Exemplo n.º 1
0
        protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
        {
            if (FormsAuthentication.CookiesSupported == true)
            {
                if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
                {
                    //let us take out the username now                
                    string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
                    List<string> roles = new List<string>();

                    using (TeknikEntities entities = new TeknikEntities())
                    {
                        User user = entities.Users.SingleOrDefault(u => u.Username == username);

                        if (user != null)
                        {
                            foreach (Group grp in user.Groups)
                            {
                                foreach (Role role in grp.Roles)
                                {
                                    if (!roles.Contains(role.Name))
                                    {
                                        roles.Add(role.Name);
                                    }
                                }
                            }
                        }
                    }

                    //Let us set the Pricipal with our user specific details
                    HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(
                        new System.Security.Principal.GenericIdentity(username, "Forms"), roles.ToArray());
                }
            }
        }
Exemplo n.º 2
0
        public static DateTime GetLastAccountActivity(TeknikEntities db, Config config, User user)
        {
            try
            {
                DateTime lastActive = new DateTime(1900, 1, 1);

                DateTime emailLastActive = UserEmailLastActive(config, GetUserEmailAddress(config, user.Username));
                if (lastActive < emailLastActive)
                    lastActive = emailLastActive;

                DateTime gitLastActive = UserGitLastActive(config, user.Username);
                if (lastActive < gitLastActive)
                    lastActive = gitLastActive;

                DateTime userLastActive = UserLastActive(db, config, user);
                if (lastActive < userLastActive)
                    lastActive = userLastActive;

                return lastActive;
            }
            catch (Exception ex)
            {
                throw new Exception("Unable to determine last account activity.", ex);
            }
        }
Exemplo n.º 3
0
        public static bool UsernameAvailable(TeknikEntities db, Config config, string username)
        {
            bool isAvailable = true;

            isAvailable &= ValidUsername(config, username);
            isAvailable &= !UsernameReserved(config, username);
            isAvailable &= !UserExists(db, username);
            isAvailable &= !UserEmailExists(config, GetUserEmailAddress(config, username));
            isAvailable &= !UserGitExists(config, username);

            return isAvailable;
        }
Exemplo n.º 4
0
        public static ShortenedUrl ShortenUrl(string url, int length)
        {
            TeknikEntities db = new TeknikEntities();
            
            // Generate the shortened url
            string shortUrl = Utility.RandomString(length);
            while (db.ShortenedUrls.Where(s => s.ShortUrl == shortUrl).FirstOrDefault() != null)
            {
                shortUrl = Utility.RandomString(length);
            }

            ShortenedUrl newUrl = new ShortenedUrl();
            newUrl.OriginalUrl = url;
            newUrl.ShortUrl = shortUrl;
            newUrl.DateAdded = DateTime.Now;

            return newUrl;
        }
Exemplo n.º 5
0
        public static Models.Upload SaveFile(TeknikEntities db, Config config, byte[] file, string contentType, int contentLength, string defaultExtension, string iv, string key, int keySize, int blockSize)
        {
            if (!Directory.Exists(config.UploadConfig.UploadDirectory))
            {
                Directory.CreateDirectory(config.UploadConfig.UploadDirectory);
            }

            // Generate a unique file name that does not currently exist
            string filePath = Utility.GenerateUniqueFileName(config.UploadConfig.UploadDirectory, config.UploadConfig.FileExtension, 10);
            string fileName = Path.GetFileName(filePath);

            // once we have the filename, lets save the file
            File.WriteAllBytes(filePath, file);

            // Generate a unique url
            string extension = (config.UploadConfig.IncludeExtension) ? Utility.GetDefaultExtension(contentType, defaultExtension) : string.Empty;
            string url = Utility.RandomString(config.UploadConfig.UrlLength) + extension;
            while (db.Uploads.Where(u => u.Url == url).FirstOrDefault() != null)
            {
                url = Utility.RandomString(config.UploadConfig.UrlLength) + extension;
            }

            // Now we need to update the database with the new upload information
            Models.Upload upload = db.Uploads.Create();
            upload.DateUploaded = DateTime.Now;
            upload.Url = url;
            upload.FileName = fileName;
            upload.ContentType = (!string.IsNullOrEmpty(contentType)) ? contentType : "application/octet-stream";
            upload.ContentLength = contentLength;
            upload.Key = key;
            upload.IV = iv;
            upload.KeySize = keySize;
            upload.BlockSize = blockSize;

            db.Uploads.Add(upload);
            db.SaveChanges();

            return upload;
        }
Exemplo n.º 6
0
        public static void EditAccount(TeknikEntities db, Config config, User user, bool changePass, string password)
        {
            try
            {
                // Changing Password?
                if (changePass)
                {
                    // Change email password
                    EditUserEmailPassword(config, GetUserEmailAddress(config, user.Username), password);

