2019-06-14 16:14:24 +00:00
|
|
|
/*
|
|
|
|
|
*
|
|
|
|
|
* (c) Copyright Ascensio System Limited 2010-2018
|
|
|
|
|
*
|
|
|
|
|
* This program is freeware. You can redistribute it and/or modify it under the terms of the GNU
|
|
|
|
|
* General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html).
|
|
|
|
|
* In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that
|
|
|
|
|
* Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
|
|
|
|
|
*
|
|
|
|
|
* THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR
|
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
*
|
|
|
|
|
* You can contact Ascensio System SIA by email at sales@onlyoffice.com
|
|
|
|
|
*
|
|
|
|
|
* The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display
|
|
|
|
|
* Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.
|
|
|
|
|
*
|
|
|
|
|
* Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains
|
|
|
|
|
* relevant author attributions when distributing the software. If the display of the logo in its graphic
|
|
|
|
|
* form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE"
|
|
|
|
|
* in every copy of the program you distribute.
|
|
|
|
|
* Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
using System;
|
|
|
|
|
using System.Globalization;
|
|
|
|
|
using System.Net.Mail;
|
|
|
|
|
using System.Text;
|
|
|
|
|
using System.Text.RegularExpressions;
|
|
|
|
|
using ASC.Core;
|
|
|
|
|
using ASC.Core.Tenants;
|
|
|
|
|
using ASC.Core.Users;
|
|
|
|
|
using ASC.IPSecurity;
|
|
|
|
|
using ASC.MessagingSystem;
|
|
|
|
|
using ASC.Web.Core.PublicResources;
|
|
|
|
|
using ASC.Web.Core.Utility;
|
|
|
|
|
using ASC.Web.Studio.Core.Notify;
|
2019-07-02 15:30:31 +00:00
|
|
|
using Microsoft.AspNetCore.Http;
|
2019-06-14 16:14:24 +00:00
|
|
|
|
|
|
|
|
namespace ASC.Web.Core.Users
|
|
|
|
|
{
|
|
|
|
|
/// <summary>
|
|
|
|
|
/// Web studio user manager helper
|
|
|
|
|
/// </summary>
|
|
|
|
|
public sealed class UserManagerWrapper
|
|
|
|
|
{
|
2019-08-01 08:47:15 +00:00
|
|
|
public StudioNotifyService StudioNotifyService { get; }
|
2019-09-09 12:56:33 +00:00
|
|
|
public UserManager UserManager { get; }
|
|
|
|
|
public SecurityContext SecurityContext { get; }
|
|
|
|
|
public AuthContext AuthContext { get; }
|
2019-09-12 11:34:58 +00:00
|
|
|
public TenantManager TenantManager { get; }
|
2019-09-13 11:18:27 +00:00
|
|
|
public PasswordSettings PasswordSettings { get; }
|
|
|
|
|
public MessageService MessageService { get; }
|
|
|
|
|
public IPRestrictionsSettings IPRestrictionsSettings { get; }
|
|
|
|
|
public IHttpContextAccessor HttpContextAccessor { get; }
|
|
|
|
|
public CustomNamingPeople CustomNamingPeople { get; }
|
2019-09-17 12:42:32 +00:00
|
|
|
public TenantUtil TenantUtil { get; }
|
2019-09-18 15:19:30 +00:00
|
|
|
public CoreBaseSettings CoreBaseSettings { get; }
|
2019-09-20 15:08:45 +00:00
|
|
|
public IPSecurity.IPSecurity IPSecurity { get; }
|
2019-09-12 11:34:58 +00:00
|
|
|
|
|
|
|
|
private Tenant tenant;
|
|
|
|
|
public Tenant Tenant { get { return tenant ?? (tenant = TenantManager.GetCurrentTenant()); } }
|
|
|
|
|
|
|
|
|
|
public UserManagerWrapper(
|
|
|
|
|
StudioNotifyService studioNotifyService,
|
|
|
|
|
UserManager userManager,
|
|
|
|
|
SecurityContext securityContext,
|
|
|
|
|
AuthContext authContext,
|
2019-09-13 11:18:27 +00:00
|
|
|
TenantManager tenantManager,
|
|
|
|
|
PasswordSettings passwordSettings,
|
|
|
|
|
MessageService messageService,
|
|
|
|
|
IPRestrictionsSettings iPRestrictionsSettings,
|
|
|
|
|
IHttpContextAccessor httpContextAccessor,
|
2019-09-17 12:42:32 +00:00
|
|
|
CustomNamingPeople customNamingPeople,
|
2019-09-18 15:19:30 +00:00
|
|
|
TenantUtil tenantUtil,
|
2019-09-20 15:08:45 +00:00
|
|
|
CoreBaseSettings coreBaseSettings,
|
|
|
|
|
IPSecurity.IPSecurity iPSecurity
|
2019-09-12 11:34:58 +00:00
|
|
|
)
|
2019-08-01 08:47:15 +00:00
|
|
|
{
|
|
|
|
|
