src/Umbraco.Infrastructure/Install/InstallSteps/NewInstallStep.cs

using System;
using System.Collections.Specialized;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Microsoft.Extensions.Options;
using Newtonsoft.Json;
using Umbraco.Core;
using Umbraco.Core.Configuration.Models;
using Umbraco.Core.Migrations.Install;
using Umbraco.Core.Security;
using Umbraco.Core.Services;
using Umbraco.Extensions;
using Umbraco.Web.Install.Models;

namespace Umbraco.Web.Install.InstallSteps
{
    /// <summary>
    /// This is the first UI step for a brand new install
    /// </summary>
    /// <remarks>
    /// By default this will show the user view which is the most basic information to configure a new install, but if an install get's interrupted because of an
    /// error, etc... and the end-user refreshes the installer then we cannot show the user screen because they've already entered that information so instead we'll
    /// display a simple continue installation view.
    /// </remarks>
    [InstallSetupStep(InstallationType.NewInstall, "User", 20, "")]
    internal class NewInstallStep : InstallSetupStep<UserModel>
    {
        private readonly IUserService _userService;
        private readonly DatabaseBuilder _databaseBuilder;
        private static HttpClient _httpClient;
        private readonly UserPasswordConfigurationSettings _passwordConfiguration;
        private readonly SecuritySettings _securitySettings;
        private readonly ConnectionStrings _connectionStrings;
        private readonly ICookieManager _cookieManager;
        private readonly IBackOfficeUserManager _userManager;

        public NewInstallStep(
            IUserService userService,
            DatabaseBuilder databaseBuilder,
            IOptions<UserPasswordConfigurationSettings> passwordConfiguration,
            IOptions<SecuritySettings> securitySettings,
            IOptions<ConnectionStrings> connectionStrings,
            ICookieManager cookieManager,
            IBackOfficeUserManager userManager)
        {
            _userService = userService ?? throw new ArgumentNullException(nameof(userService));
            _databaseBuilder = databaseBuilder ?? throw new ArgumentNullException(nameof(databaseBuilder));
            _passwordConfiguration = passwordConfiguration.Value ?? throw new ArgumentNullException(nameof(passwordConfiguration));
            _securitySettings = securitySettings.Value ?? throw new ArgumentNullException(nameof(securitySettings));
            _connectionStrings = connectionStrings.Value ?? throw new ArgumentNullException(nameof(connectionStrings));
            _cookieManager = cookieManager;
            _userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
        }

        public override async Task<InstallSetupResult> ExecuteAsync(UserModel user)
        {
            var admin = _userService.GetUserById(Constants.Security.SuperUserId);
            if (admin == null)
            {
                throw new InvalidOperationException("Could not find the super user!");
            }
            admin.Email = user.Email.Trim();
            admin.Name = user.Name.Trim();
            admin.Username = user.Email.Trim();

            _userService.Save(admin);

            var membershipUser = await _userManager.FindByIdAsync(Constants.Security.SuperUserId.ToString());
            if (membershipUser == null)
            {
                throw new InvalidOperationException(
                    $"No user found in membership provider with id of {Constants.Security.SuperUserId}.");
            }

            //To change the password here we actually need to reset it since we don't have an old one to use to change
            var resetToken = await _userManager.GeneratePasswordResetTokenAsync(membershipUser);
            if (string.IsNullOrWhiteSpace(resetToken))
                throw new InvalidOperationException("Could not reset password: unable to generate internal reset token");

            var resetResult = await _userManager.ChangePasswordWithResetAsync(membershipUser.Id, resetToken, user.Password.Trim());
            if (!resetResult.Succeeded)
                throw new InvalidOperationException("Could not reset password: " + string.Join(", ", resetResult.Errors.ToErrorMessage()));

            if (user.SubscribeToNewsLetter)
            {
                if (_httpClient == null)
                    _httpClient = new HttpClient();

                var values = new NameValueCollection { { "name", admin.Name }, { "email", admin.Email } };
                var content = new StringContent(JsonConvert.SerializeObject(values), Encoding.UTF8, "application/json");

                try
                {
                    var response = _httpClient.PostAsync("https://shop.umbraco.com/base/Ecom/SubmitEmail/installer.aspx", content).Result;
                }
                catch { /* fail in silence */ }
            }

            return null;
        }

        /// <summary>
        /// Return a custom view model for this step
        /// </summary>
        public override object ViewModel
        {
            get
            {
                return new
                {
                    minCharLength = _passwordConfiguration.RequiredLength,
                    minNonAlphaNumericLength = _passwordConfiguration.RequireNonLetterOrDigit ? 1 : 0,
                    quickInstallAvailable = DatabaseConfigureStep.IsSqlCeAvailable()
                };
            }
        }

        public override string View
        {
            get
            {
                return RequiresExecution(null)
              //the user UI
                ? "user"
              //the continue install UI
              : "continueinstall";
            }
        }

        public override bool RequiresExecution(UserModel model)
        {
            //now we have to check if this is really a new install, the db might be configured and might contain data
            var databaseSettings = _connectionStrings.UmbracoConnectionString;
            if (databaseSettings.IsConnectionStringConfigured() && _databaseBuilder.IsDatabaseConfigured)
                return _databaseBuilder.HasSomeNonDefaultUser() == false;

