public override bool DeleteUser(string userName, bool deleteAllRelatedData)
        {
            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser user = uow.FindObject <XpoUser>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));
                    if (user == null)
                    {
                        return(false);
                    }
                    uow.Delete(user);
                    uow.CommitChanges();
                }
                return(true);
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "DeleteUser");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }
        public override bool ChangePassword(string userName, string oldPassword, string newPassword)
        {
            if (!ValidateUser(userName, oldPassword))
            {
                return(false);
            }

            ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(userName, newPassword, true);

            OnValidatingPassword(args);

            if (args.Cancel)
            {
                if (args.FailureInformation != null)
                {
                    throw args.FailureInformation;
                }
                else
                {
                    throw new Exception("Change password canceled due to new password validation failure.");
                }
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser user = uow.FindObject <XpoUser>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));
                    if (user != null)
                    {
                        user.Password = EncodePassword(newPassword);
                        user.LastPasswordChangedDate = DateTime.Now;
                    }
                    else
                    {
                        return(false);
                    }
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "ChangePassword");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }

            return(true);
        }
        public override bool ValidateUser(string userName, string password)
        {
            bool isValid = false;

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser user = uow.FindObject <XpoUser>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));

                    if (user == null)
                    {
                        return(false);
                    }

                    if (CheckPassword(password, user.Password))
                    {
                        if ((!user.IsLockedOut) && (user.IsApproved))
                        {
                            isValid            = true;
                            user.LastLoginDate = DateTime.Now;
                            uow.CommitChanges();
                        }
                    }
                    else
                    {
                        UpdateFailureCount(userName, FailureType.Password);
                    }
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "ValidateUser");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }

            return(isValid);
        }
        public override string GetUserNameByEmail(string email)
        {
            string userName;

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XPView xpvUser = new XPView(uow, typeof(XpoUser),
                                                new CriteriaOperatorCollection()
                    {
                        XpoUser.Fields.UserName
                    },
                                                new GroupOperator(
                                                    GroupOperatorType.And,
                                                    new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                    new BinaryOperator(XpoUser.Fields.Email, email, BinaryOperatorType.Equal)));

                    if (xpvUser.Count > 0)
                    {
                        userName = xpvUser[0][XpoUser.Fields.UserName.PropertyName].ToString();
                        if (String.IsNullOrEmpty(userName))
                        {
                            userName = String.Empty;
                        }
                    }
                    else
                    {
                        userName = null;
                    }
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "GetUserNameByEmail");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }

            return(userName);
        }
Exemplo n.º 5
0
        public void CreateRole(string roleName, string description)
        {
            if (String.IsNullOrEmpty(roleName))
            {
                throw new ProviderException("Role name cannot be empty or null.");
            }
            if (roleName.Contains(","))
            {
                throw new ArgumentException("Role names cannot contain commas.");
            }
            if (RoleExists(roleName))
            {
                throw new ProviderException("Role name already exists.");
            }
            if (roleName.Length > 256)
            {
                throw new ProviderException("Role name cannot exceed 256 characters.");
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoRole role = new XpoRole(uow)
                    {
                        RoleName = roleName, ApplicationName = this.ApplicationName, Description = description
                    };
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "CreateRole");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }
        public override MembershipUser GetUser(string userName, bool userIsOnline)
        {
            MembershipUser mUser;

