protected override void OnLoad(EventArgs e)
{
if (!IsPostBack)
{
MembershipSettings settings = new MembershipSettings(SPContext.Current.Web);
/* Set the options in the web properties */
chkEnableRoles.Checked = settings.EnableRoles;
chkReviewMembershipRequests.Checked = settings.ReviewMembershipRequests;
/* bms Set the URL strings in the web properties */
txtChangePasswordPage.Text = settings.ChangePasswordPage;
txtPasswordQuestionPage.Text = settings.PasswordQuestionPage;
txtThankYouPage.Text = settings.ThankYouPage;
/* bms Set the XSLT location web properties */
txtReplyTo.Text = settings.MembershipReplyToEmailAddress;
txtMembershipApproved.Text = settings.MembershipApprovedEmail;
txtMembershipPending.Text = settings.MembershipPendingEmail;
txtMembershipRejected.Text = settings.MembershipRejectedEmail;
txtPasswordRecovery.Text = settings.PasswordRecoveryEmail;
txtResetPassword.Text = settings.ResetPasswordEmail;
/* display the version */
Assembly assembly = Assembly.GetExecutingAssembly();
FileVersionInfo fvi = FileVersionInfo.GetVersionInfo(assembly.Location);
lblVersion.Text = fvi.ProductName + " " + fvi.FileVersion;
}
}
protected override void OnLoad(EventArgs e)
{
if (!IsPostBack)
{
MembershipSettings settings = new MembershipSettings(SPContext.Current.Web);
/* Set the options in the web properties */
chkEnableRoles.Checked = settings.EnableRoles;
chkReviewMembershipRequests.Checked = settings.ReviewMembershipRequests;
/* bms Set the URL strings in the web properties */
txtChangePasswordPage.Text = settings.ChangePasswordPage;
txtPasswordQuestionPage.Text = settings.PasswordQuestionPage;
txtThankYouPage.Text = settings.ThankYouPage;
/* bms Set the XSLT location web properties */
txtReplyTo.Text = settings.MembershipReplyToEmailAddress;
txtMembershipApproved.Text = settings.MembershipApprovedEmail;
txtMembershipPending.Text = settings.MembershipPendingEmail;
txtMembershipRejected.Text = settings.MembershipRejectedEmail;
txtPasswordRecovery.Text = settings.PasswordRecoveryEmail;
txtResetPassword.Text = settings.ResetPasswordEmail;
/* display the version */
Assembly assembly = Assembly.GetExecutingAssembly();
FileVersionInfo fvi = FileVersionInfo.GetVersionInfo(assembly.Location);
lblVersion.Text = fvi.ProductName + " " + fvi.FileVersion;
}
}
public MembershipRequest(SPWeb _web)
{
SiteName = _web.Name;
SiteURL = _web.Url;
MembershipSettings settings = new MembershipSettings(_web);
ChangePasswordURL = settings.ChangePasswordPage;
PasswordQuestionURL = settings.PasswordQuestionPage;
ThankYouURL = settings.ThankYouPage;
}
public MembershipRequest(SPWeb _web)
{
SiteName = _web.Name;
SiteURL = _web.Url;
MembershipSettings settings = new MembershipSettings(_web);
ChangePasswordURL = settings.ChangePasswordPage;
PasswordQuestionURL = settings.PasswordQuestionPage;
ThankYouURL = settings.ThankYouPage;
}
protected override void CreateChildControls()
{
// return when user is not a forms based user
IClaimsIdentity claimsIdentity = (HttpContext.Current.User != null) ? (HttpContext.Current.User.Identity as IClaimsIdentity) : null;
if (claimsIdentity != null)
{
SPClaimProviderManager mgr = SPClaimProviderManager.Local;
SPClaim sPClaim = mgr.DecodeClaimFromFormsSuffix(claimsIdentity.Name);
if (SPOriginalIssuers.GetIssuerType(sPClaim.OriginalIssuer) == SPOriginalIssuerType.Windows)
{
return;
}
}
string changePasswordPage = "";
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
MembershipSettings setting = new MembershipSettings(site.RootWeb);
if (setting == null || string.IsNullOrEmpty(setting.ChangePasswordPage))
{
return;
}
changePasswordPage = setting.ChangePasswordPage;
}
});
// generate return url
string source = SPUtility.OriginalServerRelativeRequestUrl;
string target = Utils.GetAbsoluteURL(SPContext.Current.Web, changePasswordPage);
MenuItemTemplate changePasswordItem = new MenuItemTemplate();
changePasswordItem.Text = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Title");
