private int Register(RegisterAddModel model, int role) { //If the user didn't select a role, then they are logging in - return -1 if (role == 0) { return(-1); } //Create base account int accountId = _service.CreateBaseAccount(model); AssignRoles arModel = new AssignRoles(); arModel.AccountId = accountId; //Assign the selected student or mentor role arModel.RoleId = role; _roleService.Insert(arModel); //Assign the blogger role arModel.RoleId = 3; _roleService.Insert(arModel); //Return the id of the new account return(accountId); }
public object Post(AssignRoles request) { RequiredRoleAttribute.AssertRequiredRoles(Request, RoleNames.Admin); request.UserName.ThrowIfNullOrEmpty(); var userAuth = UserAuthRepo.GetUserAuthByUserName(request.UserName); if (userAuth == null) throw HttpError.NotFound(request.UserName); UserAuthRepo.AssignRoles(userAuth, request.Roles, request.Permissions); return new AssignRolesResponse { AllRoles = UserAuthRepo.GetRoles(userAuth).ToList(), AllPermissions = UserAuthRepo.GetPermissions(userAuth).ToList(), }; }
public async Task <IActionResult> AssignRoles(AssignRoles assignRoles) { if (string.IsNullOrEmpty(assignRoles.UserRoles.UserId)) { return(BadRequest("Please enter the User Id")); } var userId = assignRoles.UserRoles.UserId.Trim(); var user = await this.userManager.FindByIdAsync(userId); if (user == null) { return(NotFound("User not found")); } if (string.IsNullOrEmpty(assignRoles.UserRoles.RoleIds)) { return(BadRequest("Please enter the role name")); } var roleList = assignRoles.UserRoles.RoleIds.Trim().Split(','); if (roleList.Length == 0) { return(BadRequest("Please enter atleast one Role")); } foreach (var role in roleList) { if (string.IsNullOrEmpty(role)) { continue; } if (!await this.userManager.IsInRoleAsync(user, role)) { await this.userManager.AddToRoleAsync(user, role); } } return(RedirectToAction("ListUsersAndRoles")); }
public object Post(AssignRoles request) { RequiredRoleAttribute.AssertRequiredRoles(Request, RoleNames.Admin); request.UserName.ThrowIfNullOrEmpty(); var authRepo = HostContext.AppHost.GetAuthRepository(base.Request); using (authRepo as IDisposable) { var userAuth = authRepo.GetUserAuthByUserName(request.UserName); if (userAuth == null) throw HttpError.NotFound(request.UserName); authRepo.AssignRoles(userAuth, request.Roles, request.Permissions); return new AssignRolesResponse { AllRoles = authRepo.GetRoles(userAuth).ToList(), AllPermissions = authRepo.GetPermissions(userAuth).ToList(), }; } }
public IActionResult ListUsersAndRoles() { var roles = this.roleManager.Roles.AsEnumerable(); var roleViewModel = new List <Role>(); foreach (var role in roles) { roleViewModel.Add(new Role { Id = role.Id, Name = role.Name }); } var users = this.userManager.Users.AsEnumerable(); var userViewModel = new List <User>(); foreach (var user in users) { userViewModel.Add(new User { Id = user.Id, Email = user.UserName }); } var usersAndRoles = new UsersAndRoles { Users = userViewModel.AsEnumerable(), Roles = roleViewModel.AsEnumerable() }; var assignRolesViewModel = new AssignRoles { UsersRoles = usersAndRoles, UserRoles = new UserRoles { UserId = "", RoleIds = "" } }; return(View("AssignRole", assignRolesViewModel)); }
/// <summary> /// Assigns user to roles defined in AssignRoles property. /// </summary> private void AssignToRoles(UserInfo ui) { string[] roleList = AssignRoles.Split(';'); foreach (string siteName in SiteList) { // Add new user to the current site UserInfoProvider.AddUserToSite(ui.UserName, siteName); foreach (string roleName in roleList) { if (!String.IsNullOrEmpty(roleName)) { String sn = roleName.StartsWithCSafe(".") ? String.Empty : siteName; // Add user to desired roles if (RoleInfoProvider.RoleExists(roleName, sn)) { UserInfoProvider.AddUserToRole(ui.UserName, roleName, sn); } } } } }
/// <summary> /// OK click handler (Proceed registration). /// </summary> private void btnRegister_Click(object sender, EventArgs e) { if ((PageManager.ViewMode == ViewModeEnum.Design) || (HideOnCurrentPage) || (!IsVisible)) { // Do not process } else { // Ban IP addresses which are blocked for registration if (!BannedIPInfoProvider.IsAllowed(CMSContext.CurrentSiteName, BanControlEnum.Registration)) { lblError.Visible = true; lblError.Text = GetString("banip.ipisbannedregistration"); return; } // Check if captcha is required if (DisplayCaptcha) { // Verify captcha text if (!captchaElem.IsValid()) { // Display error message if captcha text is not valid lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.captchaError"); return; } else { // Generate new code and clear captcha textbox if cpatcha code is valid captchaElem.GenerateNew(); } } string userName = String.Empty; string nickName = String.Empty; string firstName = String.Empty; string lastName = String.Empty; string emailValue = String.Empty; // Check duplicate user // 1. Find appropriate control and get its value (i.e. user name) // 2. Try to find user info EditingFormControl txtUserName = formUser.BasicForm.FieldEditingControls["UserName"] as EditingFormControl; if (txtUserName != null) { userName = ValidationHelper.GetString(txtUserName.Value, String.Empty); } EditingFormControl txtEmail = formUser.BasicForm.FieldEditingControls["Email"] as EditingFormControl; if (txtEmail != null) { emailValue = ValidationHelper.GetString(txtEmail.Value, String.Empty); } // If user name and e-mail aren't filled stop processing and display error. if (string.IsNullOrEmpty(userName)) { userName = emailValue; if (String.IsNullOrEmpty(emailValue)) { formUser.StopProcessing = true; lblError.Visible = true; lblError.Text = GetString("customregistrationform.usernameandemail"); return; } else { formUser.BasicForm.Data.SetValue("UserName", userName); } } EditingFormControl txtNickName = formUser.BasicForm.FieldEditingControls["UserNickName"] as EditingFormControl; if (txtNickName != null) { nickName = ValidationHelper.GetString(txtNickName.Value, String.Empty); } EditingFormControl txtFirstName = formUser.BasicForm.FieldEditingControls["FirstName"] as EditingFormControl; if (txtFirstName != null) { firstName = ValidationHelper.GetString(txtFirstName.Value, String.Empty); } EditingFormControl txtLastName = formUser.BasicForm.FieldEditingControls["LastName"] as EditingFormControl; if (txtLastName != null) { lastName = ValidationHelper.GetString(txtLastName.Value, String.Empty); } // Test if "global" or "site" user exists. SiteInfo si = CMSContext.CurrentSite; UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(userName, si)); if ((UserInfoProvider.GetUserInfo(userName) != null) || (siteui != null)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true))); return; } // Check for reserved user names like administrator, sysadmin, ... if (UserInfoProvider.NameIsReserved(CMSContext.CurrentSiteName, userName)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true))); return; } if (UserInfoProvider.NameIsReserved(CMSContext.CurrentSiteName, nickName)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(nickName)); return; } // Check limitations for site members if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.SiteMembers, VersionActionEnum.Insert, false)) { lblError.Visible = true; lblError.Text = GetString("License.MaxItemsReachedSiteMember"); return; } // Check whether email is unique if it is required string checkSites = (String.IsNullOrEmpty(AssignToSites)) ? CMSContext.CurrentSiteName : AssignToSites; if (!UserInfoProvider.IsEmailUnique(emailValue, checkSites, 0)) { lblError.Visible = true; lblError.Text = GetString("UserInfo.EmailAlreadyExist"); return; } // Validate and save form with new user data if (!formUser.Save()) { // Return if saving failed return; } // Get user info from form UserInfo ui = (UserInfo)formUser.Info; // Add user prefix if settings is on // Ensure site prefixes if (UserInfoProvider.UserNameSitePrefixEnabled(CMSContext.CurrentSiteName)) { ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(userName, si); } ui.PreferredCultureCode = ""; ui.Enabled = EnableUserAfterRegistration; ui.IsEditor = false; ui.IsGlobalAdministrator = false; ui.UserURLReferrer = CMSContext.CurrentUser.URLReferrer; ui.UserCampaign = CMSContext.Campaign; // Fill optionally full user name if (String.IsNullOrEmpty(ui.FullName)) { ui.FullName = UserInfoProvider.GetFullName(ui.FirstName, ui.MiddleName, ui.LastName); } // Ensure nick name if (ui.UserNickName.Trim() == "") { ui.UserNickName = Functions.GetFormattedUserName(ui.UserName, true); } ui.UserSettings.UserRegistrationInfo.IPAddress = HTTPHelper.UserHostAddress; ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent; ui.UserSettings.UserLogActivities = true; ui.UserSettings.UserShowSplashScreen = true; // Check whether confirmation is required bool requiresConfirmation = SettingsKeyProvider.GetBoolValue(CMSContext.CurrentSiteName + ".CMSRegistrationEmailConfirmation"); bool requiresAdminApprove = SettingsKeyProvider.GetBoolValue(CMSContext.CurrentSiteName + ".CMSRegistrationAdministratorApproval"); if (!requiresConfirmation) { // If confirmation is not required check whether administration approval is reqiures if (requiresAdminApprove) { ui.Enabled = false; ui.UserSettings.UserWaitingForApproval = true; } } else { // EnableUserAfterRegistration is overrided by requiresConfirmation - user needs to be confirmed before enable ui.Enabled = false; } // Set user's starting alias path if (!String.IsNullOrEmpty(StartingAliasPath)) { ui.UserStartingAliasPath = CMSContext.ResolveCurrentPath(StartingAliasPath); } // Get user password and save it in apropriate format after form save string password = ValidationHelper.GetString(ui.GetValue("UserPassword"), String.Empty); UserInfoProvider.SetPassword(ui, password); // Prepare macro data source for email