/// <summary> /// Returns the contents of the file specified in the migrated key - if it exists /// If the file doesn't exist, then just return the default value /// </summary> /// <param name="migratedKey"></param> /// <param name="defaultValue"></param> /// <returns></returns> private string GetMigratedXSLT(string migratedKey, string defaultValue) { string result = defaultValue; try { string url = Utils.GetWebProperty(migratedKey, "", _web); if (!String.IsNullOrEmpty(url)) { url = Utils.GetAbsoluteURL(_web, url); string contents = string.Empty; WebRequest request = WebRequest.Create(url); request.Credentials = CredentialCache.DefaultCredentials; using (WebResponse response = request.GetResponse()) { using (StreamReader reader = new StreamReader(response.GetResponseStream())) { result = reader.ReadToEnd(); } response.Close(); } } } catch { } return(result); }
public static bool CopyToReviewList(MembershipRequest request) { SPList reviewList; SPListItem reviewItem = null; bool result = false; try { SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone)) { SPWeb web = site.RootWeb; if (web != null) { site.AllowUnsafeUpdates = true; web.AllowUnsafeUpdates = true; reviewList = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST)); if (reviewList != null) { using (SPWeb currentWeb = site.OpenWeb(SPContext.Current.Web.ID)) { if (!MembershipRequest.SendPendingMembershipEmail(request, currentWeb)) { return; } } reviewItem = reviewList.Items.Add(); reviewItem[MembershipReviewListFields.DATESUBMITTED] = DateTime.Now; reviewItem[MembershipReviewListFields.EMAIL] = request.UserEmail; reviewItem[MembershipReviewListFields.REQUESTID] = Guid.NewGuid(); reviewItem[MembershipReviewListFields.FIRSTNAME] = request.FirstName; reviewItem[MembershipReviewListFields.LASTNAME] = request.LastName; reviewItem[MembershipReviewListFields.STATUS] = MembershipStatus.Pending.ToString(); reviewItem[MembershipReviewListFields.USERNAME] = request.UserName; reviewItem[MembershipReviewListFields.RECOVERPASSWORDQUESTION] = request.PasswordQuestion;; reviewItem[MembershipReviewListFields.RECOVERPASSWORDANSWER] = request.PasswordAnswer; reviewItem[MembershipReviewListFields.DEFAULTGROUP] = request.DefaultGroup; reviewItem.Update(); reviewList.Update(); /* bms Removed called to SendPendingMembershipEmail due to call on ItemAdded */ result = true; } else { Utils.LogError("Unable to find Membership Review List"); } } } }); } catch (Exception ex) { Utils.LogError(ex); } return(result); }
protected override void CreateChildControls() { // return when user is not a forms based user IClaimsIdentity claimsIdentity = (HttpContext.Current.User != null) ? (HttpContext.Current.User.Identity as IClaimsIdentity) : null; if (claimsIdentity != null) { SPClaimProviderManager mgr = SPClaimProviderManager.Local; SPClaim sPClaim = mgr.DecodeClaimFromFormsSuffix(claimsIdentity.Name); if (SPOriginalIssuers.GetIssuerType(sPClaim.OriginalIssuer) == SPOriginalIssuerType.Windows) { return; } } string changePasswordPage = ""; SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone)) { MembershipSettings setting = new MembershipSettings(site.RootWeb); if (setting == null || string.IsNullOrEmpty(setting.ChangePasswordPage)) { return; } changePasswordPage = setting.ChangePasswordPage; } }); // generate return url string source = SPUtility.OriginalServerRelativeRequestUrl; string target = Utils.GetAbsoluteURL(SPContext.Current.Web, changePasswordPage); MenuItemTemplate changePasswordItem = new MenuItemTemplate(); changePasswordItem.Text = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Title"); changePasswordItem.Description = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Desc"); changePasswordItem.Sequence = 1; changePasswordItem.ClientOnClickNavigateUrl = target + "?Source=" + SPHttpUtility.UrlKeyValueEncode(source); this.Controls.Add(changePasswordItem); }
public static MembershipRequest GetMembershipRequest(MembershipUser user, SPWeb web) { MembershipRequest request = new MembershipRequest(); request.UserEmail = user.Email; request.UserName = user.UserName; request.SiteName = web.Title; request.SiteURL = web.Url; /* These are the possible set of URLs that are provided to the user and developer in the XSLT */ MembershipSettings settings = new MembershipSettings(web); request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage); request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage); request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage); return(request); }