changePasswordItem.Description = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Desc");
changePasswordItem.Sequence = 1;
changePasswordItem.ClientOnClickNavigateUrl = target + "?Source=" + SPHttpUtility.UrlKeyValueEncode(source);
this.Controls.Add(changePasswordItem);
}
public static bool SendResetPasswordEmail(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipSettings settings = new MembershipSettings(web);
try
{
xsltValues = new Hashtable();
xsltValues.Add("fba:MembershipRequest", request);
return(Email.SendEmail(web, request.UserEmail, settings.ResetPasswordEmail, xsltValues));
}
catch (Exception ex)
{
Utils.LogError(ex);
return(false);
}
}
public static bool SendEmail(SPWeb web, string emailTo, string subject, string body)
{
if (!SPUtility.IsEmailServerSet(web))
{
return(false);
}
MembershipSettings settings = new MembershipSettings(web);
StringDictionary parameters = new StringDictionary();
parameters.Add("subject", subject);
parameters.Add("to", emailTo);
parameters.Add("from", settings.MembershipReplyToEmailAddress);
return(SPUtility.SendEmail(web, parameters, body));
}
public static MembershipRequest GetMembershipRequest(MembershipUser user, SPWeb web)
{
MembershipRequest request = new MembershipRequest();
request.UserEmail = user.Email;
request.UserName = user.UserName;
request.SiteName = web.Title;
request.SiteURL = web.Url;
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
MembershipSettings settings = new MembershipSettings(web);
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return(request);
}
protected void BtnUpdateSiteFBAConfig_Click(object sender, EventArgs e)
{
MembershipSettings settings = new MembershipSettings(SPContext.Current.Web);
/* Set the options in the web properties */
settings.EnableRoles = chkEnableRoles.Checked;
settings.ReviewMembershipRequests = chkReviewMembershipRequests.Checked;
/* bms Set the URL strings in the web properties */
settings.ChangePasswordPage = txtChangePasswordPage.Text;
settings.PasswordQuestionPage = txtPasswordQuestionPage.Text;
settings.ThankYouPage = txtThankYouPage.Text;
/* bms Set the XSLT location web properties */
settings.MembershipReplyToEmailAddress = txtReplyTo.Text;
settings.MembershipApprovedEmail = txtMembershipApproved.Text;
settings.MembershipPendingEmail = txtMembershipPending.Text;
settings.MembershipRejectedEmail = txtMembershipRejected.Text;
settings.PasswordRecoveryEmail = txtPasswordRecovery.Text;
settings.ResetPasswordEmail = txtResetPassword.Text;
SPUtility.Redirect("settings.aspx", SPRedirectFlags.RelativeToLayoutsPage | SPRedirectFlags.UseSource, this.Context);
}
protected void BtnUpdateSiteFBAConfig_Click(object sender, EventArgs e)
{
MembershipSettings settings = new MembershipSettings(SPContext.Current.Web);
/* Set the options in the web properties */
settings.EnableRoles = chkEnableRoles.Checked;
settings.ReviewMembershipRequests = chkReviewMembershipRequests.Checked;
/* bms Set the URL strings in the web properties */
settings.ChangePasswordPage = txtChangePasswordPage.Text;
settings.PasswordQuestionPage = txtPasswordQuestionPage.Text;
settings.ThankYouPage = txtThankYouPage.Text;
/* bms Set the XSLT location web properties */
settings.MembershipReplyToEmailAddress = txtReplyTo.Text;
settings.MembershipApprovedEmail = txtMembershipApproved.Text;
settings.MembershipPendingEmail = txtMembershipPending.Text;
settings.MembershipRejectedEmail = txtMembershipRejected.Text;
settings.PasswordRecoveryEmail = txtPasswordRecovery.Text;
settings.ResetPasswordEmail = txtResetPassword.Text;
SPUtility.Redirect("settings.aspx", SPRedirectFlags.RelativeToLayoutsPage | SPRedirectFlags.UseSource, this.Context);
}
protected override void OnInit(System.EventArgs e)
{
// display error if membership provider not configured
if (!Utils.IsProviderConfigured())
{
lblMessage.Text = LocalizedString.GetGlobalString("FBAPackWebPages", "MembershipNotConfigured");
RoleGrid.Visible = false;
ToolBarPlaceHolder.Visible = false;