resolver UserInfo userForMail = ui.Clone(); userForMail.SetValue("UserPassword", string.Empty); object[] data = new object[1]; data[0] = userForMail; // Prepare resolver for notification and welcome emails ContextResolver resolver = CMSContext.CurrentResolver; resolver.SourceData = data; #region "Welcome Emails (confirmation, waiting for approval)" bool error = false; EventLogProvider ev = new EventLogProvider(); EmailTemplateInfo template = null; // Prepare macro replacements string[,] replacements = new string[6, 2]; replacements[0, 0] = "confirmaddress"; replacements[0, 1] = (ApprovalPage != String.Empty) ? URLHelper.GetAbsoluteUrl(ApprovalPage) + "?userguid=" + ui.UserGUID : URLHelper.GetAbsoluteUrl("~/CMSPages/Dialogs/UserRegistration.aspx") + "?userguid=" + ui.UserGUID; replacements[1, 0] = "username"; replacements[1, 1] = userName; replacements[2, 0] = "password"; replacements[2, 1] = password; replacements[3, 0] = "Email"; replacements[3, 1] = emailValue; replacements[4, 0] = "FirstName"; replacements[4, 1] = firstName; replacements[5, 0] = "LastName"; replacements[5, 1] = lastName; // Set resolver resolver.SourceParameters = replacements; // Email message EmailMessage emailMessage = new EmailMessage(); emailMessage.EmailFormat = EmailFormatEnum.Default; emailMessage.Recipients = ui.Email; // Send welcome message with username and password, with confirmation link, user must confirm registration if (requiresConfirmation) { template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", CMSContext.CurrentSiteName); emailMessage.Subject = GetString("RegistrationForm.RegistrationConfirmationEmailSubject"); } // Send welcome message with username and password, with information that user must be approved by administrator else if (SendWelcomeEmail) { if (requiresAdminApprove) { template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", CMSContext.CurrentSiteName); emailMessage.Subject = GetString("RegistrationForm.RegistrationWaitingForApprovalSubject"); } // Send welcome message with username and password, user can logon directly else { template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", CMSContext.CurrentSiteName); emailMessage.Subject = GetString("RegistrationForm.RegistrationSubject"); } } if (template != null) { emailMessage.From = EmailHelper.GetSender(template, SettingsKeyProvider.GetStringValue(CMSContext.CurrentSiteName + ".CMSNoreplyEmailAddress")); // Enable macro encoding for body resolver.EncodeResolvedValues = true; emailMessage.Body = resolver.ResolveMacros(template.TemplateText); // Disable macro encoding for plaintext body and subject resolver.EncodeResolvedValues = false; emailMessage.PlainTextBody = resolver.ResolveMacros(template.TemplatePlainText); emailMessage.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(template, emailMessage.Subject)); emailMessage.CcRecipients = template.TemplateCc; emailMessage.BccRecipients = template.TemplateBcc; try { MetaFileInfoProvider.ResolveMetaFileImages(emailMessage, template.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE); // Send the e-mail immediately EmailSender.SendEmail(CMSContext.CurrentSiteName, emailMessage, true); } catch (Exception ex) { ev.LogEvent("E", "RegistrationForm - SendEmail", ex); error = true; } } // If there was some error, user must be deleted if (error) { lblError.Visible = true; lblError.Text = GetString("RegistrationForm.UserWasNotCreated"); // Email was not send, user can't be approved - delete it UserInfoProvider.DeleteUser(ui); return; } #endregion #region "Administrator notification email" // Notify administrator if enabled and email confirmation is not required if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty)) { EmailTemplateInfo mEmailTemplate = null; if (requiresAdminApprove) { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", CMSContext.CurrentSiteName); } else { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", CMSContext.CurrentSiteName); } if (mEmailTemplate == null) { ev.LogEvent("E", DateTime.Now, "RegistrationForm", "GetEmailTemplate", HTTPHelper.GetAbsoluteUri()); } //email template ok else { replacements = new string[4, 2]; replacements[0, 0] = "firstname"; replacements[0, 1] = ui.FirstName; replacements[1, 0] = "lastname"; replacements[1, 1] = ui.LastName; replacements[2, 0] = "email"; replacements[2, 1] = ui.Email; replacements[3, 0] = "username"; replacements[3, 1] = userName; // Set resolver resolver.SourceParameters = replacements; // Enable macro encoding for body resolver.EncodeResolvedValues = true; EmailMessage message = new EmailMessage(); message.EmailFormat = EmailFormatEnum.Default; message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress); message.Recipients = ToAddress; message.Body = resolver.ResolveMacros(mEmailTemplate.TemplateText); // Disable macro encoding for plaintext body and subject resolver.EncodeResolvedValues = false; message.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(mEmailTemplate, GetString("RegistrationForm.EmailSubject"))); message.PlainTextBody = resolver.ResolveMacros(mEmailTemplate.TemplatePlainText); message.CcRecipients = mEmailTemplate.TemplateCc; message.BccRecipients = mEmailTemplate.TemplateBcc; try { // Attach template meta-files to e-mail MetaFileInfoProvider.ResolveMetaFileImages(message, mEmailTemplate.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE); EmailSender.SendEmail(CMSContext.CurrentSiteName, message); } catch { ev.LogEvent("E", DateTime.Now, "Membership", "RegistrationEmail", CMSContext.CurrentSite.SiteID); } } } #endregion #region "Web analytics" // Track successful registration conversion if (TrackConversionName != String.Empty) { string siteName = CMSContext.CurrentSiteName; if (AnalyticsHelper.AnalyticsEnabled(siteName) && AnalyticsHelper.TrackConversionsEnabled(siteName) && !AnalyticsHelper.IsIPExcluded(siteName, HTTPHelper.UserHostAddress)) { HitLogProvider.LogConversions(siteName, CMSContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue); } } // Log registered user if confirmation is not required if (!requiresConfirmation) { AnalyticsHelper.LogRegisteredUser(CMSContext.CurrentSiteName, ui); } #endregion #region "On-line marketing - activity" // Log registered user if confirmation is not required if (!requiresConfirmation) { Activity activity = new ActivityRegistration(ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables); if (activity.Data != null) { activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); activity.Log(); } // Log login activity if (ui.Enabled) { // Log activity int contactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); Activity activityLogin = new ActivityUserLogin(contactID, ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables); activityLogin.Log(); } } #endregion #region "Site and roles addition and authentication" string[] roleList = AssignRoles.Split(';'); string[] siteList; // If AssignToSites field set if (!String.IsNullOrEmpty(AssignToSites)) { siteList = AssignToSites.Split(';'); } else // If not set user current site { siteList = new string[] { CMSContext.CurrentSiteName }; } foreach (string siteName in siteList) { // Add new user to the current site UserInfoProvider.AddUserToSite(ui.UserName, siteName); foreach (string roleName in roleList) { if (!String.IsNullOrEmpty(roleName)) { String sn = roleName.StartsWithCSafe(".") ? "" : siteName; // Add user to desired roles if (RoleInfoProvider.RoleExists(roleName, sn)) { UserInfoProvider.AddUserToRole(ui.UserName, roleName, sn); } } } } if (DisplayMessage.Trim() != String.Empty) { pnlRegForm.Visible = false; lblInfo.Visible = true; lblInfo.Text = DisplayMessage; } else { if (ui.Enabled) { CMSContext.AuthenticateUser(ui.UserName, true); } string returnUrl = QueryHelper.GetString("ReturnURL", ""); if (!String.IsNullOrEmpty(returnUrl) && (returnUrl.StartsWithCSafe("~") || returnUrl.StartsWithCSafe("/") || QueryHelper.ValidateHash("hash"))) { URLHelper.Redirect(HttpUtility.UrlDecode(returnUrl)); } else if (RedirectToURL != String.Empty) { URLHelper.Redirect(RedirectToURL); } } #endregion lblError.Visible = false; } }
public void CheckRoleAssignmentInUserAuthTable() { using (var appHost = new BasicAppHost { ConfigureContainer = container => { container.Register <IDbConnectionFactory>(DbConnFactory); container.Register <IAuthRepository>(c => new OrmLiteAuthRepository(c.Resolve <IDbConnectionFactory>())); } }.Init()) { // Arrange UserAuth userAuth; var newRegistration = CreateNewUserRegistration(); var request = new BasicRequest(newRegistration); var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request); var authRepo = appHost.Resolve <IAuthRepository>(); // Test #1: Check role and permission assignment // --------------------------------------------- // Act using (var db = DbConnFactory.Open()) { // Hydrate userAuth userAuth = db.SingleById <UserAuth>(response.UserId); } var assignRoleRequest = new AssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; userAuth = (UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName); authRepo.AssignRoles(userAuth, assignRoleRequest.Roles, assignRoleRequest.Permissions); // Assert: // Check UserAuth to contain roles and permissions Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.EqualTo(TestRoleName)); Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.EqualTo(TestPermissionName)); // Test #2: Check role and permission un-assignment // ------------------------------------------------ // Act using (var db = DbConnFactory.Open()) { // Hydrate userAuth userAuth = db.SingleById <UserAuth>(response.UserId); } var unassignRolesRequest = new UnAssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; userAuth = (UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName); authRepo.UnAssignRoles(userAuth, unassignRolesRequest.Roles, unassignRolesRequest.Permissions); // Assert: // Check UserAuth not to contain roles and permissions above Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.Null); Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.Null); } }