                    // Update Git password
                    EditUserGitPassword(config, user.Username, password);
                }
                // Update User
                EditUser(db, config, user, changePass, password);
            }
            catch (Exception ex)
            {
                throw new Exception("Unable to edit account.", ex);
            }
        }
Exemplo n.º 7
0
        public static void ScanUploads(Config config, TeknikEntities db)
        {
            Output(string.Format("[{0}] Started Virus Scan.", DateTime.Now));
            List<Upload> uploads = db.Uploads.ToList();

            // Initialize ClamAV
            ClamClient clam = new ClamClient(config.UploadConfig.ClamServer, config.UploadConfig.ClamPort);
            clam.MaxStreamSize = config.UploadConfig.MaxUploadSize;

            int totalCount = uploads.Count();
            int totalScans = 0;
            int totalClean = 0;
            int totalViruses = 0;
            foreach (Upload upload in uploads)
            {
                totalScans++;
                string subDir = upload.FileName[0].ToString();
                string filePath = Path.Combine(config.UploadConfig.UploadDirectory, subDir, upload.FileName);
                if (File.Exists(filePath))
                {
                    // Read in the file
                    byte[] data = File.ReadAllBytes(filePath);
                    // If the IV is set, and Key is set, then decrypt it
                    if (!string.IsNullOrEmpty(upload.Key) && !string.IsNullOrEmpty(upload.IV))
                    {
                        // Decrypt the data
                        data = AES.Decrypt(data, upload.Key, upload.IV);
                    }

                    // We have the data, let's scan it
                    ClamScanResult scanResult = clam.SendAndScanFile(data);

                    switch (scanResult.Result)
                    {
                        case ClamScanResults.Clean:
                            totalClean++;
                            string cleanMsg = string.Format("[{0}] Clean Scan: {1}/{2} Scanned | {3} - {4}", DateTime.Now, totalScans, totalCount, upload.Url, upload.FileName);
                            Output(cleanMsg);
                            break;
                        case ClamScanResults.VirusDetected:
                            totalViruses++;
                            string msg = string.Format("[{0}] Virus Detected: {1} - {2} - {3}", DateTime.Now, upload.Url, upload.FileName, scanResult.InfectedFiles.First().VirusName);
                            File.AppendAllLines(virusFile, new List<string> { msg });
                            Output(msg);
                            // Delete from the DB
                            db.Uploads.Remove(upload);
                            db.SaveChanges();

                            // Delete the File
                            if (File.Exists(filePath))
                            {
                                File.Delete(filePath);
                            }
                            break;
                        case ClamScanResults.Error:
                            string errorMsg = string.Format("[{0}] Scan Error: {1}", DateTime.Now, scanResult.RawResult);
                            File.AppendAllLines(errorFile, new List<string> { errorMsg });
                            Output(errorMsg);
                            break;
                        case ClamScanResults.Unknown:
                            string unkMsg = string.Format("[{0}] Unknown Scan Result: {1}", DateTime.Now, scanResult.RawResult);
                            File.AppendAllLines(errorFile, new List<string> { unkMsg });
                            Output(unkMsg);
                            break;
                    }
                }
            }

            if (totalViruses > 0)
            {
                // Add to transparency report if any were found
                Takedown report = db.Takedowns.Create();
                report.Requester = TAKEDOWN_REPORTER;
                report.RequesterContact = config.SupportEmail;
                report.DateRequested = DateTime.Now;
                report.Reason = "Malware Found";
                report.ActionTaken = string.Format("{0} Uploads removed", totalViruses);
                report.DateActionTaken = DateTime.Now;
                db.Takedowns.Add(report);
                db.SaveChanges();
            }

            Output(string.Format("Scanning Complete.  {0} Scanned | {1} Viruses Found | {2} Total Files", totalScans, totalViruses, totalCount));
        }
Exemplo n.º 8
0
        public static List<string> GetOrphanedEmail(Config config, TeknikEntities db)
        {
            List<string> foundEmail = new List<string>();
            if (config.EmailConfig.Enabled)
            {
                List<User> curUsers = db.Users.ToList();

