Ensures all access to the users membership provider is done with our extension method
This commit is contained in:
Shannon
@@ -48,6 +48,25 @@ namespace Umbraco.Core.Security
|
||||
return Membership.Providers[Constants.Conventions.Member.UmbracoMemberProviderName];
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Method to get the Umbraco Users membership provider based on it's alias
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
public static MembershipProvider GetUsersMembershipProvider()
|
||||
{
|
||||
if (Membership.Providers[Constants.Conventions.User.UmbracoUsersProviderName] == null)
|
||||
{
|
||||
throw new InvalidOperationException("No membership provider found with name " + Constants.Conventions.User.UmbracoUsersProviderName);
|
||||
}
|
||||
return Membership.Providers[Constants.Conventions.User.UmbracoUsersProviderName];
|
||||
}
|
||||
|
||||
public static MembershipUser GetCurrentUser(this MembershipProvider membershipProvider)
|
||||
{
|
||||
var username = membershipProvider.GetCurrentUserName();
|
||||
return membershipProvider.GetUser(username, true);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Just returns the current user's login name (just a wrapper).
|
||||
/// </summary>
|
||||
|
||||
@@ -19,15 +19,7 @@ namespace Umbraco.Web.UI.Install.Steps
|
||||
|
||||
protected MembershipProvider CurrentProvider
|
||||
{
|
||||
get
|
||||
{
|
||||
var provider = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider];
|
||||
if (provider == null)
|
||||
{
|
||||
throw new InvalidOperationException("No MembershipProvider found with name " + UmbracoSettings.DefaultBackofficeProvider);
|
||||
}
|
||||
return provider;
|
||||
}
|
||||
get { return MembershipProviderExtensions.GetUsersMembershipProvider(); }
|
||||
}
|
||||
|
||||
protected void ChangePasswordClick(object sender, EventArgs e)
|
||||
|
||||
@@ -28,7 +28,9 @@ namespace Umbraco.Web.UI.Umbraco.Create
|
||||
/// <param name="e"></param>
|
||||
protected void LoginExistsCheck(object sender, ServerValidateEventArgs e)
|
||||
{
|
||||
var user = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].GetUser(Login.Text.Replace(" ", "").ToLower(), false);
|
||||
var provider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
|
||||
var user = provider.GetUser(Login.Text.Replace(" ", "").ToLower(), false);
|
||||
|
||||
if (Login.Text != "" && user != null)
|
||||
e.IsValid = false;
|
||||
@@ -44,9 +46,11 @@ namespace Umbraco.Web.UI.Umbraco.Create
|
||||
/// <param name="e"></param>
|
||||
protected void EmailExistsCheck(object sender, ServerValidateEventArgs e)
|
||||
{
|
||||
var found = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].GetUserNameByEmail(Email.Text.ToLower());
|
||||
var provider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
|
||||
if (Email.Text != "" && found.IsNullOrWhiteSpace() == false && Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].RequiresUniqueEmail)
|
||||
var found = provider.GetUserNameByEmail(Email.Text.ToLower());
|
||||
|
||||
if (Email.Text != "" && found.IsNullOrWhiteSpace() == false && provider.RequiresUniqueEmail)
|
||||
e.IsValid = false;
|
||||
else
|
||||
e.IsValid = true;
|
||||
|
||||
@@ -522,8 +522,7 @@ namespace Umbraco.Web.Routing
|
||||
try
|
||||
{
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
var username = provider.GetCurrentUserName();
|
||||
user = provider.GetUser(username, true);
|
||||
user = provider.GetCurrentUser();
|
||||
}
|
||||
catch (ArgumentException)
|
||||
{
|
||||
|
||||
@@ -66,8 +66,7 @@ namespace Umbraco.Web.Security
|
||||
|
||||
//get the current membership user
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
var username = provider.GetCurrentUserName();
|
||||
var membershipUser = provider.GetUser(username, true);
|
||||
var membershipUser = provider.GetCurrentUser();
|
||||
//NOTE: This should never happen since they are logged in
|
||||
if (membershipUser == null) throw new InvalidOperationException("Could not find member with username " + _httpContext.User.Identity.Name);
|
||||
|
||||
@@ -274,9 +273,8 @@ namespace Umbraco.Web.Security
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
|
||||
if (provider.IsUmbracoMembershipProvider())
|
||||
{
|
||||
