTypeId = (int)matchingNoteTypeId; } else { // create the note type var newNoteType = new NoteType(); newNoteType.EntityTypeId = personalNoteType.EntityTypeId; newNoteType.EntityTypeQualifierColumn = string.Empty; newNoteType.EntityTypeQualifierValue = string.Empty; newNoteType.UserSelectable = true; newNoteType.IsSystem = false; newNoteType.Name = noteType; newNoteType.Order = 0; lookupContext.NoteTypes.Add( newNoteType ); lookupContext.SaveChanges( DisableAuditing ); noteTypes.Add( newNoteType ); note.NoteTypeId = newNoteType.Id; } noteList.Add( note ); completed++; if ( completed % percentage < 1 ) { int percentComplete = completed / percentage; ReportProgress( percentComplete, string.Format( "{0:N0} notes imported ({1}% complete).", completed, percentComplete ) ); } else if ( completed % ReportingNumber < 1 ) { SaveNotes( noteList ); ReportPartialProgress(); noteList.Clear(); } } } if ( noteList.Any() ) { SaveNotes( noteList ); } ReportProgress( 100, string.Format( "Finished note import: {0:N0} notes imported.", completed ) ); }
private Rock.Model.UserLogin CreateUser(Person person, bool confirmed) { var userLoginService = new Rock.Model.UserLoginService(); return(userLoginService.Create(person, Rock.Model.AuthenticationServiceType.Internal, "Rock.Security.Authentication.Database", tbUserName.Text, Password, confirmed, CurrentPersonId)); }
/// <summary> /// Generates the username. /// </summary> /// <param name="firstName">The first name.</param> /// <param name="lastName">The last name.</param> /// <param name="tryCount">The try count.</param> /// <returns></returns> public static string GenerateUsername( string firstName, string lastName, int tryCount = 0 ) { // create username string username = (firstName.Substring( 0, 1 ) + lastName).ToLower(); if ( tryCount != 0 ) { username = username + tryCount.ToString(); } // check if username exists UserLoginService userService = new UserLoginService( new RockContext() ); var loginExists = userService.Queryable().Where( l => l.UserName == username ).Any(); if ( !loginExists ) { return username; } else { return Database.GenerateUsername( firstName, lastName, tryCount + 1 ); } }
/// <summary> /// Handles the Delete event of the gUserLogins control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param> protected void gUserLogins_Delete( object sender, RowEventArgs e ) { if ( _canEdit ) { var service = new UserLoginService(); var userLogin = service.Get( (int)e.RowKeyValue ); if ( userLogin != null ) { string errorMessage; if ( !service.CanDelete( userLogin, out errorMessage ) ) { maGridWarning.Show( errorMessage, ModalAlertType.Information ); return; } service.Delete( userLogin, CurrentPersonId ); service.Save( userLogin, CurrentPersonId ); } } BindGrid(); }
/// <summary> /// Handles the Click event of the btnDuplicatesNext control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void btnDuplicatesNext_Click( object sender, EventArgs e ) { int personId = Request.Form["DuplicatePerson"].AsInteger() ?? 0; if ( personId > 0 ) { var userLoginService = new Rock.Model.UserLoginService( new RockContext() ); var userLogins = userLoginService.GetByPersonId( personId ).ToList(); if ( userLogins.Count > 0 ) { DisplaySendLogin( personId, Direction.Forward ); } else { DisplayConfirmation( personId ); } } else { DisplaySuccess( CreateUser( CreatePerson(), true ) ); } }