                // Connect to hmailserver COM
                var app = new hMailServer.Application();
                app.Connect();
                app.Authenticate(config.EmailConfig.Username, config.EmailConfig.Password);

                var domain = app.Domains.ItemByName[config.EmailConfig.Domain];
                var accounts = domain.Accounts;
                for (int i = 0; i < accounts.Count; i++)
                {
                    var account = accounts[i];

                    bool userExists = curUsers.Exists(u => UserHelper.GetUserEmailAddress(config, u.Username) == account.Address);
                    bool isReserved = UserHelper.GetReservedUsernames(config).Exists(r => UserHelper.GetUserEmailAddress(config, r).ToLower() == account.Address.ToLower());
                    if (!userExists && !isReserved)
                    {
                        foundEmail.Add(account.Address);
                    }
                }
            }
            return foundEmail;
        }
Exemplo n.º 9
0
        public static DateTime UserLastActive(TeknikEntities db, Config config, User user)
        {
            try
            {
                DateTime lastActive = new DateTime(1900, 1, 1);

                if (lastActive < user.LastSeen)
                    lastActive = user.LastSeen;

                return lastActive;
            }
            catch (Exception ex)
            {
                throw new Exception("Unable to determine last user activity.", ex);
            }
        }
Exemplo n.º 10
0
        public static void GenerateLastSeen(Config config, TeknikEntities db, string fileName)
        {
            Output(string.Format("[{0}] Started Generation of Last Activity List.", DateTime.Now));
            List<User> curUsers = db.Users.ToList();
            StringBuilder sb = new StringBuilder();
            sb.AppendLine("Username,Last Activity,Creation Date,Last Website Activity,Last Email Activity,Last Git Activity");
            foreach (User user in curUsers)
            {
                sb.AppendLine(string.Format("{0},{1},{2},{3},{4},{5}",
                                user.Username,
                                UserHelper.GetLastAccountActivity(db, config, user).ToString("g"),
                                user.JoinDate.ToString("g"),
                                user.LastSeen.ToString("g"),
                                UserHelper.UserEmailLastActive(config, UserHelper.GetUserEmailAddress(config, user.Username)).ToString("g"),
                                UserHelper.UserGitLastActive(config, user.Username).ToString("g")));
            }
            string dir = Path.GetDirectoryName(fileName);
            if (!Directory.Exists(dir))
                Directory.CreateDirectory(dir);

            File.WriteAllText(fileName, sb.ToString());
            Output(string.Format("[{0}] Finished Generating Last Activity List.", DateTime.Now));
        }
Exemplo n.º 11
0
        public static List<string> GetInvalidAccounts(Config config, TeknikEntities db)
        {
            List<string> foundUsers = new List<string>();
            List<User> curUsers = db.Users.ToList();
            foreach (User user in curUsers)
            {
                // If the username is reserved, let's add it to the list
                if (UserHelper.UsernameReserved(config, user.Username))
                {
                    foundUsers.Add(user.Username);
                    continue;
                }

                // If the username is invalid, let's add it to the list
                if (!UserHelper.ValidUsername(config, user.Username) && user.Username != "Server Admin")
                {
                    foundUsers.Add(user.Username);
                    continue;
                }
            }
            return foundUsers;
        }
Exemplo n.º 12
0
        public static bool VerifyRecoveryEmail(TeknikEntities db, Config config, string username, string code)
        {
            User user = GetUser(db, username);
            RecoveryEmailVerification verCode = db.RecoveryEmailVerifications.Where(r => r.User.Username == username && r.Code == code).FirstOrDefault();
            if (verCode != null)
            {
                // We have a match, so clear out the verifications for that user
                List<RecoveryEmailVerification> verCodes = db.RecoveryEmailVerifications.Where(r => r.User.Username == username).ToList();
                if (verCodes != null && verCodes.Any())
                {
                    foreach (RecoveryEmailVerification ver in verCodes)
                    {
                        db.RecoveryEmailVerifications.Remove(ver);
                    }
                }
                // Update the user
                user.SecuritySettings.RecoveryVerified = true;
                db.Entry(user).State = EntityState.Modified;
                db.SaveChanges();

                return true;
            }
            return false;
        }
Exemplo n.º 13
0
        public static int Main(string[] args)
        {
            try
            {
                ArgumentOptions options = new ArgumentOptions();
                var parser = new CommandLine.Parser(config => config.HelpWriter = Console.Out);
                if (parser.ParseArguments(args, options))
                {
                    if (!string.IsNullOrEmpty(options.Config))
                        configPath = options.Config;

                    if (Directory.Exists(configPath))
                    {
                        Config config = Config.Load(configPath);
                        TeknikEntities db = new TeknikEntities();

                        Output(string.Format("[{0}] Started Server Maintenance Process.", DateTime.Now));

                        // Scan all the uploads for viruses, and remove the bad ones
                        if (options.ScanUploads && config.UploadConfig.VirusScanEnable)
                        {
                            ScanUploads(config, db);
                        }

                        // Warns all the invalid accounts via email
                        if (options.WarnAccounts)
                        {
                            WarnInvalidAccounts(config, db);
                        }

                        // Cleans all inactive users
                        if (options.CleanUsers)
                        {
                            CleanAccounts(config, db, options.DaysBeforeDeletion);
                        }