var username = provider.GetCurrentUserName();
|
||||
var membershipUser = provider.GetUser(username, true);
|
||||
{
|
||||
var membershipUser = provider.GetCurrentUser();
|
||||
var member = GetCurrentMember();
|
||||
//this shouldn't happen
|
||||
if (member == null) return null;
|
||||
@@ -426,8 +424,7 @@ namespace Umbraco.Web.Security
|
||||
}
|
||||
else
|
||||
{
|
||||
var username = provider.GetCurrentUserName();
|
||||
var member = provider.GetUser(username, true);
|
||||
var member = provider.GetCurrentUser();
|
||||
//this shouldn't happen
|
||||
if (member == null) return null;
|
||||
model.Name = member.UserName;
|
||||
@@ -506,8 +503,7 @@ namespace Umbraco.Web.Security
|
||||
}
|
||||
else
|
||||
{
|
||||
var currUsername = provider.GetCurrentUserName();
|
||||
var member = provider.GetUser(currUsername, true);
|
||||
var member = provider.GetCurrentUser();
|
||||
username = member.UserName;
|
||||
}
|
||||
|
||||
|
||||
@@ -135,7 +135,7 @@ namespace Umbraco.Web.Security
|
||||
/// <returns></returns>
|
||||
internal bool ValidateBackOfficeCredentials(string username, string password)
|
||||
{
|
||||
var membershipProvider = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider];
|
||||
var membershipProvider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
return membershipProvider != null && membershipProvider.ValidateUser(username, password);
|
||||
}
|
||||
|
||||
|
||||
@@ -411,8 +411,7 @@ namespace Umbraco.Web
|
||||
if (IsProtected(nodeId, path))
|
||||
{
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
var username = provider.GetCurrentUserName();
|
||||
return _membershipHelper.IsLoggedIn() && Access.HasAccess(nodeId, path, provider.GetUser(username, true));
|
||||
return _membershipHelper.IsLoggedIn() && Access.HasAccess(nodeId, path, provider.GetCurrentUser());
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -423,8 +423,7 @@ namespace umbraco
|
||||
HttpContext.Current.Trace.Write("umbracoRequestHandler", "Page protected");
|
||||
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
var username = provider.GetCurrentUserName();
|
||||
var user = provider.GetUser(username, true);
|
||||
var user = provider.GetCurrentUser();
|
||||
|
||||
if (user == null || !library.IsLoggedOn())
|
||||
{
|
||||
|
||||
@@ -13,6 +13,7 @@ using Umbraco.Core.Configuration;
|
||||
using Umbraco.Core.IO;
|
||||
using Umbraco.Core.Logging;
|
||||
using umbraco.BusinessLogic;
|
||||
using Umbraco.Core.Security;
|
||||
using umbraco.DataLayer;
|
||||
using umbraco.presentation.install.utills;
|
||||
using umbraco.providers;
|
||||
@@ -523,19 +524,21 @@ namespace umbraco.presentation.install
|
||||
{
|
||||
Page.Validate();
|
||||
|
||||
var provider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
|
||||
if (Page.IsValid)
|
||||
{
|
||||
User u = User.GetUser(0);
|
||||
MembershipUser user = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].GetUser(0, true);
|
||||
var user = provider.GetUser(0, true);
|
||||
user.ChangePassword(u.GetPassword(), tb_password.Text.Trim());
|
||||
|
||||
// Is it using the default membership provider
|
||||
if (Membership.Providers[UmbracoSettings.DefaultBackofficeProvider] is UsersMembershipProvider)
|
||||
if (provider is UsersMembershipProvider)
|
||||
{
|
||||
// Save user in membership provider
|
||||
UsersMembershipUser umbracoUser = user as UsersMembershipUser;
|
||||
var umbracoUser = user as UsersMembershipUser;
|
||||
umbracoUser.FullName = tb_name.Text.Trim();
|
||||
Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].UpdateUser(umbracoUser);
|
||||
provider.UpdateUser(umbracoUser);
|
||||
|
||||
// Save user details
|
||||
u.Email = tb_email.Text.Trim();
|
||||
@@ -543,7 +546,7 @@ namespace umbraco.presentation.install
|
||||
else
|
||||
{
|
||||
u.Name = tb_name.Text.Trim();
|
||||
if (!(Membership.Providers[UmbracoSettings.DefaultBackofficeProvider] is ActiveDirectoryMembershipProvider)) Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].UpdateUser(user);
|
||||
if ((provider is ActiveDirectoryMembershipProvider) == false) provider.UpdateUser(user);
|
||||
}
|
||||
|
||||
// we need to update the login name here as it's set to the old name when saving the user via the membership provider!
