From 3df70d70bfad4561a0d45a1456150967e2218a7e Mon Sep 17 00:00:00 2001 From: vfedosevich Date: Thu, 16 Apr 2015 03:12:44 -0700 Subject: [PATCH] account password column was removed --- WebsitePanel/Database/update_db.sql | 153 +++++++++++++++--- .../Data/DataProvider.cs | 6 +- .../ExchangeServerController.cs | 25 +-- .../HostedSolution/OrganizationController.cs | 19 +-- .../HostedSolution/ExchangeAccount.cs | 10 +- .../HostedSolution/OrganizationUser.cs | 10 +- 6 files changed, 150 insertions(+), 73 deletions(-) diff --git a/WebsitePanel/Database/update_db.sql b/WebsitePanel/Database/update_db.sql index 69eb4ca1..25255a78 100644 --- a/WebsitePanel/Database/update_db.sql +++ b/WebsitePanel/Database/update_db.sql @@ -3809,6 +3809,7 @@ ALTER TABLE [dbo].[ExchangeAccounts] ADD END GO +-- Password column removed ALTER PROCEDURE [dbo].[GetExchangeAccount] ( @ItemID int, @@ -3825,7 +3826,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -3844,7 +3844,7 @@ RETURN GO - +-- Password column removed ALTER PROCEDURE [dbo].[GetExchangeAccountByAccountName] ( @ItemID int, @@ -3861,7 +3861,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -3883,7 +3882,7 @@ GO - +-- Password column removed ALTER PROCEDURE [dbo].[GetExchangeAccountByMailboxPlanId] ( @ItemID int, @@ -3903,7 +3902,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -3935,7 +3933,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -3963,7 +3960,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -4095,7 +4091,7 @@ RETURN GO - +-- Password column removed ALTER PROCEDURE [dbo].[UpdateExchangeAccount] ( @AccountID int, @@ -4106,7 +4102,6 @@ ALTER PROCEDURE [dbo].[UpdateExchangeAccount] @SamAccountName nvarchar(100), @MailEnabledPublicFolder bit, @MailboxManagerActions varchar(200), - @Password varchar(200), @MailboxPlanId int, @ArchivingMailboxPlanId int, @SubscriberNumber varchar(32), @@ -4143,14 +4138,6 @@ IF (@@ERROR <> 0 ) RETURN -1 END -UPDATE ExchangeAccounts SET - AccountPassword = @Password WHERE AccountID = @AccountID AND @Password IS NOT NULL - -IF (@@ERROR <> 0 ) - BEGIN - ROLLBACK TRANSACTION - RETURN -1 - END COMMIT TRAN RETURN @@ -5043,6 +5030,7 @@ exec sp_executesql @sql, N'@ItemID int, @IncludeMailboxes bit', RETURN GO +-- Password column removed ALTER PROCEDURE [dbo].[GetExchangeAccount] ( @ItemID int, @@ -5059,7 +5047,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -6070,7 +6057,7 @@ WHERE Id = @Id GO - +-- Password column removed IF EXISTS (SELECT * FROM SYS.OBJECTS WHERE type = 'P' AND name = 'GetRDSCollectionUsersByRDSCollectionId') DROP PROCEDURE GetRDSCollectionUsersByRDSCollectionId GO @@ -6089,7 +6076,6 @@ SELECT [MailEnabledPublicFolder], [MailboxManagerActions], [SamAccountName], - [AccountPassword], [CreatedDate], [MailboxPlanId], [SubscriberNumber], @@ -8699,7 +8685,7 @@ RETURN GO - +-- Password column removed IF OBJECTPROPERTY(object_id('dbo.GetExchangeAccountByAccountNameWithoutItemId'), N'IsProcedure') = 1 DROP PROCEDURE [dbo].[GetExchangeAccountByAccountNameWithoutItemId] GO @@ -8718,7 +8704,6 @@ SELECT E.MailEnabledPublicFolder, E.MailboxManagerActions, E.SamAccountName, - E.AccountPassword, E.MailboxPlanId, P.MailboxPlan, E.SubscriberNumber, @@ -9889,4 +9874,128 @@ SELECT FROM ExchangeOrganizationSettings Where ItemId = @ItemId AND SettingsName = @SettingsName +GO + + +-- Exchange Account password column removed + +if exists(select * from sys.columns + where Name = N'AccountPassword' and Object_ID = Object_ID(N'ExchangeAccounts')) +begin + ALTER TABLE [ExchangeAccounts] DROP COLUMN [AccountPassword] +end + +IF EXISTS (SELECT * FROM SYS.OBJECTS WHERE type = 'P' AND name = 'AddExchangeAccount') +DROP PROCEDURE AddExchangeAccount +GO +CREATE PROCEDURE [dbo].