                        // Cleans the email for unused accounts
                        if (options.CleanEmails)
                        {
                            CleanEmail(config, db);
                        }

                        // Cleans all the git accounts that are unused
                        if (options.CleanGit)
                        {
                            CleanGit(config, db);
                        }

                        // Generates a file for all of the user's last seen dates
                        if (options.GenerateLastSeen)
                        {
                            GenerateLastSeen(config, db, options.LastSeenFile);
                        }

                        // Generates a file for all of the invalid accounts
                        if (options.GenerateInvalid)
                        {
                            GenerateInvalidAccounts(config, db, options.InvalidFile);
                        }

                        // Generates a file for all of the accounts to be cleaned
                        if (options.GenerateCleaning)
                        {
                            GenerateCleaningList(config, db, options.CleaningFile, options.DaysBeforeDeletion);
                        }

                        Output(string.Format("[{0}] Finished Server Maintenance Process.", DateTime.Now));
                        return 0;
                    }
                    else
                    {
                        string msg = string.Format("[{0}] Config File does not exist.", DateTime.Now);
                        File.AppendAllLines(errorFile, new List<string> { msg });
                        Output(msg);
                    }
                }
                else
                {
                    Output(options.GetUsage());
                }
            }
            catch (Exception ex)
            {
                string msg = string.Format("[{0}] Exception: {1}", DateTime.Now, ex.GetFullMessage(true));
                File.AppendAllLines(errorFile, new List<string> { msg });
                Output(msg);
            }
            return -1;
        }
Exemplo n.º 14
0
 public static void EditUser(TeknikEntities db, Config config, User user, bool changePass, string password)
 {
     try
     {
         // Changing Password?
         if (changePass)
         {
             // Update User password
             user.HashedPassword = SHA384.Hash(user.Username.ToLower(), password).ToHex();
         }
         db.Entry(user).State = EntityState.Modified;
         db.SaveChanges();
     }
     catch (Exception ex)
     {
         throw new Exception(string.Format("Unable to edit user {0}.", user.Username), ex);
     }
 }
Exemplo n.º 15
0
        public static void DeleteUser(TeknikEntities db, Config config, User user)
        {
            try
            {
                // Update uploads
                List<Upload.Models.Upload> uploads = db.Uploads.Where(u => u.User.Username == user.Username).ToList();
                if (uploads != null)
                {
                    foreach (Upload.Models.Upload upload in uploads)
                    {
                        upload.UserId = null;
                        db.Entry(upload).State = EntityState.Modified;
                    }
                    db.SaveChanges();
                }

                // Update pastes
                List<Paste.Models.Paste> pastes = db.Pastes.Where(u => u.User.Username == user.Username).ToList();
                if (pastes != null)
                {
                    foreach (Paste.Models.Paste paste in pastes)
                    {
                        paste.UserId = null;
                        db.Entry(paste).State = EntityState.Modified;
                    }
                    db.SaveChanges();
                }

                // Update shortened urls
                List<ShortenedUrl> shortUrls = db.ShortenedUrls.Where(u => u.User.Username == user.Username).ToList();
                if (shortUrls != null)
                {
                    foreach (ShortenedUrl shortUrl in shortUrls)
                    {
                        shortUrl.UserId = null;
                        db.Entry(shortUrl).State = EntityState.Modified;
                    }
                    db.SaveChanges();
                }

                // Delete Blogs
                Blog.Models.Blog blog = db.Blogs.Where(u => u.User.Username == user.Username).FirstOrDefault();
                if (blog != null)
                {
                    db.Blogs.Remove(blog);
                    db.SaveChanges();
                }

                // Delete post comments
                List<BlogPostComment> postComments = db.BlogComments.Where(u => u.User.Username == user.Username).ToList();
                if (postComments != null)
                {
                    foreach (BlogPostComment postComment in postComments)
                    {
                        db.BlogComments.Remove(postComment);
                    }
                    db.SaveChanges();
                }

                // Delete podcast comments
                List<Podcast.Models.PodcastComment> podComments = db.PodcastComments.Where(u => u.User.Username == user.Username).ToList();
                if (podComments != null)
                {
                    foreach (Podcast.Models.PodcastComment podComment in podComments)
                    {
                        db.PodcastComments.Remove(podComment);
                    }
                    db.SaveChanges();
                }

                // Delete Recovery Email Verifications
                List<RecoveryEmailVerification> verCodes = db.RecoveryEmailVerifications.Where(r => r.User.Username == user.Username).ToList();
                if (verCodes != null)
                {
                    foreach (RecoveryEmailVerification verCode in verCodes)
                    {
                        db.RecoveryEmailVerifications.Remove(verCode);
                    }
                    db.SaveChanges();
                }

