public SaveResponse Update(IUnitOfWork uow, UserPermissionUpdateRequest request) { Check.NotNull(request, "request"); Check.NotNull(request.UserID, "userID"); Check.NotNull(request.Permissions, "permissions"); var userID = request.UserID.Value; var oldList = new HashSet <string>( GetExisting(uow.Connection, userID, request.Module, request.Submodule) .Select(x => x.PermissionKey), StringComparer.OrdinalIgnoreCase); var newList = new HashSet <string>(request.Permissions.ToList(), StringComparer.OrdinalIgnoreCase); if (oldList.SetEquals(newList)) { return(new SaveResponse()); } foreach (var k in oldList) { if (newList.Contains(k)) { continue; } new SqlDelete(fld.TableName) .Where( new Criteria(fld.UserId) == userID & new Criteria(fld.PermissionKey) == k) .Execute(uow.Connection); } foreach (var k in newList) { if (oldList.Contains(k)) { continue; } uow.Connection.Insert(new MyRow { UserId = userID, PermissionKey = k }); } BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey); return(new SaveResponse()); }
public SaveResponse Update(IUnitOfWork uow, UserRoleUpdateRequest request) { Check.NotNull(request, "request"); Check.NotNull(request.UserID, "userID"); Check.NotNull(request.Roles, "permissions"); var userID = request.UserID.Value; var oldList = new HashSet <Int32>( GetExisting(uow.Connection, userID) .Select(x => x.RoleId.Value)); var newList = new HashSet <Int32>(request.Roles.ToList()); if (oldList.SetEquals(newList)) { return(new SaveResponse()); } foreach (var k in oldList) { if (newList.Contains(k)) { continue; } new SqlDelete(fld.TableName) .Where( new Criteria(fld.UserId) == userID & new Criteria(fld.RoleId) == k) .Execute(uow.Connection); } foreach (var k in newList) { if (oldList.Contains(k)) { continue; } uow.Connection.Insert(new MyRow { UserId = userID, RoleId = k }); } BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey); BatchGenerationUpdater.OnCommit(uow, Entities.UserPermissionRow.Fields.GenerationKey); return(new SaveResponse()); }
public Result<ServiceResponse> ResetPassword(ResetPasswordRequest request) { return this.InTransaction("Default", uow => { request.CheckNotNull(); if (string.IsNullOrEmpty(request.Token)) throw new ArgumentNullException("token"); int userId; using (var ms = new MemoryStream(MachineKey.Unprotect( Convert.FromBase64String(request.Token), "ResetPassword"))) using (var br = new BinaryReader(ms)) { var dt = DateTime.FromBinary(br.ReadInt64()); if (dt < DateTime.UtcNow) throw new ValidationError(Texts.Validation.InvalidResetToken); userId = br.ReadInt32(); } UserRow user; using (var connection = SqlConnections.NewFor<UserRow>()) { user = connection.TryById<UserRow>(userId); if (user == null) throw new ValidationError(Texts.Validation.InvalidResetToken); } if (request.ConfirmPassword != request.NewPassword) throw new ValidationError("PasswordConfirmMismatch", LocalText.Get("Validation.PasswordConfirm")); request.NewPassword = UserRepository.ValidatePassword(user.Username, request.NewPassword, false); var salt = Membership.GeneratePassword(5, 1); var hash = SiteMembershipProvider.ComputeSHA512(request.NewPassword + salt); UserRepository.CheckPublicDemo(user.UserId); uow.Connection.UpdateById(new UserRow { UserId = user.UserId.Value, PasswordSalt = salt, PasswordHash = hash }); BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey); return new ServiceResponse(); }); }
public Result <ServiceResponse> ChangePassword(ChangePasswordRequest request) { if (Authorization.Username.Equals("demo", StringComparison.OrdinalIgnoreCase)) { throw new Exception("This feature is disabled for demo user"); } return(this.InTransaction("SimpleFeedlyConn", uow => { request.CheckNotNull(); if (string.IsNullOrEmpty(request.OldPassword)) { throw new ArgumentNullException("oldPassword"); } var username = Authorization.Username; if (!Dependency.Resolve <IAuthenticationService>().Validate(ref username, request.OldPassword)) { throw new ValidationError("CurrentPasswordMismatch", Texts.Validation.CurrentPasswordMismatch); } if (request.ConfirmPassword != request.NewPassword) { throw new ValidationError("PasswordConfirmMismatch", LocalText.Get("Validation.PasswordConfirm")); } request.NewPassword = UserRepository.ValidatePassword(username, request.NewPassword, false); var salt = Membership.GeneratePassword(5, 1); var hash = SiteMembershipProvider.ComputeSHA512(request.NewPassword + salt); var userId = int.Parse(Authorization.UserId); UserRepository.CheckPublicDemo(userId); uow.Connection.UpdateById(new UserRow { UserId = userId, PasswordSalt = salt, PasswordHash = hash }); BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey); return new ServiceResponse(); })); }
public ActionResult Activate(string t) { using (var connection = SqlConnections.NewByKey("Default")) using (var uow = new UnitOfWork(connection)) { int userId; try { var bytes = HttpContext.RequestServices .GetDataProtector("Activate").Unprotect(Convert.FromBase64String(t)); using (var ms = new MemoryStream(bytes)) using (var br = new BinaryReader(ms)) { var dt = DateTime.FromBinary(br.ReadInt64()); if (dt < DateTime.UtcNow) { return(Error(Texts.Validation.InvalidActivateToken)); } userId = br.ReadInt32(); } } catch (Exception) { return(Error(Texts.Validation.InvalidActivateToken)); } var user = uow.Connection.TryById <UserRow>(userId); if (user == null || user.IsActive != 0) { return(Error(Texts.Validation.InvalidActivateToken)); } uow.Connection.UpdateById(new UserRow { UserId = user.UserId.Value, IsActive = 1 }); BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey); uow.Commit(); return(new RedirectResult("~/Account/Login?activated=" + Uri.EscapeDataString(user.Email))); } }