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser xUser = uow.FindObject <XpoUser>(new GroupOperator(
                                                                 GroupOperatorType.And,
                                                                 new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                 new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));

                    if (xUser == null)
                    {
                        return(null);
                    }

                    mUser = GetUserFromXpoUser(xUser);

                    if (userIsOnline)
                    {
                        xUser.LastActivityDate = DateTime.Now;
                    }
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "GetUser(String, Boolean)");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }

            return(mUser);
        }
Exemplo n.º 7
0
        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole = true)
        {
            if (!RoleExists(roleName))
            {
                throw new ProviderException("Role does not exist.");
            }

            if (throwOnPopulatedRole && GetUsersInRole(roleName).Length > 0)
            {
                throw new ProviderException("Cannot delete a populated role.");
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoRole role = uow.FindObject <XpoRole>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoRole.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoRole.Fields.RoleName, roleName, BinaryOperatorType.Equal)));
                    uow.Delete(role);
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "DeleteRole");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }

            return(!RoleExists(roleName));
        }
        public override bool ChangePasswordQuestionAndAnswer(string userName, string password, string newPasswordQuestion, string newPasswordAnswer)
        {
            if (!ValidateUser(userName, password))
            {
                return(false);
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser user = uow.FindObject <XpoUser>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));
                    if (user == null)
                    {
                        return(false);
                    }
                    user.PasswordQuestion = newPasswordQuestion;
                    user.PasswordAnswer   = EncodePassword(newPasswordAnswer);
                    uow.CommitChanges();
                    return(true);
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "ChangePasswordQuestionAndAnswer");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }
        public override void UpdateUser(MembershipUser mUser)
        {
            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser xUser = uow.FindObject <XpoUser>(new GroupOperator(
                                                                 GroupOperatorType.And,
                                                                 new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                 new BinaryOperator(XpoUser.Fields.UserName, mUser.UserName, BinaryOperatorType.Equal)));

                    if (xUser == null)
                    {
                        throw new ProviderException("The specified user is not found.");
                    }

                    xUser.Email         = mUser.Email;
                    xUser.Comment       = mUser.Comment;
                    xUser.IsApproved    = mUser.IsApproved;
                    xUser.LastLoginDate = mUser.LastLoginDate;
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "UpdateUser");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }
Exemplo n.º 10
0
        public override void AddUsersToRoles(string[] userNames, string[] roleNames)
        {
            foreach (string roleName in roleNames)
            {
                if (String.IsNullOrEmpty(roleName))
                {
                    throw new ProviderException("Role name cannot be empty or null.");
                }
                if (roleName.Contains(","))
                {
                    throw new ArgumentException("Role name cannot contain commas.");
                }
                if (!RoleExists(roleName))
                {
                    throw new ProviderException("Role name not found.");
                }
            }

            foreach (string userName in userNames)
            {
                if (String.IsNullOrEmpty(userName))
                {
                    throw new ProviderException("User name cannot be empty or null.");
                }
                if (userName.Contains(","))
                {
                    throw new ArgumentException("User names cannot contain commas.");
                }

                //foreach (string rolename in roleNames)
                //{
                //    if (IsUserInRole(userName, rolename))
                //        throw new ProviderException("User is already in role.");
                //}
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XPCollection <XpoUser> xpcUsers = new XPCollection <XpoUser>(uow, new GroupOperator(
                                                                                     GroupOperatorType.And,
                                                                                     new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                                     new InOperator(XpoUser.Fields.UserName.PropertyName, userNames)));
                    XPCollection <XpoRole> xpcRoles = new XPCollection <XpoRole>(uow, new GroupOperator(
                                                                                     GroupOperatorType.And,
                                                                                     new BinaryOperator(XpoRole.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                                     new InOperator(XpoRole.Fields.RoleName.PropertyName, roleNames)));
                    foreach (XpoUser user in xpcUsers)
                    {
                        user.Roles.AddRange(xpcRoles);
                    }
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "AddUsersToRoles");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }
Exemplo n.º 11
0
        public override void RemoveUsersFromRoles(string[] userNames, string[] roleNames)
        {
            foreach (string rolename in roleNames)
            {
                if (String.IsNullOrEmpty(rolename))
                {
                    throw new ProviderException("Role name cannot be empty or null.");
                }
                if (!RoleExists(rolename))
                {
                    throw new ProviderException("Role name not found.");
                }
            }

            foreach (string username in userNames)
            {
                if (String.IsNullOrEmpty(username))
                {
                    throw new ProviderException("User name cannot be empty or null.");
                }

                foreach (string rolename in roleNames)
                {
                    if (!IsUserInRole(username, rolename))
                    {
                        throw new ProviderException("User is not in role.");
                    }
                }
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XPCollection <XpoRole> xpcRoles = new XPCollection <XpoRole>(uow, new GroupOperator(
                                                                                     GroupOperatorType.And,
                                                                                     new BinaryOperator(XpoRole.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                                     new InOperator(XpoRole.Fields.RoleName.PropertyName, roleNames)));