                // Delete Password Reset Verifications 
                List<ResetPasswordVerification> verPass = db.ResetPasswordVerifications.Where(r => r.User.Username == user.Username).ToList();
                if (verPass != null)
                {
                    foreach (ResetPasswordVerification ver in verPass)
                    {
                        db.ResetPasswordVerifications.Remove(ver);
                    }
                    db.SaveChanges();
                }

                // Delete User
                db.Users.Remove(user);
                db.SaveChanges();
            }
            catch (Exception ex)
            {
                throw new Exception(string.Format("Unable to delete user {0}.", user.Username), ex);
            }
        }
Exemplo n.º 16
0
        public static void AddUser(TeknikEntities db, Config config, User user, string password)
        {
            try
            {
                // Add User
                user.HashedPassword = GeneratePassword(config, user, password);
                db.Users.Add(user);
                db.SaveChanges();

                // Generate blog for the user
                var newBlog = db.Blogs.Create();
                newBlog.UserId = user.UserId;
                db.Blogs.Add(newBlog);
                db.SaveChanges();
            }
            catch (Exception ex)
            {
                throw new Exception("Unable to create user.", ex);
            }
        }
Exemplo n.º 17
0
 public static void TransferUser(TeknikEntities db, Config config, User user, string password)
 {
     try
     {
         List<TransferType> transfers = user.Transfers.ToList();
         for (int i = 0; i < transfers.Count; i++)
         {
             TransferType transfer = transfers[i];
             switch (transfer.Type)
             {
                 case TransferTypes.Sha256Password:
                 case TransferTypes.CaseSensitivePassword:
                 case TransferTypes.ASCIIPassword:
                     user.HashedPassword = SHA384.Hash(user.Username.ToLower(), password).ToHex();
                     break;
                 default:
                     break;
             }
             user.Transfers.Remove(transfer);
         }
         db.Entry(user).State = EntityState.Modified;
         db.SaveChanges();
     }
     catch (Exception ex)
     {
         throw new Exception("Unable to transfer user info.", ex);
     }
 }
Exemplo n.º 18
0
 public static bool UserPasswordCorrect(TeknikEntities db, Config config, User user, string password)
 {
     try
     {
         string hash = GeneratePassword(config, user, password);
         return db.Users.Any(b => b.Username == user.Username && b.HashedPassword == hash);
     }
     catch (Exception ex)
     {
         throw new Exception("Unable to determine if password is correct.", ex);
     }
 }
Exemplo n.º 19
0
        public static void WarnInvalidAccounts(Config config, TeknikEntities db)
        {

            Output(string.Format("[{0}] Started Warning of Invalid Accounts.", DateTime.Now));
            List<string> invalidAccounts = GetInvalidAccounts(config, db);

            foreach (string account in invalidAccounts)
            {
                // Let's send them an email :D
                string email = UserHelper.GetUserEmailAddress(config, account);
                
                SmtpClient client = new SmtpClient();
                client.Host = config.ContactConfig.Host;
                client.Port = config.ContactConfig.Port;
                client.EnableSsl = config.ContactConfig.SSL;
                client.DeliveryMethod = SmtpDeliveryMethod.Network;
                client.UseDefaultCredentials = true;
                client.Credentials = new NetworkCredential(config.ContactConfig.Username, config.ContactConfig.Password);
                client.Timeout = 5000;

                try
                {
                    MailMessage mail = new MailMessage(config.SupportEmail, email);
                    mail.Subject = "Invalid Account Notice";
                    mail.Body = string.Format(@"
The account {0} does not meet the requirements for a valid username.  

The username must meet the following requirements: {1}  
It must also be greater than or equal to {2} characters in length, and less than or equal to {3} characters in length.

This email is to let you know that this account will be deleted in {4} days ({5}) in order to comply with the username restrictions.  If you would like to keep your data, you should create a new account and transfer the data over to the new account.  

In order to make the process as easy as possible, you can reply to this email to ask for your current account to be renamed to another available account.  This would keep all your data intact, and just require you to change all references to your email/git/user to the new username.  If you wish to do this, please respond within {6} days ({7}) with the new username you would like to use.

Thank you for your continued use of Teknik!

