Using a kentico 10 website with claims based authentication. We have the facility to update their email address in the external system. So what I want to do is update the user's email address and username by looking up based on the external userid from our sso platform.
var existingUser = UserInfoProvider.GetUsers().Where("ExternalGuid", QueryOperator.Equals, userId).FirstOrDefault();
if (existingUser.IsInSite(SiteContext.CurrentSiteName))
UserInfoProvider.RemoveUserFromSite(existingUser.UserName, SiteContext.CurrentSiteName);
loggingInUser = UserInfoProvider.GetUserInfo(existingUser.UserID);
loggingInUser.UserName = e.UserName;
UserInfoProvider.SetUserInfo(loggingInUser);
I'm getting the error:
The user with code name 'ac.aa#test.com' already exists.
This is happening on that SetUserInfo line. So I'm thinking there must be another way to update the username properly.
You need to do a few things:
Check if the user exists already:
UserInfo ui = UserInfoProvider.GetUserInfo(newUserName);
if (ui != null)
{
// user exists with new username so don't continue
}
Check if the username can be used as a username (no spaces, special characters, etc):
if (!ValidationHelper.IsUserName(newUserName))
{
// username cannot be used as a username
}
Check if the username is reserved or not:
if (UserInfoProvider.NameIsReserved(siteName, newUserName))
{
// reserved username so cannot use it
}
I'm willing to bet the username is reserved or not valid which is why it is not saving. The assignment you have done should work without issue.
It also looks like you're performing this update in a global handler so this could cause problems with a few things. So you may have to perform that username update later on or simply write a record to a custom table and then update it from there based on the event of creating those records in the custom table.
So I'd debug through your code and verify it is working properly by removing it from the global event handler, if it works, then it's an issue with having too many things happen at one time.
Try using SetValue(string columnName, value) method, I just tested this one and it worked fine:
UserInfo updateUser = UserInfoProvider.GetUserInfo("NewUser");
if (updateUser != null)
{
// Updates the user's properties
updateUser.SetValue("UserName", "NewUserName");
// Saves the changes to the database
UserInfoProvider.SetUserInfo(updateUser);
}
For some properties/columns, which are acting like "read only", you need to use the SetValue method like it was a custom field (API examples)
Related
Per other answers here my code below should be correct, but I am getting nothing from SecurityUtils. I need to assign a user to a new record in an application. Am I missing something here?
This other response also returns a null user.
User user = userRepository.findOneByLogin(SecurityUtils.getCurrentUserLogin().get()).get();
entity.setUser(user);
entityRepository.save(entity);
I get the error "Exception occurred calling method NotesDatabase.createDocument() null" for the following:
var db:NotesDatabase = session.getDatabase("", viewScope.targetDb);
if (db != null) {
if(db.isOpen()){
}else{
db.open();
}
} else {
}
var doc:NotesDocument = db.createDocument();
Comments:
The database db is available and "open".
The user has enough rights in the targetDb to create documents.
What is wrong?
I changed db.isOpen to db.isOpen(), according to Paul Stephen Withers tips.
And now db.open() gives the error "Exception occurred calling method NotesDatabase.open() null" although that I can get, in viewScope variables, the server, FilePath, etc.
Change
var db:NotesDatabase = session.getDatabase("", viewScope.targetDb);
to
var db:NotesDatabase = session.getDatabase(currentDatabase.getServer(), viewScope.targetDb);
This works on the web as well as XPinC.
XPages isn't the same as formula, it doesn't like the empty string definition for the server name, which is contrary to the documentation which states (for the server parameter of NotesSession.getDatabase - javascript):]
The name of the server on which the database resides. Use null to
indicate the session's environment, for example, the current computer
Using null or "" gives error 500, it would appear.
The code from the question will work, if :
the if block is removed entirely
the viewScope.targetDb variable has a properly specified notes database file path, which exists on the same server as the current database
the current user has access to the target database ( by the ACL ), with the Create Database right
the target database has a Maximum Internet name and password above Reader as per #Paul
I suspect the cause is you're checking db.isOpen. You should check db.isOpen().
Worth bearing in mind is session.getDatabase(String, String) doesn't return null (unless you're using OpenNTF Domino API). It returns a Database object that is not open. So that if statement is irrelevant. Also best practice is to pass a server name to session.getDatabase() - you'll get a different outcome if the application is ever used in XPiNC with your current code.
Regardless of individuals' user access, "Maximum Internet name and password" on the Advanced tab of the ACL will override that. If maximum internet access is No Access, no one will be able to create documents. But I suspect that's not a factor here.
Pro Tip -- Get the Debug Toolbar and use that to print out messages to the XPage debug toolbar to see what is going on and if your viewScope variable is being set. Also, learn to use the try catch block to catch your exceptions and print out the error message to the debug toolbar. You will find your issue that way.
https://www.openntf.org/main.nsf/project.xsp?r=project/XPage%20Debug%20Toolbar
I was just wondering how you would restrict property access to the $owner role only. For instance in my case I have a Joke which has an Author. The Author has User as base. I would like other "Authers" / Users to see who created the Joke, but they should not be able to see the Authers email, only if the Author is the $owner of the Joke itself it should be OK to show their email, just for the sake of this case.
Looking at the built-in User model you can see that they use the hidden feature to hide the password, but using that for their email will also hide their email for the $owner, which is not what I wanted
Let me know if something is not clear.
Thanks in advance
Register beforeRemote hook and check if current user is the $owner.
Joke.boforeRemote('findById', function(context, joke, next) {
// 1. find current user by id, using context.req.accessToken.userId
// 2. check if he is owner or not, by Role.isOwner
// 3. remove email from returned joke instance if user is not $owner
})
Note: it can be a bit complicated to cover all endpoints that return Jokes. But is there another way to do it?
