protected void gvUsers_RowCommand(object sender, CommandEventArgs e)
{
if (e == null)
{
throw new ArgumentNullException(nameof(e));
}
MembershipUser mu = Membership.GetUser(e.CommandArgument, false);
if (mu == null)
{
return;
}
lblResetErr.Text = "";
string szUser = mu.UserName;
if (!ProfileAdmin.ValidateUser(szUser))
{
return;
}
// SendMessage is available for any valid user; other commands are not valid for the current admin
if (e.CommandName.CompareOrdinalIgnoreCase("SendMessage") == 0)
{
pnlSendEmail.Visible = true;
lblRecipient.Text = HttpUtility.HtmlEncode(mu.UserName);
return;
}
if (String.Compare(szUser, Page.User.Identity.Name, StringComparison.InvariantCultureIgnoreCase) == 0)
{
return;
}
if (e.CommandName.CompareOrdinalIgnoreCase("Impersonate") == 0)
{
ProfileRoles.ImpersonateUser(Page.User.Identity.Name, szUser);
Response.Redirect("~/Member/LogbookNew.aspx");
}
else if (e.CommandName.CompareOrdinalIgnoreCase("ResetPassword") == 0)
{
// Need to get the user offline
mu = ProfileAdmin.ADMINUserFromName(szUser);
if (mu == null)
{
lblResetErr.Text = HttpUtility.HtmlEncode(String.Format(CultureInfo.CurrentCulture, "User '{0}' not found", szUser));
}
else
{
string szPass = mu.ResetPassword();
#pragma warning disable CA3002 // Watch out for injection
lblResetErr.Text = szPass;
lblPwdUsername.Text = szUser;
#pragma warning restore CA3002 // Watch out for injection
btnSendInEmail.Visible = true;
}
}
else if (e.CommandName.CompareOrdinalIgnoreCase("DeleteUser") == 0)
{
try
{
ProfileAdmin.DeleteForUser(mu, MyFlightbook.ProfileAdmin.DeleteLevel.EntireUser);
lblResetErr.Text = HttpUtility.HtmlEncode(String.Format(CultureInfo.CurrentCulture, "User {0} ({1}) successfully deleted.", mu.UserName, mu.Email));
}
catch (Exception ex) when(!(ex is OutOfMemoryException))
{
lblResetErr.Text = ex.Message;
}
}
else if (e.CommandName.CompareOrdinalIgnoreCase("DeleteFlightsForUser") == 0)
{
try
{
ProfileAdmin.DeleteForUser(mu, MyFlightbook.ProfileAdmin.DeleteLevel.OnlyFlights);
lblResetErr.Text = HttpUtility.HtmlEncode(String.Format(CultureInfo.CurrentCulture, "Flights for User {0} ({1}) successfully deleted.", mu.UserName, mu.Email));
}
catch (Exception ex) when(!(ex is OutOfMemoryException))
{
lblResetErr.Text = ex.Message;
}
}
else if (e.CommandName.CompareOrdinalIgnoreCase("EndowClub") == 0)
{
DBHelper dbh = new DBHelper();
dbh.DoNonQuery("INSERT INTO earnedgratuities SET idgratuitytype=3, username=?szUser, dateEarned=Now(), dateExpired=Date_Add(Now(), interval 30 day), reminderssent=0, dateLastReminder='0001-01-01 00:00:00'", (comm) => { comm.Parameters.AddWithValue("szUser", mu.UserName); });
}
else if (e.CommandName.CompareCurrentCultureIgnoreCase("Disable2FA") == 0)
{
Profile pf = Profile.GetUser(szUser);
if (pf.PreferenceExists(MFBConstants.keyTFASettings))
{
pf.SetPreferenceForKey(MFBConstants.keyTFASettings, null, true);
lblResetErr.Text = "2fa turned off for user " + HttpUtility.HtmlEncode(szUser);
}
else
{
lblResetErr.Text = "2fa was not on for user " + HttpUtility.HtmlEncode(szUser);
}
}
}
protected void gvUsers_RowCommand(object sender, GridViewCommandEventArgs e)
{
MembershipUser mu = Membership.GetUser(e.CommandArgument, false);
if (mu == null)
{
return;
}
lblResetErr.Text = "";
string szUser = mu.UserName;
if (!ProfileAdmin.ValidateUser(szUser))
{
return;
}
// SendMessage is available for any valid user; other commands are not valid for the current admin
if (e.CommandName.CompareTo("SendMessage") == 0)
{
pnlSendEmail.Visible = true;
lblRecipient.Text = mu.UserName;
return;
}
if (String.Compare(szUser, Page.User.Identity.Name, true) == 0)
{
return;
}
if (e.CommandName.CompareTo("Impersonate") == 0)
{
ProfileRoles.ImpersonateUser(Page.User.Identity.Name, szUser);
Response.Redirect("~/Member/LogbookNew.aspx");
}
else if (e.CommandName.CompareTo("ResetPassword") == 0)
{
// Need to get the user offline
mu = ProfileAdmin.ADMINUserFromName(szUser);
if (mu == null)
{
lblResetErr.Text = String.Format("User '{0}' not found", szUser);
}
else
{
string szPass = mu.ResetPassword();
lblResetErr.Text = szPass;
lblPwdUsername.Text = szUser;
btnSendInEmail.Visible = true;
}
}
else if (e.CommandName.CompareTo("DeleteUser") == 0)
{
try
{
ProfileAdmin.DeleteForUser(mu, MyFlightbook.ProfileAdmin.DeleteLevel.EntireUser);
lblResetErr.Text = String.Format("User {0} ({1}) successfully deleted.", mu.UserName, mu.Email);
}
catch (Exception ex) { lblResetErr.Text = ex.Message; }
}
else if (e.CommandName.CompareTo("DeleteFlightsForUser") == 0)
{
try
{
ProfileAdmin.DeleteForUser(mu, MyFlightbook.ProfileAdmin.DeleteLevel.OnlyFlights);
lblResetErr.Text = String.Format("Flights for User {0} ({1}) successfully deleted.", mu.UserName, mu.Email);
}
catch (Exception ex) { lblResetErr.Text = ex.Message; }
}
else if (e.CommandName.CompareTo("EndowClub") == 0)
{
DBHelper dbh = new DBHelper();
dbh.DoNonQuery("INSERT INTO earnedgratuities SET idgratuitytype=3, username=?szUser, dateEarned=Now(), dateExpired=Date_Add(Now(), interval 30 day), reminderssent=0, dateLastReminder='0001-01-01 00:00:00'", (comm) => { comm.Parameters.AddWithValue("szUser", mu.UserName); });
}
}