/// <summary>
/// Creates the role 'roleName' in the database, but doesn't assign it to any user.
/// </summary>
/// <param name="roleName">The role to add</param>
/// <remarks>Once the role is created, if you do not assign it to a user the role still doesn't
/// 'exist' as far as the application is concerned</remarks>
public override void CreateRole(string roleName)
{
_dops.ResetDops();
_dops.Sproc = "usp_insertRole";
//Insert the role
_dops.SetParameter("@RoleName", roleName, "IN");
//Will raise an error if the role is already in the db
_dops.Execute_Sql();
}
/// <summary>
/// Creates a user from the given parameters and settings in the web.config (under the membership section)
/// </summary>
/// <param name="username">Kerberos LoginID of the user who created the account (or string.empty)</param>
/// <param name="password">Password -- complexity determined by web.config settings</param>
/// <param name="email">Email entered by user</param>
/// <param name="passwordQuestion"></param>
/// <param name="passwordAnswer"></param>
/// <param name="isApproved"></param>
/// <param name="providerUserKey">Not used since username is always unique, we can look up with UserID when necessary</param>
/// <param name="status"></param>
/// <returns>A representation of the current user's membership information</returns>
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
//if the username is SELFCREATED, set it to empty so that we know it was not created on a Kerberos user's behalf
if (username == "SELFCREATED")
{
username = string.Empty;
}
//Make sure the password is non-null or empty (excluding white space)
if (!SecUtility.ValidateParameter(ref password, true, true, false, 0))
{
//If the password is invalid, return the correct status
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//Check that the password meets all requirements laid out in the web.config
if (password.Length < MinRequiredPasswordLength)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
int count = 0;
for (int i = 0; i < password.Length; i++)
{
if (!char.IsLetterOrDigit(password, i))
{
count++;
}
}
if (count < MinRequiredNonAlphanumericCharacters)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (PasswordStrengthRegularExpression.Length > 0)
{
if (!Regex.IsMatch(password, PasswordStrengthRegularExpression))
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
}
//Validate with email as the username
ValidatePasswordEventArgs e = new ValidatePasswordEventArgs(email, password, true);
OnValidatingPassword(e);
if (e.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//Generate a salt of length SALT_SIZE_IN_BYTES
string salt = GenerateSalt();
//Encodes the password using the method defined in the web.config membership section (clear, hashed, or encrypted)
//If method = hashed, then the algortihm defined by the HashAlgorithmType key is used
string encodedPassword = EncodePassword(password, (int)_PasswordFormat, salt);
//Make sure the password isn't too long (if it is, it will not fit in the database
if (encodedPassword.Length > 128)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
//Check the email, question, answer (only the last two if they are required in the web.config)
//if (!SecUtility.ValidateParameter(ref username, true, true, true, 255))
//{
// status = MembershipCreateStatus.InvalidUserName;
// return null;
//}
if (!SecUtility.ValidateParameter(ref email,
RequiresUniqueEmail,
RequiresUniqueEmail,
false,
128))
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
if (!SecUtility.ValidateParameter(ref passwordQuestion,
RequiresQuestionAndAnswer,
true,
false,
255))
{
status = MembershipCreateStatus.InvalidQuestion;
return(null);
}
if (!SecUtility.ValidateParameter(ref passwordAnswer,
RequiresQuestionAndAnswer,
true,
false,
128))
{
status = MembershipCreateStatus.InvalidAnswer;
return(null);
}
_dops.ResetDops();