/// <summary> /// Handles the SaveClick event of the modalDetails control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param> protected void mdDetails_SaveClick( object sender, EventArgs e ) { if ( _canEdit ) { UserLogin userLogin = null; var service = new UserLoginService(); int userLoginId = int.Parse( hfIdValue.Value ); if ( userLoginId != 0 ) { userLogin = service.Get( userLoginId ); } if ( userLogin == null ) { userLogin = new UserLogin(); service.Add( userLogin, CurrentPersonId ); } userLogin.UserName = tbUserName.Text; userLogin.IsConfirmed = cbIsConfirmed.Checked; userLogin.IsLockedOut = cbIsLockedOut.Checked; var entityType = EntityTypeCache.Read( compProvider.SelectedValue.AsGuid() ); if ( entityType != null ) { userLogin.EntityTypeId = entityType.Id; if ( !string.IsNullOrWhiteSpace( tbPassword.Text ) ) { var component = AuthenticationContainer.GetComponent( entityType.Name ); if ( component != null && component.ServiceType == AuthenticationServiceType.Internal ) { if ( tbPassword.Text == tbPasswordConfirm.Text ) { if ( UserLoginService.IsPasswordValid( tbPassword.Text ) ) { userLogin.Password = component.EncodePassword( userLogin, tbPassword.Text ); userLogin.LastPasswordChangedDateTime = DateTime.Now; } else { nbErrorMessage.Title = "Invalid Password"; nbErrorMessage.Text = UserLoginService.FriendlyPasswordRules(); nbErrorMessage.Visible = true; return; } } else { nbErrorMessage.Title = "Invalid Password"; nbErrorMessage.Text = "Password and Confirmation do not match."; nbErrorMessage.Visible = true; return; } } } } if ( !userLogin.IsValid ) { // Controls will render the error messages return; } RockTransactionScope.WrapTransaction( () => { service.Save( userLogin, CurrentPersonId ); } ); mdDetails.Hide(); BindGrid(); } }
/// <summary> /// Creates the user. /// </summary> /// <param name="person">The person.</param> /// <param name="confirmed">if set to <c>true</c> [confirmed].</param> /// <returns></returns> private Rock.Model.UserLogin CreateUser( Person person, bool confirmed ) { var rockContext = new RockContext(); var userLoginService = new Rock.Model.UserLoginService( rockContext ); return UserLoginService.Create( rockContext, person, Rock.Model.AuthenticationServiceType.Internal, EntityTypeCache.Read( Rock.SystemGuid.EntityType.AUTHENTICATION_DATABASE.AsGuid() ).Id, tbUserName.Text, Password, confirmed ); }
private void BindGrid() { var qry = new UserLoginService().Queryable() .Where( l => !_personId.HasValue || l.PersonId == _personId.Value ); // username filter string usernameFilter = gfSettings.GetUserPreference( "Username" ); if (!string.IsNullOrWhiteSpace(usernameFilter)) { qry = qry.Where( l => l.UserName.StartsWith( usernameFilter ) ); } // provider filter Guid guid = Guid.Empty; if (Guid.TryParse(gfSettings.GetUserPreference( "Authentication Provider" ), out guid)) { qry = qry.Where( l => l.EntityType.Guid.Equals( guid ) ); } // created filter var drp = new DateRangePicker(); drp.DelimitedValues = gfSettings.GetUserPreference( "Created" ); if ( drp.LowerValue.HasValue ) { qry = qry.Where( l => l.CreationDateTime >= drp.LowerValue.Value ); } if ( drp.UpperValue.HasValue ) { DateTime upperDate = drp.UpperValue.Value.Date.AddDays( 1 ); qry = qry.Where( l => l.CreationDateTime < upperDate ); } // last login filter var drp2 = new DateRangePicker(); drp2.DelimitedValues = gfSettings.GetUserPreference( "Last Login" ); if ( drp2.LowerValue.HasValue ) { qry = qry.Where( l => l.LastLoginDateTime >= drp2.LowerValue.Value ); } if ( drp2.UpperValue.HasValue ) { DateTime upperDate = drp2.UpperValue.Value.Date.AddDays( 1 ); qry = qry.Where( l => l.LastLoginDateTime < upperDate ); } // Is Confirmed filter bool isConfirmed = false; if (bool.TryParse(gfSettings.GetUserPreference( "Is Confirmed" ), out isConfirmed)) { qry = qry.Where( l => l.IsConfirmed == isConfirmed || ( !isConfirmed && l.IsConfirmed == null ) ); } // is locked out filter bool isLockedOut = false; if ( bool.TryParse( gfSettings.GetUserPreference( "Is Locked Out" ), out isLockedOut ) ) { qry = qry.Where( l => l.IsLockedOut == isLockedOut || ( !isLockedOut && l.IsLockedOut == null ) ); } // Sort SortProperty sortProperty = gUserLogins.SortProperty; if ( sortProperty == null ) { sortProperty = new SortProperty( new GridViewSortEventArgs( "UserName", SortDirection.Ascending ) ); } gUserLogins.DataSource = qry.Sort( sortProperty ) .Select( l => new { Id = l.Id, UserName = l.UserName, PersonId = l.PersonId, PersonName = l.Person.LastName + ", " + l.Person.NickName, ProviderName = l.EntityType.FriendlyName, CreationDateTime = l.CreationDateTime, LastLoginDateTime = l.LastLoginDateTime, IsConfirmed = l.IsConfirmed, IsLockedOut = l.IsLockedOut } ).ToList(); gUserLogins.DataBind(); }
/// <summary> /// Handles the Click event of the btnLogin control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> protected void btnLogin_Click( object sender, EventArgs e ) { if ( Page.IsValid ) { var rockContext = new RockContext(); var userLoginService = new UserLoginService(rockContext); var userLogin = userLoginService.GetByUserName( tbUserName.Text ); if ( userLogin != null && userLogin.EntityType != null) { var component = AuthenticationContainer.GetComponent(userLogin.EntityType.Name); if (component.IsActive && !component.RequiresRemoteAuthentication) { if ( component.Authenticate( userLogin, tbPassword.Text ) ) { if ( ( userLogin.IsConfirmed ?? true ) && !(userLogin.IsLockedOut ?? false ) ) { string returnUrl = Request.QueryString["returnurl"]; LoginUser( tbUserName.Text, returnUrl, cbRememberMe.Checked ); } else { var globalMergeFields = Rock.Web.Cache.GlobalAttributesCache.GetMergeFields(null); if ( userLogin.IsLockedOut ?? false ) { lLockedOutCaption.Text = GetAttributeValue( "LockedOutCaption" ).ResolveMergeFields( globalMergeFields ); pnlLogin.Visible = false; pnlLockedOut.Visible = true; } else { SendConfirmation( userLogin ); lConfirmCaption.Text = GetAttributeValue( "ConfirmCaption" ).ResolveMergeFields( globalMergeFields ); pnlLogin.Visible = false; pnlConfirmation.Visible = true; } } return; } } } } string helpUrl = string.Empty; if (!string.IsNullOrWhiteSpace(GetAttributeValue("HelpPage"))) { helpUrl = LinkedPageUrl("HelpPage"); } else { helpUrl = ResolveRockUrl("~/ForgotUserName"); } DisplayError( string.Format("Sorry, we couldn't find an account matching that username/password. Can we help you <a href='{0}'>recover your account information</a>?", helpUrl) ); }
/// <summary> /// Method that will be called on an entity immediately before the item is saved by context. Takes /// care of logging any particular change history for user login. /// </summary> /// <param name="dbContext"></param> /// <param name="entry"></param> public override void PreSaveChanges(Rock.Data.DbContext dbContext, DbEntityEntry entry) { var rockContext = ( RockContext )dbContext; HistoryChanges = new History.HistoryChangeList(); switch (entry.State) { case EntityState.Added: { // Get the authentication provider entity type var entityType = EntityTypeCache.Get(this.EntityTypeId ?? 