/// <summary> /// OK click handler (Proceed registration). /// </summary> private void btnRegister_Click(object sender, EventArgs e) { string currentSiteName = SiteContext.CurrentSiteName; string[] siteList = { currentSiteName }; // If AssignToSites field set if (!String.IsNullOrEmpty(AssignToSites)) { siteList = AssignToSites.Split(';'); } if ((PageManager.ViewMode == ViewModeEnum.Design) || (HideOnCurrentPage) || (!IsVisible)) { // Do not process } else { // Ban IP addresses which are blocked for registration if (!BannedIPInfoProvider.IsAllowed(currentSiteName, BanControlEnum.Registration)) { lblError.Visible = true; lblError.Text = GetString("banip.ipisbannedregistration"); return; } // Check if captcha is required and verify captcha text if (DisplayCaptcha && !captchaElem.IsValid()) { // Display error message if captcha text is not valid lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.captchaError"); return; } string userName = String.Empty; string nickName = String.Empty; string firstName = String.Empty; string lastName = String.Empty; string emailValue = String.Empty; string pwd = string.Empty; string confPassword = string.Empty; string educationLevel = String.Empty; string interestArea = String.Empty; string industry = String.Empty; string referralSource = string.Empty; // Check duplicate user // 1. Find appropriate control and get its value (i.e. user name) // 2. Try to find user info //FormEngineUserControl txtUserName = formUser.FieldControls["UserName"]; //if (txtUserName != null) //{ // userName = ValidationHelper.GetString(txtUserName.Value, String.Empty); //} FormEngineUserControl txtEmail = formUser.FieldControls["Email"]; if (txtEmail != null) { emailValue = ValidationHelper.GetString(txtEmail.Value, String.Empty); userName = emailValue; } // If user name and e-mail aren't filled stop processing and display error. if (string.IsNullOrEmpty(userName) && String.IsNullOrEmpty(emailValue)) { formUser.StopProcessing = true; lblError.Visible = true; lblError.Text = GetString("customregistrationform.usernameandemail"); return; } else { formUser.Data.SetValue("UserName", userName); } //check if email is valid if (!ValidationHelper.IsEmail(txtEmail.Text.ToLowerCSafe())) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.EmailIsNotValid"); return; } FormEngineUserControl txtNickName = formUser.FieldControls["UserNickName"]; if (txtNickName != null) { nickName = ValidationHelper.GetString(txtNickName.Value, String.Empty); } FormEngineUserControl txtFirstName = formUser.FieldControls["FirstName"]; if (txtFirstName != null) { firstName = ValidationHelper.GetString(txtFirstName.Value, String.Empty); } FormEngineUserControl txtLastName = formUser.FieldControls["LastName"]; if (txtLastName != null) { lastName = ValidationHelper.GetString(txtLastName.Value, String.Empty); } FormEngineUserControl txtPwd = formUser.FieldControls["UserPassword"]; if (txtPwd != null) { pwd = ValidationHelper.GetString(txtPwd.Value, String.Empty); } FormEngineUserControl txtConfPassword = formUser.FieldControls["ReenterPassword"]; if (txtConfPassword != null) { confPassword = ValidationHelper.GetString(txtConfPassword.Value, String.Empty); } if (string.IsNullOrEmpty(pwd) || string.IsNullOrEmpty(confPassword)) { lblError.Visible = true; lblError.Text = "please enter password with confirmation"; return; } if (pwd != confPassword) { lblError.Visible = true; lblError.Text = "Password doesn't match"; return; } if (validateFields(formUser.FieldControls["UserPassword"].Value.ToString())) { // Test if "global" or "site" user exists. SiteInfo si = SiteContext.CurrentSite; UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(userName, si)); if ((UserInfoProvider.GetUserInfo(userName) != null) || (siteui != null)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true))); return; } // Check for reserved user names like administrator, sysadmin, ... if (UserInfoProvider.NameIsReserved(currentSiteName, userName)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(userName, true))); return; } if (UserInfoProvider.NameIsReserved(currentSiteName, nickName)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(nickName)); return; } // Check limitations for site members if (!UserInfoProvider.LicenseVersionCheck(RequestContext.CurrentDomain, FeatureEnum.SiteMembers, ObjectActionEnum.Insert, false)) { lblError.Visible = true; lblError.Text = GetString("License.MaxItemsReachedSiteMember"); return; } // Check whether email is unique if it is required if (!UserInfoProvider.IsEmailUnique(emailValue, siteList, 0)) { lblError.Visible = true; lblError.Text = GetString("UserInfo.EmailAlreadyExist"); return; } // Validate and save form with new user data if (!formUser.Save()) { // Return if saving failed return; } // Get user info from form UserInfo ui = (UserInfo)formUser.Info; // Add user prefix if settings is on // Ensure site prefixes if (UserInfoProvider.UserNameSitePrefixEnabled(currentSiteName)) { ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(userName, si); } ui.Enabled = EnableUserAfterRegistration; ui.UserURLReferrer = MembershipContext.AuthenticatedUser.URLReferrer; ui.UserCampaign = AnalyticsHelper.Campaign; ui.SetPrivilegeLevel(UserPrivilegeLevelEnum.None); // Fill optionally full user name if (String.IsNullOrEmpty(ui.FullName)) { ui.FullName = UserInfoProvider.GetFullName(ui.FirstName, ui.MiddleName, ui.LastName); } // Ensure nick name if (ui.UserNickName.Trim() == String.Empty) { ui.UserNickName = Functions.GetFormattedUserName(ui.UserName, true); } ui.UserSettings.UserRegistrationInfo.IPAddress = RequestContext.UserHostAddress; ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent; ui.UserSettings.UserLogActivities = true; ui.UserSettings.UserShowIntroductionTile = true; // Check whether confirmation is required bool requiresConfirmation = SettingsKeyInfoProvider.GetBoolValue(currentSiteName + ".CMSRegistrationEmailConfirmation"); bool requiresAdminApprove = SettingsKeyInfoProvider.GetBoolValue(currentSiteName + ".CMSRegistrationAdministratorApproval"); if (!requiresConfirmation) { // If confirmation is not required check whether administration approval is reqiures if (requiresAdminApprove) { ui.Enabled = false; ui.UserSettings.UserWaitingForApproval = true; } } else { // EnableUserAfterRegistration is overrided by requiresConfirmation - user needs to be confirmed before enable ui.Enabled = false; } // Set user's starting alias path if (!String.IsNullOrEmpty(StartingAliasPath)) { ui.UserStartingAliasPath = MacroResolver.ResolveCurrentPath(StartingAliasPath); } // Get user password and save it in apropriate format after form save string password = ValidationHelper.GetString(ui.GetValue("UserPassword"), String.Empty); UserInfoProvider.SetPassword(ui, password); var customerToken = PersonifyRegistered(emailValue, password, firstName, lastName); if (string.IsNullOrEmpty(customerToken)) { UserInfoProvider.DeleteUser(ui); return; } else { var roles = GetImsroles(customerToken); string groupslist = ""; if (roles.Length > 0) { foreach (string s in roles) { if (s.Length > 0) { groupslist += s + ","; } } } //we need this mispelling. groupslist += "peronifyUser" + ","; new LoginUsertokentico().AddUserToRole(ui, groupslist, true, false); } // Prepare macro data source for email resolver UserInfo userForMail = ui.Clone(); userForMail.SetValue("UserPassword", string.Empty); object[] data = new object[1]; data[0] = userForMail; // Prepare resolver for notification and welcome emails MacroResolver resolver = MacroContext.CurrentResolver; resolver.SetAnonymousSourceData(data); #region "Welcome Emails (confirmation, waiting for approval)" bool error = false; EmailTemplateInfo template = null; // Prepare macro replacements string[,] replacements = new string[6, 2]; replacements[0, 0] = "confirmaddress"; replacements[0, 1] = AuthenticationHelper.GetRegistrationApprovalUrl(ApprovalPage, ui.UserGUID, currentSiteName, NotifyAdministrator); replacements[1, 0] = "username"; replacements[1, 1] = userName; replacements[2, 0] = "password"; replacements[2, 1] = password; replacements[3, 0] = "Email"; replacements[3, 1] = emailValue; replacements[4, 0] = "FirstName"; replacements[4, 1] = firstName; replacements[5, 0] = "LastName"; replacements[5, 1] = lastName; // Set resolver resolver.SetNamedSourceData(replacements); // Email message EmailMessage emailMessage = new EmailMessage(); emailMessage.EmailFormat = EmailFormatEnum.Default; emailMessage.Recipients = ui.Email; // Send welcome message with username and password, with confirmation link, user must confirm registration if (requiresConfirmation) { template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", currentSiteName); emailMessage.Subject = GetString("RegistrationForm.RegistrationConfirmationEmailSubject"); } // Send welcome message with username and password, with information that user must be approved by administrator else if (SendWelcomeEmail) { if (requiresAdminApprove) { template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", currentSiteName); emailMessage.Subject = GetString("RegistrationForm.RegistrationWaitingForApprovalSubject"); } // Send welcome message with username and password, user can logon directly else { template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", currentSiteName); emailMessage.Subject = GetString("RegistrationForm.RegistrationSubject"); } } if (template != null) { emailMessage.From = EmailHelper.GetSender(template, SettingsKeyInfoProvider.GetStringValue(currentSiteName + ".CMSNoreplyEmailAddress")); // Enable macro encoding for body resolver.Settings.EncodeResolvedValues = true; emailMessage.Body = resolver.ResolveMacros(template.TemplateText); // Disable macro encoding for plaintext body and subject resolver.Settings.EncodeResolvedValues = false; emailMessage.PlainTextBody = resolver.ResolveMacros(template.TemplatePlainText); emailMessage.