StudioNotifyService = studioNotifyService;
|
2019-09-09 12:56:33 +00:00
|
|
|
UserManager = userManager;
|
|
|
|
|
SecurityContext = securityContext;
|
|
|
|
|
AuthContext = authContext;
|
2019-09-12 11:34:58 +00:00
|
|
|
TenantManager = tenantManager;
|
2019-09-13 11:18:27 +00:00
|
|
|
PasswordSettings = passwordSettings;
|
|
|
|
|
MessageService = messageService;
|
|
|
|
|
IPRestrictionsSettings = iPRestrictionsSettings;
|
|
|
|
|
HttpContextAccessor = httpContextAccessor;
|
|
|
|
|
CustomNamingPeople = customNamingPeople;
|
2019-09-17 12:42:32 +00:00
|
|
|
TenantUtil = tenantUtil;
|
2019-09-18 15:19:30 +00:00
|
|
|
CoreBaseSettings = coreBaseSettings;
|
2019-09-20 15:08:45 +00:00
|
|
|
IPSecurity = iPSecurity;
|
2019-08-01 08:47:15 +00:00
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
private bool TestUniqueUserName(string uniqueName)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
2019-08-15 13:16:39 +00:00
|
|
|
if (string.IsNullOrEmpty(uniqueName))
|
2019-06-14 16:14:24 +00:00
|
|
|
return false;
|
2019-09-12 11:34:58 +00:00
|
|
|
return Equals(UserManager.GetUserByUserName(uniqueName), Constants.LostUser);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
private string MakeUniqueName(UserInfo userInfo)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
if (string.IsNullOrEmpty(userInfo.Email))
|
|
|
|
|
throw new ArgumentException(Resource.ErrorEmailEmpty, "userInfo");
|
|
|
|
|
|
|
|
|
|
var uniqueName = new MailAddress(userInfo.Email).User;
|
|
|
|
|
var startUniqueName = uniqueName;
|
|
|
|
|
var i = 0;
|
2019-09-12 11:34:58 +00:00
|
|
|
while (!TestUniqueUserName(uniqueName))
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
uniqueName = string.Format("{0}{1}", startUniqueName, (++i).ToString(CultureInfo.InvariantCulture));
|
|
|
|
|
}
|
|
|
|
|
return uniqueName;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
public bool CheckUniqueEmail(Guid userId, string email)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
2019-09-12 11:34:58 +00:00
|
|
|
var foundUser = UserManager.GetUserByEmail(email);
|
2019-06-14 16:14:24 +00:00
|
|
|
return Equals(foundUser, Constants.LostUser) || foundUser.ID == userId;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
public UserInfo AddUser(UserInfo userInfo, string password, bool afterInvite = false, bool notify = true, bool isVisitor = false, bool fromInviteLink = false, bool makeUniqueName = true)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
if (userInfo == null) throw new ArgumentNullException("userInfo");
|
|
|
|
|
|
|
|
|
|
if (!UserFormatter.IsValidUserName(userInfo.FirstName, userInfo.LastName))
|
|
|
|
|
throw new Exception(Resource.ErrorIncorrectUserName);
|
|
|
|
|
|
|
|
|
|
CheckPasswordPolicy(password);
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
if (!CheckUniqueEmail(userInfo.ID, userInfo.Email))
|
2019-06-14 16:14:24 +00:00
|
|
|
throw new Exception(CustomNamingPeople.Substitute<Resource>("ErrorEmailAlreadyExists"));
|
|
|
|
|
if (makeUniqueName)
|
|
|
|
|
{
|
2019-09-12 11:34:58 +00:00
|
|
|
userInfo.UserName = MakeUniqueName(userInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
if (!userInfo.WorkFromDate.HasValue)
|
|
|
|
|
{
|
|
|
|
|
userInfo.WorkFromDate = TenantUtil.DateTimeNow();
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-18 15:19:30 +00:00
|
|
|
if (!CoreBaseSettings.Personal && !fromInviteLink)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
userInfo.ActivationStatus = !afterInvite ? EmployeeActivationStatus.Pending : EmployeeActivationStatus.Activated;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
var newUserInfo = UserManager.SaveUserInfo(userInfo, isVisitor);
|
|
|
|
|
SecurityContext.SetUserPassword(Tenant.TenantId, newUserInfo.ID, password);
|
2019-06-14 16:14:24 +00:00
|
|
|
|
2019-09-18 15:19:30 +00:00
|
|
|
if (CoreBaseSettings.Personal)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
