private int Register(RegisterAddModel model, int role)
{
//If the user didn't select a role, then they are logging in - return -1
if (role == 0)
{
return(-1);
}
//Create base account
int accountId = _service.CreateBaseAccount(model);
AssignRoles arModel = new AssignRoles();
arModel.AccountId = accountId;
//Assign the selected student or mentor role
arModel.RoleId = role;
_roleService.Insert(arModel);
//Assign the blogger role
arModel.RoleId = 3;
_roleService.Insert(arModel);
//Return the id of the new account
return(accountId);
}
public object Post(AssignRoles request)
{
RequiredRoleAttribute.AssertRequiredRoles(Request, RoleNames.Admin);
request.UserName.ThrowIfNullOrEmpty();
var userAuth = UserAuthRepo.GetUserAuthByUserName(request.UserName);
if (userAuth == null)
throw HttpError.NotFound(request.UserName);
UserAuthRepo.AssignRoles(userAuth, request.Roles, request.Permissions);
return new AssignRolesResponse {
AllRoles = UserAuthRepo.GetRoles(userAuth).ToList(),
AllPermissions = UserAuthRepo.GetPermissions(userAuth).ToList(),
};
}
public async Task <IActionResult> AssignRoles(AssignRoles assignRoles)
{
if (string.IsNullOrEmpty(assignRoles.UserRoles.UserId))
{
return(BadRequest("Please enter the User Id"));
}
var userId = assignRoles.UserRoles.UserId.Trim();
var user = await this.userManager.FindByIdAsync(userId);
if (user == null)
{
return(NotFound("User not found"));
}
if (string.IsNullOrEmpty(assignRoles.UserRoles.RoleIds))
{
return(BadRequest("Please enter the role name"));
}
var roleList = assignRoles.UserRoles.RoleIds.Trim().Split(',');
if (roleList.Length == 0)
{
return(BadRequest("Please enter atleast one Role"));
}
foreach (var role in roleList)
{
if (string.IsNullOrEmpty(role))
{
continue;
}
if (!await this.userManager.IsInRoleAsync(user, role))
{
await this.userManager.AddToRoleAsync(user, role);
}
}
return(RedirectToAction("ListUsersAndRoles"));
}
public object Post(AssignRoles request)
{
RequiredRoleAttribute.AssertRequiredRoles(Request, RoleNames.Admin);
request.UserName.ThrowIfNullOrEmpty();
var authRepo = HostContext.AppHost.GetAuthRepository(base.Request);
using (authRepo as IDisposable)
{
var userAuth = authRepo.GetUserAuthByUserName(request.UserName);
if (userAuth == null)
throw HttpError.NotFound(request.UserName);
authRepo.AssignRoles(userAuth, request.Roles, request.Permissions);
return new AssignRolesResponse
{
AllRoles = authRepo.GetRoles(userAuth).ToList(),
AllPermissions = authRepo.GetPermissions(userAuth).ToList(),
};
}
}
public IActionResult ListUsersAndRoles()
{
var roles = this.roleManager.Roles.AsEnumerable();
var roleViewModel = new List <Role>();
foreach (var role in roles)
{
roleViewModel.Add(new Role {
Id = role.Id, Name = role.Name
});
}
var users = this.userManager.Users.AsEnumerable();
var userViewModel = new List <User>();
foreach (var user in users)
{
userViewModel.Add(new User {
Id = user.Id, Email = user.UserName
});
}
var usersAndRoles = new UsersAndRoles
{
Users = userViewModel.AsEnumerable(),
Roles = roleViewModel.AsEnumerable()
};
var assignRolesViewModel = new AssignRoles
{
UsersRoles = usersAndRoles,
UserRoles = new UserRoles {
UserId = "", RoleIds = ""
}
};
return(View("AssignRole", assignRolesViewModel));
}
/// <summary>
/// Assigns user to roles defined in AssignRoles property.
/// </summary>
private void AssignToRoles(UserInfo ui)
{
string[] roleList = AssignRoles.Split(';');
foreach (string siteName in SiteList)
{
// Add new user to the current site
UserInfoProvider.AddUserToSite(ui.UserName, siteName);
foreach (string roleName in roleList)
{
if (!String.IsNullOrEmpty(roleName))
{
String sn = roleName.StartsWithCSafe(".") ? String.Empty : siteName;
// Add user to desired roles
if (RoleInfoProvider.RoleExists(roleName, sn))
{
UserInfoProvider.AddUserToRole(ui.UserName, roleName, sn);
}
}
}
}
}
/// <summary>
/// OK click handler (Proceed registration).
/// </summary>
private void btnRegister_Click(object sender, EventArgs e)
{
if ((PageManager.ViewMode == ViewModeEnum.Design) || (HideOnCurrentPage) || (!IsVisible))
{
// Do not process
}
else
{
// Ban IP addresses which are blocked for registration
if (!BannedIPInfoProvider.IsAllowed(CMSContext.CurrentSiteName, BanControlEnum.Registration))
{
lblError.Visible = true;
lblError.Text = GetString("banip.ipisbannedregistration");
return;
}
// Check if captcha is required
if (DisplayCaptcha)
{
// Verify captcha text
if (!captchaElem.IsValid())
{
// Display error message if captcha text is not valid
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.captchaError");
return;
}
else
{
// Generate new code and clear captcha textbox if cpatcha code is valid
captchaElem.GenerateNew();
}
}
string userName = String.Empty;
string nickName = String.Empty;
string firstName = String.Empty;
string lastName = String.Empty;
string emailValue = String.Empty;
// Check duplicate user
// 1. Find appropriate control and get its value (i.e. user name)
// 2. Try to find user info
EditingFormControl txtUserName = formUser.BasicForm.FieldEditingControls["UserName"] as EditingFormControl;
if (txtUserName != null)
{
userName = ValidationHelper.GetString(txtUserName.Value, String.Empty);
}
EditingFormControl txtEmail = formUser.BasicForm.FieldEditingControls["Email"] as EditingFormControl;
if (txtEmail != null)
{
emailValue = ValidationHelper.GetString(txtEmail.Value, String.Empty);
}
// If user name and e-mail aren't filled stop processing and display error.
if (string.IsNullOrEmpty(userName))
{
userName = emailValue;
if (String.IsNullOrEmpty(emailValue))
{
formUser.StopProcessing = true;
lblError.Visible = true;
lblError.Text = GetString("customregistrationform.usernameandemail");
return;
}
else
{
formUser.BasicForm.Data.SetValue("UserName", userName);
}
}
EditingFormControl txtNickName = formUser.BasicForm.FieldEditingControls["UserNickName"] as EditingFormControl;
if (txtNickName != null)
{
nickName = ValidationHelper.GetString(txtNickName.Value, String.Empty);
}
EditingFormControl txtFirstName = formUser.BasicForm.FieldEditingControls["FirstName"] as EditingFormControl;
if (txtFirstName != null)
{
firstName = ValidationHelper.GetString(txtFirstName.Value, String.Empty);
}
EditingFormControl txtLastName = formUser.BasicForm.FieldEditingControls["LastName"] as EditingFormControl;
if (txtLastName != null)
{
lastName = ValidationHelper.GetString(txtLastName.Value, String.Empty);
}
// Test if "global" or "site" user exists.
SiteInfo si = CMSContext.CurrentSite;
UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(userName, si));
if ((UserInfoProvider.GetUserInfo(userName) != null) || (siteui != null))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true)));
return;
}
// Check for reserved user names like administrator, sysadmin, ...
