UI plumbing change UPN

Fixed: ExchangeAccount Password stored unencrypted when setting primary email
address

WebsitePanel/Database/update_db.sql

@@ -6956,4 +6956,11 @@ AS
 		
 	RETURN @Result'
 END
-GO
+GO
+
+
+IF NOT EXISTS (SELECT * FROM [dbo].[Quotas] WHERE [QuotaName] = 'HostedSolution.AllowChangeUPN')
+BEGIN
+INSERT [dbo].[Quotas] ([QuotaID], [GroupID], [QuotaOrder], [QuotaName], [QuotaDescription], [QuotaTypeID], [ServiceQuota], [ItemTypeID]) VALUES (230,	13,	4,	N'HostedSolution.AllowChangeUPN', N'Allow to Change UserPrincipalName',	1,	0, NULL)
+END
+GO

WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Base/Packages/Quotas.cs

@@ -150,6 +150,7 @@ order by rg.groupOrder
         public const string ORGANIZATIONS = "HostedSolution.Organizations";
         public const string ORGANIZATION_USERS = "HostedSolution.Users";
         public const string ORGANIZATION_DOMAINS = "HostedSolution.Domains";
+        public const string ORGANIZATION_ALLOWCHANGEUPN = "HostedSolution.AllowChangeUPN";
         public const string CRM_USERS = "HostedCRM.Users";
         public const string CRM_ORGANIZATION = "HostedCRM.Organization";
 

WebsitePanel/Sources/WebsitePanel.EnterpriseServer/Code/ExchangeServer/ExchangeServerController.cs

@@ -1817,7 +1817,8 @@ namespace WebsitePanel.EnterpriseServer
                 exchange.DisableMailbox(account.AccountName);
 
                 account.AccountType = ExchangeAccountType.User;                
-                account.MailEnabledPublicFolder = false;                                
+                account.MailEnabledPublicFolder = false;
+                account.AccountPassword = null;
                 UpdateAccount(account);
                 DataProvider.DeleteUserEmailAddresses(account.AccountId, account.PrimaryEmailAddress);
                 
@@ -2129,6 +2130,7 @@ namespace WebsitePanel.EnterpriseServer
                 }
 
 				// save account
+                account.AccountPassword = null;
 				UpdateAccount(account);
 
 				return 0;
@@ -2357,6 +2359,7 @@ namespace WebsitePanel.EnterpriseServer
                 else account.MailboxManagerActions &= ~action;
 
                 // update account
+                account.AccountPassword = null;
                 UpdateAccount(account);
 
                 return 0;
@@ -3193,6 +3196,7 @@ namespace WebsitePanel.EnterpriseServer
                 // update account
                 account.DisplayName = displayName;
                 account.PrimaryEmailAddress = emailAddress;
+                account.AccountPassword = null;
                 UpdateAccount(account);
 
                 return 0;
@@ -3521,6 +3525,7 @@ namespace WebsitePanel.EnterpriseServer
 
                 // update account
                 account.DisplayName = displayName;
+                account.AccountPassword = null;
                 UpdateAccount(account);
 
                 return 0;
@@ -3741,6 +3746,7 @@ namespace WebsitePanel.EnterpriseServer
                     addressLists.ToArray());
 
                 // save account
+                account.AccountPassword = null;
                 UpdateAccount(account);
 
                 return 0;
@@ -4143,6 +4149,7 @@ namespace WebsitePanel.EnterpriseServer
 				account.AccountName = accountName;
 				account.MailEnabledPublicFolder = true;
 				account.PrimaryEmailAddress = email;
+                account.AccountPassword = null;
 				UpdateAccount(account);
 
 				// register e-mail
@@ -4195,6 +4202,7 @@ namespace WebsitePanel.EnterpriseServer
 				// update and save account
 				account.MailEnabledPublicFolder = false;
 				account.PrimaryEmailAddress = "";
+                account.AccountPassword = null;
 				UpdateAccount(account);
 
 
@@ -4314,6 +4322,7 @@ namespace WebsitePanel.EnterpriseServer
 				{
 					// rename original folder
 					account.DisplayName = newFullName;
+                    account.AccountPassword = null;
 					UpdateAccount(account);
 
 					// rename nested folders
@@ -4531,6 +4540,7 @@ namespace WebsitePanel.EnterpriseServer
 					emailAddress);
 
 				// save account
+                account.AccountPassword = null;
 				UpdateAccount(account);
 
 				return 0;

WebsitePanel/Sources/WebsitePanel.EnterpriseServer/Code/HostedSolution/OrganizationController.cs

@@ -1735,7 +1735,7 @@ namespace WebsitePanel.EnterpriseServer
                 if (!String.IsNullOrEmpty(password))
                     account.AccountPassword = CryptoUtils.Encrypt(password);
                 else 
-                    account.AccountPassword = string.Empty;
+                    account.AccountPassword = null;
 
                 UpdateAccount(account);
 