2019-09-18 12:14:15 +00:00
|
|
|
StudioNotifyService.SendUserWelcomePersonal(newUserInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
return newUserInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((newUserInfo.Status & EmployeeStatus.Active) == EmployeeStatus.Active && notify)
|
|
|
|
|
{
|
|
|
|
|
//NOTE: Notify user only if it's active
|
|
|
|
|
if (afterInvite)
|
|
|
|
|
{
|
|
|
|
|
if (isVisitor)
|
|
|
|
|
{
|
2019-08-30 12:40:57 +00:00
|
|
|
StudioNotifyService.GuestInfoAddedAfterInvite(newUserInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2019-09-12 11:34:58 +00:00
|
|
|
StudioNotifyService.UserInfoAddedAfterInvite(Tenant.TenantId, newUserInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (fromInviteLink)
|
|
|
|
|
{
|
2019-09-17 12:42:32 +00:00
|
|
|
StudioNotifyService.SendEmailActivationInstructions(newUserInfo, newUserInfo.Email);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
//Send user invite
|
|
|
|
|
if (isVisitor)
|
|
|
|
|
{
|
2019-09-12 11:34:58 +00:00
|
|
|
StudioNotifyService.GuestInfoActivation(Tenant.TenantId, newUserInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2019-09-12 11:34:58 +00:00
|
|
|
StudioNotifyService.UserInfoActivation(Tenant.TenantId, newUserInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isVisitor)
|
|
|
|
|
{
|
2019-09-12 11:34:58 +00:00
|
|
|
UserManager.AddUserIntoGroup(newUserInfo.ID, Constants.GroupVisitor.ID);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return newUserInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#region Password
|
|
|
|
|
|
2019-09-13 11:18:27 +00:00
|
|
|
public void CheckPasswordPolicy(string password)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
2019-08-15 13:16:39 +00:00
|
|
|
if (string.IsNullOrWhiteSpace(password))
|
2019-06-14 16:14:24 +00:00
|
|
|
throw new Exception(Resource.ErrorPasswordEmpty);
|
|
|
|
|
|
|
|
|
|
var passwordSettingsObj = PasswordSettings.Load();
|
|
|
|
|
|
2019-09-19 11:34:54 +00:00
|
|
|
if (!PasswordSettings.CheckPasswordRegex(CoreBaseSettings, passwordSettingsObj, password))
|
2019-06-14 16:14:24 +00:00
|
|
|
throw new Exception(GenerateErrorMessage(passwordSettingsObj));
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-13 11:18:27 +00:00
|
|
|
public UserInfo SendUserPassword(string email)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
email = (email ?? "").Trim();
|
|
|
|
|
if (!email.TestEmailRegex()) throw new ArgumentNullException("email", Resource.ErrorNotCorrectEmail);
|
|
|
|
|
|
2019-09-17 12:42:32 +00:00
|
|
|
var tenant = TenantManager.GetCurrentTenant();
|
2019-06-14 16:14:24 +00:00
|
|
|
var settings = IPRestrictionsSettings.Load();
|
2019-09-20 15:08:45 +00:00
|
|
|
if (settings.Enable && !IPSecurity.Verify(tenant))
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
throw new Exception(Resource.ErrorAccessRestricted);
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
var userInfo = UserManager.GetUserByEmail(email);
|
2019-09-09 12:56:33 +00:00
|
|
|
if (!UserManager.UserExists(userInfo) || string.IsNullOrEmpty(userInfo.Email))
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
throw new Exception(string.Format(Resource.ErrorUserNotFoundByEmail, email));
|
|
|
|
|
}
|
|
|
|
|
if (userInfo.Status == EmployeeStatus.Terminated)
|
|
|
|
|
{
|
|
|
|
|
throw new Exception(Resource.ErrorDisabledProfile);
|
|
|
|
|
}
|
|
|
|
|
if (userInfo.IsLDAP())
|
|
|
|
|
{
|
|
|
|
|
throw new Exception(Resource.CouldNotRecoverPasswordForLdapUser);
|
|
|
|
|
}
|
|
|
|
|
if (userInfo.IsSSO())
|
|
|
|
|
{
|
|
|
|
|
throw new Exception(Resource.CouldNotRecoverPasswordForSsoUser);
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-12 11:34:58 +00:00
|
|
|
StudioNotifyService.UserPasswordChange(Tenant.TenantId, userInfo);
|
2019-06-14 16:14:24 +00:00
|
|
|
|
2019-09-09 12:56:33 +00:00
|
|
|
var displayUserName = userInfo.DisplayUserName(false, UserManager);