onetidNavNodesTB.Visible = false;
}
// ModifiedBySolvion
// bhi - 19.12.2011
// Show status when roles a not enabled
else
{
MembershipSettings settings = new MembershipSettings(SPContext.Current.Web);
if (!settings.EnableRoles)
{
string startupScriptName = "RolesNotEnabledInfo";
if (!Page.ClientScript.IsStartupScriptRegistered(startupScriptName))
{
StringBuilder script = new StringBuilder();
script.AppendLine("ExecuteOrDelayUntilScriptLoaded(showRoleStatus, 'SP.js')");
script.AppendLine("function showRoleStatus() {");
script.AppendLine("var roleStatusID = SP.UI.Status.addStatus('Information : ', 'Roles are not enabled. You can enable roles in the <a href=\"/_layouts/FBA/Management/FBASiteConfiguration.aspx\">FBA Site Configuration</a>.', true);");
script.AppendLine("SP.UI.Status.setStatusPriColor(roleStatusID, \"yellow\");");
script.AppendLine("}");
Page.ClientScript.RegisterStartupScript(this.GetType(), startupScriptName, script.ToString(), true);
}
}
}
// EndModifiedBySolvion
base.OnInit(e);
}
private static MembershipRequest GetMembershipRequest(SPWeb web, SPListItem item, string password)
{
MembershipSettings settings = new MembershipSettings(web);
MembershipRequest request = new MembershipRequest();
/* These are the core fields that are part of the membership provider request */
request.FirstName = item[MembershipReviewListFields.FIRSTNAME].ToString();
request.LastName = item[MembershipReviewListFields.LASTNAME].ToString();
request.Password = password;
/* bms Updated the web property of Title for the site name instead of Name */
request.SiteName = web.Title;
request.SiteURL = web.Url;
request.UserEmail = item[MembershipReviewListFields.EMAIL].ToString();
request.UserName = item[MembershipReviewListFields.USERNAME].ToString();
/* These fields may not be avaliable based on the membership provider */
if (item[MembershipReviewListFields.RECOVERPASSWORDQUESTION] != null)
{
request.PasswordQuestion = item[MembershipReviewListFields.RECOVERPASSWORDQUESTION].ToString();
}
if (item[MembershipReviewListFields.RECOVERPASSWORDANSWER] != null)
{
request.PasswordAnswer = item[MembershipReviewListFields.RECOVERPASSWORDANSWER].ToString();
}
if (item[MembershipReviewListFields.DEFAULTGROUP] != null)
{
request.DefaultGroup = item[MembershipReviewListFields.DEFAULTGROUP].ToString();
}
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return(request);
}
protected override void OnInit(System.EventArgs e)
{
// display error if membership provider not configured
if (!Utils.IsProviderConfigured())
{
lblMessage.Text = LocalizedString.GetGlobalString("FBAPackWebPages", "MembershipNotConfigured");
RoleGrid.Visible = false;
ToolBarPlaceHolder.Visible = false;
onetidNavNodesTB.Visible = false;
}
// ModifiedBySolvion
// bhi - 19.12.2011
// Show status when roles a not enabled
else
{
MembershipSettings settings = new MembershipSettings(SPContext.Current.Web);
if (!settings.EnableRoles)
{
string startupScriptName = "RolesNotEnabledInfo";
if (!Page.ClientScript.IsStartupScriptRegistered(startupScriptName))
{
StringBuilder script = new StringBuilder();
script.AppendLine("ExecuteOrDelayUntilScriptLoaded(showRoleStatus, 'SP.js')");
script.AppendLine("function showRoleStatus() {");
script.AppendLine("var roleStatusID = SP.UI.Status.addStatus('Information : ', 'Roles are not enabled. You can enable roles in the <a href=\"/_layouts/15/FBA/Management/FBASiteConfiguration.aspx\">FBA Site Configuration</a>.', true);");
script.AppendLine("SP.UI.Status.setStatusPriColor(roleStatusID, \"yellow\");");
script.AppendLine("}");
Page.ClientScript.RegisterStartupScript(this.GetType(), startupScriptName, script.ToString(), true);
}
}
}
// EndModifiedBySolvion
base.OnInit(e);
}
protected override void OnCreatedUser(EventArgs e)
{
// Note: this doesn't run using the privileges of the anonymous user, so we elevate them
// Also, you can't use the original Site even with elevated privileges, otherwise it reverts back to anonymous.