if (UserInfoProvider.NameIsReserved(CMSContext.CurrentSiteName, userName))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true)));
return;
}
if (UserInfoProvider.NameIsReserved(CMSContext.CurrentSiteName, nickName))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(nickName));
return;
}
// Check limitations for site members
if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.SiteMembers, VersionActionEnum.Insert, false))
{
lblError.Visible = true;
lblError.Text = GetString("License.MaxItemsReachedSiteMember");
return;
}
// Check whether email is unique if it is required
string checkSites = (String.IsNullOrEmpty(AssignToSites)) ? CMSContext.CurrentSiteName : AssignToSites;
if (!UserInfoProvider.IsEmailUnique(emailValue, checkSites, 0))
{
lblError.Visible = true;
lblError.Text = GetString("UserInfo.EmailAlreadyExist");
return;
}
// Validate and save form with new user data
if (!formUser.Save())
{
// Return if saving failed
return;
}
// Get user info from form
UserInfo ui = (UserInfo)formUser.Info;
// Add user prefix if settings is on
// Ensure site prefixes
if (UserInfoProvider.UserNameSitePrefixEnabled(CMSContext.CurrentSiteName))
{
ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(userName, si);
}
ui.PreferredCultureCode = "";
ui.Enabled = EnableUserAfterRegistration;
ui.IsEditor = false;
ui.IsGlobalAdministrator = false;
ui.UserURLReferrer = CMSContext.CurrentUser.URLReferrer;
ui.UserCampaign = CMSContext.Campaign;
// Fill optionally full user name
if (String.IsNullOrEmpty(ui.FullName))
{
ui.FullName = UserInfoProvider.GetFullName(ui.FirstName, ui.MiddleName, ui.LastName);
}
// Ensure nick name
if (ui.UserNickName.Trim() == "")
{
ui.UserNickName = Functions.GetFormattedUserName(ui.UserName, true);
}
ui.UserSettings.UserRegistrationInfo.IPAddress = HTTPHelper.UserHostAddress;
ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent;
ui.UserSettings.UserLogActivities = true;
ui.UserSettings.UserShowSplashScreen = true;
// Check whether confirmation is required
bool requiresConfirmation = SettingsKeyProvider.GetBoolValue(CMSContext.CurrentSiteName + ".CMSRegistrationEmailConfirmation");
bool requiresAdminApprove = SettingsKeyProvider.GetBoolValue(CMSContext.CurrentSiteName + ".CMSRegistrationAdministratorApproval");
if (!requiresConfirmation)
{
// If confirmation is not required check whether administration approval is reqiures
if (requiresAdminApprove)
{
ui.Enabled = false;
ui.UserSettings.UserWaitingForApproval = true;
}
}
else
{
// EnableUserAfterRegistration is overrided by requiresConfirmation - user needs to be confirmed before enable
ui.Enabled = false;
}
// Set user's starting alias path
if (!String.IsNullOrEmpty(StartingAliasPath))
{
ui.UserStartingAliasPath = CMSContext.ResolveCurrentPath(StartingAliasPath);
}
// Get user password and save it in apropriate format after form save
string password = ValidationHelper.GetString(ui.GetValue("UserPassword"), String.Empty);
UserInfoProvider.SetPassword(ui, password);
// Prepare macro data source for email resolver
UserInfo userForMail = ui.Clone();
userForMail.SetValue("UserPassword", string.Empty);
object[] data = new object[1];
data[0] = userForMail;
// Prepare resolver for notification and welcome emails
ContextResolver resolver = CMSContext.CurrentResolver;
resolver.SourceData = data;
#region "Welcome Emails (confirmation, waiting for approval)"
bool error = false;
EventLogProvider ev = new EventLogProvider();
EmailTemplateInfo template = null;
// Prepare macro replacements
string[,] replacements = new string[6, 2];
replacements[0, 0] = "confirmaddress";
replacements[0, 1] = (ApprovalPage != String.Empty) ? URLHelper.GetAbsoluteUrl(ApprovalPage) + "?userguid=" + ui.UserGUID : URLHelper.GetAbsoluteUrl("~/CMSPages/Dialogs/UserRegistration.aspx") + "?userguid=" + ui.UserGUID;
replacements[1, 0] = "username";
replacements[1, 1] = userName;
replacements[2, 0] = "password";
replacements[2, 1] = password;
replacements[3, 0] = "Email";
replacements[3, 1] = emailValue;
replacements[4, 0] = "FirstName";
replacements[4, 1] = firstName;
replacements[5, 0] = "LastName";
replacements[5, 1] = lastName;
// Set resolver
resolver.SourceParameters = replacements;
// Email message
EmailMessage emailMessage = new EmailMessage();
emailMessage.EmailFormat = EmailFormatEnum.Default;
emailMessage.Recipients = ui.Email;
// Send welcome message with username and password, with confirmation link, user must confirm registration
if (requiresConfirmation)
{
template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", CMSContext.CurrentSiteName);
emailMessage.Subject = GetString("RegistrationForm.RegistrationConfirmationEmailSubject");
}
// Send welcome message with username and password, with information that user must be approved by administrator
else if (SendWelcomeEmail)
{
if (requiresAdminApprove)
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", CMSContext.CurrentSiteName);
emailMessage.Subject = GetString("RegistrationForm.RegistrationWaitingForApprovalSubject");
}
// Send welcome message with username and password, user can logon directly
else
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", CMSContext.CurrentSiteName);
emailMessage.Subject = GetString("RegistrationForm.RegistrationSubject");
}
}
if (template != null)
{
emailMessage.From = EmailHelper.GetSender(template, SettingsKeyProvider.GetStringValue(CMSContext.CurrentSiteName + ".CMSNoreplyEmailAddress"));
// Enable macro encoding for body
resolver.EncodeResolvedValues = true;
emailMessage.Body = resolver.ResolveMacros(template.TemplateText);
// Disable macro encoding for plaintext body and subject
resolver.EncodeResolvedValues = false;
emailMessage.PlainTextBody = resolver.ResolveMacros(template.TemplatePlainText);
emailMessage.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(template, emailMessage.Subject));
emailMessage.CcRecipients = template.TemplateCc;
emailMessage.BccRecipients = template.TemplateBcc;
try
{
MetaFileInfoProvider.ResolveMetaFileImages(emailMessage, template.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE);
// Send the e-mail immediately
EmailSender.SendEmail(CMSContext.CurrentSiteName, emailMessage, true);
}
catch (Exception ex)
{
ev.LogEvent("E", "RegistrationForm - SendEmail", ex);
error = true;
}
}
// If there was some error, user must be deleted
if (error)
{
lblError.Visible = true;
lblError.Text = GetString("RegistrationForm.UserWasNotCreated");
// Email was not send, user can't be approved - delete it
UserInfoProvider.DeleteUser(ui);
return;
}
#endregion
#region "Administrator notification email"
// Notify administrator if enabled and email confirmation is not required
if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty))
{
EmailTemplateInfo mEmailTemplate = null;
if (requiresAdminApprove)
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", CMSContext.CurrentSiteName);
}
else
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", CMSContext.CurrentSiteName);
}
if (mEmailTemplate == null)
{
ev.LogEvent("E", DateTime.Now, "RegistrationForm", "GetEmailTemplate", HTTPHelper.GetAbsoluteUri());
}
//email template ok
else
{
replacements = new string[4, 2];
replacements[0, 0] = "firstname";
replacements[0, 1] = ui.FirstName;
replacements[1, 0] = "lastname";
replacements[1, 1] = ui.LastName;
replacements[2, 0] = "email";
replacements[2, 1] = ui.Email;
replacements[3, 0] = "username";
replacements[3, 1] = userName;
// Set resolver
resolver.SourceParameters = replacements;
// Enable macro encoding for body
resolver.EncodeResolvedValues = true;
EmailMessage message = new EmailMessage();
message.EmailFormat = EmailFormatEnum.Default;
message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress);
message.Recipients = ToAddress;
message.Body = resolver.ResolveMacros(mEmailTemplate.TemplateText);
// Disable macro encoding for plaintext body and subject
resolver.EncodeResolvedValues = false;
message.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(mEmailTemplate, GetString("RegistrationForm.EmailSubject")));
message.PlainTextBody = resolver.ResolveMacros(mEmailTemplate.TemplatePlainText);
message.CcRecipients = mEmailTemplate.TemplateCc;
message.BccRecipients = mEmailTemplate.TemplateBcc;
try
{
// Attach template meta-files to e-mail
MetaFileInfoProvider.ResolveMetaFileImages(message, mEmailTemplate.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE);
EmailSender.SendEmail(CMSContext.CurrentSiteName, message);
}
catch
{
ev.LogEvent("E", DateTime.Now, "Membership", "RegistrationEmail", CMSContext.CurrentSite.SiteID);
}
}
}
#endregion
#region "Web analytics"
// Track successful registration conversion
if (TrackConversionName != String.Empty)
{
string siteName = CMSContext.CurrentSiteName;
if (AnalyticsHelper.AnalyticsEnabled(siteName) && AnalyticsHelper.TrackConversionsEnabled(siteName) && !AnalyticsHelper.IsIPExcluded(siteName, HTTPHelper.UserHostAddress))
{
HitLogProvider.LogConversions(siteName, CMSContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue);
}
}
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
AnalyticsHelper.LogRegisteredUser(CMSContext.CurrentSiteName, ui);
}
#endregion
#region "On-line marketing - activity"
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
Activity activity = new ActivityRegistration(ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables);
if (activity.Data != null)
{
activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
activity.Log();
}
// Log login activity
if (ui.Enabled)
{
// Log activity
int contactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
Activity activityLogin = new ActivityUserLogin(contactID, ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables);
activityLogin.Log();
}
}
#endregion
#region "Site and roles addition and authentication"
string[] roleList = AssignRoles.Split(';');
string[] siteList;
// If AssignToSites field set
if (!String.IsNullOrEmpty(AssignToSites))
{
siteList = AssignToSites.Split(';');
}
else // If not set user current site
{
siteList = new string[] { CMSContext.CurrentSiteName };
}
foreach (string siteName in siteList)
{
// Add new user to the current site
UserInfoProvider.AddUserToSite(ui.UserName, siteName);
foreach (string roleName in roleList)
{
if (!String.IsNullOrEmpty(roleName))
{
String sn = roleName.StartsWithCSafe(".") ? "" : siteName;
// Add user to desired roles
if (RoleInfoProvider.RoleExists(roleName, sn))
{
UserInfoProvider.AddUserToRole(ui.UserName, roleName, sn);
}
}
}
}
if (DisplayMessage.Trim() != String.Empty)
{
pnlRegForm.Visible = false;
lblInfo.Visible = true;
lblInfo.Text = DisplayMessage;
}
else
{
if (ui.Enabled)
{
CMSContext.AuthenticateUser(ui.UserName, true);
}
string returnUrl = QueryHelper.GetString("ReturnURL", "");
if (!String.IsNullOrEmpty(returnUrl) && (returnUrl.StartsWithCSafe("~") || returnUrl.StartsWithCSafe("/") || QueryHelper.ValidateHash("hash")))
{
URLHelper.Redirect(HttpUtility.UrlDecode(returnUrl));
}
else if (RedirectToURL != String.Empty)
{
URLHelper.Redirect(RedirectToURL);
}
}
#endregion
lblError.Visible = false;
}
}
public void CheckRoleAssignmentInUserAuthTable()
{
using (var appHost = new BasicAppHost
{
ConfigureContainer = container =>
{
container.Register <IDbConnectionFactory>(DbConnFactory);
container.Register <IAuthRepository>(c => new OrmLiteAuthRepository(c.Resolve <IDbConnectionFactory>()));
}
}.Init())
{
// Arrange
UserAuth userAuth;
var newRegistration = CreateNewUserRegistration();
var request = new BasicRequest(newRegistration);
var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request);
var authRepo = appHost.Resolve <IAuthRepository>();
// Test #1: Check role and permission assignment
// ---------------------------------------------
// Act
using (var db = DbConnFactory.Open())
{
// Hydrate userAuth
userAuth = db.SingleById <UserAuth>(response.UserId);
}
var assignRoleRequest =
new AssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
userAuth = (UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName);
authRepo.AssignRoles(userAuth, assignRoleRequest.Roles, assignRoleRequest.Permissions);
// Assert:
// Check UserAuth to contain roles and permissions
Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.EqualTo(TestRoleName));
Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.EqualTo(TestPermissionName));
// Test #2: Check role and permission un-assignment
// ------------------------------------------------
// Act
using (var db = DbConnFactory.Open())
{
// Hydrate userAuth
userAuth = db.SingleById <UserAuth>(response.UserId);
}
var unassignRolesRequest =
new UnAssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
userAuth = (UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName);
authRepo.UnAssignRoles(userAuth, unassignRolesRequest.Roles, unassignRolesRequest.Permissions);
// Assert:
// Check UserAuth not to contain roles and permissions above
Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.Null);
Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.Null);
}
}
/// <summary>
/// OK click handler (Proceed registration).