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(template, emailMessage.Subject)); emailMessage.CcRecipients = template.TemplateCc; emailMessage.BccRecipients = template.TemplateBcc; try { EmailHelper.ResolveMetaFileImages(emailMessage, template.TemplateID, EmailTemplateInfo.OBJECT_TYPE, ObjectAttachmentsCategories.TEMPLATE); // Send the e-mail immediately EmailSender.SendEmail(currentSiteName, emailMessage, true); } catch (Exception ex) { EventLogProvider.LogException("E", "RegistrationForm - SendEmail", ex); error = true; } } // If there was some error, user must be deleted if (error) { lblError.Visible = true; lblError.Text = GetString("RegistrationForm.UserWasNotCreated"); // Email was not send, user can't be approved - delete it UserInfoProvider.DeleteUser(ui); return; } #endregion #region "Administrator notification email" // Notify administrator if enabled and email confirmation is not required if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty)) { EmailTemplateInfo mEmailTemplate = null; if (requiresAdminApprove) { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", currentSiteName); } else { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", currentSiteName); } if (mEmailTemplate == null) { EventLogProvider.LogEvent(EventType.ERROR, "RegistrationForm", "GetEmailTemplate", eventUrl: RequestContext.RawURL); } else { // E-mail template ok replacements = new string[4, 2]; replacements[0, 0] = "firstname"; replacements[0, 1] = ui.FirstName; replacements[1, 0] = "lastname"; replacements[1, 1] = ui.LastName; replacements[2, 0] = "email"; replacements[2, 1] = ui.Email; replacements[3, 0] = "username"; replacements[3, 1] = userName; // Set resolver resolver.SetNamedSourceData(replacements); // Enable macro encoding for body resolver.Settings.EncodeResolvedValues = true; EmailMessage message = new EmailMessage(); message.EmailFormat = EmailFormatEnum.Default; message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress); message.Recipients = ToAddress; message.Body = resolver.ResolveMacros(mEmailTemplate.TemplateText); // Disable macro encoding for plaintext body and subject resolver.Settings.EncodeResolvedValues = false; message.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(mEmailTemplate, GetString("RegistrationForm.EmailSubject"))); message.PlainTextBody = resolver.ResolveMacros(mEmailTemplate.TemplatePlainText); message.CcRecipients = mEmailTemplate.TemplateCc; message.BccRecipients = mEmailTemplate.TemplateBcc; try { // Attach template meta-files to e-mail EmailHelper.ResolveMetaFileImages(message, mEmailTemplate.TemplateID, EmailTemplateInfo.OBJECT_TYPE, ObjectAttachmentsCategories.TEMPLATE); EmailSender.SendEmail(currentSiteName, message); } catch { EventLogProvider.LogEvent(EventType.ERROR, "Membership", "RegistrationEmail"); } } } #endregion #region "Web analytics" // Track successful registration conversion if (TrackConversionName != String.Empty) { if (AnalyticsHelper.AnalyticsEnabled(currentSiteName) && AnalyticsHelper.TrackConversionsEnabled(currentSiteName) && !AnalyticsHelper.IsIPExcluded(currentSiteName, RequestContext.UserHostAddress)) { HitLogProvider.LogConversions(currentSiteName, LocalizationContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue); } } // Log registered user if confirmation is not required if (!requiresConfirmation) { AnalyticsHelper.LogRegisteredUser(currentSiteName, ui); } #endregion #region "On-line marketing - activity" // Log registered user if confirmation is not required if (!requiresConfirmation) { Activity activity = new ActivityRegistration(ui, DocumentContext.CurrentDocument, AnalyticsContext.ActivityEnvironmentVariables); if (activity.Data != null) { activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); activity.Log(); } // Log login activity if (ui.Enabled) { // Log activity int contactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); Activity activityLogin = new ActivityUserLogin(contactID, ui, DocumentContext.CurrentDocument, AnalyticsContext.ActivityEnvironmentVariables); activityLogin.Log(); } } #endregion #region "Site and roles addition and authentication" string[] roleList = AssignRoles.Split(';'); foreach (string siteName in siteList) { // Add new user to the current site UserInfoProvider.AddUserToSite(ui.UserName, siteName); foreach (string roleName in roleList) { if (!String.IsNullOrEmpty(roleName)) { String sn = roleName.StartsWithCSafe(".") ? String.Empty : siteName; // Add user to desired roles if (RoleInfoProvider.RoleExists(roleName, sn)) { UserInfoProvider.AddUserToRole(ui.UserName, roleName, sn); } } } } if (ui.Enabled) { if (this.AutoLoginAfterRegistration) { Session["UserName"] = userName; Session["Password"] = password; Session["RememberMe"] = true; Session["RetryCount"] = null; if (this.Request.QueryString["ReturnURL"] != null) { var returnURL = this.Request.QueryString["ReturnURL"]; Session["ReturnURL"] = returnURL; } else if (!String.IsNullOrEmpty(this.RedirectToURL)) { var returnURL = this.Request.QueryString["ReturnURL"]; Session["ReturnURL"] = returnURL; } Response.Redirect("~/sso/ssohandler.aspx", true); } else if (!String.IsNullOrEmpty(this.LoginURL)) { Response.Redirect(string.Format(this.LoginURL, userName), true); } else if (!String.IsNullOrEmpty(this.RedirectToURL)) { Response.Redirect(this.RedirectToURL, true); } } #endregion lblError.Visible = false; } } }
public void CheckRoleAssignmentInUserAuthTableUsingSecretKey() { using (var appHost = new BasicAppHost { ConfigureAppHost = host => { host.Config.AdminAuthSecret = AdminAuthSecret; }, ConfigureContainer = container => { container.Register <IUnitOfWork>(c => UnitOfWork); container.Register <IAuthRepository>(c => new LightSpeedUserAuthRepository(c.Resolve <IUnitOfWork>())); } }.Init()) { // Arrange LightSpeed.UserAuth userAuth; AssignRolesResponse assignRolesResponse; var newRegistration = CreateNewUserRegistration(); var request = new BasicRequest(newRegistration); request.QueryString["authSecret"] = AdminAuthSecret; var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request); // Test #1: Check role and permission assignment // --------------------------------------------- // Act userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth var assignRoleRequest = new AssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; // Assert #1.1: // Check AssignRoles response to contain roles and permissions assignRolesResponse = (AssignRolesResponse)appHost.ExecuteService(assignRoleRequest, request); Assert.That(assignRolesResponse.AllRoles[0], Is.EqualTo(TestRoleName)); Assert.That(assignRolesResponse.AllPermissions[0], Is.EqualTo(TestPermissionName)); // Assert #1.2: // Check UserAuth to contain roles and permissions userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); Assert.That(userAuth.Roles[0], Is.EqualTo(TestRoleName)); Assert.That(userAuth.Permissions[0], Is.EqualTo(TestPermissionName)); // Test #2: Check role and permission un-assignment // ------------------------------------------------ // Act var unassignRolesRequest = new UnAssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; appHost.ExecuteService(unassignRolesRequest, request); // Assert #2.1: // Check UserAuth not to contain roles and permissions above userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); Assert.That(userAuth.Roles.Count, Is.EqualTo(0)); Assert.That(userAuth.Permissions.Count, Is.EqualTo(0)); } }
public void CheckRoleAssignmentInUserRoleTableUsingIAuthRepository() { using (var appHost = new BasicAppHost { ConfigureContainer = container => { container.Register <IUnitOfWork>(c => UnitOfWork); container.Register <IAuthRepository>(c => new LightSpeedUserAuthRepository(c.Resolve <IUnitOfWork>()) { UseDistinctRoleTables = true }); } }.Init()) { // Arrange LightSpeed.UserAuth userAuth; AssignRolesResponse assignRolesResponse; var newRegistration = CreateNewUserRegistration(); var request = new BasicRequest(newRegistration); var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request); var authRepo = appHost.Resolve <IAuthRepository>(); // Test #1: Check role and permission assignment // --------------------------------------------- // Act userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth var assignRoleRequest = new AssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName); authRepo.AssignRoles(userAuth, assignRoleRequest.Roles, assignRoleRequest.Permissions); // Assert #1.1: // Check UserAuth to contain roles and permissions Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.EqualTo(TestRoleName)); Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.EqualTo(TestPermissionName)); // Assert #1.2: // Check that roles and permissions are not persisted to UserAuth table Assert.That(userAuth.Roles.Count, Is.EqualTo(0)); Assert.That(userAuth.Permissions.Count, Is.EqualTo(0)); // Assert #1.3: // Check UserRoles table to contain roles and permissions var manageRoles = (IManageRoles)appHost.Container.Resolve <IAuthRepository>(); Assert.That(manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName)); Assert.That(manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName)); // Test #2: Check role and permission un-assignment // ------------------------------------------------ // Act userAuth = UnitOfWork.FindById <LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth var unassignRolesRequest = new UnAssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName); authRepo.UnAssignRoles(userAuth, unassignRolesRequest.Roles, unassignRolesRequest.Permissions); // Assert #2.1: // Check UserAuth to contain roles and permissions Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.Null); Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.Null); // Assert #2.2: // Check UserRole table not to contain roles and permissions above Assert.That(!manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName)); Assert.That(!manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName)); } }
