public void Delete(string guid, BOUser currentUser)
{
UserRole userRole = GetRoleByGuid(guid);
if (BORoleRightX.DeleteAllRightsByRoleID(guid))
{
BORole role = new BORole(userRole.RoleId);
var preDeleteValue = role.CascadingDelete;
role.CascadingDelete = true;
role.Delete();
role.CascadingDelete = preDeleteValue;
}
BOUserAudit.CreateAudit(currentUser, "Role Deleted", userRole.RoleName);
}
public void Delete(long id, BOUser currentUser)
{
// This needs to be handled differently, providing info to the user
if (id == currentUser.ID)
return;
BOUser user = _userRepository.GetById(id);
user.CascadingDelete = true;
Membership.DeleteUser(user.Username, true);
_userRepository.Delete(user);
BOUserAudit.CreateAudit(currentUser, "User Deleted", string.Format("Changes made to user account for '{0}'", user.Username));
}
public static bool CreateAudit(BOUser user, string type, string description)
{
try
{
BOUserAudit audit = new BOUserAudit();
audit.User = user;
audit.Type = type;
audit.Description = description;
audit.Save();
return true;
}
catch (Exception ex)
{
logger.ErrorException(string.Format("Failed to create audit of type {0}: {1}", type, description), ex);
return false;
}
}
private bool CreateRole(UserRole userRole, out string message, BOUser user)
{
message = string.Empty;
if (userRole.RoleId == SQLPersistent.NULL_INT64)
{
if (UserRole.GetByName(userRole.RoleName) != null)
{
message = string.Format("Failed to create Role: {0}. Role name is already in use.", userRole.RoleName);
return false;
}
Roles.CreateRole(userRole.RoleName);
UserRole role = UserRole.GetByName(userRole.RoleName);
if (userRole == null)
{
message = string.Format("Failed to create Role: {0}", userRole.RoleName);
return false;
}
userRole.RoleId = role.RoleId;
BOUserAudit.CreateAudit(user, "Role Created", userRole.RoleName);
}
else
{
BOUserAudit.CreateAudit(user, "Role Updated", userRole.RoleName);
}
return true;
}
public IEnumerable<BORole> UserRoles(BOUser user)
{
IEnumerable<BOUserRole> userRoles = _userRoleRepository.GetBy<BOUser>(user);
var roles = new List<BORole>();
foreach (var userRole in userRoles)
{
roles.Add(userRole.Role);
}
return roles;
}
public BOUserComparer(BOUser.Columns column, BOUser.SortDirections direction)
{
_column = column;
_direction = direction;
}
private CreateNewUserResult CreateNewUser(BOMembershipUser membershipUser, ref MembershipUser membership, BOUser currentUser)
{
var passwordHistoryRepository = _repositoryFactory.GetRepository<BOPasswordHistory, BOPasswordHistoryCollection>();
BOUser user = membershipUser.User;
MembershipCreateStatus createStatus;
if (IsAlreadyRegisteredEmail(membershipUser))
{
return CreateNewUserResult.DuplicateEmailExists;
}
BOUser.ValidatePasswordResult validatePasswordResult = user.ValidatePassword(membershipUser.Password.Trim());
if (validatePasswordResult != BOUser.ValidatePasswordResult.Success)
{
switch (validatePasswordResult)
{
case BOUser.ValidatePasswordResult.CannotReusePassword:
return CreateNewUserResult.CannotReusePassword;
case BOUser.ValidatePasswordResult.InvalidPassword:
return CreateNewUserResult.InvalidPassword;
}
}
if (Membership.GetUser(membershipUser.UserName) != null)
return CreateNewUserResult.DuplicateUserNameExists;
membershipUser.PasswordHistory.Password = MD5.Md5Hash(membershipUser.Password);
Membership.CreateUser(membershipUser.UserName, membershipUser.Password, membershipUser.Email, null, null, true, null, out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
