Пример #1
0
 public void AddRole(object query, string role)
 {
     var disallow = new[]
     {
         "admin",
         "applicationreview",
         "backgroundcheck",
         "creditcheck",
         "delete",
         "developer",
         "finance",
         "financeadmin",
         "manager",
         "manager2",
         "membership",
         "managetransactions",
         "memberdocs",
     };
     if (disallow.Any(rr => rr.Equal(role)))
     {
         db.LogActivity($"PythonModel.AddRole(query, {role}) denied");
         return;
     }
     db.LogActivity($"PythonModel.AddRole(query, {role})");
     using (var db2 = NewDataContext())
     {
         var q = db2.PeopleQuery2(query);
         foreach (var p in q)
         {
             var user = p.Users.FirstOrDefault();
             if (user != null)
             {
                 user.AddRole(db2, role);
                 db2.SubmitChanges();
             }
             else
             {
                 var uname = MembershipService.FetchUsername(db2, p.PreferredName, p.LastName);
                 var pword = Guid.NewGuid().ToString();
                 user = new User() {PeopleId = p.PeopleId, Password = pword, Username = uname, MustChangePassword = false, IsApproved = true, Name = p.Name};
                 db2.SubmitChanges();
                 db2.Users.InsertOnSubmit(user);
                 user.AddRole(db2, role);
                 db2.SubmitChanges();
             }
         }
     }
 }
Пример #2
0
 private void UpdateFailureCount(CMSDataContext Db, User user, string failureType)
 {
     var windowStart = new DateTime();
     int failureCount = 0;
     if (failureType == "password")
     {
         failureCount = user.FailedPasswordAttemptCount;
         windowStart = user.FailedPasswordAttemptWindowStart ?? Util.Now;
     }
     else if (failureType == "passwordAnswer")
     {
         failureCount = user.FailedPasswordAnswerAttemptCount;
         windowStart = user.FailedPasswordAnswerAttemptWindowStart ?? Util.Now;
     }
     var windowEnd = windowStart.AddMinutes(PasswordAttemptWindow);
     if (failureCount == 0 || Util.Now > windowEnd)
     {
         if (failureType == "password")
         {
             user.FailedPasswordAttemptCount = 1;
             user.FailedPasswordAttemptWindowStart = Util.Now;
         }
         else if (failureType == "passwordAnswer")
         {
             user.FailedPasswordAnswerAttemptCount = 1;
             user.FailedPasswordAnswerAttemptWindowStart = Util.Now;
         }
     }
     else if (failureCount++ >= MaxInvalidPasswordAttempts)
     {
         user.IsLockedOut = true;
         user.LastLockedOutDate = DateTime.Now;
     }
     else if (failureType == "password")
         user.FailedPasswordAttemptCount = failureCount;
     else if (failureType == "passwordAnswer")
         user.FailedPasswordAnswerAttemptCount = failureCount;
     Db.SubmitChanges();
 }
Пример #3
0
 private MembershipUser GetMu(User u)
 {
     return new MembershipUser(this.Name,
     u.Username,
     u.UserId,
     u.Person.EmailAddress,
     u.PasswordQuestion,
     u.Comment,
     u.IsApproved,
     u.IsLockedOut,
     u.CreationDate ?? new DateTime(),
     u.LastLoginDate ?? new DateTime(),
     u.LastActivityDate ?? new DateTime(),
     u.LastPasswordChangedDate ?? new DateTime(),
     u.LastLockedOutDate ?? new DateTime());
 }
Пример #4
0
        public override MembershipUser CreateUser(string username,
                 string password,
                 string email,
                 string passwordQuestion,
                 string passwordAnswer,
                 bool isApproved,
                 object providerUserKey,
                 out MembershipCreateStatus status)
        {
            username = Util.GetUserName(username);
            var args = new ValidatePasswordEventArgs(username, password, true);
            OnValidatingPassword(args);
            if (args.Cancel)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return null;
            }
            if (RequiresUniqueEmail && GetUserNameByEmail(email) != "")
            {
                status = MembershipCreateStatus.DuplicateEmail;
                return null;
            }
            var Db = GetDb();
            var u = GetUser(username, false);
            if (u == null)
            {
                int? pid = null;
                Person per = null;
                if (providerUserKey != null && providerUserKey is int)
                    per = Db.People.SingleOrDefault(p => p.PeopleId == (int)providerUserKey);
                else
                    per = Db.People.SingleOrDefault(p => p.EmailAddress == email);