- Teknik Administration", account, config.UserConfig.UsernameFilterLabel, config.UserConfig.MinUsernameLength, config.UserConfig.MaxUsernameLength, 30, DateTime.Now.AddDays(30).ToShortDateString(), 15, DateTime.Now.AddDays(15).ToShortDateString());
                    mail.BodyEncoding = UTF8Encoding.UTF8;
                    mail.DeliveryNotificationOptions = DeliveryNotificationOptions.Never;

                    client.Send(mail);
                }
                catch (Exception ex)
                {
                    Output(string.Format("[{0}] Unable to send email to {1}.  Exception: {2}", DateTime.Now, email, ex.Message));
                }
            }

            Output(string.Format("[{0}] Finished Warning of Invalid Accounts.  {1} Accounts Warned.", DateTime.Now, invalidAccounts.Count));
        }
Exemplo n.º 20
0
        public static string CreateResetPasswordVerification(TeknikEntities db, Config config, User user)
        {
            // Check to see if there already is a verification code for the user
            List<ResetPasswordVerification> verCodes = db.ResetPasswordVerifications.Where(r => r.User.Username == user.Username).ToList();
            if (verCodes != null && verCodes.Any())
            {
                foreach (ResetPasswordVerification verCode in verCodes)
                {
                    db.ResetPasswordVerifications.Remove(verCode);
                }
            }

            // Create a new verification code and add it
            string verifyCode = Helpers.Utility.RandomString(24);
            ResetPasswordVerification ver = new ResetPasswordVerification();
            ver.UserId = user.UserId;
            ver.Code = verifyCode;
            ver.DateCreated = DateTime.Now;
            db.ResetPasswordVerifications.Add(ver);
            db.SaveChanges();

            return verifyCode;
        }
Exemplo n.º 21
0
        public static void CleanAccounts(Config config, TeknikEntities db, int maxDays)
        {
            Output(string.Format("[{0}] Started Cleaning of Inactive/Invalid Users.", DateTime.Now));
            List<string> invalidAccounts = GetInvalidAccounts(config, db);
            List<string> inactiveAccounts = GetInactiveAccounts(config, db, maxDays);

            // Delete invalid accounts
            foreach (string account in invalidAccounts)
            {
                UserHelper.DeleteAccount(db, config, UserHelper.GetUser(db, account));
            }

            if (invalidAccounts.Count > 0)
            {
                // Add to transparency report if any users were removed
                Takedown report = db.Takedowns.Create();
                report.Requester = TAKEDOWN_REPORTER;
                report.RequesterContact = config.SupportEmail;
                report.DateRequested = DateTime.Now;
                report.Reason = "Username Invalid";
                report.ActionTaken = string.Format("{0} Accounts Removed", invalidAccounts.Count);
                report.DateActionTaken = DateTime.Now;
                db.Takedowns.Add(report);
                db.SaveChanges();
            }

            // Delete inactive accounts
            foreach (string account in inactiveAccounts)
            {
                UserHelper.DeleteAccount(db, config, UserHelper.GetUser(db, account));
            }

            if (invalidAccounts.Count > 0)
            {
                // Add to transparency report if any users were removed
                Takedown report = db.Takedowns.Create();
                report.Requester = TAKEDOWN_REPORTER;
                report.RequesterContact = config.SupportEmail;
                report.DateRequested = DateTime.Now;
                report.Reason = "Account Inactive";
                report.ActionTaken = string.Format("{0} Accounts Removed", inactiveAccounts.Count);
                report.DateActionTaken = DateTime.Now;
                db.Takedowns.Add(report);
                db.SaveChanges();
            }

            Output(string.Format("[{0}] Finished Cleaning of Inactive/Invalid Users.  {1} Accounts Removed.", DateTime.Now, invalidAccounts.Count + inactiveAccounts.Count));
        }
Exemplo n.º 22
0
        public static bool VerifyResetPassword(TeknikEntities db, Config config, string username, string code)
        {
            User user = GetUser(db, username);
            ResetPasswordVerification verCode = db.ResetPasswordVerifications.Where(r => r.User.Username == username && r.Code == code).FirstOrDefault();
            if (verCode != null)
            {
                // We have a match, so clear out the verifications for that user
                List<ResetPasswordVerification> verCodes = db.ResetPasswordVerifications.Where(r => r.User.Username == username).ToList();
                if (verCodes != null && verCodes.Any())
                {
                    foreach (ResetPasswordVerification ver in verCodes)
                    {
                        db.ResetPasswordVerifications.Remove(ver);
                    }
                }
                db.SaveChanges();

                return true;
            }
            return false;
        }
Exemplo n.º 23
0
        public static void CleanGit(Config config, TeknikEntities db)
        {
            Output(string.Format("[{0}] Started Cleaning of Orphaned Git Accounts.", DateTime.Now));
            List<string> gitAccounts = GetOrphanedGit(config, db);
            foreach (string account in gitAccounts)
            {
                // User doesn't exist, and it isn't reserved.  Let's nuke it.
                UserHelper.DeleteUserGit(config, account);
            }

            if (gitAccounts.Count > 0)
            {
                // Add to transparency report if any users were removed
                Takedown report = db.Takedowns.Create();
                report.Requester = TAKEDOWN_REPORTER;
                report.RequesterContact = config.SupportEmail;
                report.DateRequested = DateTime.Now;
                report.Reason = "Orphaned Git Account";
                report.ActionTaken = string.Format("{0} Accounts Removed", gitAccounts.Count);
                report.DateActionTaken = DateTime.Now;
                db.Takedowns.Add(report);
                db.SaveChanges();
            }

