/// <summary>
/// Modifica password per l'utente
/// </summary>
/// <param name="credentials"></param>
/// <returns></returns>
private static void InternalChangePassword(ChangePwdSecurityCredentials credentials)
{
Dpa.DataAccess.Database db = RubricaDatabase.CreateDatabase();
using (IDbConnection connection = db.GetConnection())
{
connection.Open();
using (IDbTransaction transaction = connection.BeginTransaction())
{
using (Dpa.DataAccess.DBCommandWrapper cw = db.GetStoredProcCommandWrapper(RubricaDatabase.GetSpNameForPackage(SP_CHANGE_PWD)))
{
cw.AddInParameter("pNomeUtente", DbType.String, credentials.UserName);
cw.AddInParameter("pPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.Password));
cw.AddInParameter("pNewPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.NewPassword));
db.ExecuteNonQuery(cw);
if (cw.RowsAffected == 0)
{
throw new ApplicationException(Properties.Resources.ConcurrencyException);
}
else
{
transaction.Commit();
}
}
}
}
}
/// <summary>
/// Modifica password utente
/// </summary>
/// <param name="data"></param>
public static void ChangePassword(ChangePwdSecurityCredentials credentials)
{
SecurityHelper.CheckAuthenticatedPrincipal();
RubricaIdentity identity = (RubricaIdentity)SecurityHelper.AuthenticatedPrincipal.Identity;
// Le password possono essere modificate solo se dall'utente stesso
if (identity.Name == credentials.UserName)
{
InternalChangePassword(credentials);
}
else
{
throw new ApplicationException(Properties.Resources.AuthorizationException);
}
}
/// <summary>
///
/// </summary>
/// <param name="credentials"></param>
public void ChangePassword(ChangePwdSecurityCredentials credentials)
{
this.GetService().ChangePassword(new ChangePasswordRequest(this.GetCredentials(), credentials));
}