                if (per != null)
                    pid = per.PeopleId;

                var createDate = Util.Now;
                var user = new User
                {
                    PeopleId = pid,
                    Username = username,
                    //EmailAddress = email,
                    Password = EncodePassword(password),
                    PasswordQuestion = passwordQuestion,
                    PasswordAnswer = EncodePassword(passwordAnswer),
                    IsApproved = isApproved,
                    Comment = "",
                    CreationDate = createDate,
                    LastPasswordChangedDate = createDate,
                    LastActivityDate = createDate,
                    IsLockedOut = false,
                    LastLockedOutDate = createDate,
                    FailedPasswordAttemptCount = 0,
                    FailedPasswordAttemptWindowStart = createDate,
                    FailedPasswordAnswerAttemptCount = 0,
                    FailedPasswordAnswerAttemptWindowStart = createDate,
                };
                Db.Users.InsertOnSubmit(user);
                Db.SubmitChanges();
                status = MembershipCreateStatus.Success;
                return GetUser(username, false);
            }
            else
                status = MembershipCreateStatus.DuplicateUserName;
            return null;
        }
Пример #5
0
 public static User MakeNewUser(string username, string password, string email, bool isApproved, int? PeopleId)
 {
     var createDate = DateTime.Now;
     var user = new User
     {
         PeopleId = PeopleId,
         Username = username,
         Password = password,
         MustChangePassword = false,
         IsApproved = isApproved,
         Comment = "",
         CreationDate = createDate,
         LastPasswordChangedDate = createDate,
         LastActivityDate = createDate,
         IsLockedOut = false,
         LastLockedOutDate = createDate,
         FailedPasswordAttemptCount = 0,
         FailedPasswordAttemptWindowStart = createDate,
         FailedPasswordAnswerAttemptCount = 0,
         FailedPasswordAnswerAttemptWindowStart = createDate,
     };
     DbUtil.Db.Users.InsertOnSubmit(user);
     DbUtil.Db.SubmitChanges();
     return user;
 }
Пример #6
0
 private static int RecordAttend2Extracted(int id, int peopleId, bool present, DateTime dt, User u)
 {
     var meetingId = DbUtil.Db.CreateMeeting(id, dt);
     Attend.RecordAttendance(peopleId, meetingId, present);
     DbUtil.Db.UpdateMeetingCounters(id);
     DbUtil.LogActivity($"Mobile RecAtt o:{id} p:{peopleId} u:{Util.UserPeopleId} a:{present}");
     return meetingId;
 }
Пример #7
0
		private void detach_Users(User entity)
		{
			this.SendPropertyChanging();
			entity.Person = null;
		}
Пример #8
0
		private void attach_Users(User entity)
		{
			this.SendPropertyChanging();
			entity.Person = this;
		}
Пример #9
0
 private static void RecordAttend2Extracted(int id, int PeopleId, bool Present, DateTime dt, User u)
 {
     var meeting = DbUtil.Db.Meetings.SingleOrDefault(m => m.OrganizationId == id && m.MeetingDate == dt);
     if (meeting == null)
     {
         meeting = new CmsData.Meeting
         {
             OrganizationId = id,
             MeetingDate = dt,
             CreatedDate = Util.Now,
             CreatedBy = u.UserId,
             GroupMeetingFlag = false,
         };
         DbUtil.Db.Meetings.InsertOnSubmit(meeting);
         DbUtil.Db.SubmitChanges();
         var acr = (from s in DbUtil.Db.OrgSchedules
                        where s.OrganizationId == id
                        where s.SchedTime.Value.TimeOfDay == dt.TimeOfDay
                        where s.SchedDay == (int)dt.DayOfWeek
                        select s.AttendCreditId).SingleOrDefault();
         meeting.AttendCreditId = acr;
     }
     Attend.RecordAttendance(PeopleId, meeting.MeetingId, Present);
     DbUtil.Db.UpdateMeetingCounters(id);
     DbUtil.LogActivity("Mobile RecAtt o:{0} p:{1} u:{2} a:{3}".Fmt(meeting.OrganizationId, PeopleId, Util.UserPeopleId, Present));
     //            var n = DbUtil.Db.Attends.Count(a => a.MeetingId == meeting.MeetingId && a.AttendanceFlag == true);
     //            if (n == 0)
     //            {
     //                DbUtil.Db.Meetings.DeleteOnSubmit(meeting);
     //                DbUtil.Db.SubmitChanges();
     //            }
 }
Пример #10
0
 public static UserValidationResult Invalid(UserValidationStatus status, string errorMessage = null, User user = null)
 {
     return new UserValidationResult { User = user, ErrorMessage = errorMessage, Status = status };
 }
Пример #11
0
 public static UserValidationResult Valid(User user)
 {
     return new UserValidationResult { User = user, Status = UserValidationStatus.Success };
 }
Пример #12
0
        private static UserValidationResult ValidateUserBeforeLogin(string userName, string url, User user, bool userExists, int failedPasswordCount = 0, bool impersonating = false)
        {
            var maxInvalidPasswordAttempts = CMSMembershipProvider.provider.MaxInvalidPasswordAttempts;
            const string DEFAULT_PROBLEM = "There is a problem with your username and password combination. If you are using your email address, it must match the one we have on record. Try again or use one of the links below.";

