public IActionResult ChangePassword([FromBody] ChangePasswordInfo changepassword)
{
if (string.IsNullOrEmpty(changepassword.TenantCode) || string.IsNullOrEmpty(changepassword.UserName) || string.IsNullOrEmpty(changepassword.OldPassword) || string.IsNullOrEmpty(changepassword.NewPassword))
{
return(BadRequest("Invalid parameter"));
}
IActionResult response = Unauthorized();
SqlMembershipProvider sqlMembership = new SqlMembershipProvider();
if (sqlMembership.checkAuthorization(changepassword))
{
var passwordpolicy = sqlMembership.getPasswordPolicy(changepassword.TenantCode, true);
List <String> ErrorList = new List <String>();
if (passwordpolicy != null)
{
ErrorList = sqlMembership.ValidatePassword(changepassword, passwordpolicy);
}
if (ErrorList.Count == 0)
{
if (sqlMembership.ChangePasswordUpdateCredential(changepassword))
{
response = Ok();
}
}
else
{
response = StatusCode((int)HttpStatusCode.InternalServerError, new { ErrorList = ErrorList });
}
}
return(response);
}
public static SqlMembershipProvider InitializeAndGetAspMembershipConfig(String connectionstring, String appname, String hashAlgo)
{
typeof(ConfigurationElementCollection)
.GetField("bReadOnly", BindingFlags.Instance | BindingFlags.NonPublic)
.SetValue(ConfigurationManager.ConnectionStrings, false);
ConfigurationManager.ConnectionStrings.Add(new ConnectionStringSettings("DefaultConnection", connectionstring, "System.Data.SqlClient"));
var membershipProv = new SqlMembershipProvider();
membershipProv.Initialize("AspNetSqlMembershipProvider", new NameValueCollection {
["connectionStringName"] = "DefaultConnection",
["applicationName"] = appname,
["enablePasswordRetrieval"] = "false",
["enablePasswordReset"] = "true",
["requiresQuestionAndAnswer"] = "false",
["requiresUniqueEmail"] = "true",
["minRequiredNonalphanumericCharacters"] = "0",
["minRequiredPasswordLength"] = "1",
["maxInvalidPasswordAttempts"] = "10",
["passwordStrengthRegularExpression"] = ".+",
["passwordFormat"] = "Hashed"
});
typeof(SqlMembershipProvider)
.GetField("s_HashAlgorithm", BindingFlags.Instance | BindingFlags.NonPublic)
.SetValue(membershipProv, hashAlgo);
return(membershipProv);
}
public IActionResult UserInfo()
{
SqlMembershipProvider sqlMembership = new SqlMembershipProvider();
User result = sqlMembership.UserInfo(UserId, TenantCode);
return(Ok(new { username = result.FirstName.Value + " " + result.LastName.Value }));
}
/// <summary>
/// Obtiene una lista de usuarios de un determinado rol.- Solo obtiene nombre de usuario
/// </summary>
/// <param name="roleName">Nombre del rol</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns>lista de <see cref="User"/> </returns>
public static List <User> GetUsersInRole(String roleName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
User wUserByApp;
List <User> wUsersList = new List <User>();
try
{
foreach (string s in Roles.Providers[wProvider.Name].GetUsersInRole(roleName))
{
wUserByApp = new User(s);
wUsersList.Add(wUserByApp);
}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
return(wUsersList);
}
/// <summary>
/// Asigna roles a un usuario
/// </summary>
/// <param name="pRolList">Lista de roles</param>
/// <param name="userName">Usuario</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void CreateRolesToUser(RolList pRolList, String userName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
Roles.Providers[wProvider.Name].AddUsersToRoles(new string[] { userName }, pRolList.GetArrayNames());
//foreach (Rol rol in pRolList)
//{
// if (!Roles.Providers[providerName].IsUserInRole(userName, rol.RolName))
// {
// //Roles.AddUserToRoles(userName, new string[] { rol.RolName });
// Roles.Providers[providerName].AddUsersToRoles(new string[] { userName }, new string[] { rol.RolName });
// }
//}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
/// <summary>
/// Determina si existe el usuario para un determinado proveedor de seguridad.