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site2 = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
using (SPWeb web2 = site2.OpenWeb(SPContext.Current.Web.ID))
{
// from this point allowunsafeupdates is required because the call is initiated from a browser with
// anonymouse rights only
web2.AllowUnsafeUpdates = true;
MembershipRequest request = new MembershipRequest();
request.UserEmail = this.Email;
request.UserName = this.UserName;
if (System.Web.Security.Membership.RequiresQuestionAndAnswer)
{
request.PasswordQuestion = this.Question;
request.PasswordAnswer = this.Answer;
}
request.FirstName = this.FirstName;
request.LastName = this.LastName;
request.DefaultGroup = this._DefaultGroup;
request.SiteName = web2.Title;
request.SiteURL = web2.Url;
MembershipSettings settings = new MembershipSettings(web2);
if (settings.ReviewMembershipRequests)
{
request.LoginCreatedUser = false;
if (!MembershipRequest.CopyToReviewList(request))
{
lblError.Text = this.UnknownErrorMessage;
return;
}
}
else
{
#region Process new user request if we're NOT using the Request List
if (!AutoGeneratePassword)
{
request.Password = this.Password;
}
request.ChangePasswordURL = Utils.GetAbsoluteURL(web2, settings.ChangePasswordPage);
request.LoginCreatedUser = SPLoginCreatedUser;
try
{
MembershipRequest.ApproveMembership(request, web2);
}
catch (Exception ex)
{
Utils.LogError(ex);
this.lblCompleteSuccess.Text = this.UnknownErrorMessage;
return;
}
#endregion
}
this.MoveTo(this.CompleteStep);
}
}
});
}
public static void ApproveMembership(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipCreateStatus createStatus;
SPListItem debuggingInfoItem = null;
MembershipSettings settings = new MembershipSettings(web);
MembershipProvider membership = Utils.BaseMembershipProvider(web.Site);
/* This is just for debugging */
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
debuggingInfoItem = addItem;
/* bms added break to only loop through items needed */
break;
}
}
}
}
catch
{
}
/* Above is for debugging */
try
{
if (string.IsNullOrEmpty(request.UserName))
{
throw new Exception("User name must not be null or empty.");
}
/* rdcpro: Allows providers that don't have password and question */
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordQuestion))
{
throw new Exception("You must specify a password question.");
}
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordAnswer))
{
throw new Exception("You must specify a password answer.");
}
if (string.IsNullOrEmpty(request.UserEmail))
{
throw new Exception("Email address must not be null or empty.");
}
//create account
/* bms Create password at a minimum of 7 characters or Min from provider if greater */
int passwordLength = 14;
if (passwordLength < membership.MinRequiredPasswordLength)
{
passwordLength = membership.MinRequiredPasswordLength;
}
if (passwordLength < membership.MinRequiredNonAlphanumericCharacters)
{
passwordLength = membership.MinRequiredNonAlphanumericCharacters;
}
if (String.IsNullOrEmpty(request.Password))
{
request.Password = System.Web.Security.Membership.GeneratePassword(passwordLength, membership.MinRequiredNonAlphanumericCharacters);
}
MembershipUser existingUser = Utils.BaseMembershipProvider(web.Site).GetUser(request.UserName, false);
if (existingUser != null)
{
membership.DeleteUser(request.UserName, true);
}
MembershipUser newUser;
//This section is to transaction Creating the user and sending the email
try
{
// rdcpro: Changes to support providers that don't require question and answer.