            if (user == null && userExists)
            {
                DbUtil.LogActivity($"failed password #{failedPasswordCount} by {userName}");

                if (failedPasswordCount == maxInvalidPasswordAttempts)
                    return UserValidationResult.Invalid(UserValidationStatus.TooManyFailedPasswordAttempts,
                        "Your account has been locked out for too many failed attempts, use the forgot password link, or notify an Admin");

                return UserValidationResult.Invalid(UserValidationStatus.IncorrectPassword, DEFAULT_PROBLEM);
            }

            if (user == null)
            {
                DbUtil.LogActivity("attempt to login by non-user " + userName);
                return UserValidationResult.Invalid(UserValidationStatus.NoUserFound, DEFAULT_PROBLEM);
            }

            if (user.IsLockedOut)
            {
                NotifyAdmins($"{userName} locked out #{user.FailedPasswordAttemptCount} on {url}",
                     $"{userName} tried to login at {Util.Now} but is locked out");

                return UserValidationResult.Invalid(UserValidationStatus.LockedOut,
                    $"Your account has been locked out for {maxInvalidPasswordAttempts} failed attempts in a short window of time, please use the forgot password link or notify an Admin");
            }

            if (!user.IsApproved)
            {
                NotifyAdmins($"unapproved user {userName} logging in on {url}",
                    $"{userName} tried to login at {Util.Now} but is not approved");

                return UserValidationResult.Invalid(UserValidationStatus.UserNotApproved, DEFAULT_PROBLEM);
            }

            if (impersonating)
            {
                if (user.Roles.Contains("Finance"))
                {
                    NotifyAdmins($"cannot impersonate Finance user {userName} on {url}",
                        $"{userName} tried to login at {Util.Now}");

                    return UserValidationResult.Invalid(UserValidationStatus.CannotImpersonateFinanceUser, DEFAULT_PROBLEM);
                }
            }

            if (user.Roles.Contains("APIOnly"))
            {
                return UserValidationResult.Invalid(UserValidationStatus.NoUserFound,
                    "Api User is limited to API use only, no interactive login allowed.");
            }

            return UserValidationResult.Valid(user);
        }
Пример #13
0
 private void NotifyAboutExistingAccount(Person p)
 {
     var message = db.ContentHtml("ExistingUserConfirmation", Resource1.CreateAccount_ExistingUser);
     message = message
         .Replace("{name}", p.Name)
         .Replace("{host}", db.CmsHost);
     db.Email(DbUtil.AdminMail, p, "Account information for " + db.Host, message);
     User = p.Users.OrderByDescending(uu => uu.LastActivityDate).FirstOrDefault()
            ?? MembershipService.CreateUser(db, p.PeopleId);
     Result = ResultCode.FoundPersonWithSameEmail;
 }
Пример #14
0
 private void CreateNewUserSendNewUserWelcome(Person p)
 {
     User = MembershipService.CreateUser(db, p.PeopleId);
     db.SubmitChanges();
     AccountModel.SendNewUserEmail(User.Username);
 }