/// </summary>
private void btnRegister_Click(object sender, EventArgs e)
{
string currentSiteName = SiteContext.CurrentSiteName;
string[] siteList = { currentSiteName };
// If AssignToSites field set
if (!String.IsNullOrEmpty(AssignToSites))
{
siteList = AssignToSites.Split(';');
}
if ((PageManager.ViewMode == ViewModeEnum.Design) || (HideOnCurrentPage) || (!IsVisible))
{
// Do not process
}
else
{
// Ban IP addresses which are blocked for registration
if (!BannedIPInfoProvider.IsAllowed(currentSiteName, BanControlEnum.Registration))
{
lblError.Visible = true;
lblError.Text = GetString("banip.ipisbannedregistration");
return;
}
// Check if captcha is required and verify captcha text
if (DisplayCaptcha && !captchaElem.IsValid())
{
// Display error message if captcha text is not valid
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.captchaError");
return;
}
string userName = String.Empty;
string nickName = String.Empty;
string firstName = String.Empty;
string lastName = String.Empty;
string emailValue = String.Empty;
string pwd = string.Empty;
string confPassword = string.Empty;
string educationLevel = String.Empty;
string interestArea = String.Empty;
string industry = String.Empty;
string referralSource = string.Empty;
// Check duplicate user
// 1. Find appropriate control and get its value (i.e. user name)
// 2. Try to find user info
//FormEngineUserControl txtUserName = formUser.FieldControls["UserName"];
//if (txtUserName != null)
//{
// userName = ValidationHelper.GetString(txtUserName.Value, String.Empty);
//}
FormEngineUserControl txtEmail = formUser.FieldControls["Email"];
if (txtEmail != null)
{
emailValue = ValidationHelper.GetString(txtEmail.Value, String.Empty);
userName = emailValue;
}
// If user name and e-mail aren't filled stop processing and display error.
if (string.IsNullOrEmpty(userName) && String.IsNullOrEmpty(emailValue))
{
formUser.StopProcessing = true;
lblError.Visible = true;
lblError.Text = GetString("customregistrationform.usernameandemail");
return;
}
else
{
formUser.Data.SetValue("UserName", userName);
}
//check if email is valid
if (!ValidationHelper.IsEmail(txtEmail.Text.ToLowerCSafe()))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.EmailIsNotValid");
return;
}
FormEngineUserControl txtNickName = formUser.FieldControls["UserNickName"];
if (txtNickName != null)
{
nickName = ValidationHelper.GetString(txtNickName.Value, String.Empty);
}
FormEngineUserControl txtFirstName = formUser.FieldControls["FirstName"];
if (txtFirstName != null)
{
firstName = ValidationHelper.GetString(txtFirstName.Value, String.Empty);
}
FormEngineUserControl txtLastName = formUser.FieldControls["LastName"];
if (txtLastName != null)
{
lastName = ValidationHelper.GetString(txtLastName.Value, String.Empty);
}
FormEngineUserControl txtPwd = formUser.FieldControls["UserPassword"];
if (txtPwd != null)
{
pwd = ValidationHelper.GetString(txtPwd.Value, String.Empty);
}
FormEngineUserControl txtConfPassword = formUser.FieldControls["ReenterPassword"];
if (txtConfPassword != null)
{
confPassword = ValidationHelper.GetString(txtConfPassword.Value, String.Empty);
}
if (string.IsNullOrEmpty(pwd) || string.IsNullOrEmpty(confPassword))
{
lblError.Visible = true;
lblError.Text = "please enter password with confirmation";
return;
}
if (pwd != confPassword)
{
lblError.Visible = true;
lblError.Text = "Password doesn't match";
return;
}
if (validateFields(formUser.FieldControls["UserPassword"].Value.ToString()))
{
// Test if "global" or "site" user exists.
SiteInfo si = SiteContext.CurrentSite;
UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(userName, si));
if ((UserInfoProvider.GetUserInfo(userName) != null) || (siteui != null))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true)));
return;
}
// Check for reserved user names like administrator, sysadmin, ...
if (UserInfoProvider.NameIsReserved(currentSiteName, userName))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true)));
return;
}
if (UserInfoProvider.NameIsReserved(currentSiteName, nickName))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(nickName));
return;
}
// Check limitations for site members
if (!UserInfoProvider.LicenseVersionCheck(RequestContext.CurrentDomain, FeatureEnum.SiteMembers, ObjectActionEnum.Insert, false))
{
lblError.Visible = true;
lblError.Text = GetString("License.MaxItemsReachedSiteMember");
return;
}
// Check whether email is unique if it is required
if (!UserInfoProvider.IsEmailUnique(emailValue, siteList, 0))
{
lblError.Visible = true;
lblError.Text = GetString("UserInfo.EmailAlreadyExist");
return;
}
// Validate and save form with new user data
if (!formUser.Save())
{
// Return if saving failed
return;
}
// Get user info from form
UserInfo ui = (UserInfo)formUser.Info;
// Add user prefix if settings is on
// Ensure site prefixes
if (UserInfoProvider.UserNameSitePrefixEnabled(currentSiteName))
{
ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(userName, si);
}
ui.Enabled = EnableUserAfterRegistration;
ui.UserURLReferrer = MembershipContext.AuthenticatedUser.URLReferrer;
ui.UserCampaign = AnalyticsHelper.Campaign;
ui.SetPrivilegeLevel(UserPrivilegeLevelEnum.None);
// Fill optionally full user name
if (String.IsNullOrEmpty(ui.FullName))
{
ui.FullName = UserInfoProvider.GetFullName(ui.FirstName, ui.MiddleName, ui.LastName);
}
// Ensure nick name
if (ui.UserNickName.Trim() == String.Empty)
{
ui.UserNickName = Functions.GetFormattedUserName(ui.UserName, true);
}
ui.UserSettings.UserRegistrationInfo.IPAddress = RequestContext.UserHostAddress;
ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent;
ui.UserSettings.UserLogActivities = true;
ui.UserSettings.UserShowIntroductionTile = true;
// Check whether confirmation is required
bool requiresConfirmation = SettingsKeyInfoProvider.GetBoolValue(currentSiteName + ".CMSRegistrationEmailConfirmation");
bool requiresAdminApprove = SettingsKeyInfoProvider.GetBoolValue(currentSiteName + ".CMSRegistrationAdministratorApproval");
if (!requiresConfirmation)
{
// If confirmation is not required check whether administration approval is reqiures
if (requiresAdminApprove)
{
ui.Enabled = false;
ui.UserSettings.UserWaitingForApproval = true;
}
}
else
{
// EnableUserAfterRegistration is overrided by requiresConfirmation - user needs to be confirmed before enable
ui.Enabled = false;
}
// Set user's starting alias path
if (!String.IsNullOrEmpty(StartingAliasPath))
{
ui.UserStartingAliasPath = MacroResolver.ResolveCurrentPath(StartingAliasPath);
}
// Get user password and save it in apropriate format after form save
string password = ValidationHelper.GetString(ui.GetValue("UserPassword"), String.Empty);
UserInfoProvider.SetPassword(ui, password);
var customerToken = PersonifyRegistered(emailValue, password, firstName, lastName);
if (string.IsNullOrEmpty(customerToken))
{
UserInfoProvider.DeleteUser(ui);
return;
}
else
{
var roles = GetImsroles(customerToken);
string groupslist = "";
if (roles.Length > 0)
{
foreach (string s in roles)
{
if (s.Length > 0)
{
groupslist += s + ",";
}
}
}
//we need this mispelling.