            Output(string.Format("[{0}] Finished Cleaning of Orphaned Git Accounts.  {1} Accounts Removed.", DateTime.Now, gitAccounts.Count));
        }
Exemplo n.º 24
0
        public static void AddAccount(TeknikEntities db, Config config, User user, string password)
        {
            try
            {
                // Create an Email Account
                AddUserEmail(config, GetUserEmailAddress(config, user.Username), password);

                // Create a Git Account
                AddUserGit(config, user.Username, password);

                // Add User
                AddUser(db, config, user, password);
            }
            catch (Exception ex)
            {
                throw new Exception("Unable to create account.", ex);
            }
        }
Exemplo n.º 25
0
        public static void GenerateCleaningList(Config config, TeknikEntities db, string fileName, int maxDays)
        {
            Output(string.Format("[{0}] Started Generation of Accounts to Clean List.", DateTime.Now));
            List<string> invalidAccounts = GetInvalidAccounts(config, db);
            List<string> inactiveAccounts = GetInactiveAccounts(config, db, maxDays);
            List<string> emailAccounts = GetOrphanedEmail(config, db);
            List<string> gitAccounts = GetOrphanedGit(config, db);

            StringBuilder sb = new StringBuilder();
            sb.AppendLine("Invalid Account Cleaning");
            sb.AppendLine("Username,Last Activity,Creation Date,Last Website Activity,Last Email Activity,Last Git Activity");
            foreach (string account in invalidAccounts)
            {
                User user = UserHelper.GetUser(db, account);
                sb.AppendLine(string.Format("{0},{1},{2},{3},{4},{5}",
                                user.Username,
                                UserHelper.GetLastAccountActivity(db, config, user).ToString("g"),
                                user.JoinDate.ToString("g"),
                                user.LastSeen.ToString("g"),
                                UserHelper.UserEmailLastActive(config, UserHelper.GetUserEmailAddress(config, user.Username)).ToString("g"),
                                UserHelper.UserGitLastActive(config, user.Username).ToString("g")));
            }

            sb.AppendLine();
            sb.AppendLine("Inactive Account Cleaning");
            sb.AppendLine("Username,Last Activity,Creation Date,Last Website Activity,Last Email Activity,Last Git Activity");
            foreach (string account in inactiveAccounts)
            {
                User user = UserHelper.GetUser(db, account);
                sb.AppendLine(string.Format("{0},{1},{2},{3},{4},{5}",
                                user.Username,
                                UserHelper.GetLastAccountActivity(db, config, user).ToString("g"),
                                user.JoinDate.ToString("g"),
                                user.LastSeen.ToString("g"),
                                UserHelper.UserEmailLastActive(config, UserHelper.GetUserEmailAddress(config, user.Username)).ToString("g"),
                                UserHelper.UserGitLastActive(config, user.Username).ToString("g")));
            }

            sb.AppendLine();
            sb.AppendLine("Orphaned Email Cleaning");
            sb.AppendLine("Email,Last Activity");
            foreach (string account in emailAccounts)
            {
                sb.AppendLine(string.Format("{0},{1}",
                                account,
                                UserHelper.UserEmailLastActive(config, account).ToString("g")));
            }

            sb.AppendLine();
            sb.AppendLine("Orphaned Git Cleaning");
            sb.AppendLine("Username,Last Activity");
            foreach (string account in gitAccounts)
            {
                sb.AppendLine(string.Format("{0},{1}",
                                account,
                                UserHelper.UserGitLastActive(config, account).ToString("g")));
            }

            string dir = Path.GetDirectoryName(fileName);
            if (!Directory.Exists(dir))
                Directory.CreateDirectory(dir);

            File.WriteAllText(fileName, sb.ToString());
            Output(string.Format("[{0}] Finished Generating Accounts to Clean List.", DateTime.Now));
        }
Exemplo n.º 26
0
        public static User GetUser(TeknikEntities db, string username)
        {
            User user = db.Users.Where(b => b.Username == username).FirstOrDefault();
            if (user != null)
            {
                user.UserSettings = db.UserSettings.Find(user.UserId);
                user.SecuritySettings = db.SecuritySettings.Find(user.UserId);
                user.BlogSettings = db.BlogSettings.Find(user.UserId);
                user.UploadSettings = db.UploadSettings.Find(user.UserId);
            }

            return user;
        }
Exemplo n.º 27
0
        public static List<string> GetInactiveAccounts(Config config, TeknikEntities db, int maxDays)
        {
            List<string> foundUsers = new List<string>();
            List<User> curUsers = db.Users.ToList();
            foreach (User user in curUsers)
            {
                // If the username is reserved, don't worry about it
                if (UserHelper.UsernameReserved(config, user.Username))
                {
                    continue;
                }

