public bool SendPasswordResetEmail(SantaUser user)
{
const string ddosPreventionKeyPrefix = "santa.user.pasword_reset_for_";
// prevent abuse:
var cacheKey = ddosPreventionKeyPrefix + user.Id;
using (var abuse = new EmailAbuseProtection(cacheKey, _configProvider.PasswordResetCooldown))
{
var token = _passwordResetTokenSource.GetAccessCodeFor(
user.GetPasswordResetTokenGenerationInputString());
var urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext);
var link = urlHelper.Action("ResetPassword", "Account", new { userId = user.Id, token },
HttpContext.Current.Request.Url.Scheme);
var body = string.Format(Resources.Global.Email_PasswordReset_Body, user.DisplayName, link, _configProvider.PasswordResetValidFor.TotalMinutes);
if (!SendEmail(user.Email, Resources.Global.Email_PasswordReset_Subject, body))
{
return(false);
}
// save for ddos prevention
abuse.EmailSendingSucceeded = true;
return(true);
}
}
public void ClearDataProtected_ClearsAllFields()
{
var user = new SantaUser
{
Id = 1,
Country = "abc",
SendAbroad = SendAbroadOption.Want,
AddressLine1 = "a1",
AddressLine2 = "a2",
AdminConfirmed = false,
City = "c",
CreateDate = DateTime.Now,
DisplayName = "d",
Email = "e",
EmailConfirmed = false,
FacebookProfileUrl = "f",
FullName = "fn",
Note = "n",
PasswordHash = new byte[10],
PostalCode = "pc"
};
user.ClearDataProtected();
foreach (var dataProtectedProperty in typeof(SantaUser)
.GetProperties(BindingFlags.Instance | BindingFlags.Public)
.Where(p => p.GetCustomAttribute <DataProtectionAttribute>() != null))
{
dataProtectedProperty.GetValue(user).Should().BeNull();
}
}
public ActionResult RemoveAccount(SantaUser model)
{
if (!ModelState.IsValid)
{
return(RedirectToAction("Index"));
}
if (_userRepository.WasAssigned())
{
return(View("Message", model: Resources.Global.Message_CannotRemoveAccountAfterAssignment));
}
// TODO: More info
var userId = GetUserId();
if (!userId.HasValue)
{
return(RedirectToAction("Index", "Home"));
}
var santaUser = _userRepository.GetUser(userId.Value);
if (model.Id != santaUser.Id)
{
return(RedirectToAction("Index"));
}
// sign out
HttpContext.GetOwinContext().Authentication
.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
_userRepository.DeleteUser(userId.Value);
return(RedirectToAction("Index", "Home"));
}
private static bool CanFitBetween(SantaUser user, SantaUser before, SantaUser next, Func <SantaUser, SantaUser, bool> predicate)
{
// the user fits if:
// 1. Previous user can send to the user
// 2. user can send to the next user
return(predicate(before, user) && // 1.
(user.SendAbroad == SendAbroadOption.Want || user.SendAbroad == SendAbroadOption.Can ||
user.Country == next.Country)); // 2.
}
public ActionResult RemoveUser(SantaUser user)
{
if (_userRepository.WasAssigned())
{
return(View("Message", model: Resources.Global.Message_CannotRemoveAccountAfterAssignment));
}
_userRepository.DeleteUser(user.Id);
return(RedirectToAction("Index"));
}
public void SendNewMessageNotification(SantaUser recipient, MessageRole @from, string messageText)
{
var urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext);
var subject = string.Format(Resources.Global.Email_NewMessage_Subject, MessageRoleTranslationHelper.From(from));
var body = string.Format(Resources.Global.Email_NewMessage_Body, recipient.DisplayName, MessageRoleTranslationHelper.From(from),
messageText, urlHelper.Action("Index", "Messages", new { }, HttpContext.Current.Request.Url.Scheme));
SendEmail(recipient.Email, subject, body);
}
public void SendNewAdminSupportMessageNotification(SantaUser sender, string messageText)
{
if (string.IsNullOrEmpty(_configProvider.AdminEmail))
{
return;
}
var body = string.Format(Resources.Global.Email_NewSupportMessage_Body, sender.DisplayName, messageText);
SendEmail(_configProvider.AdminEmail, Resources.Global.Email_NewSupportMessage_Subject, body);
}
private static LinkedListNode <SantaUser> FindRecipient(SantaUser sender, LinkedList <SantaUser> list, Func <SantaUser, SantaUser, bool> predicate)
{
var target = list.First;
while (target != null)
{
if (predicate(sender, target.Value))
{
return(target);
}
target = target.Next;
}
return(null);
}