if (membership.RequiresQuestionAndAnswer)
{
//membership.CreateUser(request.UserName, tempPassword, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, out createStatus);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, null, out createStatus);
}
else
{
// With this method the MembershipCreateUserException will take care of things if the user can't be created, so no worry that createStatus is set to success
//membership.CreateUser(.CreateUser(request.UserName, tempPassword, request.UserEmail);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, null, null, true, null, out createStatus);
createStatus = MembershipCreateStatus.Success;
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Created User";
debuggingInfoItem.SystemUpdate();
}
}
if (createStatus == MembershipCreateStatus.Success)
{
newUser.IsApproved = true;
membership.UpdateUser(newUser);
//Add the user to the default group
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
web.SiteGroups[request.DefaultGroup].AddUser(Utils.EncodeUsername(request.UserName.ToLower(), web.Site), request.UserEmail, request.FirstName + " " + request.LastName, "Self Registration");
//Login the user if selected
if (request.LoginCreatedUser)
{
Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(new Uri(web.Url), request.UserName, request.Password);
}
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
debuggingInfoItem["LastError"] = "Add User Has No Groups";
}
else
{
debuggingInfoItem["LastError"] = "Add User To Groups";
}
debuggingInfoItem.SystemUpdate();
}
}
//email user to confirm that request is approved
xsltValues = new Hashtable(1);
xsltValues.Add("fba:MembershipRequest", request);
bool bSentMail = Email.SendEmail(web, request.UserEmail, settings.MembershipApprovedEmail, xsltValues);
if (!bSentMail)
{
Utils.LogError("SendEmail failed");
throw new Exception("Error sending mail notification");
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Sent Email To New User: "******"Error creating user: "******"LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
addItem["LastError"] = AdduserExp.Message.ToString();
addItem.SystemUpdate();
break;
}
}
}
}
catch
{
}
// TODO: if CreateUser fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is.
// Maybe the list should always have the "LastError" field, or else the status can have an extra error value in addition to pending | approved | rejected
// Then in the calling code, we must not delete the item from the list!
// Also, if we're handling an exception, we should set the status back to "Pending".
// For now, we rethrow the exception which will cause the caller to fail, and prevent the delete.
throw new Exception(AdduserExp.Message);
}
}
catch (Exception ex)
{
//Add error information to list
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
// This overwrites anything already in the LastError field.
addItem["LastError"] = ex.Message.ToString();
addItem.SystemUpdate();
}
}
}
}
catch
{
}
Utils.LogError(ex);
throw new Exception(ex.Message);
}
}
protected override void OnCreatedUser(EventArgs e)
{
// Note: this doesn't run using the privileges of the anonymous user, so we elevate them
// Also, you can't use the original Site even with elevated privileges, otherwise it reverts back to anonymous.
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site2 = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
using (SPWeb web2 = site2.OpenWeb(SPContext.Current.Web.ID))
{
// from this point allowunsafeupdates is required because the call is initiated from a browser with
// anonymouse rights only
web2.AllowUnsafeUpdates = true;
MembershipRequest request = new MembershipRequest();
request.UserEmail = this.Email;
request.UserName = this.UserName;
if (System.Web.Security.Membership.RequiresQuestionAndAnswer)
{
request.PasswordQuestion = this.Question;
request.PasswordAnswer = this.Answer;
}
request.FirstName = this.FirstName;
request.LastName = this.LastName;
request.DefaultGroup = this._DefaultGroup;
request.SiteName = web2.Title;
request.SiteURL = web2.Url;
MembershipSettings settings = new MembershipSettings(web2);
if (settings.ReviewMembershipRequests)
{
request.LoginCreatedUser = false;
if (!MembershipRequest.CopyToReviewList(request))
{
lblError.Text = this.UnknownErrorMessage;
return;
}
}
else
{
#region Process new user request if we're NOT using the Request List
if (!AutoGeneratePassword)
{
request.Password = this.Password;
}
request.ChangePasswordURL = Utils.GetAbsoluteURL(web2, settings.ChangePasswordPage);
request.LoginCreatedUser = SPLoginCreatedUser;
try
{
MembershipRequest.ApproveMembership(request, web2);
}
catch (Exception ex)
{
Utils.LogError(ex);
this.lblCompleteSuccess.Text = this.UnknownErrorMessage;
return;
}
#endregion
}
this.MoveTo(this.CompleteStep);
}
}
});
}
public static bool SendEmail(SPWeb web, string emailTo, string subject, string body)
{
if (!SPUtility.IsEmailServerSet(web))
{