|
||||
@@ -555,8 +558,8 @@ namespace umbraco.presentation.install
|
||||
{
|
||||
try
|
||||
{
|
||||
System.Net.WebClient client = new System.Net.WebClient();
|
||||
NameValueCollection values = new NameValueCollection();
|
||||
var client = new System.Net.WebClient();
|
||||
var values = new NameValueCollection();
|
||||
values.Add("name", tb_name.Text);
|
||||
values.Add("email", tb_email.Text);
|
||||
|
||||
|
||||
@@ -14,6 +14,7 @@ using umbraco.cms.businesslogic.media;
|
||||
using umbraco.cms.businesslogic.property;
|
||||
using umbraco.cms.businesslogic.propertytype;
|
||||
using umbraco.cms.businesslogic.web;
|
||||
using Umbraco.Core.Security;
|
||||
using umbraco.presentation.channels.businesslogic;
|
||||
using Post = CookComputing.MetaWeblog.Post;
|
||||
|
||||
@@ -45,7 +46,7 @@ namespace umbraco.presentation.channels
|
||||
Description = "Where applicable, this specifies whether the blog "
|
||||
+ "should be republished after the post has been deleted.")] bool publish)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
Channel userChannel = new Channel(username);
|
||||
new Document(int.Parse(postid))
|
||||
@@ -62,7 +63,7 @@ namespace umbraco.presentation.channels
|
||||
Post post,
|
||||
bool publish)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
Channel userChannel = new Channel(username);
|
||||
Document doc = new Document(Convert.ToInt32(postid));
|
||||
@@ -140,7 +141,7 @@ namespace umbraco.presentation.channels
|
||||
string username,
|
||||
string password)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
Channel userChannel = new Channel(username);
|
||||
if (userChannel.FieldCategoriesAlias != null && userChannel.FieldCategoriesAlias != "")
|
||||
@@ -218,7 +219,7 @@ namespace umbraco.presentation.channels
|
||||
string username,
|
||||
string password)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
Channel userChannel = new Channel(username);
|
||||
Document d = new Document(int.Parse(postid));
|
||||
@@ -258,7 +259,7 @@ namespace umbraco.presentation.channels
|
||||
string password,
|
||||
int numberOfPosts)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
ArrayList blogPosts = new ArrayList();
|
||||
ArrayList blogPostsObjects = new ArrayList();
|
||||
@@ -369,7 +370,7 @@ namespace umbraco.presentation.channels
|
||||
Post post,
|
||||
bool publish)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
Channel userChannel = new Channel(username);
|
||||
User u = new User(username);
|
||||
@@ -427,7 +428,7 @@ namespace umbraco.presentation.channels
|
||||
string password,
|
||||
FileData file)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
User u = new User(username);
|
||||
Channel userChannel = new Channel(username);
|
||||
@@ -512,9 +513,11 @@ namespace umbraco.presentation.channels
|
||||
return new UrlData();
|
||||
}
|
||||
|
||||
private static bool validateUser(string username, string password)
|
||||
private static bool ValidateUser(string username, string password)
|
||||
{
|
||||
return Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(username, password);
|
||||
var provider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
|
||||
return provider.ValidateUser(username, password);
|
||||
}
|
||||
|
||||
[XmlRpcMethod("blogger.getUsersBlogs",
|
||||
@@ -525,7 +528,7 @@ namespace umbraco.presentation.channels
|
||||
string username,
|
||||
string password)
|
||||
{
|
||||
if (validateUser(username, password))
|
||||
if (ValidateUser(username, password))
|
||||
{
|
||||
BlogInfo[] blogs = new BlogInfo[1];
|
||||
User u = new User(username);
|
||||
|
||||
@@ -3,6 +3,7 @@ using System.Data;
|
||||
using System.Web.Security;
|
||||
using Umbraco.Core.Logging;
|
||||
using umbraco.BusinessLogic;
|
||||
using Umbraco.Core.Security;
|
||||
using umbraco.DataLayer;
|
||||
using umbraco.BasePages;
|
||||
using Umbraco.Core.IO;
|
||||
@@ -38,14 +39,16 @@ namespace umbraco
|
||||
//BusinessLogic.User.MakeNew(Alias, Alias, "", BusinessLogic.UserType.GetUserType(1));
|
||||
//return true;
|
||||
|
||||
var provider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
|
||||
var status = MembershipCreateStatus.ProviderError;
|
||||
try
|
||||
{
|
||||
// Password is auto-generated. They are they required to change the password by editing the user information.