                #region Inactivity Finding
                DateTime lastActivity = UserHelper.GetLastAccountActivity(db, config, user);

                TimeSpan inactiveTime = DateTime.Now.Subtract(lastActivity);

                // If older than max days, check their current usage
                if (inactiveTime >= new TimeSpan(maxDays, 0, 0, 0, 0))
                {
                    // Check the user's usage of the service.
                    bool noData = true;

                    // Any blog comments?
                    var blogCom = db.BlogComments.Where(c => c.UserId == user.UserId);
                    noData &= !(blogCom != null && blogCom.Any());

                    // Any blog posts?
                    var blogPosts = db.BlogPosts.Where(p => p.Blog.UserId == user.UserId);
                    noData &= !(blogPosts != null && blogPosts.Any());

                    // Any podcast comments?
                    var podCom = db.PodcastComments.Where(p => p.UserId == user.UserId);
                    noData &= !(podCom != null && podCom.Any());

                    // Any email?
                    if (config.EmailConfig.Enabled)
                    {
                        var app = new hMailServer.Application();
                        app.Connect();
                        app.Authenticate(config.EmailConfig.Username, config.EmailConfig.Password);

                        try
                        {
                            var domain = app.Domains.ItemByName[config.EmailConfig.Domain];
                            var account = domain.Accounts.ItemByAddress[UserHelper.GetUserEmailAddress(config, user.Username)];
                            noData &= ((account.Messages.Count == 0) && ((int)account.Size == 0));
                        }
                        catch { }
                    }

                    // Any git repos?
                    if (config.GitConfig.Enabled)
                    {
                        string email = UserHelper.GetUserEmailAddress(config, user.Username);
                        // We need to check the actual git database
                        MysqlDatabase mySQL = new MysqlDatabase(config.GitConfig.Database);
                        string sql = @"SELECT * FROM gogs.repository
                                        LEFT JOIN gogs.action ON gogs.user.id = gogs.action.act_user_id
                                        WHERE gogs.user.login_name = {0}";
                        var results = mySQL.Query(sql, new object[] { email });

                        noData &= !(results != null && results.Any());
                    }

                    if (noData)
                    {
                        // They have no data, so safe to delete them.
                        foundUsers.Add(user.Username);
                    }
                    continue;
                }
                #endregion
            }
            return foundUsers;
        }
Exemplo n.º 28
0
        public static void DeleteAccount(TeknikEntities db, Config config, User user)
        {
            try
            {
                // Delete Email Account
                if (UserEmailExists(config, GetUserEmailAddress(config, user.Username)))
                    DeleteUserEmail(config, GetUserEmailAddress(config, user.Username));

                // Delete Git Account
                if (UserGitExists(config, user.Username))
                    DeleteUserGit(config, user.Username);

                // Delete User Account
                DeleteUser(db, config, user);
            }
            catch (Exception ex)
            {
                throw new Exception("Unable to delete account.", ex);
            }
        }
Exemplo n.º 29
0
        public static List<string> GetOrphanedGit(Config config, TeknikEntities db)
        {
            List<string> foundGit = new List<string>();
            if (config.GitConfig.Enabled)
            {
                List<User> curUsers = db.Users.ToList();

                // We need to check the actual git database
                MysqlDatabase mySQL = new MysqlDatabase(config.GitConfig.Database);
                string sql = @"SELECT gogs.user.login_name AS login_name, gogs.user.lower_name AS username FROM gogs.user";
                var results = mySQL.Query(sql);

                if (results != null && results.Any())
                {
                    foreach (var account in results)
                    {
                        bool userExists = curUsers.Exists(u => UserHelper.GetUserEmailAddress(config, u.Username).ToLower() == account["login_name"].ToString().ToLower());
                        bool isReserved = UserHelper.GetReservedUsernames(config).Exists(r => UserHelper.GetUserEmailAddress(config, r) == account["login_name"].ToString().ToLower());
                        if (!userExists && !isReserved)
                        {
                            foundGit.Add(account["username"].ToString());
                        }
                    }
                }
            }
            return foundGit;
        }
Exemplo n.º 30
0
        public static bool UserExists(TeknikEntities db, string username)
        {
            User user = GetUser(db, username);
            if (user != null)
            {
                return true;
            }

            return false;
        }