return false;
}
MembershipSettings settings = new MembershipSettings(web);
StringDictionary parameters = new StringDictionary();
parameters.Add("subject", subject);
parameters.Add("to", emailTo);
parameters.Add("from", settings.MembershipReplyToEmailAddress);
return SPUtility.SendEmail(web, parameters, body);
}
public static bool SendResetPasswordEmail(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipSettings settings = new MembershipSettings(web);
try
{
xsltValues = new Hashtable();
xsltValues.Add("fba:MembershipRequest", request);
return Email.SendEmail(web, request.UserEmail, settings.ResetPasswordEmail, xsltValues);
}
catch (Exception ex)
{
Utils.LogError(ex);
return false;
}
}
public static MembershipRequest GetMembershipRequest(MembershipUser user, SPWeb web)
{
MembershipRequest request = new MembershipRequest();
request.UserEmail = user.Email;
request.UserName = user.UserName;
request.SiteName = web.Title;
request.SiteURL = web.Url;
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
MembershipSettings settings = new MembershipSettings(web);
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return request;
}
private static MembershipRequest GetMembershipRequest(SPWeb web, SPListItem item, string password)
{
MembershipSettings settings = new MembershipSettings(web);
MembershipRequest request = new MembershipRequest();
/* These are the core fields that are part of the membership provider request */
request.FirstName = item[MembershipReviewListFields.FIRSTNAME].ToString();
request.LastName = item[MembershipReviewListFields.LASTNAME].ToString();
request.Password = password;
/* bms Updated the web property of Title for the site name instead of Name */
request.SiteName = web.Title;
request.SiteURL = web.Url;
request.UserEmail = item[MembershipReviewListFields.EMAIL].ToString();
request.UserName = item[MembershipReviewListFields.USERNAME].ToString();
/* These fields may not be avaliable based on the membership provider */
if (item[MembershipReviewListFields.RECOVERPASSWORDQUESTION] != null)
{
request.PasswordQuestion = item[MembershipReviewListFields.RECOVERPASSWORDQUESTION].ToString();
}
if (item[MembershipReviewListFields.RECOVERPASSWORDANSWER] != null)
{
request.PasswordAnswer = item[MembershipReviewListFields.RECOVERPASSWORDANSWER].ToString();
}
if (item[MembershipReviewListFields.DEFAULTGROUP] != null)
{
request.DefaultGroup = item[MembershipReviewListFields.DEFAULTGROUP].ToString();
}
/* These are the possible set of URLs that are provided to the user and developer in the XSLT */
request.ChangePasswordURL = Utils.GetAbsoluteURL(web, settings.ChangePasswordPage);
request.PasswordQuestionURL = Utils.GetAbsoluteURL(web, settings.PasswordQuestionPage);
request.ThankYouURL = Utils.GetAbsoluteURL(web, settings.ThankYouPage);
return request;
}
public static void ApproveMembership(MembershipRequest request, SPWeb web)
{
Hashtable xsltValues;
MembershipCreateStatus createStatus;
SPListItem debuggingInfoItem = null;
MembershipSettings settings = new MembershipSettings(web);
MembershipProvider membership = Utils.BaseMembershipProvider(web.Site);
/* This is just for debugging */
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web,MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
debuggingInfoItem = addItem;
/* bms added break to only loop through items needed */
break;
}
}
}
}
catch
{
}
/* Above is for debugging */
try
{
if (string.IsNullOrEmpty(request.UserName))
{
throw new Exception("User name must not be null or empty.");
}
/* rdcpro: Allows providers that don't have password and question */
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordQuestion))
{
throw new Exception("You must specify a password question.");
}
if (membership.RequiresQuestionAndAnswer && string.IsNullOrEmpty(request.PasswordAnswer))
{
throw new Exception("You must specify a password answer.");
}
if (string.IsNullOrEmpty(request.UserEmail))
{
throw new Exception("Email address must not be null or empty.");
}
//create account
/* bms Create password at a minimum of 7 characters or Min from provider if greater */
int passwordLength = 14;
if (passwordLength < membership.MinRequiredPasswordLength)
{
passwordLength = membership.MinRequiredPasswordLength;
}
if (passwordLength < membership.MinRequiredNonAlphanumericCharacters)
{
passwordLength = membership.MinRequiredNonAlphanumericCharacters;
}
if (String.IsNullOrEmpty(request.Password))
{
request.Password = System.Web.Security.Membership.GeneratePassword(passwordLength, membership.MinRequiredNonAlphanumericCharacters);
}
MembershipUser existingUser = Utils.BaseMembershipProvider(web.Site).GetUser(request.UserName,false);
if (existingUser != null)
{
membership.DeleteUser(request.UserName, true);
}
MembershipUser newUser;
//This section is to transaction Creating the user and sending the email
try
{
// rdcpro: Changes to support providers that don't require question and answer.