public void InsertUser_EncryptsModel()
{
var user = new SantaUser();
try
{
_userRepository.InsertUser(user);
}
catch
{
// ignore
}
_encryptionProviderMock.Verify(e => e.Encrypt(user), Times.Once);
}
private static bool TryFitUser(SantaUser user, List <LinkedList <SantaUser> > closedChains, Func <SantaUser, SantaUser, bool> predicate)
{
foreach (var chain in closedChains)
{
// 3. iterate chain
var current = chain.First;
while (current.Next != null)
{
if (CanFitBetween(user, current.Value, current.Next.Value, predicate))
{
chain.AddAfter(current, user);
return(true);
}
current = current.Next;
}
}
return(false);
}
public UserEditResult UpdateUser([NotNull] SantaUser updateUser)
{
var current = WithConnection(conn => conn.Get <SantaUser>(updateUser.Id));
var emailChanged = !updateUser.Email.Equals(current.Email, StringComparison.OrdinalIgnoreCase);
var fbProfileChanged =
!updateUser.FacebookProfileUrl.Equals(current.FacebookProfileUrl, StringComparison.OrdinalIgnoreCase);
if (emailChanged && !CheckEmail(updateUser.Email))
{
return new UserEditResult {
EmailUnavailable = true, Success = false
}
}
;
if (fbProfileChanged && !CheckFacebookProfileUri(updateUser.FacebookProfileUrl))
{
return new UserEditResult {
FacebookProfileUnavailable = true, Success = false
}
}
;
_encryptionProvider.Encrypt(updateUser);
WithConnection(conn =>
conn.Execute($"UPDATE [dbo].[{nameof(SantaUser)}s] SET " +
"[Email] = @Email " +
" ,[FacebookProfileUrl] = @FacebookProfileUrl" +
" ,[DisplayName] = @DisplayName" +
" ,[FullName] = @FullName" +
" ,[AddressLine1] = @AddressLine1" +
" ,[AddressLine2] = @AddressLine2" +
" ,[PostalCode] = @PostalCode" +
" ,[City] = @City" +
" ,[Country] = @Country" +
" ,[SendAbroad] = @SendAbroad" +
" ,[Note] = @Note " +
" ,[AdminConfirmed] = 0 " +
"WHERE [Id] = @Id",
new
{
updateUser.Id,
updateUser.Email,
updateUser.FacebookProfileUrl,
updateUser.DisplayName,
updateUser.FullName,
updateUser.AddressLine1,
updateUser.AddressLine2,
updateUser.PostalCode,
updateUser.City,
updateUser.Country,
updateUser.SendAbroad,
updateUser.Note
}));
if (emailChanged)
{
WithConnection(conn =>
conn.Execute($"UPDATE [dbo].[{nameof(SantaUser)}s] SET [EmailConfirmed] = 0 WHERE [Id] = @Id", new{ updateUser.Id }));
}
return(new UserEditResult {
Success = true, EmailChanged = emailChanged
});
}
public long InsertUser([NotNull] SantaUser user)
{
_encryptionProvider.Encrypt(user);
return(WithConnection(conn => conn.Insert(user)));
}
public static string GetEmailConfirmationTokenGenerationInputString(this SantaUser user) =>
$"{user.Id}:{user.Email}";
public void SendMissingGiftEmail(SantaUser giver) =>
SendEmail(giver.Email, Resources.Global.Email_Your_Gift_Has_Not_Arrived_Subject,
Resources.Global.Email_Your_Gift_Has_Not_Arrived_Body);
public bool SendAbandonmentEmail(SantaUser user, AbandonmentReason reason)
{
var body = string.Format(Resources.Global.Email_Abandonment_Body, user.DisplayName, reason.GetUserFriendlyDescription());
return(SendEmail(user.Email, Resources.Global.Email_Abandonment_Subject, body));
}
public bool SendAssignmentEmail(SantaUser user, SantaUser target)
{
var body = string.Format(Resources.Global.Email_Assignment_Body, target.FullName, target.AddressLine1, target.AddressLine2, target.PostalCode, target.City, _countryProvider.ByThreeLetterCode[target.Country].Name, target.Note, target.IsAdult ? Resources.Global.Assignment_Adult : Resources.Global.Assignment_NotAdult, target.FacebookProfileUrl);
return(SendEmail(user.Email, Resources.Global.Email_Assignment_Subject, body));
}
/// <summary> /// Checks if the target is user's prefered target. /// This means: either the person doesn't care about country of destination, or their countries match /// </summary> private static bool PrefersToSend(SantaUser gifter, SantaUser recipient) => gifter.SendAbroad == SendAbroadOption.Want || gifter.Country == recipient.Country;
private static bool CanSend(SantaUser gifter, SantaUser recipient) => gifter.SendAbroad == SendAbroadOption.Can || gifter.Country == recipient.Country;
public static string GetPasswordResetTokenGenerationInputString(this SantaUser user) =>
$"password reset for user {user.Id}";