groupslist += "peronifyUser" + ",";
new LoginUsertokentico().AddUserToRole(ui, groupslist, true, false);
}
// Prepare macro data source for email resolver
UserInfo userForMail = ui.Clone();
userForMail.SetValue("UserPassword", string.Empty);
object[] data = new object[1];
data[0] = userForMail;
// Prepare resolver for notification and welcome emails
MacroResolver resolver = MacroContext.CurrentResolver;
resolver.SetAnonymousSourceData(data);
#region "Welcome Emails (confirmation, waiting for approval)"
bool error = false;
EmailTemplateInfo template = null;
// Prepare macro replacements
string[,] replacements = new string[6, 2];
replacements[0, 0] = "confirmaddress";
replacements[0, 1] = AuthenticationHelper.GetRegistrationApprovalUrl(ApprovalPage, ui.UserGUID, currentSiteName, NotifyAdministrator);
replacements[1, 0] = "username";
replacements[1, 1] = userName;
replacements[2, 0] = "password";
replacements[2, 1] = password;
replacements[3, 0] = "Email";
replacements[3, 1] = emailValue;
replacements[4, 0] = "FirstName";
replacements[4, 1] = firstName;
replacements[5, 0] = "LastName";
replacements[5, 1] = lastName;
// Set resolver
resolver.SetNamedSourceData(replacements);
// Email message
EmailMessage emailMessage = new EmailMessage();
emailMessage.EmailFormat = EmailFormatEnum.Default;
emailMessage.Recipients = ui.Email;
// Send welcome message with username and password, with confirmation link, user must confirm registration
if (requiresConfirmation)
{
template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", currentSiteName);
emailMessage.Subject = GetString("RegistrationForm.RegistrationConfirmationEmailSubject");
}
// Send welcome message with username and password, with information that user must be approved by administrator
else if (SendWelcomeEmail)
{
if (requiresAdminApprove)
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", currentSiteName);
emailMessage.Subject = GetString("RegistrationForm.RegistrationWaitingForApprovalSubject");
}
// Send welcome message with username and password, user can logon directly
else
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", currentSiteName);
emailMessage.Subject = GetString("RegistrationForm.RegistrationSubject");
}
}
if (template != null)
{
emailMessage.From = EmailHelper.GetSender(template, SettingsKeyInfoProvider.GetStringValue(currentSiteName + ".CMSNoreplyEmailAddress"));
// Enable macro encoding for body
resolver.Settings.EncodeResolvedValues = true;
emailMessage.Body = resolver.ResolveMacros(template.TemplateText);
// Disable macro encoding for plaintext body and subject
resolver.Settings.EncodeResolvedValues = false;
emailMessage.PlainTextBody = resolver.ResolveMacros(template.TemplatePlainText);
emailMessage.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(template, emailMessage.Subject));
emailMessage.CcRecipients = template.TemplateCc;
emailMessage.BccRecipients = template.TemplateBcc;
try
{
EmailHelper.ResolveMetaFileImages(emailMessage, template.TemplateID, EmailTemplateInfo.OBJECT_TYPE, ObjectAttachmentsCategories.TEMPLATE);
// Send the e-mail immediately
EmailSender.SendEmail(currentSiteName, emailMessage, true);
}
catch (Exception ex)
{
EventLogProvider.LogException("E", "RegistrationForm - SendEmail", ex);
error = true;
}
}
// If there was some error, user must be deleted
if (error)
{
lblError.Visible = true;
lblError.Text = GetString("RegistrationForm.UserWasNotCreated");
// Email was not send, user can't be approved - delete it
UserInfoProvider.DeleteUser(ui);
return;
}
#endregion
#region "Administrator notification email"
// Notify administrator if enabled and email confirmation is not required
if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty))
{
EmailTemplateInfo mEmailTemplate = null;
if (requiresAdminApprove)
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", currentSiteName);
}
else
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", currentSiteName);
}
if (mEmailTemplate == null)
{
EventLogProvider.LogEvent(EventType.ERROR, "RegistrationForm", "GetEmailTemplate", eventUrl: RequestContext.RawURL);
}
else
{
// E-mail template ok
replacements = new string[4, 2];
replacements[0, 0] = "firstname";
replacements[0, 1] = ui.FirstName;
replacements[1, 0] = "lastname";
replacements[1, 1] = ui.LastName;
replacements[2, 0] = "email";
replacements[2, 1] = ui.Email;
replacements[3, 0] = "username";
replacements[3, 1] = userName;
// Set resolver
resolver.SetNamedSourceData(replacements);
// Enable macro encoding for body
resolver.Settings.EncodeResolvedValues = true;
EmailMessage message = new EmailMessage();
message.EmailFormat = EmailFormatEnum.Default;
message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress);
message.Recipients = ToAddress;
message.Body = resolver.ResolveMacros(mEmailTemplate.TemplateText);
// Disable macro encoding for plaintext body and subject
resolver.Settings.EncodeResolvedValues = false;
message.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(mEmailTemplate, GetString("RegistrationForm.EmailSubject")));
message.PlainTextBody = resolver.ResolveMacros(mEmailTemplate.TemplatePlainText);
message.CcRecipients = mEmailTemplate.TemplateCc;
message.BccRecipients = mEmailTemplate.TemplateBcc;
try
{
// Attach template meta-files to e-mail
EmailHelper.ResolveMetaFileImages(message, mEmailTemplate.TemplateID, EmailTemplateInfo.OBJECT_TYPE, ObjectAttachmentsCategories.TEMPLATE);
EmailSender.SendEmail(currentSiteName, message);
}
catch
{
EventLogProvider.LogEvent(EventType.ERROR, "Membership", "RegistrationEmail");
}
}
}
#endregion
#region "Web analytics"
// Track successful registration conversion
if (TrackConversionName != String.Empty)
{
if (AnalyticsHelper.AnalyticsEnabled(currentSiteName) && AnalyticsHelper.TrackConversionsEnabled(currentSiteName) && !AnalyticsHelper.IsIPExcluded(currentSiteName, RequestContext.UserHostAddress))
{
HitLogProvider.LogConversions(currentSiteName, LocalizationContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue);
}
}
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
AnalyticsHelper.LogRegisteredUser(currentSiteName, ui);
}
#endregion
#region "On-line marketing - activity"
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
Activity activity = new ActivityRegistration(ui, DocumentContext.CurrentDocument, AnalyticsContext.ActivityEnvironmentVariables);
if (activity.Data != null)
{
activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
activity.Log();
}
// Log login activity
if (ui.Enabled)
{
// Log activity
int contactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
Activity activityLogin = new ActivityUserLogin(contactID, ui, DocumentContext.CurrentDocument, AnalyticsContext.ActivityEnvironmentVariables);
activityLogin.Log();
}
}
#endregion
#region "Site and roles addition and authentication"
string[] roleList = AssignRoles.Split(';');
foreach (string siteName in siteList)
{
// Add new user to the current site
UserInfoProvider.AddUserToSite(ui.UserName, siteName);
foreach (string roleName in roleList)
{
if (!String.IsNullOrEmpty(roleName))
{
String sn = roleName.StartsWithCSafe(".") ? String.Empty : siteName;
// Add user to desired roles
if (RoleInfoProvider.RoleExists(roleName, sn))
{
UserInfoProvider.AddUserToRole(ui.UserName, roleName, sn);
}
}
}
}
if (ui.Enabled)
{
if (this.AutoLoginAfterRegistration)
{
Session["UserName"] = userName;
Session["Password"] = password;
Session["RememberMe"] = true;
Session["RetryCount"] = null;
if (this.Request.QueryString["ReturnURL"] != null)
{
var returnURL = this.Request.QueryString["ReturnURL"];
Session["ReturnURL"] = returnURL;
}
else if (!String.IsNullOrEmpty(this.RedirectToURL))
{
var returnURL = this.Request.QueryString["ReturnURL"];
Session["ReturnURL"] = returnURL;
}
Response.Redirect("~/sso/ssohandler.aspx", true);
}
else if (!String.IsNullOrEmpty(this.LoginURL))
{
Response.Redirect(string.Format(this.LoginURL, userName), true);
}
else if (!String.IsNullOrEmpty(this.RedirectToURL))
{
Response.Redirect(this.RedirectToURL, true);
}
}
#endregion
lblError.Visible = false;
}
}
}
public void CheckRoleAssignmentInUserAuthTableUsingSecretKey()
{
using (var appHost = new BasicAppHost
{
ConfigureAppHost = host =>
{
host.Config.AdminAuthSecret = AdminAuthSecret;
},
ConfigureContainer = container =>
{
container.Register <IUnitOfWork>(c => UnitOfWork);
container.Register <IAuthRepository>(c =>
new LightSpeedUserAuthRepository(c.Resolve <IUnitOfWork>()));
}
}.Init())
{
// Arrange
LightSpeed.UserAuth userAuth;
AssignRolesResponse assignRolesResponse;
var newRegistration = CreateNewUserRegistration();
var request = new BasicRequest(newRegistration);
request.QueryString["authSecret"] = AdminAuthSecret;
var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request);
// Test #1: Check role and permission assignment
// ---------------------------------------------
// Act
userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth
var assignRoleRequest =
new AssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
// Assert #1.1:
// Check AssignRoles response to contain roles and permissions
assignRolesResponse = (AssignRolesResponse)appHost.ExecuteService(assignRoleRequest, request);
Assert.That(assignRolesResponse.AllRoles[0], Is.EqualTo(TestRoleName));
Assert.That(assignRolesResponse.AllPermissions[0], Is.EqualTo(TestPermissionName));
// Assert #1.2:
// Check UserAuth to contain roles and permissions
userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId);
Assert.That(userAuth.Roles[0], Is.EqualTo(TestRoleName));
Assert.That(userAuth.Permissions[0], Is.EqualTo(TestPermissionName));
// Test #2: Check role and permission un-assignment
// ------------------------------------------------
// Act
var unassignRolesRequest =
new UnAssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