public void CheckRoleAssignmentInUserRoleTable() { using (var appHost = new BasicAppHost { ConfigureAppHost = host => { host.Config.AdminAuthSecret = AdminAuthSecret; }, ConfigureContainer = container => { container.Register <IDbConnectionFactory>(DbConnFactory); container.Register <IAuthRepository>(c => new OrmLiteAuthRepository(c.Resolve <IDbConnectionFactory>()) { UseDistinctRoleTables = true }); } }.Init()) { // Arrange UserAuth userAuth; AssignRolesResponse assignRolesResponse; var newRegistration = CreateNewUserRegistration(); var request = new BasicRequest(newRegistration); request.QueryString["authSecret"] = AdminAuthSecret; var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request); // Test #1: Check role and permission assignment // --------------------------------------------- // Act using (var db = DbConnFactory.Open()) { // Hydrate userAuth userAuth = db.SingleById <UserAuth>(response.UserId); } var assignRoleRequest = new AssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; // Assert #1.1: // Check AssignRoles response to contain roles and permissions assignRolesResponse = (AssignRolesResponse)appHost.ExecuteService(assignRoleRequest, request); Assert.That(assignRolesResponse.AllRoles[0], Is.EqualTo(TestRoleName)); Assert.That(assignRolesResponse.AllPermissions[0], Is.EqualTo(TestPermissionName)); // Assert #1.2: // Check that roles and permissions are not persisted to UserAuth table Assert.That(userAuth.Roles.Count, Is.EqualTo(0)); Assert.That(userAuth.Permissions.Count, Is.EqualTo(0)); // Assert #1.3: // Check UserRoles table to contain roles and permissions var manageRoles = (IManageRoles)appHost.Container.Resolve <IAuthRepository>(); Assert.That(manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName)); Assert.That(manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName)); // Test #2: Check role and permission un-assignment // ------------------------------------------------ // Act var unassignRolesRequest = new UnAssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; appHost.ExecuteService(unassignRolesRequest, request); // Assert #2.1: // Check UserRole table not to contain roles and permissions above Assert.That(!manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName)); Assert.That(!manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName)); } }
/// <param name='userName'> /// </param> /// <param name='permissions'> /// </param> /// <param name='roles'> /// </param> /// <param name='body'> /// </param> /// <param name='customHeaders'> /// Headers that will be added to request. /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> /// <exception cref="AssignRolesResponseException"> /// Thrown when the operation returned an invalid status code /// </exception> /// <return> /// A response object containing the response body and response headers. /// </return> public async Task <HttpOperationResponse <AssignRolesResponse> > PostWithHttpMessagesAsync(string userName = default(string), string permissions = default(string), string roles = default(string), AssignRoles body = default(AssignRoles), Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken)) { // Tracing bool _shouldTrace = ServiceClientTracing.IsEnabled; string _invocationId = null; if (_shouldTrace) { _invocationId = ServiceClientTracing.NextInvocationId.ToString(); Dictionary <string, object> tracingParameters = new Dictionary <string, object>(); tracingParameters.Add("userName", userName); tracingParameters.Add("permissions", permissions); tracingParameters.Add("roles", roles); tracingParameters.Add("body", body); tracingParameters.Add("cancellationToken", cancellationToken); ServiceClientTracing.Enter(_invocationId, this, "Post", tracingParameters); } // Construct URL var _baseUrl = Client.BaseUri.AbsoluteUri; var _url = new System.Uri(new System.Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "assignroles").ToString(); // Create HTTP transport objects var _httpRequest = new HttpRequestMessage(); HttpResponseMessage _httpResponse = null; _httpRequest.Method = new HttpMethod("POST"); _httpRequest.RequestUri = new System.Uri(_url); // Set Headers if (Client.Accept != null) { if (_httpRequest.Headers.Contains("Accept")) { _httpRequest.Headers.Remove("Accept"); } _httpRequest.Headers.TryAddWithoutValidation("Accept", Client.Accept); } if (customHeaders != null) { foreach (var _header in customHeaders) { if (_httpRequest.Headers.Contains(_header.Key)) { _httpRequest.Headers.Remove(_header.Key); } _httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value); } } // Serialize Request string _requestContent = null; if (body != null) { _requestContent = Microsoft.Rest.Serialization.SafeJsonConvert.SerializeObject(body, Client.SerializationSettings); _httpRequest.Content = new StringContent(_requestContent, System.Text.Encoding.UTF8); _httpRequest.Content.Headers.ContentType = System.Net.Http.Headers.MediaTypeHeaderValue.Parse("application/json; charset=utf-8"); } // Send Request if (_shouldTrace) { ServiceClientTracing.SendRequest(_invocationId, _httpRequest); } cancellationToken.ThrowIfCancellationRequested(); _httpResponse = await Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false); if (_shouldTrace) { ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse); } HttpStatusCode _statusCode = _httpResponse.StatusCode; cancellationToken.ThrowIfCancellationRequested(); string _responseContent = null; if (!_httpResponse.IsSuccessStatusCode) { var ex = new AssignRolesResponseException(string.Format("Operation returned an invalid status code '{0}'", _statusCode)); try { _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); AssignRolesResponse _errorBody = Microsoft.Rest.Serialization.SafeJsonConvert.DeserializeObject <AssignRolesResponse>(_responseContent, Client.DeserializationSettings); if (_errorBody != null) { ex.Body = _errorBody; } } catch (JsonException) { // Ignore the exception } ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent); ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent); if (_shouldTrace) { ServiceClientTracing.Error(_invocationId, ex); } _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw ex; } // Create Result var _result = new HttpOperationResponse <AssignRolesResponse>(); _result.Request = _httpRequest; _result.Response = _httpResponse; string _defaultResponseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); try { _result.Body = Microsoft.Rest.Serialization.SafeJsonConvert.DeserializeObject <AssignRolesResponse>(_defaultResponseContent, Client.DeserializationSettings); } catch (JsonException ex) { _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw new SerializationException("Unable to deserialize the response.", _defaultResponseContent, ex); } if (_shouldTrace) { ServiceClientTracing.Exit(_invocationId, _result); } return(_result); }
/// <summary> /// OK click handler (Proceed registration). /// </summary> protected void btnOK_Click(object sender, EventArgs e) { if ((PageManager.ViewMode == ViewModeEnum.Design) || (HideOnCurrentPage) || (!IsVisible)) { // Do not process } else { String siteName = CMSContext.CurrentSiteName; #region "Banned IPs" // Ban IP addresses which are blocked for registration if (!BannedIPInfoProvider.IsAllowed(siteName, BanControlEnum.Registration)) { lblError.Visible = true; lblError.Text = GetString("banip.ipisbannedregistration"); return; } #endregion #region "Check Email & password" // Check whether user with same email does not exist UserInfo ui = UserInfoProvider.GetUserInfo(txtEmail.Text); SiteInfo si = CMSContext.CurrentSite; UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(txtEmail.Text, si)); if ((ui != null) || (siteui != null)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(txtEmail.Text)); return; } // Check whether password is same if (passStrength.Text != txtConfirmPassword.Text) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.PassworDoNotMatch"); return; } if ((PasswordMinLength > 0) && (passStrength.Text.Length < PasswordMinLength)) { lblError.Visible = true; lblError.Text = String.Format(GetString("Webparts_Membership_RegistrationForm.PasswordMinLength"), PasswordMinLength.ToString()); return; } if (!passStrength.IsValid()) { lblError.Visible = true; lblError.Text = AuthenticationHelper.GetPolicyViolationMessage(CMSContext.CurrentSiteName); return; } if (!ValidationHelper.IsEmail(txtEmail.Text.ToLowerCSafe())) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.EmailIsNotValid"); return; } #endregion #region "Captcha" // Check if captcha is required if (DisplayCaptcha) { // Verifiy captcha text if (!scCaptcha.IsValid()) { // Display error message if catcha text is not valid lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.captchaError"); return; } else { // Generate new captcha scCaptcha.GenerateNew(); } } #endregion #region "User properties" ui = new UserInfo(); ui.PreferredCultureCode = ""; ui.Email = txtEmail.Text.Trim(); ui.FirstName = txtFirstName.Text.Trim(); ui.FullName = UserInfoProvider.GetFullName(txtFirstName.Text.Trim(), String.Empty, txtLastName.Text.Trim()); ui.LastName = txtLastName.Text.Trim(); ui.MiddleName = ""; // User name as put by user (no site