/// </summary>
/// <param name="userName">Nombre de usuario a chequear</param>
/// <param name="providerName">Proveedor de seguridad configurado</param>
/// <returns></returns>
public static Boolean UserExist(String userName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
MembershipUser wMembershipUser = wProvider.GetUser(userName, false);
return(wMembershipUser != null);
}
private object EncodePassword(string password, string salt)
{
// Determine how the password is to be formatted
SqlMembershipProvider sqlProvider = Membership.Provider as SqlMembershipProvider;
// If it's Clear, just return password
if (sqlProvider.PasswordFormat == MembershipPasswordFormat.Clear)
{
return(password);
}
// Create the byte arrays to hold the encoded passwords
byte[] bytes = Encoding.Unicode.GetBytes(password);
byte[] src = Convert.FromBase64String(salt);
byte[] dst = new byte[src.Length + bytes.Length];
// Copy the src and bytes arrays to the dst array
System.Buffer.BlockCopy(src, 0, dst, 0, src.Length);
System.Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
if (sqlProvider.PasswordFormat == MembershipPasswordFormat.Hashed)
{
// We need to hash the password
HashAlgorithm algorithm = HashAlgorithm.Create(Membership.HashAlgorithmType);
return(Convert.ToBase64String(algorithm.ComputeHash(dst)));
}
else
{
// TODO: Handle encoded passwords
throw new ApplicationException("TODO: Handle encoded passwords...");
}
}
public void Run()
{
String connectionString = "Data Source=.;Initial Catalog=App_Dev;User ID=sa;Password=AppDevDefault";
String appName = "AppDev";
SqlMembershipProvider provider = InitializeAndGetAspMembershipConfig(connectionString, appName);
String username = "******";
MembershipUser user = provider.GetUser(username, false);
String changedPwd = "#g%D!HLFKs9m";
// String reset = user.ResetPassword(); // => error
// Boolean changed = user.ChangePassword(reset, changedPwd); // => error
String reset = provider.ResetPassword(username, null);
Boolean changed = provider.ChangePassword(username, reset, changedPwd);
Dbg(
new {
User = user,
ResetPwd = reset,
ChangedPwd = changedPwd,
Changed = changed
}
);
}
SqlMembershipProvider InitializeAndGetAspMembershipConfig(String connectionString, String appName)
{
// https://stackoverflow.com/questions/3021877/how-to-read-system-web-section-from-web-config
// https://stackoverflow.com/questions/1026079/how-can-i-configure-asp-net-membership-providers-through-code
// https://stackoverflow.com/questions/357465/can-i-add-connectionstrings-to-the-connectionstringcollection-at-runtime
typeof(ConfigurationElementCollection)
.GetField("bReadOnly", BindingFlags.Instance | BindingFlags.NonPublic)
.SetValue(ConfigurationManager.ConnectionStrings, false);
ConfigurationManager.ConnectionStrings.Add(new ConnectionStringSettings("DefaultConnection", connectionString, "System.Data.SqlClient"));
var membershipProv = new SqlMembershipProvider();
membershipProv.Initialize("AspNetSqlMembershipProvider", new NameValueCollection {
["connectionStringName"] = "DefaultConnection",
["applicationName"] = appName,
["enablePasswordRetrieval"] = "false",
["enablePasswordReset"] = "true",
["requiresQuestionAndAnswer"] = "false",
["requiresUniqueEmail"] = "true",
["minRequiredNonalphanumericCharacters"] = "0",
["minRequiredPasswordLength"] = "12",
["maxInvalidPasswordAttempts"] = "10",
["passwordStrengthRegularExpression"] = "(?:[A-Z][a-z0-9\\W_])|(?:[a-z][A-Z0-9\\W_])|(?:[0-9][A-Za-z\\W_])|(?:[\\W_][A-Za-z0-9])",
["passwordFormat"] = "Hashed"
});
return(membershipProv);
}
/// <summary>
/// Obtiene una lista de usuarios
/// </summary>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns>lista de <see cref="User"/></returns>
public static List <User> GetAllUsers(string providerName)
{
SqlMembershipProvider provider = GetSqlMembershipProvider(providerName);
List <User> wUsersList = new List <User>();
int pageSize = 10;
int totalUsers;
int totalPages;
try
{
MembershipUserCollection list = provider.GetAllUsers(0, pageSize, out totalUsers);
totalPages = ((totalUsers - 1) / pageSize) + 1;
AddUsers(wUsersList, list);
for (int currentPage = 1; currentPage < totalPages; currentPage++)
{
list = provider.GetAllUsers(currentPage, pageSize, out totalUsers);
AddUsers(wUsersList, list);
}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException("Fwk membership user error ", ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