appHost.ExecuteService(unassignRolesRequest, request);
// Assert #2.1:
// Check UserAuth not to contain roles and permissions above
userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId);
Assert.That(userAuth.Roles.Count, Is.EqualTo(0));
Assert.That(userAuth.Permissions.Count, Is.EqualTo(0));
}
}
public void CheckRoleAssignmentInUserRoleTableUsingIAuthRepository()
{
using (var appHost = new BasicAppHost
{
ConfigureContainer = container =>
{
container.Register <IUnitOfWork>(c => UnitOfWork);
container.Register <IAuthRepository>(c =>
new LightSpeedUserAuthRepository(c.Resolve <IUnitOfWork>())
{
UseDistinctRoleTables = true
});
}
}.Init())
{
// Arrange
LightSpeed.UserAuth userAuth;
AssignRolesResponse assignRolesResponse;
var newRegistration = CreateNewUserRegistration();
var request = new BasicRequest(newRegistration);
var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request);
var authRepo = appHost.Resolve <IAuthRepository>();
// Test #1: Check role and permission assignment
// ---------------------------------------------
// Act
userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth
var assignRoleRequest =
new AssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName);
authRepo.AssignRoles(userAuth, assignRoleRequest.Roles, assignRoleRequest.Permissions);
// Assert #1.1:
// Check UserAuth to contain roles and permissions
Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.EqualTo(TestRoleName));
Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.EqualTo(TestPermissionName));
// Assert #1.2:
// Check that roles and permissions are not persisted to UserAuth table
Assert.That(userAuth.Roles.Count, Is.EqualTo(0));
Assert.That(userAuth.Permissions.Count, Is.EqualTo(0));
// Assert #1.3:
// Check UserRoles table to contain roles and permissions
var manageRoles = (IManageRoles)appHost.Container.Resolve <IAuthRepository>();
Assert.That(manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName));
Assert.That(manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName));
// Test #2: Check role and permission un-assignment
// ------------------------------------------------
// Act
userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth
var unassignRolesRequest =
new UnAssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName);
authRepo.UnAssignRoles(userAuth, unassignRolesRequest.Roles, unassignRolesRequest.Permissions);
// Assert #2.1:
// Check UserAuth to contain roles and permissions
Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.Null);
Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.Null);
// Assert #2.2:
// Check UserRole table not to contain roles and permissions above
Assert.That(!manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName));
Assert.That(!manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName));
}
}
public void CheckRoleAssignmentInUserRoleTable()
{
using (var appHost = new BasicAppHost
{
ConfigureAppHost = host =>
{
host.Config.AdminAuthSecret = AdminAuthSecret;
},
ConfigureContainer = container =>
{
container.Register <IDbConnectionFactory>(DbConnFactory);
container.Register <IAuthRepository>(c =>
new OrmLiteAuthRepository(c.Resolve <IDbConnectionFactory>())
{
UseDistinctRoleTables = true
});
}
}.Init())
{
// Arrange
UserAuth userAuth;
AssignRolesResponse assignRolesResponse;
var newRegistration = CreateNewUserRegistration();
var request = new BasicRequest(newRegistration);
request.QueryString["authSecret"] = AdminAuthSecret;
var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request);
// Test #1: Check role and permission assignment
// ---------------------------------------------
// Act
using (var db = DbConnFactory.Open())
{
// Hydrate userAuth
userAuth = db.SingleById <UserAuth>(response.UserId);
}
var assignRoleRequest =
new AssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
// Assert #1.1:
// Check AssignRoles response to contain roles and permissions
assignRolesResponse = (AssignRolesResponse)appHost.ExecuteService(assignRoleRequest, request);
Assert.That(assignRolesResponse.AllRoles[0], Is.EqualTo(TestRoleName));
Assert.That(assignRolesResponse.AllPermissions[0], Is.EqualTo(TestPermissionName));
// Assert #1.2:
// Check that roles and permissions are not persisted to UserAuth table
Assert.That(userAuth.Roles.Count, Is.EqualTo(0));
Assert.That(userAuth.Permissions.Count, Is.EqualTo(0));
// Assert #1.3:
// Check UserRoles table to contain roles and permissions
var manageRoles = (IManageRoles)appHost.Container.Resolve <IAuthRepository>();
Assert.That(manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName));
Assert.That(manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName));
// Test #2: Check role and permission un-assignment
// ------------------------------------------------
// Act
var unassignRolesRequest =
new UnAssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
appHost.ExecuteService(unassignRolesRequest, request);
// Assert #2.1:
// Check UserRole table not to contain roles and permissions above
Assert.That(!manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName));
Assert.That(!manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName));
}
}
/// <param name='userName'>
/// </param>
/// <param name='permissions'>
/// </param>
/// <param name='roles'>
/// </param>
/// <param name='body'>
/// </param>
/// <param name='customHeaders'>
/// Headers that will be added to request.
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
/// <exception cref="AssignRolesResponseException">
/// Thrown when the operation returned an invalid status code
/// </exception>
/// <return>
/// A response object containing the response body and response headers.
/// </return>
public async Task <HttpOperationResponse <AssignRolesResponse> > PostWithHttpMessagesAsync(string userName = default(string), string permissions = default(string), string roles = default(string), AssignRoles body = default(AssignRoles), Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken))
{
// Tracing
bool _shouldTrace = ServiceClientTracing.IsEnabled;
string _invocationId = null;
if (_shouldTrace)
{
_invocationId = ServiceClientTracing.NextInvocationId.ToString();
Dictionary <string, object> tracingParameters = new Dictionary <string, object>();
tracingParameters.Add("userName", userName);
tracingParameters.Add("permissions", permissions);
tracingParameters.Add("roles", roles);
tracingParameters.Add("body", body);
tracingParameters.Add("cancellationToken", cancellationToken);
ServiceClientTracing.Enter(_invocationId, this, "Post", tracingParameters);
}
// Construct URL
var _baseUrl = Client.BaseUri.AbsoluteUri;
var _url = new System.Uri(new System.Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "assignroles").ToString();
// Create HTTP transport objects
var _httpRequest = new HttpRequestMessage();
HttpResponseMessage _httpResponse = null;
_httpRequest.Method = new HttpMethod("POST");
_httpRequest.RequestUri = new System.Uri(_url);
// Set Headers
if (Client.Accept != null)
{
if (_httpRequest.Headers.Contains("Accept"))
{
_httpRequest.Headers.Remove("Accept");
}
_httpRequest.Headers.TryAddWithoutValidation("Accept", Client.Accept);
}
if (customHeaders != null)
{
foreach (var _header in customHeaders)
{
if (_httpRequest.Headers.Contains(_header.Key))
{
_httpRequest.Headers.Remove(_header.Key);
}
_httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value);
}
}
// Serialize Request
string _requestContent = null;
if (body != null)
{
_requestContent = Microsoft.Rest.Serialization.SafeJsonConvert.SerializeObject(body, Client.SerializationSettings);
_httpRequest.Content = new StringContent(_requestContent, System.Text.Encoding.UTF8);
_httpRequest.Content.Headers.ContentType = System.Net.Http.Headers.MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
}
// Send Request
if (_shouldTrace)
{
ServiceClientTracing.SendRequest(_invocationId, _httpRequest);
}
cancellationToken.ThrowIfCancellationRequested();
_httpResponse = await Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false);
if (_shouldTrace)
{
ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse);
}
HttpStatusCode _statusCode = _httpResponse.StatusCode;
cancellationToken.ThrowIfCancellationRequested();
string _responseContent = null;
if (!_httpResponse.IsSuccessStatusCode)
{
var ex = new AssignRolesResponseException(string.Format("Operation returned an invalid status code '{0}'", _statusCode));
try
{
_responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
AssignRolesResponse _errorBody = Microsoft.Rest.Serialization.SafeJsonConvert.DeserializeObject <AssignRolesResponse>(_responseContent, Client.DeserializationSettings);
if (_errorBody != null)
{
ex.Body = _errorBody;
}
}
catch (JsonException)
{
// Ignore the exception
}
ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent);
ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent);
if (_shouldTrace)
{
ServiceClientTracing.Error(_invocationId, ex);
}
_httpRequest.Dispose();
if (_httpResponse != null)
{
_httpResponse.Dispose();
}
throw ex;
}
// Create Result
var _result = new HttpOperationResponse <AssignRolesResponse>();
_result.Request = _httpRequest;
_result.Response = _httpResponse;
string _defaultResponseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
try
{
_result.Body = Microsoft.Rest.Serialization.SafeJsonConvert.DeserializeObject <AssignRolesResponse>(_defaultResponseContent, Client.DeserializationSettings);
}
catch (JsonException ex)
{
_httpRequest.Dispose();
if (_httpResponse != null)
{
_httpResponse.Dispose();
}
throw new SerializationException("Unable to deserialize the response.", _defaultResponseContent, ex);
}
if (_shouldTrace)
{
ServiceClientTracing.Exit(_invocationId, _result);
}
return(_result);
}
/// <summary>
/// OK click handler (Proceed registration).