public Result <ServiceResponse> ChangePassword(ChangePasswordRequest request) { return(this.InTransaction("Default", uow => { request.CheckNotNull(); if (string.IsNullOrEmpty(request.OldPassword)) { throw new ArgumentNullException("oldPassword"); } var username = Authorization.Username; if (!Dependency.Resolve <IAuthenticationService> ().Validate(ref username, request.OldPassword)) { throw new ValidationError("CurrentPasswordMismatch", Texts.Validation.CurrentPasswordMismatch); } if (request.ConfirmPassword != request.NewPassword) { throw new ValidationError("PasswordConfirmMismatch", LocalText.Get("Validation.PasswordConfirm")); } request.NewPassword = UserRepository.ValidatePassword(username, request.NewPassword, false); string salt = null; var hash = UserRepository.GenerateHash(request.NewPassword, ref salt); var userId = int.Parse(Authorization.UserId); UserRepository.CheckPublicDemo(userId); uow.Connection.UpdateById(new UserRow { UserId = userId, PasswordSalt = salt, PasswordHash = hash }); BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey); return new ServiceResponse(); })); }
protected override void AfterSave() { base.AfterSave(); BatchGenerationUpdater.OnCommit(this.UnitOfWork, fld.GenerationKey); if (!Authorization.HasPermission(PermissionKeys.Tenants)) { var permFlds = UserPermissionRow.Fields; if (!Connection.Exists <UserPermissionRow>(permFlds.UserId == Row.UserId.Value && permFlds.PermissionKey == "Administration:User:Modify")) { Connection.InsertAndGetID(new UserPermissionRow { UserId = Row.UserId, PermissionKey = "Administration:User:Modify", Granted = true }); } if (!Connection.Exists <UserPermissionRow>(permFlds.UserId == Row.UserId.Value && permFlds.PermissionKey == "AdministrationTenants:User:Read")) { Connection.InsertAndGetID(new UserPermissionRow { UserId = Row.UserId, PermissionKey = "AdministrationTenants:User:Read", Granted = true }); } if (!Connection.Exists <UserPermissionRow>(permFlds.UserId == Row.UserId.Value && permFlds.PermissionKey == "Administration:Tenants:Read")) { Connection.InsertAndGetID(new UserPermissionRow { UserId = Row.UserId, PermissionKey = "Administration:Tenants:Read", Granted = true }); } } }
protected override void AfterSave() { base.AfterSave(); BatchGenerationUpdater.OnCommit(this.UnitOfWork, fld.GenerationKey); }
public SaveResponse Update(IUnitOfWork uow, UserPermissionUpdateRequest request) { Check.NotNull(request, "request"); Check.NotNull(request.UserID, "userID"); Check.NotNull(request.Permissions, "permissions"); var userID = request.UserID.Value; var oldList = new Dictionary <string, bool>(StringComparer.OrdinalIgnoreCase); foreach (var p in GetExisting(uow.Connection, userID, request.Module, request.Submodule)) { oldList[p.PermissionKey] = p.Granted.Value; } var newList = new Dictionary <string, bool>(StringComparer.OrdinalIgnoreCase); foreach (var p in request.Permissions) { newList[p.PermissionKey] = p.Granted ?? false; } if (oldList.Count == newList.Count && oldList.All(x => newList.ContainsKey(x.Key) && newList[x.Key] == x.Value)) { return(new SaveResponse()); } foreach (var k in oldList.Keys) { if (newList.ContainsKey(k)) { continue; } new SqlDelete(fld.TableName) .Where( new Criteria(fld.UserId) == userID & new Criteria(fld.PermissionKey) == k) .Execute(uow.Connection); } foreach (var k in newList.Keys) { if (!oldList.ContainsKey(k)) { uow.Connection.Insert(new MyRow { UserId = userID, PermissionKey = k, Granted = newList[k] }); } else if (oldList[k] != newList[k]) { new SqlUpdate(fld.TableName) .Where( fld.UserId == userID & fld.PermissionKey == k) .Set(fld.Granted, newList[k]) .Execute(uow.Connection); } } BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey); return(new SaveResponse()); }
public SaveResponse Update(IUnitOfWork uow, RolePermissionUpdateRequest request) { Check.NotNull(request, "request"); Check.NotNull(request.RoleID, "roleID"); Check.NotNull(request.Permissions, "permissions"); var roleID = request.RoleID.Value; var oldList = new HashSet <string>( GetExisting(uow.Connection, roleID, request.Module, request.Submodule) .Select(x => x.PermissionKey), StringComparer.OrdinalIgnoreCase); var newList = new HashSet <string>(request.Permissions.ToList(), StringComparer.OrdinalIgnoreCase); var allowedKeys = new UserPermissionRepository() .ListPermissionKeys() .Entities.ToDictionary(x => x); if (newList.Any(x => !allowedKeys.ContainsKey(x))) { throw new AccessViolationException(); } if (oldList.SetEquals(newList)) { return(new SaveResponse()); } foreach (var k in oldList) { if (newList.Contains(k)) { continue; } new SqlDelete(fld.TableName) .Where( new Criteria(fld.RoleId) == roleID & new Criteria(fld.PermissionKey) == k) .Execute(uow.Connection); } foreach (var k in newList) { if (oldList.Contains(k)) { continue; } uow.Connection.Insert(new MyRow { RoleId = roleID, PermissionKey = k }); } BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey); BatchGenerationUpdater.OnCommit(uow, Entities.UserPermissionRow.Fields.GenerationKey); return(new SaveResponse()); }