prefix included) String plainUserName = txtEmail.Text.Trim(); ui.UserName = plainUserName; // Ensure site prefixes if (UserInfoProvider.UserNameSitePrefixEnabled(siteName)) { ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(txtEmail.Text.Trim(), si); } ui.Enabled = EnableUserAfterRegistration; ui.IsEditor = false; ui.IsGlobalAdministrator = false; ui.UserURLReferrer = CMSContext.CurrentUser.URLReferrer; ui.UserCampaign = CMSContext.Campaign; ui.UserSettings.UserRegistrationInfo.IPAddress = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]; ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent; // Check whether confirmation is required bool requiresConfirmation = SettingsKeyProvider.GetBoolValue(siteName + ".CMSRegistrationEmailConfirmation"); bool requiresAdminApprove = false; if (!requiresConfirmation) { // If confirmation is not required check whether administration approval is reqiures if ((requiresAdminApprove = SettingsKeyProvider.GetBoolValue(siteName + ".CMSRegistrationAdministratorApproval"))) { ui.Enabled = false; ui.UserSettings.UserWaitingForApproval = true; } } else { // EnableUserAfterRegistration is overrided by requiresConfirmation - user needs to be confirmed before enable ui.Enabled = false; } // Set user's starting alias path if (!String.IsNullOrEmpty(StartingAliasPath)) { ui.UserStartingAliasPath = CMSContext.ResolveCurrentPath(StartingAliasPath); } #endregion #region "Reserved names" // Check for reserved user names like administrator, sysadmin, ... if (UserInfoProvider.NameIsReserved(siteName, plainUserName)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(ui.UserName, true))); return; } if (UserInfoProvider.NameIsReserved(siteName, plainUserName)) { lblError.Visible = true; lblError.Text = GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(ui.UserNickName)); return; } #endregion #region "License limitations" // Check limitations for Global administrator if (ui.IsGlobalAdministrator) { if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.GlobalAdmininistrators, VersionActionEnum.Insert, false)) { lblError.Visible = true; lblError.Text = GetString("License.MaxItemsReachedGlobal"); return; } } // Check limitations for editors if (ui.IsEditor) { if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.Editors, VersionActionEnum.Insert, false)) { lblError.Visible = true; lblError.Text = GetString("License.MaxItemsReachedEditor"); return; } } // Check limitations for site members if (!UserInfoProvider.LicenseVersionCheck(URLHelper.GetCurrentDomain(), FeatureEnum.SiteMembers, VersionActionEnum.Insert, false)) { lblError.Visible = true; lblError.Text = GetString("License.MaxItemsReachedSiteMember"); return; } #endregion // Check whether email is unique if it is required string checkSites = (String.IsNullOrEmpty(AssignToSites)) ? siteName : AssignToSites; if (!UserInfoProvider.IsEmailUnique(txtEmail.Text.Trim(), checkSites, 0)) { lblError.Visible = true; lblError.Text = GetString("UserInfo.EmailAlreadyExist"); return; } // Set password UserInfoProvider.SetPassword(ui, passStrength.Text); // Prepare macro data source for email resolver UserInfo userForMail = ui.Clone(); userForMail.SetValue("UserPassword", string.Empty); object[] data = new object[1]; data[0] = userForMail; // Prepare resolver for notification and welcome emails ContextResolver resolver = CMSContext.CurrentResolver; resolver.SourceData = data; resolver.EncodeResolvedValues = true; #region "Welcome Emails (confirmation, waiting for approval)" bool error = false; EventLogProvider ev = new EventLogProvider(); EmailTemplateInfo template = null; string emailSubject = null; // Send welcome message with username and password, with confirmation link, user must confirm registration if (requiresConfirmation) { template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", siteName); emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationConfirmationEmailSubject")); } // Send welcome message with username and password, with information that user must be approved by administrator else if (SendWelcomeEmail) { if (requiresAdminApprove) { template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", siteName); emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationWaitingForApprovalSubject")); } // Send welcome message with username and password, user can logon directly else { template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", siteName); emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationSubject")); } } if (template != null) { // Retrieve contact ID for confirmation e-mail int contactId = 0; if (ActivitySettingsHelper.ActivitiesEnabledAndModuleLoaded(siteName)) { // Check if loggin registration activity is enabled if (ActivitySettingsHelper.UserRegistrationEnabled(siteName)) { if (ActivitySettingsHelper.ActivitiesEnabledForThisUser(ui)) { contactId = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); } } } // Prepare macro replacements string[,] replacements = new string[6, 2]; replacements[0, 0] = "confirmaddress"; replacements[0, 1] = (ApprovalPage != String.Empty) ? URLHelper.GetAbsoluteUrl(ApprovalPage) : URLHelper.GetAbsoluteUrl("~/CMSPages/Dialogs/UserRegistration.aspx"); replacements[0, 1] += "?userguid=" + ui.UserGUID + (contactId > 0 ? "&contactid=" + contactId.ToString() : String.Empty); replacements[1, 0] = "username"; replacements[1, 1] = plainUserName; replacements[2, 0] = "password"; replacements[2, 1] = passStrength.Text; replacements[3, 0] = "Email"; replacements[3, 1] = txtEmail.Text; replacements[4, 0] = "FirstName"; replacements[4, 1] = txtFirstName.Text; replacements[5, 0] = "LastName"; replacements[5, 1] = txtLastName.Text; // Set resolver resolver.SourceParameters = replacements; // Email message EmailMessage email = new EmailMessage(); email.EmailFormat = EmailFormatEnum.Default; email.Recipients = ui.Email; email.From = EmailHelper.GetSender(template, SettingsKeyProvider.GetStringValue(siteName + ".CMSNoreplyEmailAddress")); email.Body = resolver.ResolveMacros(template.TemplateText); resolver.EncodeResolvedValues = false; email.PlainTextBody = resolver.ResolveMacros(template.TemplatePlainText); email.Subject = resolver.ResolveMacros(emailSubject); email.CcRecipients = template.TemplateCc; email.BccRecipients = template.TemplateBcc; try { MetaFileInfoProvider.ResolveMetaFileImages(email, template.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE); // Send the e-mail immediately EmailSender.SendEmail(siteName, email, true); } catch (Exception ex) { ev.LogEvent("E", "RegistrationForm - SendEmail", ex); error = true; } } // If there was some error, user must be deleted if (error) { lblError.Visible = true; lblError.Text = GetString("RegistrationForm.UserWasNotCreated"); // Email was not send, user can't be approved - delete it UserInfoProvider.DeleteUser(ui); return; } #endregion #region "Administrator notification email" // Notify administrator if enabled and e-mail confirmation is not required if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty)) { EmailTemplateInfo mEmailTemplate = null; if (requiresAdminApprove) { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", siteName); } else { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", siteName); } if (mEmailTemplate == null) { // Log missing e-mail template ev.LogEvent("E", DateTime.Now, "RegistrationForm", "GetEmailTemplate", HTTPHelper.GetAbsoluteUri()); } else { string[,] replacements = new string[4, 2]; replacements[0, 0] = "firstname"; replacements[0, 1] = ui.FirstName; replacements[1, 0] = "lastname"; replacements[1, 1] = ui.LastName; replacements[2, 0] = "email"; replacements[2, 1] = ui.Email; replacements[3, 0] = "username"; replacements[3, 1] = plainUserName; // Set resolver resolver.SourceParameters = replacements; EmailMessage message = new EmailMessage(); message.EmailFormat = EmailFormatEnum.Default; message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress); message.Recipients = ToAddress; message.Body = resolver.ResolveMacros(mEmailTemplate.TemplateText); resolver.EncodeResolvedValues = false; message.PlainTextBody = resolver.ResolveMacros(mEmailTemplate.TemplatePlainText); message.Subject = resolver.ResolveMacros(EmailHelper.GetSubject(mEmailTemplate, GetString("RegistrationForm.EmailSubject"))); message.CcRecipients = mEmailTemplate.TemplateCc; message.BccRecipients = mEmailTemplate.TemplateBcc; try { // Attach template meta-files to e-mail MetaFileInfoProvider.ResolveMetaFileImages(message, mEmailTemplate.TemplateID, EmailObjectType.EMAILTEMPLATE, MetaFileInfoProvider.OBJECT_CATEGORY_TEMPLATE); EmailSender.SendEmail(siteName, message); } catch { ev.LogEvent("E", DateTime.Now, "Membership", "RegistrationEmail", CMSContext.CurrentSite.SiteID); } } } #endregion #region "Web analytics" // Track successful registration conversion if (TrackConversionName != String.Empty) { if (AnalyticsHelper.AnalyticsEnabled(siteName) && AnalyticsHelper.TrackConversionsEnabled(siteName) && !AnalyticsHelper.IsIPExcluded(siteName, HTTPHelper.UserHostAddress)) { // Log conversion HitLogProvider.LogConversions(siteName, CMSContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue); } } // Log registered user if confirmation is not required if (!requiresConfirmation) { AnalyticsHelper.LogRegisteredUser(siteName, ui); } #endregion #region "On-line marketing - activity" // Log registered user if confirmation is not required if (!requiresConfirmation) { Activity activity = new ActivityRegistration(ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables); if (activity.Data != null) { activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); activity.Log(); } // Log login activity if (ui.Enabled) { // Log activity int contactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui); Activity