return(wUsersList);
}
/// <summary>
/// Actualiza informacion de un usuario. Incluso el nombre
/// </summary>
/// <param name="fwkUser">Usuario con los nuevos datos </param>
/// <param name="userName">Nombre de usuario a modificar. Nombre del usuario actual</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void UpdateUser(User fwkUser, string userName, string providerName)
{
#region usa el provider
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
MembershipUser wUser = wProvider.GetUser(userName, false);
wUser.Comment = fwkUser.Comment;
wUser.Email = fwkUser.Email;
wUser.IsApproved = fwkUser.IsApproved;
wProvider.UpdateUser(wUser);
#endregion
#region actualizacion personalizada
StringBuilder str = new StringBuilder(FwkMembershipScripts.User_u);
str.Replace("[newUserName]", fwkUser.UserName);
str.Replace("[loweredNewUserName]", fwkUser.UserName.ToLower());
str.Replace("[userName]", userName.ToLower());
using (SqlConnection cnn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings[GetProvider_ConnectionStringName(wProvider.Name)].ConnectionString))
using (SqlCommand cmd = new SqlCommand(str.ToString(), cnn))
{
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
str = null;
#endregion
}
private void GetAllDBUsers(WispUsersInfo users, int page, int numPerPage)
{
SqlMembershipProvider prov = Membership.Provider as SqlMembershipProvider;
users.UserDataStore = "Database";
int totalRecords = 0;
MembershipUserCollection allUsers = null;
if (numPerPage == -1 && page == -1)
{
allUsers = Membership.GetAllUsers();
users.TotalUserCount = allUsers.Count;
}
else
{
allUsers = Membership.GetAllUsers(page, numPerPage, out totalRecords);
users.TotalUserCount = totalRecords;
}
foreach (MembershipUser u in allUsers)
{
//string[] roles = Roles.GetRolesForUser(u.UserName);
users.Users.Add(new WispUsersInfo.User(u.UserName, new string[0], u.IsLockedOut, (Guid)u.ProviderUserKey, u.Email, u.LastLoginDate));
}
}
public IActionResult Get()
{
SqlMembershipProvider sqlMembership = new SqlMembershipProvider();
bool result = sqlMembership.CheckPasswordChangeAccess(TenantCode);
// var a=UserId;
return(Ok(result));
}
/// <summary>
/// crea una regla rule si es que la regla todavia no existe
/// </summary>
///<param name="rule">aspnet_Rules</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns>void</returns>
/// <Date>2010-12-22T11:29:57</Date>
/// <Author>moviedo</Author>
public static void CreateRule(FwkAuthorizationRule rule, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
string cnn = GetProvider_ConnectionStringName(wProvider.Name);
CreateRule(rule, wProvider.ApplicationName, cnn);
}
/// <summary>
/// Update rule and also allow change the name.-
/// Update all rules in category relationships
/// </summary>
/// <param name="rule">Rule object <see cref="FwkAuthorizationRule"/></param>
/// <param name="newRuleName">New rule name</param>
/// <param name="providerName">Membership provider name</param>
public static void UpdateRuleAndRuleName(FwkAuthorizationRule rule, string newRuleName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
//Actualiza solo la regla
UpdateRule(rule, newRuleName, wProvider.ApplicationName, GetProvider_ConnectionStringName(wProvider.Name));
}
public void ProfileSystem_UnitTest_CreateUserWithAccount()
{
Account act;
SqlMembershipProvider provider;
NameValueCollection collection;
string userName;
MembershipUser user;
//first initialize the membership objects
provider = new SqlMembershipProvider();
collection = new NameValueCollection();
collection.Add("applicationName", "eCommerceFramework");
collection.Add("name", "CMSMembershipProvider");
collection.Add("requiresQuestionAndAnswer", "false");
collection.Add("connectionStringName", "MembershipSqlConnection");
provider.Initialize(collection["name"], collection);
userName = "******";
try
{
// Retrieve user
user = provider.GetUser(userName, false);
if (user == null)
{
// Following exception raised at Membership.CreateUser (can't step in either for whatever reason)
// System.NotSupportedException: Specified method is not supported.
user = Membership.CreateUser(userName, userName, userName + "@mediachase.com");
act = ProfileContext.Current.CreateAccountForUser(user);
}
else
{
act = ProfileContext.Current.GetAccount(user.ProviderUserKey.ToString());
}
// Assert that account is retrieved.
