public void Init(IUnitOfWork uofw)
{
if (!_userService.GetAll(uofw).Any(x => x.Login == "Administrator"))
{
var passwordCryptographer = new PasswordCryptographer();
var adminCategory = _userCategoryService.Create(uofw, new UserCategory
{
Name = "Администраторы"
});
var categories = Enum.GetValues(typeof(UserType)).Cast<UserType>()
.Select(x => new UserCategory() { Name = x.GetDescription(), SystemName = x.ToString() });
_userCategoryService.CreateCollection(uofw, categories);
var roles = Enum.GetValues(typeof(SystemRole)).Cast<SystemRole>()
.Select(x => new Role() { Name = x.GetDescription(), SystemRole = x });
roles = _roleService.CreateCollection(uofw, roles);
var user = new User
{
CategoryID = adminCategory.ID,
Login = "******",
Email = "*****@*****.**",
LastName = "Администратор",
Password = passwordCryptographer.GenerateSaltedPassword("!QAZ2wsx"),
Roles = new List<Role>()
};
user.Roles.Add(roles.FirstOrDefault(x => x.SystemRole == SystemRole.Admin));
_userService.Create(uofw, user);
}
if (!(_settingItemService).GetAll(uofw, hidden: null).Any(x => x.Key == Consts.KEY_CONFIG))
{
_settingItemService.Create(uofw, new SettingItem()
{
CategoryID = _settingCategoryService.GetAll(uofw).Where(x => x.SysName == "main").Select(x => x.ID).FirstOrDefault(),
Key = Consts.KEY_CONFIG,
Text = "Безопасность",
Value = new Setting(new Config()
{
MinLenLogin = 6,
MinLenPassword = 6,
PasswordCheckKeyboard = false,
AllowRegistration = true
})
});
}
}
public bool ValidateUser(IUnitOfWork unitOfWork, string login, string password, bool allowEmptyPassword = false)
{
if (String.IsNullOrEmpty(login) || (!allowEmptyPassword && String.IsNullOrEmpty(password)))
return false;
var user = unitOfWork.GetRepository<User>().Find(u => u.Login.ToUpper() == login.ToUpper());
if (user == null) return false;
var passwordCryptographer = new PasswordCryptographer();
return passwordCryptographer.AreEqual(user.Password, password);
}
private void _ChangePassword(int id, string oldPass, string newPass, bool verifyOldPass)
{
#if !DEBUG
if (!AppContext.SecurityUser.IsAdmin && id != AppContext.SecurityUser.ID)
{
throw new Exception("Отказано в доступе");
}
#endif
using (var unitOfWork = _unitOfWorkFactory.CreateSystem())
{
var user = unitOfWork.GetRepository<User>().Find(u => u.ID == id);
if (user == null)
{
throw new Exception("Пользователь не найден");
}
var passwordCryptographer = new PasswordCryptographer();
if (verifyOldPass && !String.IsNullOrEmpty(user.Password))
{
if (!passwordCryptographer.AreEqual(user.Password, oldPass))
{
throw new Exception("Неверный текущий пароль");
}
}
string validationMessage = "";
if (newPass == null || !IsValidPassword(newPass, out validationMessage))
{
throw new Exception(validationMessage);
}
user.Password = passwordCryptographer.GenerateSaltedPassword(newPass);
user.ChangePasswordOnFirstLogon = false;
user.ChangePassword = DateTime.Today;
unitOfWork.GetRepository<User>().Update(user);
unitOfWork.SaveChanges();
}
}