try
{
membership = Membership.GetUser(membershipUser.UserName);
user.GUID = ((Guid)membership.ProviderUserKey).ToString();
membershipUser.PasswordHistory.User = user;
_userRepository.Save(user);
passwordHistoryRepository.Save(membershipUser.PasswordHistory);
BOUserAudit.CreateAudit(currentUser, "User Created", string.Format("User account for '{0}'", membershipUser.UserName));
return CreateNewUserResult.Success;
}
catch
{
return CreateNewUserResult.Failed;
}
}
else
{
return CreateNewUserResult.Failed;
}
}
public SaveResult Save(BOMembershipUser membershipUser, BOUser currentUser)
{
var contactRepository = _repositoryFactory.GetRepository<BOContact, BOContactCollection>();
MembershipUser membership = null;
BOUser user = membershipUser.User;
if (IsAlreadyRegisteredEmail(membershipUser))
return SaveResult.DuplicateEmailExists;
if (user != null && user.GUID != null && !string.IsNullOrEmpty(user.GUID.ToString()))
{
membership = Membership.GetUser(Guid.Parse(user.GUID));
ModifyExistingUserResult result = ModifyExistingUser(membershipUser, membership);
if (result != ModifyExistingUserResult.Success)
{
switch (result)
{
case ModifyExistingUserResult.CannotReusePassword:
return SaveResult.CannotReusePassword;
case ModifyExistingUserResult.InvalidPassword:
return SaveResult.InvalidPassword;
default:
return SaveResult.Failed;
}
}
BOUserAudit.CreateAudit(currentUser, "User Updated", string.Format("Changes made to user account for '{0}'", membershipUser.UserName));
}
else
{
CreateNewUserResult result = CreateNewUser(membershipUser, ref membership, currentUser);
if (result != CreateNewUserResult.Success)
{
switch (result)
{
case CreateNewUserResult.CannotReusePassword:
return SaveResult.CannotReusePassword;
case CreateNewUserResult.DuplicateEmailExists:
return SaveResult.DuplicateEmailExists;
case CreateNewUserResult.DuplicateUserNameExists:
return SaveResult.DuplicateUserNameExists;
case CreateNewUserResult.InvalidPassword:
return SaveResult.InvalidPassword;
default:
return SaveResult.Failed;
}
}
}
membershipUser.Contact.User = membershipUser.User;
contactRepository.Save(membershipUser.Contact);
AddRoles(membershipUser, membership);
ChangeUsernameResult changeUserNameResult = ChangeUserName(membershipUser, membership);
if (changeUserNameResult != ChangeUsernameResult.Success)
{
switch (changeUserNameResult)
{
case ChangeUsernameResult.UsernameAlreadyExists:
return SaveResult.DuplicateUserNameExists;
default:
return SaveResult.Failed;
}
}
UpdateMembershipUser(membershipUser, membership);
_userRepository.Save(user);
return SaveResult.Success;
}
/// <summary>
/// Creates a BOUserObject from the ASPNet User GUID
/// </summary>
/// <param name="GUID">ASPNet User GUID</param>
/// <returns>BOUser</returns>
public static BOUser GetByGUID(string GUID)
{
logger.Trace("GetByGUID");
BOUser a = new BOUser();
SqlConnection con = new SqlConnection(GetConnectionString());
con.Open();
try
{
SqlCommand cmd = new SqlCommand("P_User_GetbyGUID", con);
cmd.CommandType = CommandType.StoredProcedure;
SetVarCharParameter(cmd.Parameters, "@USR_GUID", 50, GUID, false);
SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.SingleResult);
try
{
if (rdr.Read())
a.PopulateFromReader(rdr);
else
return null;
}
catch (Exception ex)
{
logger.ErrorException("Failed to fetch record", ex);
return null;
}
finally
{
rdr.Close();
}
}
finally
{
con.Close();
}
return a;
}