activityLogin = new ActivityUserLogin(contactID, ui, CMSContext.CurrentDocument, CMSContext.ActivityEnvironmentVariables); activityLogin.Log(); } } #endregion #region "Roles & authentication" string[] roleList = AssignRoles.Split(';'); string[] siteList; // If AssignToSites field set if (!String.IsNullOrEmpty(AssignToSites)) { siteList = AssignToSites.Split(';'); } else // If not set user current site { siteList = new string[] { siteName }; } foreach (string sn in siteList) { // Add new user to the current site UserInfoProvider.AddUserToSite(ui.UserName, sn); foreach (string roleName in roleList) { if (!String.IsNullOrEmpty(roleName)) { String s = roleName.StartsWithCSafe(".") ? "" : sn; // Add user to desired roles if (RoleInfoProvider.RoleExists(roleName, s)) { UserInfoProvider.AddUserToRole(ui.UserName, roleName, s); } } } } if (DisplayMessage.Trim() != String.Empty) { pnlForm.Visible = false; lblText.Visible = true; lblText.Text = DisplayMessage; } else { if (ui.Enabled) { CMSContext.AuthenticateUser(ui.UserName, true); } if (RedirectToURL != String.Empty) { URLHelper.Redirect(RedirectToURL); } else if (QueryHelper.GetString("ReturnURL", "") != String.Empty) { string url = QueryHelper.GetString("ReturnURL", ""); // Do url decode url = Server.UrlDecode(url); // Check that url is relative path or hash is ok if (url.StartsWithCSafe("~") || url.StartsWithCSafe("/") || QueryHelper.ValidateHash("hash")) { URLHelper.Redirect(url); } // Absolute path with wrong hash else { URLHelper.Redirect(ResolveUrl("~/CMSMessages/Error.aspx?title=" + ResHelper.GetString("general.badhashtitle") + "&text=" + ResHelper.GetString("general.badhashtext"))); } } } #endregion lblError.Visible = false; } }
public void CheckRoleAssignmentInUserRoleTableUsingIAuthRepository() { using (var appHost = new BasicAppHost { ConfigureContainer = container => { container.Register<IUnitOfWork>(c => UnitOfWork); container.Register<IAuthRepository>(c => new LightSpeedUserAuthRepository(c.Resolve<IUnitOfWork>()) { UseDistinctRoleTables = true }); } }.Init()) { // Arrange LightSpeed.UserAuth userAuth; AssignRolesResponse assignRolesResponse; var newRegistration = CreateNewUserRegistration(); var request = new BasicRequest(newRegistration); var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request); var authRepo = appHost.Resolve<IAuthRepository>(); // Test #1: Check role and permission assignment // --------------------------------------------- // Act userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth var assignRoleRequest = new AssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName); authRepo.AssignRoles(userAuth, assignRoleRequest.Roles, assignRoleRequest.Permissions); // Assert #1.1: // Check UserAuth to contain roles and permissions Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.EqualTo(TestRoleName)); Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.EqualTo(TestPermissionName)); // Assert #1.2: // Check that roles and permissions are not persisted to UserAuth table Assert.That(userAuth.Roles.Count, Is.EqualTo(0)); Assert.That(userAuth.Permissions.Count, Is.EqualTo(0)); // Assert #1.3: // Check UserRoles table to contain roles and permissions var manageRoles = (IManageRoles)appHost.Container.Resolve<IAuthRepository>(); Assert.That(manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName)); Assert.That(manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName)); // Test #2: Check role and permission un-assignment // ------------------------------------------------ // Act userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth var unassignRolesRequest = new UnAssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; userAuth = (LightSpeed.UserAuth)authRepo.GetUserAuthByUserName(assignRoleRequest.UserName); authRepo.UnAssignRoles(userAuth, unassignRolesRequest.Roles, unassignRolesRequest.Permissions); // Assert #2.1: // Check UserAuth to contain roles and permissions Assert.That(authRepo.GetRoles(userAuth).FirstOrDefault(), Is.Null); Assert.That(authRepo.GetPermissions(userAuth).FirstOrDefault(), Is.Null); // Assert #2.2: // Check UserRole table not to contain roles and permissions above Assert.That(!manageRoles.HasRole(userAuth.Id.ToString(), TestRoleName)); Assert.That(!manageRoles.HasPermission(userAuth.Id.ToString(), TestPermissionName)); } }
/// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='userName'> /// </param> /// <param name='permissions'> /// </param> /// <param name='roles'> /// </param> /// <param name='body'> /// </param> public static AssignRolesResponse Create(this IAssignRolesOperations operations, string userName = default(string), IList <string> permissions = default(IList <string>), IList <string> roles = default(IList <string>), AssignRoles body = default(AssignRoles)) { return(operations.CreateAsync(userName, permissions, roles, body).GetAwaiter().GetResult()); }
public void CheckRoleAssignmentInUserAuthTableUsingSecretKey() { using (var appHost = new BasicAppHost { ConfigureAppHost = host => { host.Config.AdminAuthSecret = AdminAuthSecret; }, ConfigureContainer = container => { container.Register<IUnitOfWork>(c => UnitOfWork); container.Register<IAuthRepository>(c => new LightSpeedUserAuthRepository(c.Resolve<IUnitOfWork>())); } }.Init()) { // Arrange LightSpeed.UserAuth userAuth; AssignRolesResponse assignRolesResponse; var newRegistration = CreateNewUserRegistration(); var request = new BasicRequest(newRegistration); request.QueryString["authSecret"] = AdminAuthSecret; var response = (RegisterResponse)appHost.ExecuteService(newRegistration, request); // Test #1: Check role and permission assignment // --------------------------------------------- // Act userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); // Hydrate userAuth var assignRoleRequest = new AssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; // Assert #1.1: // Check AssignRoles response to contain roles and permissions assignRolesResponse = (AssignRolesResponse)appHost.ExecuteService(assignRoleRequest, request); Assert.That(assignRolesResponse.AllRoles[0], Is.EqualTo(TestRoleName)); Assert.That(assignRolesResponse.AllPermissions[0], Is.EqualTo(TestPermissionName)); // Assert #1.2: // Check UserAuth to contain roles and permissions userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); Assert.That(userAuth.Roles[0], Is.EqualTo(TestRoleName)); Assert.That(userAuth.Permissions[0], Is.EqualTo(TestPermissionName)); // Test #2: Check role and permission un-assignment // ------------------------------------------------ // Act var unassignRolesRequest = new UnAssignRoles { UserName = userAuth.UserName, Roles = { TestRoleName }, Permissions = { TestPermissionName }, }; appHost.ExecuteService(unassignRolesRequest, request); // Assert #2.1: // Check UserAuth not to contain roles and permissions above userAuth = UnitOfWork.FindById<LightSpeed.UserAuth>(response.UserId); Assert.That(userAuth.Roles.Count, Is.EqualTo(0)); Assert.That(userAuth.Permissions.Count, Is.EqualTo(0)); } }
/// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='userName'> /// </param> /// <param name='permissions'> /// </param> /// <param name='roles'> /// </param> /// <param name='body'> /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> public static async Task <AssignRolesResponse> CreateAsync(this IAssignRolesOperations operations, string userName = default(string), IList <string> permissions = default(IList <string>), IList <string> roles = default(IList <string>), AssignRoles body = default(AssignRoles), CancellationToken cancellationToken = default(CancellationToken)) { using (var _result = await operations.CreateWithHttpMessagesAsync(userName, permissions, roles, body, null, cancellationToken).ConfigureAwait(false)) { return(_result.Body); } }
/// <summary> /// OK click handler (Proceed registration). /// </summary> protected void btnOK_Click(object sender, EventArgs e) { if (PortalContext.IsDesignMode(PortalContext.ViewMode) || (HideOnCurrentPage) || (!IsVisible)) { // Do not process } else { String siteName = SiteContext.CurrentSiteName; #region "Banned IPs" // Ban IP addresses which are blocked for registration if (!BannedIPInfoProvider.IsAllowed(siteName, BanControlEnum.Registration)) { ShowError(GetString("banip.ipisbannedregistration")); return; } #endregion #region "Check Email & password" string[] siteList = { siteName }; // If AssignToSites field set if (!String.IsNullOrEmpty(AssignToSites)) { siteList = AssignToSites.Split(';'); } // Check whether another user with this user name (which is effectively email) does not exist UserInfo ui = UserInfoProvider.GetUserInfo(txtEmail.Text); SiteInfo si = SiteContext.CurrentSite; UserInfo siteui = UserInfoProvider.GetUserInfo(UserInfoProvider.EnsureSitePrefixUserName(txtEmail.Text, si)); if ((ui != null) || (siteui != null)) { ShowError(GetString("Webparts_Membership_RegistrationForm.UserAlreadyExists").Replace("%%name%%", HTMLHelper.HTMLEncode(txtEmail.Text))); return; } // Check whether password is same if (passStrength.Text != txtConfirmPassword.Text) { ShowError(GetString("Webparts_Membership_RegistrationForm.PassworDoNotMatch")); return; } if ((PasswordMinLength > 0) && (passStrength.Text.Length < PasswordMinLength)) { ShowError(String.Format(GetString("Webparts_Membership_RegistrationForm.PasswordMinLength"), PasswordMinLength)); return; } if (!passStrength.IsValid()) { ShowError(AuthenticationHelper.GetPolicyViolationMessage(SiteContext.CurrentSiteName)); return; } if ((!txtEmail.IsValid()) || (txtEmail.Text.Length > EMAIL_MAX_LENGTH)) { ShowError(String.Format(GetString("Webparts_Membership_RegistrationForm.EmailIsNotValid"), EMAIL_MAX_LENGTH)); return; } #endregion #region "Captcha" // Check if captcha is