public ActionResult ChangePassword(AccountModel model)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageAccounts))
return AccessDeniedView();
var account = _accountService.GetAccountById(model.Id);
if (account == null)
//No account found with the specified id
return RedirectToAction("List");
if (ModelState.IsValid)
{
var changePassRequest = new ChangePasswordRequest(model.Email,
false, _accountSettings.DefaultPasswordFormat, model.Password);
var changePassResult = _accountRegistrationService.ChangePassword(changePassRequest);
if (changePassResult.Success)
SuccessNotification(_localizationService.GetResource("Admin.Accounts.Accounts.PasswordChanged"));
else
foreach (var error in changePassResult.Errors)
ErrorNotification(error);
}
return RedirectToAction("Edit", account.Id);
}
public virtual ActionResult Create(AccountModel model)
{
if (!_permissionService.Authorize(StandardPermissionProvider.ManageAccounts))
return AccessDeniedView();
if (!String.IsNullOrWhiteSpace(model.Email))
{
var acc = _accountService.GetAccountByEmail(model.Email);
if (acc != null)
ModelState.AddModelError("", "Email đã được đăng ký!");
}
else
ModelState.AddModelError("", "Email không được bỏ trống!");
if (!CommonHelper.IsValidEmail(model.Email))
{
ModelState.AddModelError("", "Email không hợp lệ!");
}
if(String.IsNullOrWhiteSpace(model.Password))
ModelState.AddModelError("", "Mật khẩu không được bỏ trống!");
var allAccountRoles = _accountService.GetAllAccountRoles(true);
var newAccountRoles = new List<AccountRole>();
foreach (var accountRole in allAccountRoles)
if (model.SelectedAccountRoleIds != null && model.SelectedAccountRoleIds.Contains(accountRole.Id))
newAccountRoles.Add(accountRole);
bool allowManagingAccountRole = _permissionService.Authorize(StandardPermissionProvider.ManageAccountRoles);
if (ModelState.IsValid)
{
var account = new Account()
{
AccountGuid = Guid.NewGuid(),
Email = model.Email,
Username = model.Email,
Active = model.Active,
CreatedOnUtc = DateTime.UtcNow,
LastActivityDateUtc = DateTime.UtcNow,
};
_accountService.InsertAccount(account);
if (!String.IsNullOrWhiteSpace(model.Password))
{
var changePasswordRequest = new ChangePasswordRequest(model.Email, false, PasswordFormat.Hashed, model.Password);
var changPasswordResult = _accountRegistrationService.ChangePassword(changePasswordRequest);
}
if (allowManagingAccountRole)
{
foreach (var accountRole in newAccountRoles)
account.AccountRoles.Add(accountRole);
_accountService.UpdateAccount(account);
}
return RedirectToAction("List");
}
model.AvailableAccountRoles = _accountService
.GetAllAccountRoles(true)
.Select(entity => new AccountRoleModel()
{
Id = entity.Id,
Active = entity.Active,
IsSystemRole = entity.IsSystemRole,
Name = entity.Name,
SystemName = entity.SystemName
})
.ToList();
return View(model);
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual PasswordChangeResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
throw new ArgumentNullException("request");
var result = new PasswordChangeResult();
if (String.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return result;
}
if (String.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return result;
}
var account = _accountService.GetAccountByEmail(request.Email);
if (account == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return result;
}
var requestIsValid = false;
if (request.ValidateRequest)
{
//password
string oldPwd = "";
switch (account.PasswordFormat)
{
case PasswordFormat.Encrypted:
oldPwd = _encryptionService.EncryptText(request.OldPassword);
break;
case PasswordFormat.Hashed:
oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, account.PasswordSalt, _accountSettings.HashedPasswordFormat);
break;
default:
oldPwd = request.OldPassword;
break;
}
bool oldPasswordIsValid = oldPwd == account.Password;
if (!oldPasswordIsValid)
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
if (oldPasswordIsValid)
requestIsValid = true;
}
else
requestIsValid = true;
//at this point request is valid
if (requestIsValid)
{
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
{
account.Password = request.NewPassword;
}
break;
case PasswordFormat.Encrypted:
{
account.Password = _encryptionService.EncryptText(request.NewPassword);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
account.PasswordSalt = saltKey;
account.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _accountSettings.HashedPasswordFormat);
}
break;
default:
break;
}
account.PasswordFormat = request.NewPasswordFormat;
_accountService.UpdateAccount(account);
}
return result;
}
