diff --git a/src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs b/src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs index 4b9d39c99c..e0997967bc 100644 --- a/src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs +++ b/src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs @@ -201,12 +201,13 @@ namespace Umbraco.Core.Persistence.Repositories //find the member by username var memberSql = new Sql(); var memberObjectType = new Guid(Constants.ObjectTypes.Member); + var escapedUsername = PetaPocoExtensions.EscapeAtSymbols(username); memberSql.Select("umbracoNode.id") .From() .InnerJoin() .On(dto => dto.NodeId, dto => dto.NodeId) .Where(x => x.NodeObjectType == memberObjectType) - .Where(x => x.LoginName == username); + .Where(x => x.LoginName == escapedUsername); var memberIdUsername = Database.Fetch(memberSql).FirstOrDefault(); if (memberIdUsername.HasValue == false) { diff --git a/src/Umbraco.Tests/Services/MemberServiceTests.cs b/src/Umbraco.Tests/Services/MemberServiceTests.cs index 108c8f4bf8..9c70047b20 100644 --- a/src/Umbraco.Tests/Services/MemberServiceTests.cs +++ b/src/Umbraco.Tests/Services/MemberServiceTests.cs @@ -205,6 +205,25 @@ namespace Umbraco.Tests.Services Assert.AreEqual(2, membersInRole.Count()); } + [Test] + public void Associate_Members_To_Roles_With_Member_Username_Containing_At_Symbols() + { + ServiceContext.MemberService.AddRole("MyTestRole1"); + + IMemberType memberType = MockedContentTypes.CreateSimpleMemberType(); + ServiceContext.MemberTypeService.Save(memberType); + var member1 = MockedMember.CreateSimpleMember(memberType, "test1", "test1@test.com", "pass", "test1@test.com"); + ServiceContext.MemberService.Save(member1); + var member2 = MockedMember.CreateSimpleMember(memberType, "test2", "test2@test.com", "pass", "test2@test.com"); + ServiceContext.MemberService.Save(member2); + + ServiceContext.MemberService.AssignRoles(new[] { member1.Username, member2.Username }, new[] { "MyTestRole1" }); + + var membersInRole = ServiceContext.MemberService.GetMembersInRole("MyTestRole1"); + + Assert.AreEqual(2, membersInRole.Count()); + } + [Test] public void Associate_Members_To_Roles_With_New_Role() { diff --git a/src/Umbraco.Web/Security/Providers/MembersRoleProvider.cs b/src/Umbraco.Web/Security/Providers/MembersRoleProvider.cs index 274c2eab99..2ddbc0b5a2 100644 --- a/src/Umbraco.Web/Security/Providers/MembersRoleProvider.cs +++ b/src/Umbraco.Web/Security/Providers/MembersRoleProvider.cs @@ -1,3 +1,5 @@ +using System.Collections.Specialized; +using System.Configuration.Provider; using System.Linq; using System.Web.Security; using Umbraco.Core; @@ -22,7 +24,7 @@ namespace Umbraco.Web.Security.Providers } private string _applicationName; - + public override bool IsUserInRole(string username, string roleName) { return GetRolesForUser(username).Any(x => x == roleName); @@ -73,10 +75,27 @@ namespace Umbraco.Web.Security.Providers return _roleService.FindMembersInRole(roleName, usernameToMatch, StringPropertyMatchType.Wildcard).Select(x => x.Username).ToArray(); } + /// + /// The name of the application using the custom role provider. + /// + /// + /// The name of the application using the custom membership provider. public override string ApplicationName { - get { return _applicationName; } - set { _applicationName = value; } + get + { + return _applicationName; + } + set + { + if (string.IsNullOrEmpty(value)) + throw new ProviderException("ApplicationName cannot be empty."); + + if (value.Length > 0x100) + throw new ProviderException("Provider application name too long."); + + _applicationName = value; + } } } } \ No newline at end of file