Assert.IsNotNull(act, "Failed: Account associated with user could not be retrieved.\n");
Console.WriteLine("Created account with ID: {0}.\n", act.AccountId);
// Delete created account
Console.WriteLine("Deleting user {0}.", act.AccountId);
act.Delete();
act.AcceptChanges();
Assert.IsTrue(act.ObjectState == MetaObjectState.Deleted, "Failed: Account was not deleted.\n");
// Delete new user, assert that it happened.
Assert.IsTrue(provider.DeleteUser(userName, true), "Failed: User was not deleted.\n");
}
catch (Exception exc)
{
// Clean-up
provider.DeleteUser(userName, true);
throw exc;
}
}
bool IUserTaskManager.ResetPassword(Guid tenantId, Guid userId)
{
var queryFilter = new List <QueryFilter>();
queryFilter.Add(new QueryFilter {
FieldName = "TenantId", Operator = "Equal", Value = tenantId.ToString()
});
queryFilter.Add(new QueryFilter {
FieldName = "InternalId", Operator = "Equal", Value = userId.ToString()
});
var queryContext = new QueryContext {
Fields = "FirstName,LastName,MiddleName,UserCredential.Username", Filters = queryFilter, PageSize = 100, PageIndex = 1, MaxResult = 1
};
byte[] passwordHash, passwordSalt;
Random random = new Random();
int pass = random.Next(1000000);
// pass=1234;
SqlMembershipProvider.CreatePasswordHash(pass.ToString(), out passwordHash, out passwordSalt);
DataTable dataTableUser = _iEntityResourceManager.GetResultById(tenantId, "user", userId, queryContext);
User userEntity = EntityMapper <User> .Mapper(dataTableUser);
if (Guid.Parse(userEntity.InternalId.Value) == Guid.Empty)
{
return(false);
}
CredentialInfo credentialData = crd.GetCredential(tenantId, Guid.Parse(userEntity.InternalId.Value));
var jObject = DataUtility.ConvertToJObjectList(dataTableUser);
jObject[0].Add(new JProperty("UserCredential.Username", credentialData.UserName.ToString()));
jObject[0].Add(new JProperty("UserCredential.Password", pass.ToString()));
var emailTemplate = _iEntityResourceManager.GetWellKnownTemplate(tenantId, "emailtemplate", "user", (int)ContextTypeEnum.Forgotpassword, jObject[0]);
if (emailTemplate != null && emailTemplate.Body != null)
{
CredentialInfo usercredentialinfo = crd.GetCredential(tenantId, userId);
bool isnew = _sqlMembership.CheckResetOnFirstLogin(tenantId);
crd.Update(tenantId, new CredentialInfo
{
CredentialId = credentialData.CredentialId,
ParentId = Guid.Parse(userEntity.InternalId.Value),
PasswordHash = Convert.ToBase64String(passwordHash),
PasswordSalt = Convert.ToBase64String(passwordSalt),
IsNew = isnew
});
var returnVal = DataUtility.SaveEmail(tenantId, Guid.Parse(userEntity.InternalId.Value), emailTemplate, credentialData.UserName.ToString(), "ResetPassword", InfoType.User);
}
else
{
return(false);
}
return(true);
}
public MembershipService()
{
//HACK: Hardcoded values!!!