_dops.Sproc = "usp_InsertAccount";
_dops.SetParameter("@LoginID", username, "IN"); //KerberosID of user that created this account (null if created by applicant)
_dops.SetParameter("@Email", email, "IN");
_dops.SetParameter("@Password", encodedPassword, "IN");
_dops.SetParameter("@PasswordFormat", (int)PasswordFormat, "IN");
_dops.SetParameter("@PasswordSalt", salt, "IN");
_dops.SetParameter("@PasswordQuestion", passwordQuestion, "IN");
_dops.SetParameter("@PasswordAnswer", passwordAnswer, "IN");
_dops.SetParameter("@CreateStatus", string.Empty, "OUT");
_dops.SetParameter("RETURN_VALUE", string.Empty, "RETURN");
try
{
_dops.Execute_Sql();
}
catch (SqlException)
{
status = MembershipCreateStatus.ProviderError;
return(null);
}
//If the return value is not 0 (success), inspect the error and return it to the user
if ((int)_dops.GetOutputVariable("RETURN_VALUE") != 0)
{
switch ((string)_dops.GetOutputVariable("@CreateStatus"))
{
case "InvalidLogin":
status = MembershipCreateStatus.DuplicateUserName;
break;
case "InvalidEmail":
status = MembershipCreateStatus.DuplicateEmail;
break;
default:
status = MembershipCreateStatus.ProviderError;
break;
}
return(null);
}
else
{
//No error, so go ahead and return success
DateTime dt = DateTime.Now;
status = MembershipCreateStatus.Success;
return(new MembershipUser(this.Name,
username,
null,
email,
passwordQuestion,
string.Empty,
isApproved,
false,
dt,
dt,
dt,
dt,
DateTime.MinValue));
}
}
// saves the final analysis results to db
public void saveToDB(EatFit.Data.User user)
{
dops.ResetDops();
dops.Sproc = "usp_InsertSessionInformation";
dops.SetParameter("@SessionID", System.Guid.NewGuid().ToString(), CAESDO.DataOps.DopsDirection.Input);
// convert the food list to an xml stream
DataSet ds = (DataSet)HttpContext.Current.Session["foodVars"];
string xml;
UTF8Encoding encoding = new UTF8Encoding();
using (MemoryStream memoryStream = new MemoryStream())
{
ds.WriteXml(memoryStream);
xml = encoding.GetString(memoryStream.ToArray());
}
// save the daily food list
dops.SetParameter("@mealInfoXML", xml, CAESDO.DataOps.DopsDirection.Input);
// save the nutrient list
System.Collections.Specialized.StringDictionary[] nutinfo;
// Convert the nutrients (vScore) list into an XML stream:
nutinfo = (System.Collections.Specialized.StringDictionary[])HttpContext.Current.Session["vScore"];
float totFat = 0;
float totSugar = 0;
float totFruits = 0;
float totIron = 0;
float totCalcium = 0;
float totHabits = 0;
float tempInt = 0;
foreach (System.Collections.Specialized.StringDictionary nutrients in nutinfo)
{
totFat += (float.TryParse(nutrients["fat"], out tempInt) ? tempInt : 0);
totSugar += (float.TryParse(nutrients["sugar"], out tempInt) ? tempInt : 0);
totFruits += (float.TryParse(nutrients["fruits"], out tempInt) ? tempInt : 0);
totIron += (float.TryParse(nutrients["iron"], out tempInt) ? tempInt : 0);
totCalcium += (float.TryParse(nutrients["calcium"], out tempInt) ? tempInt : 0);
totHabits += (float.TryParse(nutrients["habits"], out tempInt) ? tempInt : 0);
}
dops.SetParameter("@fat", totFat, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@sugar", totSugar, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@fruits", totFruits, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@iron", totIron, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@calcium", totCalcium, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@habits", totHabits, CAESDO.DataOps.DopsDirection.Input);
/*
* using (MemoryStream ms = new MemoryStream())
* {
* BinaryFormatter bf = new BinaryFormatter();
* //bf.FilterLevel = System.Runtime.Serialization.Formatters.TypeFilterLevel.Full;
* bf.Serialize(ms, nutinfo);
* //UTF8Encoding encoding = new UTF8Encoding();
* xml = Convert.ToBase64String(ms.ToArray());
* //xml = encoding.GetString(ms.ToArray());
* }
* */
/*
* // Deserialization test.