[AddExchangeAccount] +( + @AccountID int OUTPUT, + @ItemID int, + @AccountType int, + @AccountName nvarchar(300), + @DisplayName nvarchar(300), + @PrimaryEmailAddress nvarchar(300), + @MailEnabledPublicFolder bit, + @MailboxManagerActions varchar(200), + @SamAccountName nvarchar(100), + @MailboxPlanId int, + @SubscriberNumber nvarchar(32) +) +AS + +INSERT INTO ExchangeAccounts +( + ItemID, + AccountType, + AccountName, + DisplayName, + PrimaryEmailAddress, + MailEnabledPublicFolder, + MailboxManagerActions, + SamAccountName, + MailboxPlanId, + SubscriberNumber, + UserPrincipalName +) +VALUES +( + @ItemID, + @AccountType, + @AccountName, + @DisplayName, + @PrimaryEmailAddress, + @MailEnabledPublicFolder, + @MailboxManagerActions, + @SamAccountName, + @MailboxPlanId, + @SubscriberNumber, + @PrimaryEmailAddress +) + +SET @AccountID = SCOPE_IDENTITY() + +RETURN + +GO +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO + + + +IF EXISTS (SELECT * FROM SYS.OBJECTS WHERE type = 'P' AND name = 'SearchExchangeAccount') +DROP PROCEDURE SearchExchangeAccount +GO +CREATE PROCEDURE [dbo].[SearchExchangeAccount] +( + @ActorID int, + @AccountType int, + @PrimaryEmailAddress nvarchar(300) +) +AS + +DECLARE @PackageID int +DECLARE @ItemID int +DECLARE @AccountID int + +SELECT + @AccountID = AccountID, + @ItemID = ItemID +FROM ExchangeAccounts +WHERE PrimaryEmailAddress = @PrimaryEmailAddress +AND AccountType = @AccountType + + +-- check space rights +SELECT @PackageID = PackageID FROM ServiceItems +WHERE ItemID = @ItemID + +IF dbo.CheckActorPackageRights(@ActorID, @PackageID) = 0 +RAISERROR('You are not allowed to access this package', 16, 1) + +SELECT + AccountID, + ItemID, + @PackageID AS PackageID, + AccountType, + AccountName, + DisplayName, + PrimaryEmailAddress, + MailEnabledPublicFolder, + MailboxManagerActions, + SamAccountName, + SubscriberNumber, + UserPrincipalName +FROM ExchangeAccounts +WHERE AccountID = @AccountID + +RETURN + + +GO +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER OFF GO \ No newline at end of file diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Data/DataProvider.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Data/DataProvider.cs index f1975f10..0bd8c366 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Data/DataProvider.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Data/DataProvider.cs @@ -2389,7 +2389,7 @@ namespace WebsitePanel.EnterpriseServer public static int AddExchangeAccount(int itemId, int accountType, string accountName, string displayName, string primaryEmailAddress, bool mailEnabledPublicFolder, - string mailboxManagerActions, string samAccountName, string accountPassword, int mailboxPlanId, string subscriberNumber) + string mailboxManagerActions, string samAccountName, int mailboxPlanId, string subscriberNumber) { SqlParameter outParam = new SqlParameter("@AccountID", SqlDbType.Int); outParam.Direction = ParameterDirection.Output; @@ -2407,7 +2407,6 @@ namespace WebsitePanel.EnterpriseServer new SqlParameter("@MailEnabledPublicFolder", mailEnabledPublicFolder), new SqlParameter("@MailboxManagerActions", mailboxManagerActions), new SqlParameter("@SamAccountName", samAccountName), - new SqlParameter("@AccountPassword", accountPassword), new SqlParameter("@MailboxPlanId", (mailboxPlanId == 0) ? (object)DBNull.Value : (object)mailboxPlanId), new SqlParameter("@SubscriberNumber", (string.IsNullOrEmpty(subscriberNumber) ? (object)DBNull.Value : (object)subscriberNumber)) ); @@ -2592,7 +2591,7 @@ namespace WebsitePanel.EnterpriseServer public static void UpdateExchangeAccount(int accountId, string accountName, ExchangeAccountType accountType, string displayName, string primaryEmailAddress, bool mailEnabledPublicFolder, - string mailboxManagerActions, string samAccountName, string accountPassword, int mailboxPlanId, int archivePlanId, string subscriberNumber, + string mailboxManagerActions, string samAccountName, int mailboxPlanId, int archivePlanId, string subscriberNumber, bool EnableArchiving) { SqlHelper.ExecuteNonQuery( @@ -2606,7 +2605,6 @@ namespace WebsitePanel.EnterpriseServer new SqlParameter("@PrimaryEmailAddress", primaryEmailAddress), new SqlParameter("@MailEnabledPublicFolder", mailEnabledPublicFolder), new SqlParameter("@MailboxManagerActions", mailboxManagerActions), - new SqlParameter("@Password", string.IsNullOrEmpty(accountPassword) ? (object)DBNull.Value : (object)accountPassword), new SqlParameter("@SamAccountName", samAccountName), new SqlParameter("@MailboxPlanId", (mailboxPlanId == 0) ? (object)DBNull.Value : (object)mailboxPlanId), new SqlParameter("@ArchivingMailboxPlanId", (archivePlanId < 1) ? (object)DBNull.Value : (object)archivePlanId), diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/ExchangeServer/ExchangeServerController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/ExchangeServer/ExchangeServerController.cs index ca374742..b6458e47 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/ExchangeServer/ExchangeServerController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/ExchangeServer/ExchangeServerController.cs @@ -1211,9 +1211,6 @@ namespace WebsitePanel.EnterpriseServer if (account == null) return null; - // decrypt password - account.AccountPassword = CryptoUtils.Decrypt(account.AccountPassword); - return account; } @@ -1225,9 +1222,6 @@ namespace WebsitePanel.EnterpriseServer if (account == null) return null; - // decrypt password - account.AccountPassword = CryptoUtils.Decrypt(account.AccountPassword); - return account; } @@ -1268,9 +1262,6 @@ namespace WebsitePanel.EnterpriseServer if (account == null) return null; - // decrypt password - account.AccountPassword = CryptoUtils.Decrypt(account.AccountPassword); - return account; } @@ -1280,14 +1271,14 @@ namespace WebsitePanel.EnterpriseServer { return DataProvider.AddExchangeAccount(itemId, (int)accountType, accountName, displayName, primaryEmailAddress, mailEnabledPublicFolder, - mailboxManagerActions.ToString(), samAccountName, CryptoUtils.Encrypt(accountPassword), mailboxPlanId, (string.IsNullOrEmpty(subscriberNumber) ? null : subscriberNumber.Trim())); + mailboxManagerActions.ToString(), samAccountName, mailboxPlanId, (string.IsNullOrEmpty(subscriberNumber) ? null : subscriberNumber.Trim())); } private static void UpdateAccount(ExchangeAccount account) { DataProvider.UpdateExchangeAccount(account.AccountId, account.AccountName, account.AccountType, account.DisplayName, account.PrimaryEmailAddress, account.MailEnabledPublicFolder, - account.MailboxManagerActions.ToString(), account.SamAccountName, account.AccountPassword, account.MailboxPlanId, account.ArchivingMailboxPlanId, + account.MailboxManagerActions.ToString(), account.SamAccountName, account.MailboxPlanId, account.ArchivingMailboxPlanId, (string.IsNullOrEmpty(account.SubscriberNumber) ? null : account.SubscriberNumber.Trim()), account.EnableArchiving); } @@ -1674,7 +1665,6 @@ namespace WebsitePanel.EnterpriseServer mailEnabledPublicFolder, mailboxManagerActions, samAccountName, - CryptoUtils.Encrypt(accountPassword), mailboxPlanId, archivePlanId, (string.IsNullOrEmpty(subscriberNumber) ? null : subscriberNumber.Trim()), EnableArchiving); } @@ -1952,7 +1942,6 @@ namespace WebsitePanel.EnterpriseServer account.AccountType = ExchangeAccountType.User; account.MailEnabledPublicFolder = false; - account.AccountPassword = null; UpdateAccount(account); DataProvider.DeleteUserEmailAddresses(account.AccountId, account.PrimaryEmailAddress); @@ -2338,7 +2327,6 @@ namespace WebsitePanel.EnterpriseServer } // save account - account.AccountPassword = null; UpdateAccount(account); return 0; @@ -2562,7 +2550,6 @@ namespace WebsitePanel.EnterpriseServer else account.MailboxManagerActions &= ~action; // update account - account.AccountPassword = null; UpdateAccount(account); return 0; @@ -2626,6 +2613,7 @@ namespace WebsitePanel.EnterpriseServer // add account items["Account"] = account; + items["PswResetUrl"] = OrganizationController.GenerateUserPasswordResetLink(account.ItemId, account.AccountId); items["AccountDomain"] = account.PrimaryEmailAddress.Substring(account.PrimaryEmailAddress.IndexOf("@") + 1); items["DefaultDomain"] = org.DefaultDomain; @@ -3895,7 +3883,6 @@ namespace WebsitePanel.EnterpriseServer // update account account.DisplayName = displayName; account.PrimaryEmailAddress = emailAddress; - account.AccountPassword = null; UpdateAccount(account); return 0; @@ -4218,7 +4205,6 @@ namespace WebsitePanel.EnterpriseServer // update account account.DisplayName = displayName; - account.AccountPassword = null; UpdateAccount(account); return 0; @@ -4434,7 +4420,6 @@ namespace WebsitePanel.EnterpriseServer addressLists.ToArray()); // save account - account.AccountPassword = null; UpdateAccount(account); return 0; @@ -4997,7 +4982,6 @@ namespace WebsitePanel.EnterpriseServer account.AccountName = accountName; account.MailEnabledPublicFolder = true; account.PrimaryEmailAddress = email; - account.AccountPassword = null; UpdateAccount(account); // register e-mail @@ -5049,7 +5033,6 @@ namespace WebsitePanel.EnterpriseServer // update and save account account.MailEnabledPublicFolder = false; account.PrimaryEmailAddress = ""; - account.AccountPassword = null; UpdateAccount(account); @@ -5168,7 +5151,6 @@ namespace WebsitePanel.EnterpriseServer { // rename original folder account.DisplayName = newFullName; - account.AccountPassword = null; UpdateAccount(account); // rename nested folders @@ -5383,7 +5365,6 @@ namespace WebsitePanel.EnterpriseServer emailAddress); // save account - account.AccountPassword = null; UpdateAccount(account); return 0; diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/HostedSolution/OrganizationController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/HostedSolution/OrganizationController.cs index 23974267..1c819656 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/HostedSolution/OrganizationController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/HostedSolution/OrganizationController.cs @@ -1635,7 +1635,7 @@ namespace WebsitePanel.EnterpriseServer DataProvider.DeleteExpiredAccessTokens(); } - private static string GenerateUserPasswordResetLink(int itemId, int accountId) + public static string GenerateUserPasswordResetLink(int itemId, int accountId) { string passwordResetUrlFormat = "account/password-reset/step-2"; @@ -1838,7 +1838,7 @@ namespace WebsitePanel.EnterpriseServer private static int AddOrganizationUser(int itemId, string accountName, string displayName, string email, string sAMAccountName, string accountPassword, string subscriberNumber) { return DataProvider.AddExchangeAccount(itemId, (int)ExchangeAccountType.User, accountName, displayName, email, false, string.Empty, - sAMAccountName, CryptoUtils.Encrypt(accountPassword), 