|
||||
|
||||
var password = Membership.GeneratePassword(
|
||||
Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].MinRequiredPasswordLength,
|
||||
Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].MinRequiredNonAlphanumericCharacters);
|
||||
provider.MinRequiredPasswordLength,
|
||||
provider.MinRequiredNonAlphanumericCharacters);
|
||||
|
||||
var parts = Alias.Split(new[] {'|'}, StringSplitOptions.RemoveEmptyEntries);
|
||||
if (parts.Length != 2)
|
||||
@@ -55,7 +58,7 @@ namespace umbraco
|
||||
var login = parts[0];
|
||||
var email = parts[1];
|
||||
|
||||
var u = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].CreateUser(
|
||||
var u = provider.CreateUser(
|
||||
login, password, email.Trim().ToLower(), "", "", true, null, out status);
|
||||
|
||||
if (u == null)
|
||||
|
||||
@@ -6,6 +6,7 @@ using System.Web.UI;
|
||||
using System.Web.UI.WebControls;
|
||||
using System.Web.Security;
|
||||
using umbraco.BusinessLogic;
|
||||
using Umbraco.Core.Security;
|
||||
|
||||
namespace umbraco.presentation.umbraco.dashboard
|
||||
{
|
||||
@@ -13,7 +14,7 @@ namespace umbraco.presentation.umbraco.dashboard
|
||||
{
|
||||
protected MembershipProvider Provider
|
||||
{
|
||||
get { return Membership.Providers[UmbracoSettings.DefaultBackofficeProvider]; }
|
||||
get { return MembershipProviderExtensions.GetUsersMembershipProvider(); }
|
||||
}
|
||||
|
||||
protected override void OnLoad(EventArgs e)
|
||||
|
||||
@@ -37,7 +37,7 @@ namespace umbraco.cms.presentation
|
||||
{
|
||||
get
|
||||
{
|
||||
var provider = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider];
|
||||
var provider = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
if (provider == null)
|
||||
{
|
||||
throw new ProviderException("The membership provider " + UmbracoSettings.DefaultBackofficeProvider + " was not found");
|
||||
|
||||
@@ -73,15 +73,7 @@ namespace umbraco.cms.presentation.user
|
||||
|
||||
private MembershipProvider BackOfficeProvider
|
||||
{
|
||||
get
|
||||
{
|
||||
var provider = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider];
|
||||
if (provider == null)
|
||||
{
|
||||
throw new ProviderException("The membership provider " + UmbracoSettings.DefaultBackofficeProvider + " was not found");
|
||||
}
|
||||
return provider;
|
||||
}
|
||||
get { return MembershipProviderExtensions.GetUsersMembershipProvider(); }
|
||||
}
|
||||
|
||||
protected void Page_Load(object sender, EventArgs e)
|
||||
|
||||
@@ -15,6 +15,7 @@ using umbraco.BusinessLogic;
|
||||
using umbraco.businesslogic.Exceptions;
|
||||
using umbraco.cms.businesslogic.media;
|
||||
using Umbraco.Core;
|
||||
using Umbraco.Core.Security;
|
||||
|
||||
namespace umbraco.presentation.umbraco.webservices
|
||||
{
|
||||
@@ -222,7 +223,7 @@ namespace umbraco.presentation.umbraco.webservices
|
||||
|
||||
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
|
||||
{
|
||||
var mp = Membership.Providers[UmbracoSettings.DefaultBackofficeProvider];
|
||||
var mp = MembershipProviderExtensions.GetUsersMembershipProvider();
|
||||
if (mp != null && mp.ValidateUser(username, password))
|
||||
{
|
||||
var user = new User(username);
|
||||
|
||||
@@ -1082,11 +1082,10 @@ namespace umbraco.cms.businesslogic.member
|
||||
if (HttpContext.Current.User.Identity.IsAuthenticated)
|
||||
{
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
var username = provider.GetCurrentUserName();
|
||||
var member = provider.GetUser(username, true);
|
||||
var member = provider.GetCurrentUser();
|
||||
if (member == null)
|
||||
{
|
||||
throw new InvalidOperationException("No member object found with username " + username);
|
||||
throw new InvalidOperationException("No member object found with username " + provider.GetCurrentUserName());
|
||||
}
|
||||
int.TryParse(member.ProviderUserKey.ToString(), out currentMemberId);
|
||||
}
|
||||
@@ -1105,11 +1104,10 @@ namespace umbraco.cms.businesslogic.member
|
||||
if (HttpContext.Current.User.Identity.IsAuthenticated)
|
||||
{
|
||||
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
|
||||
var username = provider.GetCurrentUserName();
|
||||
var member = provider.GetUser(username, true);
|
||||
var member = provider.GetCurrentUser();
|
||||
if (member == null)
|
||||
{
|
||||
throw new InvalidOperationException("No member object found with username " + username);
|
||||
throw new InvalidOperationException("No member object found with username " + provider.GetCurrentUserName());
|
||||
}
|
||||
|
||||
int currentMemberId = 0;
|
||||
|
||||
Reference in New Issue
Block a user