/// </summary>
protected void btnOK_Click(object sender, EventArgs e)
{
if ((PageManager.ViewMode == ViewModeEnum.Design) || (HideOnCurrentPage) || (!IsVisible))
{
// Do not process
}
else
{
String siteName = CMSContext.CurrentSiteName;
#region "Banned IPs"
// Ban IP addresses which are blocked for registration
if (!BannedIPInfoProvider.IsAllowed(siteName, BanControlEnum.Registration))
{
lblError.Visible = true;
lblError.Text = GetString("banip.ipisbannedregistration");
return;
}
#endregion
#region "Check Email & password"
// Check whether user with same email does not exist
UserInfo ui = UserInfoProvider.GetUserInfo(txtEmail.Text);
SiteInfo si = CMSContext.CurrentSite;
UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(txtEmail.Text, si));
if ((ui != null) || (siteui != null))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(txtEmail.Text));
return;
}
// Check whether password is same
if (passStrength.Text != txtConfirmPassword.Text)
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.PassworDoNotMatch");
return;
}
if ((PasswordMinLength > 0) && (passStrength.Text.Length < PasswordMinLength))
{
lblError.Visible = true;
lblError.Text = String.Format(GetString("Webparts_Membership_RegistrationForm.PasswordMinLength"), PasswordMinLength.ToString());
return;
}
if (!passStrength.IsValid())
{
lblError.Visible = true;
lblError.Text = AuthenticationHelper.GetPolicyViolationMessage(CMSContext.CurrentSiteName);
return;
}
if (!ValidationHelper.IsEmail(txtEmail.Text.ToLowerCSafe()))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.EmailIsNotValid");
return;
}
#endregion
#region "Captcha"
// Check if captcha is required
if (DisplayCaptcha)
{
// Verifiy captcha text
if (!scCaptcha.IsValid())
{
// Display error message if catcha text is not valid
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.captchaError");
return;
}
else
{
// Generate new captcha
scCaptcha.GenerateNew();
}
}
#endregion
#region "User properties"
ui = new UserInfo();
ui.PreferredCultureCode = "";
ui.Email = txtEmail.Text.Trim();
ui.FirstName = txtFirstName.Text.Trim();
ui.FullName = UserInfoProvider.GetFullName(txtFirstName.Text.Trim(), String.Empty, txtLastName.Text.Trim());
ui.LastName = txtLastName.Text.Trim();
ui.MiddleName = "";
// User name as put by user (no site prefix included)
String plainUserName = txtEmail.Text.Trim();
ui.UserName = plainUserName;
// Ensure site prefixes
if (UserInfoProvider.UserNameSitePrefixEnabled(siteName))
{
ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(txtEmail.Text.Trim(), si);
}
ui.Enabled = EnableUserAfterRegistration;
ui.IsEditor = false;
ui.IsGlobalAdministrator = false;
ui.UserURLReferrer = CMSContext.CurrentUser.URLReferrer;
ui.UserCampaign = CMSContext.Campaign;
ui.UserSettings.UserRegistrationInfo.IPAddress = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent;
// Check whether confirmation is required
bool requiresConfirmation = SettingsKeyProvider.GetBoolValue(siteName + ".CMSRegistrationEmailConfirmation");
bool requiresAdminApprove = false;
if (!requiresConfirmation)
{
// If confirmation is not required check whether administration approval is reqiures
if ((requiresAdminApprove = SettingsKeyProvider.GetBoolValue(siteName + ".CMSRegistrationAdministratorApproval")))
{
ui.Enabled = false;
ui.UserSettings.UserWaitingForApproval = true;
}
}
else
{
// EnableUserAfterRegistration is overrided by requiresConfirmation - user needs to be confirmed before enable
ui.Enabled = false;
}
// Set user's starting alias path
if (!String.IsNullOrEmpty(StartingAliasPath))
{
ui.UserStartingAliasPath = CMSContext.ResolveCurrentPath(StartingAliasPath);
}
#endregion
#region "Reserved names"
// Check for reserved user names like administrator, sysadmin, ...
if (UserInfoProvider.NameIsReserved(siteName, plainUserName))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(ui.UserName, true)));
return;
}
if (UserInfoProvider.NameIsReserved(siteName, plainUserName))
{
lblError.Visible = true;
lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(ui.UserNickName));
return;
}
#endregion
#region "License limitations"
// Check limitations for Global administrator
if (ui.IsGlobalAdministrator)
{
if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.GlobalAdmininistrators, VersionActionEnum.Insert, false))
{
lblError.Visible = true;
lblError.Text = GetString("License.MaxItemsReachedGlobal");
return;
}
}
// Check limitations for editors
if (ui.IsEditor)
{
if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.Editors, VersionActionEnum.Insert, false))
{
lblError.Visible = true;
lblError.Text = GetString("License.MaxItemsReachedEditor");
return;
}
}
// Check limitations for site members
if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.SiteMembers, VersionActionEnum.Insert, false))
{
lblError.Visible = true;
lblError.Text = GetString("License.MaxItemsReachedSiteMember");
return;
}
#endregion
// Check whether email is unique if it is required
string checkSites = (String.IsNullOrEmpty(AssignToSites)) ? siteName : AssignToSites;
if (!UserInfoProvider.IsEmailUnique(txtEmail.Text.Trim(), checkSites, 0))
{
lblError.Visible = true;
lblError.Text = GetString("UserInfo.EmailAlreadyExist");
return;
}
// Set password
UserInfoProvider.SetPassword(ui, passStrength.Text);
// Prepare macro data source for email resolver
UserInfo userForMail = ui.Clone();
userForMail.SetValue("UserPassword", string.Empty);
object[] data = new object[1];
data[0] = userForMail;
// Prepare resolver for notification and welcome emails
ContextResolver resolver = CMSContext.CurrentResolver;
resolver.SourceData = data;
resolver.EncodeResolvedValues = true;
#region "Welcome Emails (confirmation, waiting for approval)"
bool error = false;
EventLogProvider ev = new EventLogProvider();
EmailTemplateInfo template = null;
string emailSubject = null;
// Send welcome message with username and password, with confirmation link, user must confirm registration
if (requiresConfirmation)
{
template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", siteName);
emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationConfirmationEmailSubject"));
}
// Send welcome message with username and password, with information that user must be approved by administrator
else if (SendWelcomeEmail)
{
if (requiresAdminApprove)
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", siteName);
emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationWaitingForApprovalSubject"));
}
// Send welcome message with username and password, user can logon directly
else
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", siteName);
emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationSubject"));
}
}
if (template != null)
{
// Retrieve contact ID for confirmation e-mail
int contactId = 0;
if (ActivitySettingsHelper.ActivitiesEnabledAndModuleLoaded(siteName))
{
// Check if loggin registration activity is enabled
if (ActivitySettingsHelper.UserRegistrationEnabled(siteName))
{
if (ActivitySettingsHelper.ActivitiesEnabledForThisUser(ui))
{
contactId = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
}
}
}
// Prepare macro replacements
string[,] replacements = new string[6, 2];
replacements[0, 0] = "confirmaddress";
replacements[0, 1] = (ApprovalPage != String.Empty) ? URLHelper.GetAbsoluteUrl(ApprovalPage) : URLHelper.GetAbsoluteUrl("~/CMSPages/Dialogs/UserRegistration.aspx");
replacements[0, 1] += "?userguid=" + ui.UserGUID + (contactId > 0 ? "&contactid=" + contactId.ToString() : String.Empty);
replacements[1, 0] = "username";
replacements[1, 1] = plainUserName;
replacements[2, 0] = "password";
replacements[2, 1] = passStrength.Text;
replacements[3, 0] = "Email";
replacements[3, 1] = txtEmail.Text;
replacements[4, 0] = "FirstName";
replacements[4, 1] = txtFirstName.Text;
replacements[5, 0] = "LastName";
replacements[5, 1] = txtLastName.Text;
// Set resolver
resolver.SourceParameters = replacements;
// Email message
EmailMessage email = new EmailMessage();
email.EmailFormat = EmailFormatEnum.Default;
email.Recipients = ui.Email;
email.From = EmailHelper.GetSender(template, SettingsKeyProvider.GetStringValue(siteName + ".CMSNoreplyEmailAddress"));
email.Body = resolver.ResolveMacros(template.TemplateText);
resolver.EncodeResolvedValues = false;
email.PlainTextBody = resolver.ResolveMacros(template.TemplatePlainText);
email.Subject = resolver.ResolveMacros(emailSubject);
email.CcRecipients = template.TemplateCc;
email.BccRecipients = template.TemplateBcc;
try
{
MetaFileInfoProvider.ResolveMetaFileImages(email, template.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE);
// Send the e-mail immediately
EmailSender.SendEmail(siteName, email, true);
}
catch (Exception ex)
{
ev.LogEvent("E", "RegistrationForm - SendEmail", ex);
error = true;
}
}
// If there was some error, user must be deleted
if (error)
{
lblError.Visible = true;
lblError.Text = GetString("RegistrationForm.UserWasNotCreated");
// Email was not send, user can't be approved - delete it
UserInfoProvider.DeleteUser(ui);
return;
}
#endregion
#region "Administrator notification email"
// Notify administrator if enabled and e-mail confirmation is not required
if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty))
{
EmailTemplateInfo mEmailTemplate = null;
if (requiresAdminApprove)
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", siteName);
}
else
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", siteName);
}
if (mEmailTemplate == null)
{
// Log missing e-mail template
ev.LogEvent("E", DateTime.Now, "RegistrationForm", "GetEmailTemplate", HTTPHelper.GetAbsoluteUri());
}
else
{
string[,] replacements = new string[4, 2];
replacements[0, 0] = "firstname";
replacements[0, 1] = ui.FirstName;
replacements[1, 0] = "lastname";
replacements[1, 1] = ui.LastName;