if (membership.RequiresQuestionAndAnswer)
{
//membership.CreateUser(request.UserName, tempPassword, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, out createStatus);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, request.PasswordQuestion, request.PasswordAnswer, true, null, out createStatus);
}
else
{
// With this method the MembershipCreateUserException will take care of things if the user can't be created, so no worry that createStatus is set to success
//membership.CreateUser(.CreateUser(request.UserName, tempPassword, request.UserEmail);
newUser = membership.CreateUser(request.UserName, request.Password, request.UserEmail, null, null, true, null, out createStatus);
createStatus = MembershipCreateStatus.Success;
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Created User";
debuggingInfoItem.SystemUpdate();
}
}
if (createStatus == MembershipCreateStatus.Success)
{
newUser.IsApproved = true;
membership.UpdateUser(newUser);
//Add the user to the default group
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
web.SiteGroups[request.DefaultGroup].AddUser(Utils.EncodeUsername(request.UserName.ToLower(), web.Site), request.UserEmail, request.FirstName + " " + request.LastName, "Self Registration");
//Login the user if selected
if (request.LoginCreatedUser)
{
Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(new Uri(web.Url), request.UserName, request.Password);
}
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
if (!String.IsNullOrEmpty(request.DefaultGroup))
{
debuggingInfoItem["LastError"] = "Add User Has No Groups";
}
else
{
debuggingInfoItem["LastError"] = "Add User To Groups";
}
debuggingInfoItem.SystemUpdate();
}
}
//email user to confirm that request is approved
xsltValues = new Hashtable(1);
xsltValues.Add("fba:MembershipRequest", request);
bool bSentMail = Email.SendEmail(web, request.UserEmail, settings.MembershipApprovedEmail, xsltValues);
if (!bSentMail)
{
Utils.LogError("SendEmail failed");
throw new Exception("Error sending mail notification");
}
if (debuggingInfoItem != null)
{
if (debuggingInfoItem.Fields.ContainsField("LastError"))
{
debuggingInfoItem["LastError"] = "Sent Email To New User: "******"Error creating user: "******"LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
addItem["LastError"] = AdduserExp.Message.ToString();
addItem.SystemUpdate();
break;
}
}
}
}
catch
{
}
// TODO: if CreateUser fails, the user in the MemberShipRequest list needs to be marked somehow so that the approver knows what the problem is.
// Maybe the list should always have the "LastError" field, or else the status can have an extra error value in addition to pending | approved | rejected
// Then in the calling code, we must not delete the item from the list!
// Also, if we're handling an exception, we should set the status back to "Pending".
// For now, we rethrow the exception which will cause the caller to fail, and prevent the delete.
throw new Exception(AdduserExp.Message);
}
}
catch (Exception ex)
{
//Add error information to list
try
{
SPList memberlist = web.GetList(Utils.GetAbsoluteURL(web, MembershipList.MEMBERSHIPREVIEWLIST));
if (memberlist.Fields.ContainsField("LastError"))
{
foreach (SPListItem addItem in memberlist.Items)
{
if (addItem["User Name"].ToString() == request.UserName)
{
// This overwrites anything already in the LastError field.
addItem["LastError"] = ex.Message.ToString();
addItem.SystemUpdate();
}
}
}
}
catch
{
}
Utils.LogError(ex);
throw new Exception(ex.Message);
}
}