required and verify captcha text if (DisplayCaptcha && !scCaptcha.IsValid()) { // Display error message if catcha text is not valid ShowError(GetString("Webparts_Membership_RegistrationForm.captchaError")); return; } #endregion #region "User properties" var userEmail = txtEmail.Text.Trim(); ui = new UserInfo(); ui.PreferredCultureCode = ""; ui.Email = userEmail; ui.FirstName = txtFirstName.Text.Trim(); ui.LastName = txtLastName.Text.Trim(); ui.FullName = UserInfoProvider.GetFullName(ui.FirstName, String.Empty, ui.LastName); ui.MiddleName = ""; ui.UserMFRequired = chkUseMultiFactorAutentization.Checked; // User name as put by user (no site prefix included) var plainUserName = userEmail; ui.UserName = plainUserName; // Check if the given email can be used as user name if (!ValidationHelper.IsUserName(plainUserName)) { ShowError(String.Format(GetString("Webparts_Membership_RegistrationForm.UserNameNotValid"), HTMLHelper.HTMLEncode(plainUserName))); return; } // Ensure site prefixes if (UserInfoProvider.UserNameSitePrefixEnabled(siteName)) { ui.UserName = UserInfoProvider.EnsureSitePrefixUserName(plainUserName, si); } ui.Enabled = EnableUserAfterRegistration; ui.UserURLReferrer = CookieHelper.GetValue(CookieName.UrlReferrer); ui.UserCampaign = Service <ICampaignService> .Entry().CampaignCode; ui.SiteIndependentPrivilegeLevel = UserPrivilegeLevelEnum.None; ui.UserSettings.UserRegistrationInfo.IPAddress = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]; ui.UserSettings.UserRegistrationInfo.Agent = HttpContext.Current.Request.UserAgent; // Check whether confirmation is required bool requiresConfirmation = SettingsKeyInfoProvider.GetBoolValue(siteName + ".CMSRegistrationEmailConfirmation"); bool requiresAdminApprove = false; if (!requiresConfirmation) { // If confirmation is not required check whether administration approval is required requiresAdminApprove = SettingsKeyInfoProvider.GetBoolValue(siteName + ".CMSRegistrationAdministratorApproval"); if (requiresAdminApprove) { ui.Enabled = false; ui.UserSettings.UserWaitingForApproval = true; } } else { // EnableUserAfterRegistration is overridden by requiresConfirmation - user needs to be confirmed before enable ui.Enabled = false; } // Set user's starting alias path if (!String.IsNullOrEmpty(StartingAliasPath)) { ui.UserStartingAliasPath = MacroResolver.ResolveCurrentPath(StartingAliasPath); } #endregion #region "Reserved names" // Check for reserved user names like administrator, sysadmin, ... if (UserInfoProvider.NameIsReserved(siteName, plainUserName)) { ShowError(GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(Functions.GetFormattedUserName(ui.UserName, true)))); return; } if (UserInfoProvider.NameIsReserved(siteName, ui.UserNickName)) { ShowError(GetString("Webparts_Membership_RegistrationForm.UserNameReserved").Replace("%%name%%", HTMLHelper.HTMLEncode(ui.UserNickName))); return; } #endregion #region "License limitations" string errorMessage = String.Empty; UserInfoProvider.CheckLicenseLimitation(ui, ref errorMessage); if (!String.IsNullOrEmpty(errorMessage)) { ShowError(errorMessage); return; } #endregion // Check whether email is unique if it is required if (!UserInfoProvider.IsEmailUnique(userEmail, siteList, 0)) { ShowError(GetString("UserInfo.EmailAlreadyExist")); return; } // Set password UserInfoProvider.SetPassword(ui, passStrength.Text); #region "Welcome Emails (confirmation, waiting for approval)" bool error = false; EmailTemplateInfo template = null; string emailSubject = null; // Send welcome message with username and password, with confirmation link, user must confirm registration if (requiresConfirmation) { template = EmailTemplateProvider.GetEmailTemplate("RegistrationConfirmation", siteName); emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationConfirmationEmailSubject")); } // Send welcome message with username and password, with information that user must be approved by administrator else if (SendWelcomeEmail) { if (requiresAdminApprove) { template = EmailTemplateProvider.GetEmailTemplate("Membership.RegistrationWaitingForApproval", siteName); emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationWaitingForApprovalSubject")); } // Send welcome message with username and password, user can logon directly else { template = EmailTemplateProvider.GetEmailTemplate("Membership.Registration", siteName); emailSubject = EmailHelper.GetSubject(template, GetString("RegistrationForm.RegistrationSubject")); } } if (template != null) { // Create relation between contact and user. This ensures that contact will be correctly recognized when user approves registration (if approval is required) int contactId = ModuleCommands.OnlineMarketingGetCurrentContactID(); if (contactId > 0) { ModuleCommands.OnlineMarketingCreateRelation(ui.UserID, MembershipType.CMS_USER, contactId); } // Email message EmailMessage email = new EmailMessage(); email.EmailFormat = EmailFormatEnum.Default; email.Recipients = ui.Email; email.From = SettingsKeyInfoProvider.GetValue(siteName + ".CMSNoreplyEmailAddress"); email.Subject = emailSubject; try { var resolver = MembershipResolvers.GetMembershipRegistrationResolver(ui, AuthenticationHelper.GetRegistrationApprovalUrl(ApprovalPage, ui.UserGUID, siteName, NotifyAdministrator)); EmailSender.SendEmailWithTemplateText(siteName, email, template, resolver, true); } catch (Exception ex) { EventLogProvider.LogException("E", "RegistrationForm - SendEmail", ex); error = true; } } // If there was some error, user must be deleted if (error) { ShowError(GetString("RegistrationForm.UserWasNotCreated")); // Email was not send, user can't be approved - delete it UserInfoProvider.DeleteUser(ui); return; } #endregion #region "Administrator notification email" // Notify administrator if enabled and e-mail confirmation is not required if (!requiresConfirmation && NotifyAdministrator && (FromAddress != String.Empty) && (ToAddress != String.Empty)) { EmailTemplateInfo mEmailTemplate; if (SettingsKeyInfoProvider.GetBoolValue(siteName + ".CMSRegistrationAdministratorApproval")) { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.Approve", siteName); } else { mEmailTemplate = EmailTemplateProvider.GetEmailTemplate("Registration.New", siteName); } if (mEmailTemplate == null) { // Log missing e-mail template EventLogProvider.LogEvent(EventType.ERROR, "RegistrationForm", "GetEmailTemplate", eventUrl: RequestContext.RawURL); } else { EmailMessage message = new EmailMessage(); message.EmailFormat = EmailFormatEnum.Default; message.From = EmailHelper.GetSender(mEmailTemplate, FromAddress); message.Recipients = ToAddress; message.Subject = GetString("RegistrationForm.EmailSubject"); try { MacroResolver resolver = MembershipResolvers.GetRegistrationResolver(ui); EmailSender.SendEmailWithTemplateText(siteName, message, mEmailTemplate, resolver, false); } catch { EventLogProvider.LogEvent(EventType.ERROR, "Membership", "RegistrationEmail"); } } } #endregion #region "Web analytics" // Track successful registration conversion if (TrackConversionName != String.Empty) { if (AnalyticsHelper.AnalyticsEnabled(siteName) && !AnalyticsHelper.IsIPExcluded(siteName, RequestContext.UserHostAddress)) { // Log conversion HitLogProvider.LogConversions(siteName, LocalizationContext.PreferredCultureCode, TrackConversionName, 0, ConversionValue); } } // Log registered user if confirmation is not required if (!requiresConfirmation) { AnalyticsHelper.LogRegisteredUser(siteName, ui); } #endregion #region "On-line marketing - activity" // Log registered user if confirmation is not required if (!requiresConfirmation) { MembershipActivityLogger.LogRegistration(ui.UserName, DocumentContext.CurrentDocument); // Log login activity if (ui.Enabled) { MembershipActivityLogger.LogLogin(ui.UserName, DocumentContext.CurrentDocument); } } #endregion #region "Roles & authentication" string[] roleList = AssignRoles.Split(';'); foreach (string sn in siteList) { // Add new user to the current site UserInfoProvider.AddUserToSite(ui.UserName, sn); foreach (string roleName in roleList) { if (!String.IsNullOrEmpty(roleName)) { String s = roleName.StartsWith(".", StringComparison.Ordinal) ? "" : sn; // Add user to desired roles if (RoleInfoProvider.RoleExists(roleName, s)) { UserInfoProvider.AddUserToRole(ui.UserName, roleName, s); } } } } if (DisplayMessage.Trim() != String.Empty) { pnlForm.Visible = false; lblText.Visible = true; lblText.Text = DisplayMessage; } else { if (ui.Enabled) { AuthenticationHelper.AuthenticateUser(ui.UserName, true); } if (RedirectToURL != String.Empty) { URLHelper.Redirect(UrlResolver.ResolveUrl(RedirectToURL)); } else if (QueryHelper.GetString("ReturnURL", "") != String.Empty) { string url = QueryHelper.GetString("ReturnURL", ""); // Do url decode url = Server.UrlDecode(url); // Check that url is relative path or hash is ok if (url.StartsWith("~", StringComparison.Ordinal) || url.StartsWith("/", StringComparison.Ordinal) || QueryHelper.ValidateHash("hash", "aliaspath")) { URLHelper.Redirect(UrlResolver.ResolveUrl(url)); } // Absolute path with wrong hash else { URLHelper.Redirect(AdministrationUrlHelper.GetErrorPageUrl("dialogs.badhashtitle", "dialogs.badhashtext")); } } } #endregion lblError.Visible = false; } }
/// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='userName'> /// </param> /// <param name='permissions'> /// </param> /// <param name='roles'> /// </param> /// <param name='body'> /// </param> public static AssignRolesResponse Post(this IAssignRolesOperations operations, string userName = default(string), string permissions = default(string), string roles = default(string), AssignRoles body = default(AssignRoles)) { return(operations.PostAsync(userName, permissions, roles, body).GetAwaiter().GetResult()); }