replacements[2, 0] = "email";
replacements[2, 1] = ui.Email;
replacements[3, 0] = "username";
replacements[3, 1] = plainUserName;
// Set resolver
resolver.SourceParameters = replacements;
EmailMessage message = new EmailMessage();
message.EmailFormat = EmailFormatEnum.Default;
message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress);
message.Recipients = ToAddress;
message.Body = resolver.ResolveMacros(mEmailTemplate.TemplateText);
resolver.EncodeResolvedValues = false;
message.PlainTextBody = resolver.ResolveMacros(mEmailTemplate.TemplatePlainText);
message.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(mEmailTemplate, GetString("RegistrationForm.EmailSubject")));
message.CcRecipients = mEmailTemplate.TemplateCc;
message.BccRecipients = mEmailTemplate.TemplateBcc;
try
{
// Attach template meta-files to e-mail
MetaFileInfoProvider.ResolveMetaFileImages(message, mEmailTemplate.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE);
EmailSender.SendEmail(siteName, message);
}
catch
{
ev.LogEvent("E", DateTime.Now, "Membership", "RegistrationEmail", CMSContext.CurrentSite.SiteID);
}
}
}
#endregion
#region "Web analytics"
// Track successful registration conversion
if (TrackConversionName != String.Empty)
{
if (AnalyticsHelper.AnalyticsEnabled(siteName) && AnalyticsHelper.TrackConversionsEnabled(siteName) && !AnalyticsHelper.IsIPExcluded(siteName, HTTPHelper.UserHostAddress))
{
// Log conversion
HitLogProvider.LogConversions(siteName, CMSContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue);
}
}
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
AnalyticsHelper.LogRegisteredUser(siteName, ui);
}
#endregion
#region "On-line marketing - activity"
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
Activity activity = new ActivityRegistration(ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables);
if (activity.Data != null)
{
activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
activity.Log();
}
// Log login activity
if (ui.Enabled)
{
// Log activity
int contactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
Activity activityLogin = new ActivityUserLogin(contactID, ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables);
activityLogin.Log();
}
}
#endregion
#region "Roles & authentication"
string[] roleList = AssignRoles.Split(';');
string[] siteList;
// If AssignToSites field set
if (!String.IsNullOrEmpty(AssignToSites))
{
siteList = AssignToSites.Split(';');
}
else // If not set user current site
{
siteList = new string[] { siteName };
}
foreach (string sn in siteList)
{
// Add new user to the current site
UserInfoProvider.AddUserToSite(ui.UserName, sn);
foreach (string roleName in roleList)
{
if (!String.IsNullOrEmpty(roleName))
{
String s = roleName.StartsWithCSafe(".") ? "" : sn;
// Add user to desired roles
if (RoleInfoProvider.RoleExists(roleName, s))
{
UserInfoProvider.AddUserToRole(ui.UserName, roleName, s);
}
}
}
}
if (DisplayMessage.Trim() != String.Empty)
{
pnlForm.Visible = false;
lblText.Visible = true;
lblText.Text = DisplayMessage;
}
else
{
if (ui.Enabled)
{
CMSContext.AuthenticateUser(ui.UserName, true);
}
if (RedirectToURL != String.Empty)
{
URLHelper.Redirect(RedirectToURL);
}
else if (QueryHelper.GetString("ReturnURL", "") != String.Empty)
{
string url = QueryHelper.GetString("ReturnURL", "");
// Do url decode
url = Server.UrlDecode(url);
// Check that url is relative path or hash is ok
if (url.StartsWithCSafe("~") || url.StartsWithCSafe("/") || QueryHelper.ValidateHash("hash"))
{
URLHelper.Redirect(url);
}
// Absolute path with wrong hash
else
{
URLHelper.Redirect(ResolveUrl("~/CMSMessages/Error.aspx?title=" + ResHelper.GetString("general.badhashtitle") + "&text=" + ResHelper.GetString("general.badhashtext")));
}
}
}
#endregion
lblError.Visible = false;
}
}
public void CheckRoleAssignmentInUserRoleTableUsingIAuthRepository()
{
using (var appHost = new BasicAppHost
{
ConfigureContainer = container =>
{
container.Register<IUnitOfWork>(c => UnitOfWork);
container.Register<IAuthRepository>(c =>
new LightSpeedUserAuthRepository(c.Resolve<IUnitOfWork>())
{
UseDistinctRoleTables = true
});
}
}.Init())
{
// Arrange
LightSpeed.UserAuth userAuth;
AssignRolesResponse assignRolesResponse;
var newRegistration = CreateNewUserRegistration();
var request = new BasicRequest(newRegistration);
var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request);
var authRepo = appHost.Resolve<IAuthRepository>();
// Test #1: Check role and permission assignment
// ---------------------------------------------
// Act
userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth
var assignRoleRequest =
new AssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName);
authRepo.AssignRoles(userAuth, assignRoleRequest.Roles, assignRoleRequest.Permissions);
// Assert #1.1:
// Check UserAuth to contain roles and permissions
Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.EqualTo(TestRoleName));
Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.EqualTo(TestPermissionName));
// Assert #1.2:
// Check that roles and permissions are not persisted to UserAuth table
Assert.That(userAuth.Roles.Count, Is.EqualTo(0));
Assert.That(userAuth.Permissions.Count, Is.EqualTo(0));
// Assert #1.3:
// Check UserRoles table to contain roles and permissions
var manageRoles = (IManageRoles)appHost.Container.Resolve<IAuthRepository>();
Assert.That(manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName));
Assert.That(manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName));
// Test #2: Check role and permission un-assignment
// ------------------------------------------------
// Act
userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth
var unassignRolesRequest =
new UnAssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName);
authRepo.UnAssignRoles(userAuth, unassignRolesRequest.Roles, unassignRolesRequest.Permissions);
// Assert #2.1:
// Check UserAuth to contain roles and permissions
Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.Null);
Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.Null);
// Assert #2.2:
// Check UserRole table not to contain roles and permissions above
Assert.That(!manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName));
Assert.That(!manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName));
}
}
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='userName'>
/// </param>
/// <param name='permissions'>
/// </param>
/// <param name='roles'>
/// </param>
/// <param name='body'>
/// </param>
public static AssignRolesResponse Create(this IAssignRolesOperations operations, string userName = default(string), IList <string> permissions = default(IList <string>), IList <string> roles = default(IList <string>), AssignRoles body = default(AssignRoles))
{
return(operations.CreateAsync(userName, permissions, roles, body).GetAwaiter().GetResult());
}
public void CheckRoleAssignmentInUserAuthTableUsingSecretKey()
{
using (var appHost = new BasicAppHost
{
ConfigureAppHost = host =>
{
host.Config.AdminAuthSecret = AdminAuthSecret;
},
ConfigureContainer = container =>
{
container.Register<IUnitOfWork>(c => UnitOfWork);
container.Register<IAuthRepository>(c =>
new LightSpeedUserAuthRepository(c.Resolve<IUnitOfWork>()));
}
}.Init())
{
// Arrange
LightSpeed.UserAuth userAuth;
AssignRolesResponse assignRolesResponse;
var newRegistration = CreateNewUserRegistration();
var request = new BasicRequest(newRegistration);
request.QueryString["authSecret"] = AdminAuthSecret;
var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request);
// Test #1: Check role and permission assignment
// ---------------------------------------------
// Act
userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth
var assignRoleRequest =
new AssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
// Assert #1.1:
// Check AssignRoles response to contain roles and permissions
assignRolesResponse = (AssignRolesResponse)appHost.ExecuteService(assignRoleRequest, request);
Assert.That(assignRolesResponse.AllRoles[0], Is.EqualTo(TestRoleName));
Assert.That(assignRolesResponse.AllPermissions[0], Is.EqualTo(TestPermissionName));
// Assert #1.2:
// Check UserAuth to contain roles and permissions
userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId);
Assert.That(userAuth.Roles[0], Is.EqualTo(TestRoleName));
Assert.That(userAuth.Permissions[0], Is.EqualTo(TestPermissionName));
// Test #2: Check role and permission un-assignment
// ------------------------------------------------
// Act
var unassignRolesRequest =
new UnAssignRoles
{
UserName = userAuth.UserName,
Roles = { TestRoleName },
Permissions = { TestPermissionName },
};
appHost.ExecuteService(unassignRolesRequest, request);
// Assert #2.1:
// Check UserAuth not to contain roles and permissions above
userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId);
Assert.That(userAuth.Roles.Count, Is.EqualTo(0));
Assert.That(userAuth.Permissions.Count, Is.EqualTo(0));
}
}
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='userName'>
/// </param>
/// <param name='permissions'>
/// </param>
/// <param name='roles'>
/// </param>
/// <param name='body'>
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
public static async Task <AssignRolesResponse> CreateAsync(this IAssignRolesOperations operations, string userName = default(string), IList <string> permissions = default(IList <string>), IList <string> roles = default(IList <string>), AssignRoles body = default(AssignRoles), CancellationToken cancellationToken = default(CancellationToken))
{
using (var _result = await operations.CreateWithHttpMessagesAsync(userName, permissions, roles, body, null, cancellationToken).ConfigureAwait(false))
{
return(_result.Body);
}
}
/// <summary>
/// OK click handler (Proceed registration).