0); var change = HistoryChanges.AddChange(History.HistoryVerb.Add, History.HistoryChangeType.Record, "Authentication Provider").SetNewValue(entityType?.FriendlyName); // Don't log Pin Authentication user names. var isUserNameSensitive = (entityType?.Guid == Rock.SystemGuid.EntityType.AUTHENTICATION_PIN.AsGuid()) ? true : false; if (isUserNameSensitive) { change.SetCaption("User Account"); } History.EvaluateChange(HistoryChanges, "User Login", string.Empty, UserName, isUserNameSensitive); History.EvaluateChange(HistoryChanges, "Is Confirmed", null, IsConfirmed); History.EvaluateChange(HistoryChanges, "Is Password Change Required", null, IsPasswordChangeRequired); History.EvaluateChange(HistoryChanges, "Is Locked Out", null, IsLockedOut); break; } case EntityState.Modified: { var entityType = EntityTypeCache.Get(this.EntityTypeId ?? 0); // Don't log Pin Authentication user names. var isUserNameSensitive = (entityType?.Guid == Rock.SystemGuid.EntityType.AUTHENTICATION_PIN.AsGuid()) ? true : false; History.EvaluateChange(HistoryChanges, "User Login", entry.OriginalValues["UserName"].ToStringSafe(), UserName, isUserNameSensitive); History.EvaluateChange(HistoryChanges, "Is Confirmed", entry.OriginalValues["IsConfirmed"].ToStringSafe().AsBooleanOrNull(), IsConfirmed); History.EvaluateChange(HistoryChanges, "Is Password Change Required", entry.OriginalValues["IsPasswordChangeRequired"].ToStringSafe().AsBooleanOrNull(), IsPasswordChangeRequired); History.EvaluateChange(HistoryChanges, "Is Locked Out", entry.OriginalValues["IsLockedOut"].ToStringSafe().AsBooleanOrNull(), IsLockedOut); History.EvaluateChange(HistoryChanges, "Password", entry.OriginalValues["Password"].ToStringSafe(), Password, true); // Did the provider type change? int?origEntityTypeId = entry.OriginalValues["EntityTypeId"].ToStringSafe().AsIntegerOrNull(); int?entityTypeId = EntityType != null ? EntityType.Id : EntityTypeId; if (!entityTypeId.Equals(origEntityTypeId)) { var origProviderType = EntityTypeCache.Get(origEntityTypeId ?? 0)?.FriendlyName; var providerType = EntityTypeCache.Get(this.EntityTypeId ?? 0)?.FriendlyName; History.EvaluateChange(HistoryChanges, "User Login", origProviderType, providerType); } // Change the caption if this is a sensitive user account if (HistoryChanges.Count > 0 && isUserNameSensitive) { var change = HistoryChanges.FirstOrDefault(); change.SetCaption("User Account"); } break; } case EntityState.Deleted: { // By this point EF has stripped out some of the data we need to save history // Reload the data using a new context. RockContext newRockContext = new RockContext(); var userLogin = new UserLoginService(newRockContext).Get(this.Id); if (userLogin != null && userLogin.PersonId != null) { try { var entityType = EntityTypeCache.Get(userLogin.EntityTypeId ?? 0); var isUserNameSensitive = (entityType?.Guid == Rock.SystemGuid.EntityType.AUTHENTICATION_PIN.AsGuid()) ? true : false; if (!isUserNameSensitive) { HistoryChanges.AddChange(History.HistoryVerb.Delete, History.HistoryChangeType.Record, "User Login").SetOldValue(userLogin.UserName); HistoryService.SaveChanges(newRockContext, typeof(Person), Rock.SystemGuid.Category.HISTORY_PERSON_ACTIVITY.AsGuid(), userLogin.PersonId.Value, HistoryChanges, UserName, typeof(UserLogin), this.Id, true, userLogin.ModifiedByPersonAliasId, null); } else { HistoryChanges.AddChange(History.HistoryVerb.Delete, History.HistoryChangeType.Record, "Authentication Provider").SetOldValue(entityType?.FriendlyName).SetCaption("User Account"); HistoryService.SaveChanges(newRockContext, typeof(Person), Rock.SystemGuid.Category.HISTORY_PERSON_ACTIVITY.AsGuid(), userLogin.PersonId.Value, HistoryChanges, entityType?.FriendlyName, typeof(UserLogin), this.Id, true, userLogin.ModifiedByPersonAliasId, null); } } catch (Exception ex) { // Just log the problem and move on... ExceptionLogService.LogException(ex); } } HistoryChanges.Clear(); return; } } base.PreSaveChanges(dbContext, entry); }