NameValueCollection config = new NameValueCollection();
config.Add("name", "SqlMembershipProvider");
config.Add("connectionStringName", "arachnode_net_ConnectionString");
config.Add("applicationName", "arachnode.net");
SqlMembershipProvider.Initialize("SqlMembershipProvider", config);
}
internal static string GetHash(string password, string salt)
{
//TODO: Remove dependency of SqlMembershipProvider without changing behavior...
var type = typeof(SqlMembershipProvider);
BindingFlags privateBindings = BindingFlags.NonPublic | BindingFlags.Instance;
MethodInfo miGetDescription = type.GetMethod("EncodePassword", privateBindings);
var provider = new SqlMembershipProvider();
var hash = miGetDescription.Invoke(provider, new object[] { password, 1, salt }) as string;
return(hash);
}
public IActionResult PasswordPolicy(string tenentCode)
{
IActionResult response = Unauthorized();
SqlMembershipProvider sqlMembership = new SqlMembershipProvider();
var passwordpolicy = sqlMembership.getPasswordPolicy(tenentCode, false);
if (passwordpolicy != null)
{
response = Ok(new { data = passwordpolicy });
}
return(response);
}
public IActionResult Get()
{
IActionResult response = Unauthorized();
SqlMembershipProvider sqlMembership = new SqlMembershipProvider();
var claims = sqlMembership.RevokeAuthorization(TenantCode, UserId);
var tokenString = GenerateJSONWebToken(claims);
if (claims != null)
{
response = Ok(new { token = tokenString });
}
return(response);
}
/// <summary>
/// Quita una array de Usuarios de una lista de Roles
/// </summary>
/// <param name="pUsersName">Array de Nombres</param>
/// <param name="pRolList">Lista de Roles</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void RemoveUsersFromRoles(String[] pUsersName, RolList pRolList, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
Roles.Providers[wProvider.Name].RemoveUsersFromRoles(pUsersName, pRolList.GetArrayNames());
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
public Provider()
{
try
{
SqlMembershipProvider sqlMembershipProvider = new SqlMembershipProvider();
NameValueCollection config = new NameValueCollection();
config.Add("connectionStringName", "myConnection");
config.Add("enablePasswordRetrieval", "false");
config.Add("enablePasswordReset", "true");
config.Add("requiresQuestionAndAnswer", "false");
config.Add("applicationName", "MyApp");
config.Add("requiresUniqueEmail", "true");
config.Add("maxInvalidPasswordAttempts", "3");
config.Add("passwordAttemptWindow", "5");
config.Add("commandTimeout", "30");
config.Add("name", "AspNetSqlMembershipProvider");
config.Add("minRequiredPasswordLength", "9");
config.Add("minRequiredNonalphanumericCharacters", "1");
sqlMembershipProvider.Initialize(config["name"], config);
MembershipProviderCollection membershipProviders = new MembershipProviderCollection();
membershipProviders.Add(sqlMembershipProvider);
membershipProviders.SetReadOnly();
BindingFlags bindingFlags = BindingFlags.NonPublic | BindingFlags.Static;
Type membershipType = typeof(Membership);
membershipType.GetField("s_Initialized", bindingFlags).SetValue(null, true);
membershipType.GetField("s_InitializeException", bindingFlags).SetValue(null, null);
membershipType.GetField("s_HashAlgorithmType", bindingFlags).SetValue(null, "SHA-512");
membershipType.GetField("s_HashAlgorithmFromConfig", bindingFlags).SetValue(null, false);
membershipType.GetField("s_UserIsOnlineTimeWindow", bindingFlags).SetValue(null, 15);
membershipType.GetField("s_Provider", bindingFlags).SetValue(null, sqlMembershipProvider);
membershipType.GetField("s_Providers", bindingFlags).SetValue(null, membershipProviders);
var connectionString = Membership.Provider.GetType().GetField("_sqlConnectionString", BindingFlags.Instance | BindingFlags.NonPublic);
if (connectionString != null)
{
connectionString.SetValue(Membership.Provider, DBCommands._Connection);
}
NewPasswordNeeded();
}
catch (Exception ex)
{
DBCommands.RecordError(ex);
}
}
public override MembershipProvider GetProvider()
{
string tempPath = Properties.Settings.Default.AccessibleTempPath;
string databaseMdfPath = Path.Combine(tempPath, @"RavenDBMembershipTestSqlDatabase\DatabaseFile.mdf");
if (!Directory.Exists(tempPath))
{
Directory.CreateDirectory(tempPath);
}
DatabaseInitialization.DetachDatabase(FixtureConstants.DatabaseName);
DatabaseInitialization.RecreateDatabase(FixtureConstants.DatabaseName, databaseMdfPath);
DatabaseInitialization.RunSqlMembershipCreationScript(FixtureConstants.DatabaseName);
var result = new SqlMembershipProvider();
return(result);
}
/// <summary>
/// Obtiene un objeto <see cref="MembershipUser"/> por medio del SqlMembershipProvider correspondiente