|
2019-09-13 11:18:27 +00:00
|
|
|
MessageService.Send(MessageAction.UserSentPasswordChangeInstructions, displayUserName);
|
2019-06-14 16:14:24 +00:00
|
|
|
|
|
|
|
|
return userInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private const string Noise = "1234567890mnbasdflkjqwerpoiqweyuvcxnzhdkqpsdk_-()=";
|
|
|
|
|
|
2019-09-13 11:18:27 +00:00
|
|
|
public string GeneratePassword()
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
var ps = PasswordSettings.Load();
|
|
|
|
|
|
|
|
|
|
var maxLength = PasswordSettings.MaxLength
|
|
|
|
|
- (ps.Digits ? 1 : 0)
|
|
|
|
|
- (ps.UpperCase ? 1 : 0)
|
|
|
|
|
- (ps.SpecSymbols ? 1 : 0);
|
|
|
|
|
var minLength = Math.Min(ps.MinLength, maxLength);
|
|
|
|
|
|
2019-08-15 13:16:39 +00:00
|
|
|
return string.Format("{0}{1}{2}{3}",
|
2019-08-15 14:48:55 +00:00
|
|
|
GeneratePassword(minLength, minLength, Noise[0..^4]),
|
2019-08-15 13:16:39 +00:00
|
|
|
ps.Digits ? GeneratePassword(1, 1, Noise.Substring(0, 10)) : string.Empty,
|
|
|
|
|
ps.UpperCase ? GeneratePassword(1, 1, Noise.Substring(10, 20).ToUpper()) : string.Empty,
|
|
|
|
|
ps.SpecSymbols ? GeneratePassword(1, 1, Noise.Substring(Noise.Length - 4, 4).ToUpper()) : string.Empty);
|
2019-06-14 16:14:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static readonly Random Rnd = new Random();
|
|
|
|
|
|
|
|
|
|
internal static string GeneratePassword(int minLength, int maxLength, string noise)
|
|
|
|
|
{
|
|
|
|
|
var length = Rnd.Next(minLength, maxLength + 1);
|
|
|
|
|
|
|
|
|
|
var pwd = string.Empty;
|
|
|
|
|
while (length-- > 0)
|
|
|
|
|
{
|
|
|
|
|
pwd += noise.Substring(Rnd.Next(noise.Length - 1), 1);
|
|
|
|
|
}
|
|
|
|
|
return pwd;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
internal static string GenerateErrorMessage(PasswordSettings passwordSettings)
|
|
|
|
|
{
|
|
|
|
|
var error = new StringBuilder();
|
|
|
|
|
|
|
|
|
|
error.AppendFormat("{0} ", Resource.ErrorPasswordMessage);
|
|
|
|
|
error.AppendFormat(Resource.ErrorPasswordLength, passwordSettings.MinLength, PasswordSettings.MaxLength);
|
|
|
|
|
if (passwordSettings.UpperCase)
|
|
|
|
|
error.AppendFormat(", {0}", Resource.ErrorPasswordNoUpperCase);
|
|
|
|
|
if (passwordSettings.Digits)
|
|
|
|
|
error.AppendFormat(", {0}", Resource.ErrorPasswordNoDigits);
|
|
|
|
|
if (passwordSettings.SpecSymbols)
|
|
|
|
|
error.AppendFormat(", {0}", Resource.ErrorPasswordNoSpecialSymbols);
|
|
|
|
|
|
|
|
|
|
return error.ToString();
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-13 11:18:27 +00:00
|
|
|
public static string GetPasswordHelpMessage(PasswordSettings PasswordSettings)
|
2019-06-14 16:14:24 +00:00
|
|
|
{
|
|
|
|
|
var info = new StringBuilder();
|
|
|
|
|
var passwordSettings = PasswordSettings.Load();
|
|
|
|
|
info.AppendFormat("{0} ", Resource.ErrorPasswordMessageStart);
|
|
|
|
|
info.AppendFormat(Resource.ErrorPasswordLength, passwordSettings.MinLength, PasswordSettings.MaxLength);
|
|
|
|
|
if (passwordSettings.UpperCase)
|
|
|
|
|
info.AppendFormat(", {0}", Resource.ErrorPasswordNoUpperCase);
|
|
|
|
|
if (passwordSettings.Digits)
|
|
|
|
|
info.AppendFormat(", {0}", Resource.ErrorPasswordNoDigits);
|
|
|
|
|
if (passwordSettings.SpecSymbols)
|
|
|
|
|
info.AppendFormat(", {0}", Resource.ErrorPasswordNoSpecialSymbols);
|
|
|
|
|
|
|
|
|
|
return info.ToString();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
public static bool ValidateEmail(string email)
|
|
|
|
|
{
|
|
|
|
|
const string pattern = @"^(([^<>()[\]\\.,;:\s@\""]+"
|
|
|
|
|
+ @"(\.[^<>()[\]\\.,;:\s@\""]+)*)|(\"".+\""))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"
|
|
|
|
|
+ @"\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$";
|
|
|
|
|
const RegexOptions options = RegexOptions.IgnoreCase | RegexOptions.Compiled;
|
|
|
|
|
return new Regex(pattern, options).IsMatch(email);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
