porting 7.6-rc1 into 8

src/Umbraco.Web/Security/MembershipHelper.cs

@@ -33,6 +33,7 @@ namespace Umbraco.Web.Security
         // fixme - inject!
         private readonly IMemberService _memberService = Current.Services.MemberService;
         private readonly IMemberTypeService _memberTypeService = Current.Services.MemberTypeService;
+        private readonly IUserService _userService = Current.Services.UserService;
         private readonly CacheHelper _applicationCache = Current.ApplicationCache;
 
         #region Constructors
@@ -274,6 +275,27 @@ namespace Umbraco.Web.Security
             return MemberCache.GetByEmail(email);
         }
 
+        public virtual IPublishedContent Get(Udi udi)
+        {
+            var guidUdi = udi as GuidUdi;
+            if (guidUdi == null) return null;
+
+            var umbracoType = Constants.UdiEntityType.ToUmbracoObjectType(udi.EntityType);
+
+            var entityService = Current.Services.EntityService;
+            switch (umbracoType)
+            {
+                case UmbracoObjectTypes.Member:
+                    // fixme - need to implement Get(guid)!
+                    var memberAttempt = entityService.GetIdForKey(guidUdi.Guid, umbracoType);
+                    if (memberAttempt.Success)
+                        return GetById(memberAttempt.Result);
+                    break;
+            }
+
+            return null;
+        }
+
         /// <summary>
         /// Returns the currently logged in member as IPublishedContent
         /// </summary>
@@ -628,7 +650,8 @@ namespace Umbraco.Web.Security
             //Are we resetting the password??
             if (passwordModel.Reset.HasValue && passwordModel.Reset.Value)
             {
-                if (membershipProvider.EnablePasswordReset == false)
+                var canReset = membershipProvider.CanResetPassword(_userService);
+                if (canReset == false)
                 {
                     return Attempt.Fail(new PasswordChangedModel { ChangeError = new ValidationResult("Password reset is not enabled", new[] { "resetPassword" }) });
                 }

src/Umbraco.Web/Security/WebSecurity.cs

@@ -185,13 +185,13 @@ namespace Umbraco.Web.Security
         }
 
         /// <summary>
-        /// Returns the back office IUser instance for the username specified
+        /// Gets (and creates if not found) the back office <see cref="IUser"/> instance for the username specified
         /// </summary>
         /// <param name="username"></param>
         /// <returns></returns>
         /// <remarks>
-        /// This will return an Iuser instance no matter what membership provider is installed for the back office, it will automatically
-        /// create any missing Iuser accounts if one is not found and a custom membership provider is being used.
+        /// This will return an <see cref="IUser"/> instance no matter what membership provider is installed for the back office, it will automatically
+        /// create any missing <see cref="IUser"/> accounts if one is not found and a custom membership provider or <see cref="IBackOfficeUserPasswordChecker"/> is being used. 
         /// </remarks>
         internal IUser GetBackOfficeUser(string username)
         {