            // In this one case when it's a brand new install and nothing has been configured, make sure the
            // back office cookie is cleared so there's no old cookies lying around causing problems
            _cookieManager.ExpireCookie(_securitySettings.AuthCookieName);

                return true;
        }
    }
}
removes remaining back office things from underlying UmbracoUserManager moves files 2020-12-04 02:21:21 +11:00			`using System;`
Adds newsletter to installer With the good ol' V6 installer code, ahhh the smell of code patina 2014-04-02 11:20:35 +02:00			`using System.Collections.Specialized;`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`using System.Net.Http;`
			`using System.Text;`
large refactor/cleanup of most of the old package installer logic dealing with persisting the installedPackages.config which is now in the services, creates new parsers and removes a ton of old code, changes fetching packages to be async, uses XElement instead of old XmlNode apis, next we need to do the actual package installer updates 2019-01-11 14:30:04 +11:00			`using System.Threading.Tasks;`
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`using Microsoft.Extensions.Options;`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`using Newtonsoft.Json;`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`using Umbraco.Core;`
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`using Umbraco.Core.Configuration.Models;`
Migrations refactoring - WIP - move code 2017-12-18 18:26:32 +01:00			`using Umbraco.Core.Migrations.Install;`
removes remaining back office things from underlying UmbracoUserManager moves files 2020-12-04 02:21:21 +11:00			`using Umbraco.Core.Security;`
Resvolution - Components, Runtime & Booting 2016-09-01 19:06:08 +02:00			`using Umbraco.Core.Services;`
Added IdentityExtensions 2020-05-18 13:00:32 +01:00			`using Umbraco.Extensions;`
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`using Umbraco.Web.Install.Models;`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00
			`namespace Umbraco.Web.Install.InstallSteps`
			`{`
Updates the RequiresExecution logic so we can skip steps based on some user input (i.e. skip the starter kit installation). Fixes the start kit js stuff to update the model correctly and continue. Fixes the error view to restart - it cannot just go back because there might not be a view there. 2014-03-05 14:30:17 +11:00			`/// <summary>`
			`/// This is the first UI step for a brand new install`
			`/// </summary>`
			`/// <remarks>`
Temp8 - Fixing spelling / typos etc in Umbraco.Web (#4148) 2019-01-26 10:52:19 -05:00			`/// By default this will show the user view which is the most basic information to configure a new install, but if an install get's interrupted because of an`
Normalize cr/lf/tab 2017-07-20 11:21:28 +02:00			`/// error, etc... and the end-user refreshes the installer then we cannot show the user screen because they've already entered that information so instead we'll`
Updates the RequiresExecution logic so we can skip steps based on some user input (i.e. skip the starter kit installation). Fixes the start kit js stuff to update the model correctly and continue. Fixes the error view to restart - it cannot just go back because there might not be a view there. 2014-03-05 14:30:17 +11:00			`/// display a simple continue installation view.`
			`/// </remarks>`
Fix install issues with super user 2018-03-21 16:01:49 +01:00			`[InstallSetupStep(InstallationType.NewInstall, "User", 20, "")]`
Updates the RequiresExecution logic so we can skip steps based on some user input (i.e. skip the starter kit installation). Fixes the start kit js stuff to update the model correctly and continue. Fixes the error view to restart - it cannot just go back because there might not be a view there. 2014-03-05 14:30:17 +11:00			`internal class NewInstallStep : InstallSetupStep<UserModel>`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`{`
Resvolution - Components, Runtime & Booting 2016-09-01 19:06:08 +02:00			`private readonly IUserService _userService;`
More persistence layer refactoring 2016-11-29 10:31:25 +01:00			`private readonly DatabaseBuilder _databaseBuilder;`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`private static HttpClient _httpClient;`
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`private readonly UserPasswordConfigurationSettings _passwordConfiguration;`
			`private readonly SecuritySettings _securitySettings;`
Amended injection of further settings to use IOptionsSnapshot. 2020-08-21 14:52:47 +01:00			`private readonly ConnectionStrings _connectionStrings;`
Review fixes from comments on https://github.com/umbraco/Umbraco-CMS/pull/7664 2020-02-17 09:04:15 +01:00			`private readonly ICookieManager _cookieManager;`
Introduced interface on BackOfficeUserManager (#8913) * Introduced IBackOfficeUserManager * Fixed test * Moved class into own file Co-authored-by: Elitsa Marinovska <elm@umbraco.dk> 2020-09-22 14:44:41 +02:00			`private readonly IBackOfficeUserManager _userManager;`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`public NewInstallStep(`
			`IUserService userService,`
			`DatabaseBuilder databaseBuilder,`
Converted to IOptions over IOptionsSnapshot due to the latter only working in scoped services. Further amends to return to booting application. 2020-08-23 23:36:48 +02:00			`IOptions<UserPasswordConfigurationSettings> passwordConfiguration,`
			`IOptions<SecuritySettings> securitySettings,`
			`IOptions<ConnectionStrings> connectionStrings,`
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`ICookieManager cookieManager,`
Introduced interface on BackOfficeUserManager (#8913) * Introduced IBackOfficeUserManager * Fixed test * Moved class into own file Co-authored-by: Elitsa Marinovska <elm@umbraco.dk> 2020-09-22 14:44:41 +02:00			`IBackOfficeUserManager userManager)`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`{`
Replaced HttpContextBase injection with HttpContextAccessor injection 2020-02-13 08:52:58 +01:00			`_userService = userService ?? throw new ArgumentNullException(nameof(userService));`
			`_databaseBuilder = databaseBuilder ?? throw new ArgumentNullException(nameof(databaseBuilder));`
Moved configuration setting POCOs into Umbraco.Core and adjusted references. Amended injection of some settings to use IOptionsSnapshot. 2020-08-20 22:18:50 +01:00			`_passwordConfiguration = passwordConfiguration.Value ?? throw new ArgumentNullException(nameof(passwordConfiguration));`
			`_securitySettings = securitySettings.Value ?? throw new ArgumentNullException(nameof(securitySettings));`
Amended injection of further settings to use IOptionsSnapshot. 2020-08-21 14:52:47 +01:00			`_connectionStrings = connectionStrings.Value ?? throw new ArgumentNullException(nameof(connectionStrings));`
Review fixes from comments on https://github.com/umbraco/Umbraco-CMS/pull/7664 2020-02-17 09:04:15 +01:00			`_cookieManager = cookieManager;`
Moved .NET standard back office identity code into infrastructure (lowest common dependency) 2020-05-17 08:48:36 +01:00			`_userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`}`