0, subscriberNumber.Trim()); + sAMAccountName, 0, subscriberNumber.Trim()); } @@ -2526,9 +2526,6 @@ namespace WebsitePanel.EnterpriseServer if (account == null) return null; - // decrypt password - account.AccountPassword = CryptoUtils.Decrypt(account.AccountPassword); - return account; } @@ -2690,10 +2687,6 @@ namespace WebsitePanel.EnterpriseServer account.IsVIP = isVIP; //account. - if (!String.IsNullOrEmpty(password)) - account.AccountPassword = CryptoUtils.Encrypt(password); - else - account.AccountPassword = null; UpdateAccount(account); UpdateAccountServiceLevelSettings(account); @@ -2847,10 +2840,6 @@ namespace WebsitePanel.EnterpriseServer password); //account. - if (!String.IsNullOrEmpty(password)) - account.AccountPassword = CryptoUtils.Encrypt(password); - else - account.AccountPassword = null; UpdateAccount(account); @@ -2875,7 +2864,7 @@ namespace WebsitePanel.EnterpriseServer { DataProvider.UpdateExchangeAccount(account.AccountId, account.AccountName, account.AccountType, account.DisplayName, account.PrimaryEmailAddress, account.MailEnabledPublicFolder, - account.MailboxManagerActions.ToString(), account.SamAccountName, account.AccountPassword, account.MailboxPlanId, account.ArchivingMailboxPlanId, + account.MailboxManagerActions.ToString(), account.SamAccountName, account.MailboxPlanId, account.ArchivingMailboxPlanId, (string.IsNullOrEmpty(account.SubscriberNumber) ? null : account.SubscriberNumber.Trim()), account.EnableArchiving); } @@ -3112,7 +3101,7 @@ namespace WebsitePanel.EnterpriseServer { return DataProvider.AddExchangeAccount(itemId, (int)accountType, accountName, displayName, primaryEmailAddress, mailEnabledPublicFolder, - mailboxManagerActions.ToString(), samAccountName, CryptoUtils.Encrypt(accountPassword), mailboxPlanId, (string.IsNullOrEmpty(subscriberNumber) ? null : subscriberNumber.Trim())); + mailboxManagerActions.ToString(), samAccountName, mailboxPlanId, (string.IsNullOrEmpty(subscriberNumber) ? null : subscriberNumber.Trim())); } #region Additional Default Groups diff --git a/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/ExchangeAccount.cs b/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/ExchangeAccount.cs index 80f42fce..9a1fdc98 100644 --- a/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/ExchangeAccount.cs +++ b/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/ExchangeAccount.cs @@ -108,11 +108,11 @@ namespace WebsitePanel.Providers.HostedSolution set { this.mailEnabledPublicFolder = value; } } - public string AccountPassword - { - get { return this.accountPassword; } - set { this.accountPassword = value; } - } + //public string AccountPassword + //{ + // get { return this.accountPassword; } + // set { this.accountPassword = value; } + //} public MailboxManagerActions MailboxManagerActions { diff --git a/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/OrganizationUser.cs b/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/OrganizationUser.cs index 5a1dfb5d..41fed7a4 100644 --- a/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/OrganizationUser.cs +++ b/WebsitePanel/Sources/WebsitePanel.Providers.Base/HostedSolution/OrganizationUser.cs @@ -268,11 +268,11 @@ namespace WebsitePanel.Providers.HostedSolution } - public string AccountPassword - { - get { return accountPassword; } - set { accountPassword = value; } - } + //public string AccountPassword + //{ + // get { return accountPassword; } + // set { accountPassword = value; } + //} public string ExternalEmail { get; set; }