private static MembershipRequest GetMembershipRequest(SPWeb web, SPListItem item, string password) { MembershipSettings settings = new MembershipSettings(web); MembershipRequest request = new MembershipRequest(); /* These are the core fields that are part of the membership provider request */ request.FirstName = item[MembershipReviewListFields.FIRSTNAME].ToString(); request.LastName = item[MembershipReviewListFields.LASTNAME].ToString(); request.Password = password; /* bms Updated the web property of Title for the site name instead of Name */ request.SiteName = web.Title; request.SiteURL = web.Url; request.UserEmail = item[MembershipReviewListFields.EMAIL].ToString(); request.UserName = item[MembershipReviewListFields.USERNAME].ToString(); /* These fields may not be avaliable based on the membership provider */ if (item[MembershipReviewListFields.RECOVERPASSWORDQUESTION] != null) { request.PasswordQuestion = item[MembershipReviewListFields.RECOVERPASSWORDQUESTION].ToString(); } if (item[MembershipReviewListFields.RECOVERPASSWORDANSWER] != null) { request.PasswordAnswer = item[MembershipReviewListFields.RECOVERPASSWORDANSWER].ToString(); } if (item[MembershipReviewListFields.DEFAULTGROUP] != null) { request.DefaultGroup = item[MembershipReviewListFields.DEFAULTGROUP].ToString(); } /* These are the possible set of URLs that are provided to the user and developer in the XSLT */ request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage); request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage); request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage); return(request); }
protected override void OnCreatedUser(EventArgs e) { // Note: this doesn't run using the privileges of the anonymous user, so we elevate them // Also, you can't use the original Site even with elevated privileges, otherwise it reverts back to anonymous. SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site2 = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone)) { using (SPWeb web2 = site2.OpenWeb(SPContext.Current.Web.ID)) { // from this point allowunsafeupdates is required because the call is initiated from a browser with // anonymouse rights only web2.AllowUnsafeUpdates = true; MembershipRequest request = new MembershipRequest(); request.UserEmail = this.Email; request.UserName = this.UserName; if (System.Web.Security.Membership.RequiresQuestionAndAnswer) { request.PasswordQuestion = this.Question; request.PasswordAnswer = this.Answer; } request.FirstName = this.FirstName; request.LastName = this.LastName; request.DefaultGroup = this._DefaultGroup; request.SiteName = web2.Title; request.SiteURL = web2.Url; MembershipSettings settings = new MembershipSettings(web2); if (settings.ReviewMembershipRequests) { request.LoginCreatedUser = false; if (!MembershipRequest.CopyToReviewList(request)) { lblError.Text = this.UnknownErrorMessage; return; } } else { #region Process new user request if we're NOT using the Request List if (!AutoGeneratePassword) { request.Password = this.Password; } request.ChangePasswordURL = Utils.GetAbsoluteURL(web2, settings.ChangePasswordPage); request.LoginCreatedUser = SPLoginCreatedUser; try { MembershipRequest.ApproveMembership(request, web2); } catch (Exception ex) { Utils.LogError(ex); this.lblCompleteSuccess.Text = this.UnknownErrorMessage; return; } #endregion } this.MoveTo(this.CompleteStep); } } }); }
public static void ApproveMembership(MembershipRequest request, SPWeb web) { Hashtable xsltValues; MembershipCreateStatus createStatus; SPListItem debuggingInfoItem = null; MembershipSettings settings = new MembershipSettings(web); MembershipProvider membership = Utils.BaseMembershipProvider(web.Site); /* This is just for debugging */ try { SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST)); if (memberlist.Fields.ContainsField("LastError")) { foreach (SPListItem addItem in memberlist.Items) { if (addItem["User Name"].ToString() == request.UserName) { debuggingInfoItem = addItem; /* bms added break to only loop through items needed */ break; } } } } catch { } /* Above is for debugging */ try { if (string.IsNullOrEmpty(request.UserName)) { throw new Exception("User name must not be null or empty."); } /* rdcpro: Allows providers that don't have password and question */ if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordQuestion)) { throw new Exception("You must specify a password question."); } if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordAnswer)) { throw new Exception("You must specify a password answer."); } if (string.IsNullOrEmpty(request.UserEmail)) { throw new Exception("Email address must not be null or empty."); } //create account /* bms Create password at a minimum of 7 characters or Min from provider if greater */ int passwordLength = 14; if (passwordLength < membership.MinRequiredPasswordLength) { passwordLength = membership.MinRequiredPasswordLength; } if (passwordLength < membership.MinRequiredNonAlphanumericCharacters) { passwordLength = membership.MinRequiredNonAlphanumericCharacters; } if (String.IsNullOrEmpty(request.Password)) { request.Password = System.Web.Security.Membership.GeneratePassword(passwordLength, membership.MinRequiredNonAlphanumericCharacters); } MembershipUser existingUser = Utils.BaseMembershipProvider(web.Site).GetUser(request.UserName, false); if (existingUser != null) { membership.DeleteUser(request.UserName, true); } MembershipUser newUser; //This section is to transaction Creating the user and sending the email try { // rdcpro: Changes to support providers that don't require question and answer. if (membership.RequiresQuestionAndAnswer) { //membership.CreateUser(request.UserName, tempPassword, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, out createStatus); newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, null, out createStatus); } else { // With this method the MembershipCreateUserException will take care of things if the user can't be created, so no worry that createStatus is set to success //membership.CreateUser(.CreateUser(request.UserName, tempPassword, request.UserEmail); newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, null, null, true, null, out createStatus); createStatus = MembershipCreateStatus.Success; } if (debuggingInfoItem != null) { if (debuggingInfoItem.Fields.ContainsField("LastError")) { debuggingInfoItem["LastError"] = "Created User"; debuggingInfoItem.SystemUpdate(); } } if (createStatus == MembershipCreateStatus.Success) { newUser.IsApproved = true; membership.UpdateUser(newUser); //Add the user to the default group if (!String.IsNullOrEmpty(request.DefaultGroup)) { web.SiteGroups[request.DefaultGroup].AddUser(Utils.EncodeUsername(request.UserName.ToLower(), web.Site), request.UserEmail, request.FirstName + " " + request.LastName, "Self Registration"); //Login the user if selected if (request.LoginCreatedUser) { Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(new Uri(web.Url), request.UserName, request.Password); } } if (debuggingInfoItem != null) { if (debuggingInfoItem.Fields.ContainsField("LastError")) { if (!String.IsNullOrEmpty(request.DefaultGroup)) { debuggingInfoItem["LastError"] = "Add User Has No Groups"; } else { debuggingInfoItem["LastError"] = "Add User To Groups"; } debuggingInfoItem.SystemUpdate(); } } //email user to confirm that request is approved xsltValues = new Hashtable(1); xsltValues.Add("fba:MembershipRequest", request); bool bSentMail = Email.SendEmail(web, request.UserEmail, settings.MembershipApprovedEmail, xsltValues); if (!bSentMail) { Utils.LogError("SendEmail failed"); throw new Exception("Error sending mail notification"); } if (debuggingInfoItem != null) { if (debuggingInfoItem.Fields.ContainsField("LastError")) { debuggingInfoItem["LastError"] = "Sent Email To New User: "******"Error creating user: "******"LastError")) { foreach (SPListItem addItem in memberlist.Items) { if (addItem["User Name"].ToString() == request.UserName) { addItem["LastError"] = AdduserExp.Message.ToString(); addItem.SystemUpdate(); break; } } } } catch { } // TODO: if CreateUser fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is. // Maybe the list should always have the "LastError" field, or else the status can have an extra error value in addition to pending | approved | rejected // Then in the calling code, we must not delete the item from the list! // Also, if we're handling an exception, we should set the status back to "Pending". // For now, we rethrow the exception which will cause the caller to fail, and prevent the delete. throw new Exception(AdduserExp.Message); } } catch (Exception ex) { //Add error information to list try { SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST)); if (memberlist.Fields.ContainsField("LastError")) { foreach (SPListItem addItem in memberlist.Items) { if (addItem["User Name"].ToString() == request.UserName) { // This overwrites anything already in the LastError field. addItem["LastError"] = ex.Message.ToString(); addItem.SystemUpdate(); } } } } catch { } Utils.LogError(ex); throw new Exception(ex.Message); } }