* System.Collections.Specialized.StringDictionary[] nutrientInfo;
* using (MemoryStream ms = new MemoryStream(Convert.FromBase64String(xml)))
* {
* BinaryFormatter bf = new BinaryFormatter();
* nutrientInfo = (System.Collections.Specialized.StringDictionary[])bf.Deserialize(ms);
* }
*/
//dops.SetParameter("@nutinfoxml", xml, CAESDO.DataOps.DopsDirection.Input);
// save the user's choices goal choices
int[] goals = (int[])HttpContext.Current.Session["goals"];
dops.SetParameter("@goal1", Convert.ToInt16(goals[0]), CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@goal2", Convert.ToInt16(goals[1]), CAESDO.DataOps.DopsDirection.Input);
// save minor goals
dops.SetParameter("@minor_goal", Convert.ToInt16(HttpContext.Current.Session["MinorGoal"]), CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@howto_goal", Convert.ToInt16((string)HttpContext.Current.Session["EatingArea"]), CAESDO.DataOps.DopsDirection.Input);
// save user info
dops.SetParameter("@name", (string)HttpContext.Current.Session["personName"], CAESDO.DataOps.DopsDirection.Input);
//dops.SetParameter("@name", user.UserName, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@age", Convert.ToInt16(HttpContext.Current.Session["age"]), CAESDO.DataOps.DopsDirection.Input);
//dops.SetParameter("@age", user.Age, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@gender", (string)HttpContext.Current.Session["gender"], CAESDO.DataOps.DopsDirection.Input);
//dops.SetParameter("@gender", user.Gender, CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@UserId", user.UserId, CAESDO.DataOps.DopsDirection.Input);
// save eating habits
string[] habits = (string[])HttpContext.Current.Session["habits"];
dops.SetParameter("@q1", Convert.ToInt16(habits[0]), CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@q2", Convert.ToInt16(habits[1]), CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@q3", Convert.ToInt16(habits[2]), CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@q4", Convert.ToInt16(habits[3]), CAESDO.DataOps.DopsDirection.Input);
dops.SetParameter("@q5", Convert.ToInt16(habits[4]), CAESDO.DataOps.DopsDirection.Input);
try
{
dops.Execute_Sql();
}
catch (System.Data.SqlClient.SqlException ex)
{
throw ex;
}
}
public override void SetPropertyValues(SettingsContext context, SettingsPropertyValueCollection properties)
{
string username = (string)context["UserName"];
bool isAuthenticated = (bool)context["IsAuthenticated"];
//Make sure we valid parameters
if (username == null || username.Length < 1 || properties.Count < 1)
{
return;
}
foreach (SettingsPropertyValue property in properties)
{
string sVal = string.Empty;
string PropertyType = string.Empty;
//only save if the property is dirty or using its default value
if (property.IsDirty || property.UsingDefaultValue)
{
if (property.Property.SerializeAs == SettingsSerializeAs.Binary)
{
//Serialize the property value as binary
PropertyType = "B";
//NOT IMPLEMENTED
}
else
{
//Any serialization other than binary
object propVal = property.PropertyValue;
if (property.Deserialized && property.PropertyValue == null)
{
sVal = string.Empty;
}
else
{
if (!(property.SerializedValue is string))
{
if (property.SerializedValue == null)
{
sVal = string.Empty;
}
else
{
sVal = Convert.ToBase64String((byte[])property.SerializedValue);
}
}
else
{
sVal = (string)property.SerializedValue;
}
}
//if (property.Deserialized)
//{
// sVal = Convert.ToBase64String((byte[])property.SerializedValue);
//}
//else
//{
// sVal = Convert.ToBase64String((byte[])propVal);
//}
PropertyType = "S";
}
//Now call dataops and save the current property
_dops.ResetDops();
_dops.Sproc = "usp_SetProfileProperties";
_dops.SetParameter("@ApplicationName", ApplicationName, "IN");
_dops.SetParameter("@UserName", username, "IN");
_dops.SetParameter("@PropertyName", property.Name, "IN");
_dops.SetParameter("@PropertyValueString", sVal, "IN");
_dops.SetParameter("@PropertyValueBinary", string.Empty, "IN");
_dops.SetParameter("@PropertyType", PropertyType, "IN");
_dops.SetParameter("@CurrentTime", DateTime.Now, "IN");
_dops.Execute_Sql();
}
}
}