/// </summary>
/// <param name="userName">Nombre de usuario</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns></returns>
static MembershipUser GetMembershipUser(String userName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
MembershipUser wMembershipUser = wProvider.GetUser(userName, false);
// block the user
if (wMembershipUser != null)
{
return(wMembershipUser);
}
else
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(string.Format(Fwk.Security.Properties.Resource.User_NotExist, userName));
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4005";
throw te;
}
}
/// <summary>
/// Verifican que usuario y password sean validos
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns></returns>
public static Boolean ValidateUser(string userName, string password, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
TechnicalException te = null;
bool isValid = wProvider.ValidateUser(userName, password);
if (!isValid)
{
MembershipUser user = wProvider.GetUser(userName, true);
if (user != null)
{
//User exists
if (!user.IsApproved)
{
//Account Unapproved
te = new TechnicalException("Your account is not approved.");
te.ErrorId = "4011";
throw te;
}
else if (user.IsLockedOut)
{
//Account Locked
te = new TechnicalException("Your account is locked.");
te.ErrorId = "4012";
throw te;
}
else
{
te = new TechnicalException("Invalid username or password.");
te.ErrorId = "4013";
throw te;
}
}
else
{
te = new TechnicalException("Invalid username or password.");
te.ErrorId = "4013";
throw te;
}
}
return(isValid);
}
/// <summary>
/// Aprueva un usuario
/// </summary>
/// <param name="userName">Nombre del usuario a desbloquear</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void ApproveUser(String userName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
MembershipUser wUser = GetMembershipUser(userName, providerName);
// Updates a users approval status to the specified value
if (wUser != null)
{
wUser.IsApproved = true;
wProvider.UpdateUser(wUser);
}
else
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(string.Format(Resource.User_NotExist, userName));
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4005";
throw te;
}
}
/// <summary>
/// Quita a un usuario de un rol
/// </summary>
/// <param name="userName">Nombre de Usuario</param>
/// <param name="roleName">Nombre de Rol</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void RemoveUserFromRole(String userName, String roleName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
if (!String.IsNullOrEmpty(roleName))
{
Roles.Providers[wProvider.Name].RemoveUsersFromRoles(new string[] { userName }, new string[] { roleName });
}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
private void InitCredential(Guid newTenantId, Guid userId)
{
var queryFilter = new List <QueryFilter>();
SqlMembershipProvider sqlMembership = new SqlMembershipProvider();
PasswordPolicy passwordpolicy = sqlMembership.getPasswordPolicy(newTenantId, true);
IManagerCredential crd = new ManagerCredential();
CredentialInfo credentialData = crd.GetCredential(newTenantId, userId);
var isnew = false;
if (passwordpolicy != null)
{
isnew = passwordpolicy.ResetOnFirstLogin.Value;
}
crd.SetIsNew(newTenantId, new CredentialInfo
{
CredentialId = credentialData.CredentialId,
ParentId = credentialData.ParentId,
IsNew = isnew
});
}
/// <summary>
/// Actualiza un rol
/// </summary>
/// <param name="roleName">Nombre del rol</param>
/// <param name="description">Descripcion del rol</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void UpdateRole(String roleName, string description, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
StringBuilder str = new StringBuilder("UPDATE aspnet_Roles SET Description = '[Description]' WHERE (LoweredRoleName = LOWER('[RoleName]')) AND(ApplicationId = CONVERT (UNIQUEIDENTIFIER,'[ApplicationId]') )");
Guid id = GetApplication(wProvider.ApplicationName, GetProvider_ConnectionStringName(wProvider.Name));
str.Replace("[ApplicationId]", id.ToString());
str.Replace("[Description]", description);
str.Replace("[RoleName]", roleName);
try
{
using (SqlConnection cnn = new SqlConnection(GetProvider_ConnectionString(wProvider.Name)))
{
cnn.Open();
using (SqlCommand cmd = new SqlCommand(str.ToString(), cnn))
{
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
}
}
catch (System.Configuration.Provider.ProviderException pe)
{
TechnicalException te = new TechnicalException(
String.Format("El proveedor SqlMembership {0} lanzo el siguiente error: {1}", providerName, pe.Message)
);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
catch (Exception ex)
{
TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
