Fixes the change password dashboard to work properly. Fixes the EditUser to property save the member and the user. Adds new (probably temporary) MembershipHelper which is used to update a MembershipUser. Updates the User model to ignore the membership properties that we currently cannot persist. Ensures the legacy User membership provider still looks for a typed membership user (which should never have happened). Fixes small issue with underlying membership provider trying to encrypt an empty string.

2014-01-07 17:01:22 +11:00
parent 0b4ddf82aa
commit 0245efe3cb
11 changed files with 323 additions and 366 deletions
--- a/src/Umbraco.Web/Security/MembershipHelper.cs
+++ b/src/Umbraco.Web/Security/MembershipHelper.cs
@@ -0,0 +1,59 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Web.Security;
+
+namespace Umbraco.Web.Security
+{
+    internal class MembershipHelper
+    {
+
+        public MembershipUser UpdateMember(MembershipUser member, MembershipProvider provider,
+            string email = null,
+            bool? isApproved = null,
+            bool? isLocked = null,
+            DateTime? lastLoginDate = null,
+            DateTime? lastActivityDate = null,
+            string comment = null)
+        {
+            //set the writable properties
+            if (email != null)
+            {
+                member.Email = email;    
+            }
+            if (isApproved.HasValue)
+            {
+                member.IsApproved = isApproved.Value;    
+            }
+            if (lastLoginDate.HasValue)
+            {
+                member.LastLoginDate = lastLoginDate.Value;
+            }
+            if (lastActivityDate.HasValue)
+            {
+                member.LastActivityDate = lastActivityDate.Value;
+            }
+            if (comment != null)
+            {
+                member.Comment = comment;
+            }
+
+            if (isLocked.HasValue)
+            {
+                //there is no 'setter' on IsLockedOut but you can ctor a new membership user with it set, so i guess that's what we'll do,
+                // this does mean however if it was a typed membership user object that it will no longer be typed
+                //membershipUser.IsLockedOut = true;
+                member = new MembershipUser(member.ProviderName, member.UserName, 
+                    member.ProviderUserKey, member.Email, member.PasswordQuestion, member.Comment, member.IsApproved, 
+                    isLocked.Value,  //new value
+                    member.CreationDate, member.LastLoginDate, member.LastActivityDate, member.LastPasswordChangedDate, member.LastLockoutDate);
+            }
+
+            provider.UpdateUser(member);
+
+            return member;
+        }
+
+    }
+}
--- a/src/Umbraco.Web/Security/Providers/UmbracoServiceMembershipProvider.cs
+++ b/src/Umbraco.Web/Security/Providers/UmbracoServiceMembershipProvider.cs
@@ -5,6 +5,7 @@ using System.Linq;
 using System.Text;
 using System.Web.Configuration;
 using System.Web.Security;
+using Umbraco.Core;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models.Membership;
 using Umbraco.Core.Persistence.Querying;
@@ -296,6 +297,10 @@ namespace Umbraco.Web.Security.Providers

        internal string EncryptString(string str)
        {
+            if (str.IsNullOrWhiteSpace())
+            {
+                return "";
+            }
            var bytes = Encoding.Unicode.GetBytes(str);
            var password = new byte[bytes.Length];
            Buffer.BlockCopy(bytes, 0, password, 0, bytes.Length);