kill user membership provider, adds some passwords api abstractions, moves membership provider logic out of Core/services, removes membership scenario and other membership code we don't want anymore. 2019-11-25 21:20:00 +11:00			`public override async Task<InstallSetupResult> ExecuteAsync(UserModel user)`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`{`
Ensures ref integrity for all FKs to umbracoUser table but support NULL values 2018-05-31 23:05:35 +10:00			`var admin = _userService.GetUserById(Constants.Security.SuperUserId);`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`if (admin == null)`
			`{`
Fix install issues with super user 2018-03-21 16:01:49 +01:00			`throw new InvalidOperationException("Could not find the super user!");`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`}`
Implemented GetUsersInRoleAsync and reintroduced email check 2020-05-05 11:33:19 +02:00			`admin.Email = user.Email.Trim();`
			`admin.Name = user.Name.Trim();`
			`admin.Username = user.Email.Trim();`

			`_userService.Save(admin);`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00
Moved .NET standard back office identity code into infrastructure (lowest common dependency) 2020-05-17 08:48:36 +01:00			`var membershipUser = await _userManager.FindByIdAsync(Constants.Security.SuperUserId.ToString());`
			`if (membershipUser == null)`
			`{`
			`throw new InvalidOperationException(`
			`$"No user found in membership provider with id of {Constants.Security.SuperUserId}.");`
			`}`

			`//To change the password here we actually need to reset it since we don't have an old one to use to change`
			`var resetToken = await _userManager.GeneratePasswordResetTokenAsync(membershipUser);`
			`if (string.IsNullOrWhiteSpace(resetToken))`
			`throw new InvalidOperationException("Could not reset password: unable to generate internal reset token");`

			`var resetResult = await _userManager.ChangePasswordWithResetAsync(membershipUser.Id, resetToken, user.Password.Trim());`
			`if (!resetResult.Succeeded)`
Added IdentityExtensions 2020-05-18 13:00:32 +01:00			`throw new InvalidOperationException("Could not reset password: " + string.Join(", ", resetResult.Errors.ToErrorMessage()));`
Null checks and property uses 2020-05-04 18:32:57 +01:00
Adds newsletter to installer With the good ol' V6 installer code, ahhh the smell of code patina 2014-04-02 11:20:35 +02:00			`if (user.SubscribeToNewsLetter)`
			`{`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`if (_httpClient == null)`
			`_httpClient = new HttpClient();`

