private void CmdGuardar_Click()
{
try
{
// tblUser tbluser = _db.tblUsers.Find(_Id);
// _db.Entry(tbluser).State = System.Data.Entity.EntityState.Modified;
IntPtr passwordBSTR = default(IntPtr);
string insecurePassword = "";
passwordBSTR = Marshal.SecureStringToBSTR(Password);
insecurePassword = Marshal.PtrToStringBSTR(passwordBSTR);
IntPtr passwordVerificationBSTR = default(IntPtr);
string insecurePasswordVerification = string.Empty;
passwordVerificationBSTR = Marshal.SecureStringToBSTR(PasswordVerification);
insecurePasswordVerification = Marshal.PtrToStringBSTR(passwordVerificationBSTR);
if (!insecurePassword.Equals(insecurePasswordVerification))
{
throw new Exception("Error con el Password");
}
//Hash password
if (!PasswordMeetsPolicy(insecurePassword, PwdPolicy))
{
return;
}
_salt = PWDTK.GetRandomSalt(saltSize);
string salt = PWDTK.GetSaltHexString(_salt);
_hash = PWDTK.PasswordToHash(_salt, insecurePassword, iterations);
var hashedPassword = PWDTK.HashBytesToHexString(_hash);
using (SqlExcuteCommand exe = new SqlExcuteCommand()
{
DBCnnStr = DBEndososCnnStr
})
{
exe.MyUpdateUser(_Id, hashedPassword, salt);
}
// tbluser.SecurityStamp = salt;
// tbluser.PasswordHash = hashedPassword;
//_db.SaveChanges();
MessageBox.Show("Dones...", "Done", MessageBoxButton.OK, MessageBoxImage.Information);
CmdSalir_Click();
}
catch (Exception ex)
{
MethodBase site = ex.TargetSite;
MessageBox.Show(ex.Message, site.Name, MessageBoxButton.OK, MessageBoxImage.Error);
}
}
private void Guardar_Click()
{
try
{
string areasDeAcceso = string.Empty;
foreach (string s in _AreasDeAcceso)
{
areasDeAcceso += s;
}
switch (_Operation)
{
case 1:
{ //Anadir
IntPtr passwordBSTR = default(IntPtr);
string insecurePassword = "";
passwordBSTR = Marshal.SecureStringToBSTR(Password);
insecurePassword = Marshal.PtrToStringBSTR(passwordBSTR);
IntPtr passwordVerificationBSTR = default(IntPtr);
string insecurePasswordVerification = string.Empty;
passwordVerificationBSTR = Marshal.SecureStringToBSTR(PasswordVerification);
insecurePasswordVerification = Marshal.PtrToStringBSTR(passwordVerificationBSTR);
if (!insecurePassword.Equals(insecurePasswordVerification))
{
throw new Exception("Error con el Password");
}
//Policy
if (!userMeetsPolicy(CbUser_Text, UserPolicy))
{
return;
}
if (!PasswordMeetsPolicy(insecurePassword, PwdPolicy))
{
return;
}
//Hash password
_salt = PWDTK.GetRandomSalt(saltSize);
string salt = PWDTK.GetSaltHexString(_salt);
_hash = PWDTK.PasswordToHash(_salt, insecurePassword, iterations);
var hashedPassword = PWDTK.HashBytesToHexString(_hash);
List <tblUser> u = new List <tblUser>
{
new tblUser
{
UserId = System.Guid.NewGuid(),
UserName = CbUser_Text,
PasswordHash = hashedPassword,
SecurityStamp = salt,
Email = CbUser_Text + "@jolpr.com",
AreasDeAcceso = areasDeAcceso
}
};
using (SqlExcuteCommand exe = new SqlExcuteCommand()
{
DBCnnStr = DBEndososCnnStr
})
{
exe.MyInsertUsers(u[0].UserId, u[0].UserName, u[0].PasswordHash, u[0].SecurityStamp, u[0].Email, u[0].AreasDeAcceso);
}
MyRefresh();
// u.ForEach(m => _db.tblUsers.Add(m));
// _db.SaveChanges();
}
break;
case 2: //Editar Areas De Acceso
{
using (SqlExcuteCommand exe = new SqlExcuteCommand()
{
DBCnnStr = DBEndososCnnStr
})
{
exe.MyUpdateUser(_Id, areasDeAcceso);
}
MyRefresh();
// tblUser tbluser = _db.tblUsers.Find(_Id);
// _db.Entry(tbluser).State = System.Data.Entity.EntityState.Modified;
//
// tbluser.AreasDeAcceso = areasDeAcceso;
//
// _db.SaveChanges();
}
break;
case 3: //Delete
{
string msg = "You are about to delete 1 user\r";
msg += "Click yes to permanently delete this user( " + CbUser_Text + " ).\r";
msg += "You won't be able to undo those changes.";
var response = MessageBox.Show("!!!" + msg, "Delete...", MessageBoxButton.YesNo, MessageBoxImage.Exclamation);
if (response == MessageBoxResult.Yes)
{
using (SqlExcuteCommand exe = new SqlExcuteCommand()
{
DBCnnStr = DBEndososCnnStr
})
{
exe.MyDeleteUsers(_Id);
}
MyRefresh();
//Users tbluser = _db.tblUsers.Find(_Id);
//
//
//_db.tblUsers.Remove(tbluser);
//_db.SaveChanges();
}
}
break;
case 4: //Edit Pass
{
// tblUser tbluser = _db.tblUsers.Find(_Id);
// _db.Entry(tbluser).State = System.Data.Entity.EntityState.Modified;
//
IntPtr passwordBSTR = default(IntPtr);
string insecurePassword = "";
passwordBSTR = Marshal.SecureStringToBSTR(Password);
insecurePassword = Marshal.PtrToStringBSTR(passwordBSTR);
IntPtr passwordVerificationBSTR = default(IntPtr);
string insecurePasswordVerification = string.Empty;
passwordVerificationBSTR = Marshal.SecureStringToBSTR(PasswordVerification);
insecurePasswordVerification = Marshal.PtrToStringBSTR(passwordVerificationBSTR);
if (!insecurePassword.Equals(insecurePasswordVerification))
{
throw new Exception("Error con el Password");
}
//Policy
if (!userMeetsPolicy(CbUser_Text, UserPolicy))
{
return;
}
if (!PasswordMeetsPolicy(insecurePassword, PwdPolicy))
{
return;
}
//Hash password
_salt = PWDTK.GetRandomSalt(saltSize);
string salt = PWDTK.GetSaltHexString(_salt);
_hash = PWDTK.PasswordToHash(_salt, insecurePassword, iterations);
var hashedPassword = PWDTK.HashBytesToHexString(_hash);
using (SqlExcuteCommand exe = new SqlExcuteCommand()
{
DBCnnStr = DBEndososCnnStr
})
{
exe.MyUpdateUser(_Id, hashedPassword, salt);
}
MyRefresh();
// tbluser.SecurityStamp = salt;
// tbluser.PasswordHash = hashedPassword;
//
// _db.SaveChanges();
}
break;
}
Cancelar_Click();
}
catch (Exception ex)
{
MethodBase site = ex.TargetSite;
MessageBox.Show(ex.ToString(), site.Name, MessageBoxButton.OK, MessageBoxImage.Error);
}
}