                    XPCollection <XpoUser> xpcUsers;
                    foreach (XpoRole role in xpcRoles)
                    {
                        xpcUsers = new XPCollection <XpoUser>(uow, new GroupOperator(
                                                                  GroupOperatorType.And,
                                                                  new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                  new InOperator(XpoUser.Fields.UserName.PropertyName, userNames),
                                                                  new ContainsOperator(XpoUser.Fields.Roles, new BinaryOperator(XpoRole.Fields.RoleName, role.RoleName, BinaryOperatorType.Equal))));
                        for (int i = xpcUsers.Count - 1; i >= 0; i--)
                        {
                            role.Users.Remove(xpcUsers[i]);
                        }
                    }
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "RemoveUsersFromRoles");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }
        public override string ResetPassword(string userName, string answer)
        {
            if (!EnablePasswordReset)
            {
                throw new NotSupportedException("Password Reset is not enabled.");
            }

            if ((answer == null) && (RequiresQuestionAndAnswer))
            {
                UpdateFailureCount(userName, FailureType.PasswordAnswer);
                throw new ProviderException("Password answer required for password Reset.");
            }

            int    minPasswordLenth = MinRequiredPasswordLength > 8 ? MinRequiredPasswordLength : 8;
            string newPassword      = Membership.GeneratePassword(minPasswordLenth,
                                                                  MinRequiredNonAlphanumericCharacters);

            ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(userName, newPassword, true);

            OnValidatingPassword(args);

            if (args.Cancel)
            {
                if (args.FailureInformation != null)
                {
                    throw args.FailureInformation;
                }
                else
                {
                    throw new MembershipPasswordException("Reset password canceled due to password answer validation failure.");
                }
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser user = uow.FindObject <XpoUser>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));

                    if (user == null)
                    {
                        throw new MembershipPasswordException("The specified user is not found.");
                    }
                    if (user.IsLockedOut)
                    {
                        throw new MembershipPasswordException("The specified user is locked out.");
                    }

                    if (RequiresQuestionAndAnswer && (!CheckPassword(answer, user.PasswordAnswer)))
                    {
                        UpdateFailureCount(userName, FailureType.PasswordAnswer);

                        throw new MembershipPasswordException("Incorrect password answer.");
                    }

                    user.Password = EncodePassword(newPassword);
                    user.LastPasswordChangedDate = DateTime.Now;
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "ResetPassword");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }

            return(newPassword);
        }
        public override MembershipUser CreateUser(string userName, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
        {
            ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(userName, password, true);

            OnValidatingPassword(args);

            if (args.Cancel)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            if (requiresQuestionAndAnswer && String.IsNullOrEmpty(passwordAnswer))
            {
                status = MembershipCreateStatus.InvalidAnswer;
                return(null);
            }

            if (RequiresUniqueEmail)
            {
                if (!IsEmail(email))
                {
                    status = MembershipCreateStatus.InvalidEmail;
                    return(null);
                }
                if (!String.IsNullOrEmpty(GetUserNameByEmail(email)))
                {
                    status = MembershipCreateStatus.DuplicateEmail;
                    return(null);
                }
            }

            MembershipUser mUser = GetUser(userName, false);

            if (mUser != null)
            {
                status = MembershipCreateStatus.DuplicateUserName;
                return(null);
            }

