/// <summary> /// Modifica password per l'utente /// </summary> /// <param name="credentials"></param> /// <returns></returns> private static void InternalChangePassword(ChangePwdSecurityCredentials credentials) { Dpa.DataAccess.Database db = RubricaDatabase.CreateDatabase(); using (IDbConnection connection = db.GetConnection()) { connection.Open(); using (IDbTransaction transaction = connection.BeginTransaction()) { using (Dpa.DataAccess.DBCommandWrapper cw = db.GetStoredProcCommandWrapper(RubricaDatabase.GetSpNameForPackage(SP_CHANGE_PWD))) { cw.AddInParameter("pNomeUtente", DbType.String, credentials.UserName); cw.AddInParameter("pPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.Password)); cw.AddInParameter("pNewPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.NewPassword)); db.ExecuteNonQuery(cw); if (cw.RowsAffected == 0) { throw new ApplicationException(Properties.Resources.ConcurrencyException); } else { transaction.Commit(); } } } } }
/// <summary> /// Modifica password utente /// </summary> /// <param name="data"></param> public static void ChangePassword(ChangePwdSecurityCredentials credentials) { SecurityHelper.CheckAuthenticatedPrincipal(); RubricaIdentity identity = (RubricaIdentity)SecurityHelper.AuthenticatedPrincipal.Identity; // Le password possono essere modificate solo se dall'utente stesso if (identity.Name == credentials.UserName) { InternalChangePassword(credentials); } else { throw new ApplicationException(Properties.Resources.AuthorizationException); } }
/// <summary> /// /// </summary> /// <param name="credentials"></param> public void ChangePassword(ChangePwdSecurityCredentials credentials) { this.GetService().ChangePassword(new ChangePasswordRequest(this.GetCredentials(), credentials)); }