To modify the output/results, you can use the afterRemote hook, as per the docs. The output/results are stored in ctx.result.
'findById' hooks into your GET requests when the call is like GET http://myModel/id. Use 'find' if you are not including the id in your request e.g. GET http://myModel. Just notice that in case of 'find', the returned instance(s) (joke(s)) is usually not just one so it is in an array of objects.
Joke.afterRemote('findById', function(ctx, joke, next) {
//your code
});
Get the id of current logged-in user: var currentUser = context.req.accessToken.userId
Compare the user id of the current logged-in user with that of the joke owner. If both are not the same (i.e. if (!(currentUser == joke.userId))), then:
before calling next(), remove the email attribute from returned joke instance. Because sometimes some ways don't work, here are a few:
delete ctx.result.email;
ctx.result.email = '';
loop through the attributes and transferring them to a new var, except the email, then save that new var the result: ctx.result = newVar;
You can create your own role resolver. See https://github.com/strongloop/loopback-example-access-control/blob/master/server/boot/role-resolver.js for an example. Just add your own logic once you determine the user.
I'm not sure if this is an issue, or just a matter of me not knowing how the OrmLiteAuthRepository should work. I'm trying to make an admin screen that allows admins to update users information. I'm using the OrmLiteAuthRepository.UpdateUserAuth method and passing in a null password to update everything but the password. However, validation is ran as if I'm creating a new user and ValidateNewUser requires me to have a password that is not null even though further in the method there are checks to avoid updating the password if a null password is used. I'm I missing something?
Here is a link to the method call
https://github.com/ServiceStack/ServiceStack/blob/master/src/ServiceStack.ServiceInterface/Auth/OrmLiteAuthRepository.cs#L105
Use SaveUserAuth, I believe UpdateUserAuth is for updating password, though could be wrong.
UserAuth user = this.AuthRepository.GetUserAuth("bob")
if (user.Meta == null)
{
user.Meta = new Dictionary<string, string>();
}
user.Meta.Add("message", "hi bob");
this.AuthRepository.SaveUserAuth(user);
For a school project we have to create an evaluation website that requires a login.
For the database connection I chose LINQ, because it's new and is supposed to be easier/better in use.
I managed to create a login check with the following:
public static Boolean Controle(int id, string wachtwoord)
{
DataClassesDataContext context = new DataClassesDataContext();
var loginGebruiker =
from p in dc.Gebruikers
where p.GebruikerID == id
where p.GebruikerWachtwoord == wachtwoord
select p;
return true;
}
Now I'm trying to create a "forgot password" option, where you enter your id and the password gets returned (later it would be emailed to you, don't know how I would do this either, suggestions?)
I tried with the following code:
public static string Forgot(int id)
{
var context = new DataClassesDataContext();
var wachtwoordLogin = (
from p in dc.Gebruikers
where p.GebruikerID == id
select p.GebruikerWachtwoord);
return wachtwoordLogin.ToString();
}
Code behind the button on the page:
lbl1.Text = Class1.Forgot(Convert.ToInt32(txt1.Text));
Now when I enter the an id of the first user (1), lbl1 becomes this:
SELECT [t0].[GebruikerWachtwoord] FROM
[dbo].[Gebruiker] AS [t0] WHERE
[t0].[GebruikerID] = #p0
I don't know how to solve this and I have been looking everywhere, I hope somebody can help me.
Thanks,
Thomas
LINQ uses delayed execution, so your 'wachtwoordLogin' is really just "how to get your data." Its not until you apply an operator that LINQ will actually attempt to retrieve your data.
Your first statement:
var loginGebruiker = (
from p in dc.Gebruikers
where p.GebruikerID == id
where p.GebruikerWachtwoord == wachtwoord
select p).FirstOrDefault()
if (loginGeruiker != null) {
//Valid login
} else {
// invalid
}
FirstOrDefault means, take the first item in the list, or return none.
In you other case you need the same thing:
user = wachtwoordLogin.FirstOrDefault();
Further reading: MSDN 101 LINQ Samples
For your question about emailing a forgotten password, have you ever thought about implementing the golden questions algorithm instead? Its simplified, and does the same thing.
Basically, at the time of registering just get them to answer some questions, and if they can verify them, allow them to reset the password.
you enter your id and the password gets returned
What, then, is the point of having a password if anybody who knows a username can see it? I know this isn't what you're asking, but for someone getting started in programming I feel a duty to point this out. What you're creating here is essentially a completely broken login model. Nobody should ever use a system like this.
You should never ever display a password. Not on the screen, not in an email, never.
Passwords, if they even need to be stored at all (CodingHorror has had a couple of good posts on this lately, advocating things like OpenID), should be stored in hashed form and essentially unable to be retrieved. When a user logs in, similarly hash the password they provide (immediately upon reaching the application code, before transporting it anywhere else in the system) and compare that to the stored hashed version.
If the user asks for his password, you don't have it. You can't give it to him. This is for his protection. Instead of providing the user with his password, if it's forgotten then you provide the user with a means to reset his password (sending an email to the address on file with a temporarily available URL, a set of "security questions" to verify his identity, etc.) so that he can enter a new one to overwrite the old one. But you shouldn't be able to "show" the user his password because even you as the administrator of the system shouldn't be able to see it in any usable form.
wachwoordLogin will be an IQueryable so you can get this by using FirstOrDefault() which will return null if not found:
(from p in dc.Gebruikers
where p.GebruikerID == id
select p.GebruikerWachtwoord).FirstOrDefault();