			`var values = new NameValueCollection { { "name", admin.Name }, { "email", admin.Email } };`
			`var content = new StringContent(JsonConvert.SerializeObject(values), Encoding.UTF8, "application/json");`

Adds newsletter to installer With the good ol' V6 installer code, ahhh the smell of code patina 2014-04-02 11:20:35 +02:00			`try`
			`{`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`var response = _httpClient.PostAsync("https://shop.umbraco.com/base/Ecom/SubmitEmail/installer.aspx", content).Result;`
Adds newsletter to installer With the good ol' V6 installer code, ahhh the smell of code patina 2014-04-02 11:20:35 +02:00			`}`
			`catch { /* fail in silence */ }`
			`}`

kill user membership provider, adds some passwords api abstractions, moves membership provider logic out of Core/services, removes membership scenario and other membership code we don't want anymore. 2019-11-25 21:20:00 +11:00			`return null;`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`}`

Fixes the user password validation to ensure it obeys what the membership provider's are configured for. 2014-03-06 12:11:14 +11:00			`/// <summary>`
			`/// Return a custom view model for this step`
			`/// </summary>`
			`public override object ViewModel`
			`{`
			`get`
			`{`
			`return new`
			`{`
kill user membership provider, adds some passwords api abstractions, moves membership provider logic out of Core/services, removes membership scenario and other membership code we don't want anymore. 2019-11-25 21:20:00 +11:00			`minCharLength = _passwordConfiguration.RequiredLength,`
AB¤6233 - Reverted changes to typefinder and implemented check for if SqlCE is available in the install process 2020-05-06 20:37:03 +02:00			`minNonAlphaNumericLength = _passwordConfiguration.RequireNonLetterOrDigit ? 1 : 0,`
			`quickInstallAvailable = DatabaseConfigureStep.IsSqlCeAvailable()`
Fixes the user password validation to ensure it obeys what the membership provider's are configured for. 2014-03-06 12:11:14 +11:00			`};`
			`}`
			`}`

asfsafd 2014-02-27 10:16:30 +01:00			`public override string View`
			`{`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`get`
			`{`
			`return RequiresExecution(null)`
			`//the user UI`
Normalize cr/lf/tab 2017-07-20 11:21:28 +02:00			`? "user"`
Fixes #3036 Removes WebClient completely except for in an old legacy class that is not used for anything any more (umbraco.cms.businesslogic.packager.Installer.Fetch). 2018-09-26 13:27:16 +02:00			`//the continue install UI`
			`: "continueinstall";`
			`}`
Updated install steps, classes and logic 2014-03-04 11:16:42 +11:00			`}`
Normalize cr/lf/tab 2017-07-20 11:21:28 +02:00
Updates the RequiresExecution logic so we can skip steps based on some user input (i.e. skip the starter kit installation). Fixes the start kit js stuff to update the model correctly and continue. Fixes the error view to restart - it cannot just go back because there might not be a view there. 2014-03-05 14:30:17 +11:00			`public override bool RequiresExecution(UserModel model)`
Updated install steps, classes and logic 2014-03-04 11:16:42 +11:00			`{`
Updates more installer logic, getting into the nitty gritty details with upgrades, etc... 2014-03-04 19:20:36 +11:00			`//now we have to check if this is really a new install, the db might be configured and might contain data`
Simplifyed the ConnectionStrings config 2020-09-15 09:11:36 +02:00			`var databaseSettings = _connectionStrings.UmbracoConnectionString;`
AB3594 - Post review fixes.. Also removed the Current class from abstractions, and injected the factory into config 2019-11-18 14:11:50 +01:00			`if (databaseSettings.IsConnectionStringConfigured() && _databaseBuilder.IsDatabaseConfigured)`
porting 7.6-rc1 into 8 2017-05-12 14:49:44 +02:00			`return _databaseBuilder.HasSomeNonDefaultUser() == false;`

Normalize cr/lf/tab 2017-07-20 11:21:28 +02:00			`// In this one case when it's a brand new install and nothing has been configured, make sure the`
porting 7.6-rc1 into 8 2017-05-12 14:49:44 +02:00			`// back office cookie is cleared so there's no old cookies lying around causing problems`
Cleaned up config for Security settings 2020-03-12 14:36:25 +01:00			`_cookieManager.ExpireCookie(_securitySettings.AuthCookieName);`
U4-8514 Fix installation issue when there are stale cookies on localhost 2016-05-25 14:36:00 +02:00
Updates more installer logic, getting into the nitty gritty details with upgrades, etc... 2014-03-04 19:20:36 +11:00			`return true;`
asfsafd 2014-02-27 10:16:30 +01:00			`}`
Gets lots of the new installer logic working 2014-02-26 16:01:31 +01:00			`}`
porting 7.6-rc1 into 8 2017-05-12 14:49:44 +02:00			`}`