/// </summary>
protected void btnOK_Click(object sender, EventArgs e)
{
if (PortalContext.IsDesignMode(PortalContext.ViewMode) || (HideOnCurrentPage) || (!IsVisible))
{
// Do not process
}
else
{
String siteName = SiteContext.CurrentSiteName;
#region "Banned IPs"
// Ban IP addresses which are blocked for registration
if (!BannedIPInfoProvider.IsAllowed(siteName, BanControlEnum.Registration))
{
ShowError(GetString("banip.ipisbannedregistration"));
return;
}
#endregion
#region "Check Email & password"
string[] siteList = { siteName };
// If AssignToSites field set
if (!String.IsNullOrEmpty(AssignToSites))
{
siteList = AssignToSites.Split(';');
}
// Check whether another user with this user name (which is effectively email) does not exist
UserInfo ui = UserInfoProvider.GetUserInfo(txtEmail.Text);
SiteInfo si = SiteContext.CurrentSite;
UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(txtEmail.Text, si));
if ((ui != null) || (siteui != null))
{
ShowError(GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(txtEmail.Text)));
return;
}
// Check whether password is same
if (passStrength.Text != txtConfirmPassword.Text)
{
ShowError(GetString("Webparts_Membership_RegistrationForm.PassworDoNotMatch"));
return;
}
if ((PasswordMinLength > 0) && (passStrength.Text.Length < PasswordMinLength))
{
ShowError(String.Format(GetString("Webparts_Membership_RegistrationForm.PasswordMinLength"), PasswordMinLength));
return;
}
if (!passStrength.IsValid())
{
ShowError(AuthenticationHelper.GetPolicyViolationMessage(SiteContext.CurrentSiteName));
return;
}
if ((!txtEmail.IsValid()) || (txtEmail.Text.Length > EMAIL_MAX_LENGTH))
{
ShowError(String.Format(GetString("Webparts_Membership_RegistrationForm.EmailIsNotValid"), EMAIL_MAX_LENGTH));
return;
}
#endregion
#region "Captcha"
// Check if captcha is required and verify captcha text
if (DisplayCaptcha && !scCaptcha.IsValid())
{
// Display error message if catcha text is not valid
ShowError(GetString("Webparts_Membership_RegistrationForm.captchaError"));
return;
}
#endregion
#region "User properties"
var userEmail = txtEmail.Text.Trim();
ui = new UserInfo();
ui.PreferredCultureCode = "";
ui.Email = userEmail;
ui.FirstName = txtFirstName.Text.Trim();
ui.LastName = txtLastName.Text.Trim();
ui.FullName = UserInfoProvider.GetFullName(ui.FirstName, String.Empty, ui.LastName);
ui.MiddleName = "";
ui.UserMFRequired = chkUseMultiFactorAutentization.Checked;
// User name as put by user (no site prefix included)
var plainUserName = userEmail;
ui.UserName = plainUserName;
// Check if the given email can be used as user name
if (!ValidationHelper.IsUserName(plainUserName))
{
ShowError(String.Format(GetString("Webparts_Membership_RegistrationForm.UserNameNotValid"), HTMLHelper.HTMLEncode(plainUserName)));
return;
}
// Ensure site prefixes
if (UserInfoProvider.UserNameSitePrefixEnabled(siteName))
{
ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(plainUserName, si);
}
ui.Enabled = EnableUserAfterRegistration;
ui.UserURLReferrer = CookieHelper.GetValue(CookieName.UrlReferrer);
ui.UserCampaign = Service <ICampaignService> .Entry().CampaignCode;
ui.SiteIndependentPrivilegeLevel = UserPrivilegeLevelEnum.None;
ui.UserSettings.UserRegistrationInfo.IPAddress = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent;
// Check whether confirmation is required
bool requiresConfirmation = SettingsKeyInfoProvider.GetBoolValue(siteName + ".CMSRegistrationEmailConfirmation");
bool requiresAdminApprove = false;
if (!requiresConfirmation)
{
// If confirmation is not required check whether administration approval is required
requiresAdminApprove = SettingsKeyInfoProvider.GetBoolValue(siteName + ".CMSRegistrationAdministratorApproval");
if (requiresAdminApprove)
{
ui.Enabled = false;
ui.UserSettings.UserWaitingForApproval = true;
}
}
else
{
// EnableUserAfterRegistration is overridden by requiresConfirmation - user needs to be confirmed before enable
ui.Enabled = false;
}
// Set user's starting alias path
if (!String.IsNullOrEmpty(StartingAliasPath))
{
ui.UserStartingAliasPath = MacroResolver.ResolveCurrentPath(StartingAliasPath);
}
#endregion
#region "Reserved names"
// Check for reserved user names like administrator, sysadmin, ...
if (UserInfoProvider.NameIsReserved(siteName, plainUserName))
{
ShowError(GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(ui.UserName, true))));
return;
}
if (UserInfoProvider.NameIsReserved(siteName, ui.UserNickName))
{
ShowError(GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(ui.UserNickName)));
return;
}
#endregion
#region "License limitations"
string errorMessage = String.Empty;
UserInfoProvider.CheckLicenseLimitation(ui, ref errorMessage);
if (!String.IsNullOrEmpty(errorMessage))
{
ShowError(errorMessage);
return;
}
#endregion
// Check whether email is unique if it is required
if (!UserInfoProvider.IsEmailUnique(userEmail, siteList, 0))
{
ShowError(GetString("UserInfo.EmailAlreadyExist"));
return;
}
// Set password
UserInfoProvider.SetPassword(ui, passStrength.Text);
#region "Welcome Emails (confirmation, waiting for approval)"
bool error = false;
EmailTemplateInfo template = null;
string emailSubject = null;
// Send welcome message with username and password, with confirmation link, user must confirm registration
if (requiresConfirmation)
{
template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", siteName);
emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationConfirmationEmailSubject"));
}
// Send welcome message with username and password, with information that user must be approved by administrator
else if (SendWelcomeEmail)
{
if (requiresAdminApprove)
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", siteName);
emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationWaitingForApprovalSubject"));
}
// Send welcome message with username and password, user can logon directly
else
{
template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", siteName);
emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationSubject"));
}
}
if (template != null)
{
// Create relation between contact and user. This ensures that contact will be correctly recognized when user approves registration (if approval is required)
int contactId = ModuleCommands.OnlineMarketingGetCurrentContactID();
if (contactId > 0)
{
ModuleCommands.OnlineMarketingCreateRelation(ui.UserID, MembershipType.CMS_USER, contactId);
}
// Email message
EmailMessage email = new EmailMessage();
email.EmailFormat = EmailFormatEnum.Default;
email.Recipients = ui.Email;
email.From = SettingsKeyInfoProvider.GetValue(siteName + ".CMSNoreplyEmailAddress");
email.Subject = emailSubject;
try
{
var resolver = MembershipResolvers.GetMembershipRegistrationResolver(ui, AuthenticationHelper.GetRegistrationApprovalUrl(ApprovalPage, ui.UserGUID, siteName, NotifyAdministrator));
EmailSender.SendEmailWithTemplateText(siteName, email, template, resolver, true);
}
catch (Exception ex)
{
EventLogProvider.LogException("E", "RegistrationForm - SendEmail", ex);
error = true;
}
}
// If there was some error, user must be deleted
if (error)
{
ShowError(GetString("RegistrationForm.UserWasNotCreated"));
// Email was not send, user can't be approved - delete it
UserInfoProvider.DeleteUser(ui);
return;
}
#endregion
#region "Administrator notification email"
// Notify administrator if enabled and e-mail confirmation is not required
if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty))
{
EmailTemplateInfo mEmailTemplate;
if (SettingsKeyInfoProvider.GetBoolValue(siteName + ".CMSRegistrationAdministratorApproval"))
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", siteName);
}
else
{
mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", siteName);
}
if (mEmailTemplate == null)
{
// Log missing e-mail template
EventLogProvider.LogEvent(EventType.ERROR, "RegistrationForm", "GetEmailTemplate", eventUrl: RequestContext.RawURL);
}
else
{
EmailMessage message = new EmailMessage();
message.EmailFormat = EmailFormatEnum.Default;
message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress);
message.Recipients = ToAddress;
message.Subject = GetString("RegistrationForm.EmailSubject");
try
{
MacroResolver resolver = MembershipResolvers.GetRegistrationResolver(ui);
EmailSender.SendEmailWithTemplateText(siteName, message, mEmailTemplate, resolver, false);
}
catch
{
EventLogProvider.LogEvent(EventType.ERROR, "Membership", "RegistrationEmail");
}
}
}
#endregion
#region "Web analytics"
// Track successful registration conversion
if (TrackConversionName != String.Empty)
{
if (AnalyticsHelper.AnalyticsEnabled(siteName) && !AnalyticsHelper.IsIPExcluded(siteName, RequestContext.UserHostAddress))
{
// Log conversion
HitLogProvider.LogConversions(siteName, LocalizationContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue);
}
}
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
AnalyticsHelper.LogRegisteredUser(siteName, ui);
}
#endregion
#region "On-line marketing - activity"
// Log registered user if confirmation is not required
if (!requiresConfirmation)
{
MembershipActivityLogger.LogRegistration(ui.UserName, DocumentContext.CurrentDocument);
// Log login activity
if (ui.Enabled)
{
MembershipActivityLogger.LogLogin(ui.UserName, DocumentContext.CurrentDocument);
}
}
#endregion
#region "Roles & authentication"
string[] roleList = AssignRoles.Split(';');
foreach (string sn in siteList)
{
// Add new user to the current site
UserInfoProvider.AddUserToSite(ui.UserName, sn);
foreach (string roleName in roleList)
{
if (!String.IsNullOrEmpty(roleName))
{
String s = roleName.StartsWith(".", StringComparison.Ordinal) ? "" : sn;
// Add user to desired roles
if (RoleInfoProvider.RoleExists(roleName, s))
{
UserInfoProvider.AddUserToRole(ui.UserName, roleName, s);
}
}
}
}
if (DisplayMessage.Trim() != String.Empty)
{
pnlForm.Visible = false;
lblText.Visible = true;
lblText.Text = DisplayMessage;
}
else
{
if (ui.Enabled)
{
AuthenticationHelper.AuthenticateUser(ui.UserName, true);
}
if (RedirectToURL != String.Empty)
{
URLHelper.Redirect(UrlResolver.ResolveUrl(RedirectToURL));
}
else if (QueryHelper.GetString("ReturnURL", "") != String.Empty)
{
string url = QueryHelper.GetString("ReturnURL", "");
// Do url decode
url = Server.UrlDecode(url);
// Check that url is relative path or hash is ok
if (url.StartsWith("~", StringComparison.Ordinal) || url.StartsWith("/", StringComparison.Ordinal) || QueryHelper.ValidateHash("hash", "aliaspath"))
{
URLHelper.Redirect(UrlResolver.ResolveUrl(url));
}
// Absolute path with wrong hash
else
{
URLHelper.Redirect(AdministrationUrlHelper.GetErrorPageUrl("dialogs.badhashtitle", "dialogs.badhashtext"));
}
}
}
#endregion
lblError.Visible = false;
}
}
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='userName'>
/// </param>
/// <param name='permissions'>
/// </param>
/// <param name='roles'>
/// </param>
/// <param name='body'>
/// </param>
public static AssignRolesResponse Post(this IAssignRolesOperations operations, string userName = default(string), string permissions = default(string), string roles = default(string), AssignRoles body = default(AssignRoles))
{
return(operations.PostAsync(userName, permissions, roles, body).GetAwaiter().GetResult());
}