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    DateTime creationDate = DateTime.Now;
                    DateTime minDate      = DateTime.MinValue;

                    XpoUser xUser = new XpoUser(uow)
                    {
                        ApplicationName                        = this.ApplicationName,
                        UserName                               = userName,
                        Password                               = EncodePassword(password),
                        Email                                  = String.IsNullOrEmpty(email) ? String.Empty : email,
                        PasswordQuestion                       = passwordQuestion,
                        PasswordAnswer                         = EncodePassword(passwordAnswer),
                        IsApproved                             = isApproved,
                        CreationDate                           = creationDate,
                        LastPasswordChangedDate                = creationDate,
                        LastActivityDate                       = creationDate,
                        IsLockedOut                            = false,
                        LastLockedOutDate                      = minDate,
                        LastLoginDate                          = creationDate,
                        FailedPasswordAnswerAttemptCount       = 0,
                        FailedPasswordAnswerAttemptWindowStart = minDate,
                        FailedPasswordAttemptCount             = 0,
                        FailedPasswordAttemptWindowStart       = minDate,
                    };
                    uow.CommitChanges();
                    status = MembershipCreateStatus.Success;
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "CreateUser");
                }

                status = MembershipCreateStatus.ProviderError;
            }

            return(GetUser(userName, false));
        }
        private void UpdateFailureCount(string userName, FailureType failureType)
        {
            DateTime windowStart;
            DateTime windowEnd;
            int      failureCount;

            try
            {
                using (XtraUnitOfWork uow = new XtraUnitOfWork(DataLayer))
                {
                    XpoUser user = uow.FindObject <XpoUser>(new GroupOperator(
                                                                GroupOperatorType.And,
                                                                new BinaryOperator(XpoUser.Fields.ApplicationName, ApplicationName, BinaryOperatorType.Equal),
                                                                new BinaryOperator(XpoUser.Fields.UserName, userName, BinaryOperatorType.Equal)));

                    switch (failureType)
                    {
                    case FailureType.Password:
                        failureCount = user.FailedPasswordAttemptCount;
                        windowStart  = user.FailedPasswordAttemptWindowStart;
                        windowEnd    = windowStart.AddMinutes(PasswordAttemptWindow);

                        user.FailedPasswordAttemptWindowStart = DateTime.Now;

                        if (DateTime.Now > windowEnd)
                        {
                            user.FailedPasswordAttemptCount = 1;
                        }
                        else
                        {
                            user.FailedPasswordAttemptCount++;
                        }

                        if (user.FailedPasswordAttemptCount >= MaxInvalidPasswordAttempts)
                        {
                            if (!user.IsLockedOut)
                            {
                                user.LastLockedOutDate = DateTime.Now;
                                user.IsLockedOut       = true;
                            }
                        }
                        break;

                    case FailureType.PasswordAnswer:
                        failureCount = user.FailedPasswordAnswerAttemptCount;
                        windowStart  = user.FailedPasswordAnswerAttemptWindowStart;
                        windowEnd    = windowStart.AddMinutes(PasswordAttemptWindow);

                        user.FailedPasswordAnswerAttemptWindowStart = DateTime.Now;

                        if (DateTime.Now > windowEnd)
                        {
                            user.FailedPasswordAnswerAttemptCount = 1;
                        }
                        else
                        {
                            user.FailedPasswordAnswerAttemptCount++;
                        }

                        if (user.FailedPasswordAnswerAttemptCount >= MaxInvalidPasswordAttempts)
                        {
                            if (!user.IsLockedOut)
                            {
                                user.LastLockedOutDate = DateTime.Now;
                                user.IsLockedOut       = true;
                            }
                        }
                        break;
                    }
                    uow.CommitChanges();
                }
            }
            catch (Exception ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    WriteToEventLog(ex, "UpdateFailureCount");

                    throw new ProviderException(exceptionMessage);
                }
                else
                {
                    throw ex;
                }
            }
        }