WebsitePanel/Sources/WebsitePanel.EnterpriseServer/Web.config

@@ -5,11 +5,19 @@
   </configSections>
   <!-- Connection strings -->
   <connectionStrings>
-        <add name="EnterpriseServer" connectionString="Server=(local)\SQLExpress;Database=WebsitePanel;uid=sa;pwd=Password12" providerName="System.Data.SqlClient" />
+    <!--
+    <add name="EnterpriseServer" connectionString="server=HSTPROV01;database=WebsitePanelMerge;uid=WebsitePanel;pwd=aj7ep6fyhmw3b5qeth7c;" />
+    <add name="EnterpriseServer" connectionString="server=HSTWSP01;database=WebsitePanelMerge;uid=WebsitePanel;pwd=pserxfbnlc6hwmdedbp0;" providerName="System.Data.SqlClient" />
+    -->
+    <add name="EnterpriseServer" connectionString="server=HSTPROV01;database=WebsitePanelMerge;uid=WebsitePanel;pwd=aj7ep6fyhmw3b5qeth7c;" />
   </connectionStrings>
   <appSettings>
-    <!-- Encryption util settings -->
+    <!-- A1D4KDHUE83NKHddF -->
-    <add key="WebsitePanel.CryptoKey" value="1234567890" />
+    <!--
+    <add key="WebsitePanel.CryptoKey" value="3x7eqt7zabc5n5afs6dg" />
+    <add key="WebsitePanel.CryptoKey" value="fr2ym4wn2gmbrj7dz336" />
+    -->
+    <add key="WebsitePanel.CryptoKey" value="3x7eqt7zabc5n5afs6dg" />
     <!-- A1D4KDHUE83NKHddF -->
     <add key="WebsitePanel.EncryptionEnabled" value="true" />
     <!-- Web Applications -->

WebsitePanel/Sources/WebsitePanel.WebPortal/App_GlobalResources/WebsitePanel_SharedResources.ascx.resx

@@ -3263,6 +3263,9 @@
   <data name="Quota.HostedSolution.Users" xml:space="preserve">
     <value>Users per Organization</value>
   </data>
+  <data name="Quota.HostedSolution.AllowChangeUPN" xml:space="preserve">
+    <value>Allow to Change UserPrincipalName</value>
+  </data>
   <data name="Quota.HostedSolution.Domains" xml:space="preserve">
     <value>Domains per Organization</value>
   </data>

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx

@@ -8,6 +8,7 @@
 <%@ Register Src="../UserControls/EnableAsyncTasksSupport.ascx" TagName="EnableAsyncTasksSupport" TagPrefix="wsp" %>
 <%@ Register Src="UserControls/Menu.ascx" TagName="Menu" TagPrefix="wsp" %>
 <%@ Register Src="UserControls/Breadcrumb.ascx" TagName="Breadcrumb" TagPrefix="wsp" %>
+<%@ Register Src="UserControls/EmailAddress.ascx" TagName="EmailAddress" TagPrefix="wsp" %>
 
 
 
@@ -43,7 +44,10 @@
 					<table>
 						<tr>
 						    <td class="FormLabel150"> <asp:Localize ID="locUserPrincipalName" runat="server" meta:resourcekey="locUserPrincipalName" Text="Login Name:"></asp:Localize></td>
-						    <td><asp:Label runat="server" ID="lblUserPrincipalName" /></td>
+						    <td>
+                                <asp:Label runat="server" ID="lblUserPrincipalName" />
+                                <wsp:EmailAddress id="upn" runat="server" ValidationGroup="CreateMailbox"></wsp:EmailAddress>
+						    </td>
 						</tr>					   
 
 						<tr>

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs

@@ -120,6 +120,32 @@ namespace WebsitePanel.Portal.HostedSolution
                     }
                 }
 
+
+                if (cntx.Quotas.ContainsKey(Quotas.ORGANIZATION_ALLOWCHANGEUPN))
+                {
+                    if (cntx.Quotas[Quotas.ORGANIZATION_ALLOWCHANGEUPN].QuotaAllocatedValue != 1)
+                    {
+                        lblUserPrincipalName.Visible = true;
+                        upn.Visible = false;
+                    }
+                    else
+                    {
+                        lblUserPrincipalName.Visible = false;
+                        upn.Visible = true;
+                        if (!string.IsNullOrEmpty(user.UserPrincipalName))
+                        {
+                            string[] Tmp = user.UserPrincipalName.Split('@');
+                            upn.AccountName = Tmp[0];
+
+                            if (Tmp.Length > 1)
+                            {
+                                upn.DomainName = Tmp[1];
+                            }
+                        }
+
+                    }
+                }
+
                 if (user.Locked)
                     chkLocked.Enabled = true;
                 else

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.designer.cs

@@ -1,31 +1,3 @@
-// Copyright (c) 2012, Outercurve Foundation.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without modification,
-// are permitted provided that the following conditions are met:
-//
-// - Redistributions of source code must  retain  the  above copyright notice, this
-//   list of conditions and the following disclaimer.
-//
-// - Redistributions in binary form  must  reproduce the  above  copyright  notice,
-//   this list of conditions  and  the  following  disclaimer in  the documentation
-//   and/or other materials provided with the distribution.
-//
-// - Neither  the  name  of  the  Outercurve Foundation  nor   the   names  of  its
-//   contributors may be used to endorse or  promote  products  derived  from  this
-//   software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,  BUT  NOT  LIMITED TO, THE IMPLIED
-// WARRANTIES  OF  MERCHANTABILITY   AND  FITNESS  FOR  A  PARTICULAR  PURPOSE  ARE
-// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
-// ANY DIRECT, INDIRECT, INCIDENTAL,  SPECIAL,  EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO,  PROCUREMENT  OF  SUBSTITUTE  GOODS OR SERVICES;
-// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)  HOWEVER  CAUSED AND ON
-// ANY  THEORY  OF  LIABILITY,  WHETHER  IN  CONTRACT,  STRICT  LIABILITY,  OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE)  ARISING  IN  ANY WAY OUT OF THE USE OF THIS
-// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
 //------------------------------------------------------------------------------
 // <auto-generated>
 //     This code was generated by a tool.
@@ -139,6 +111,15 @@ namespace WebsitePanel.Portal.HostedSolution {
         /// </remarks>
         protected global::System.Web.UI.WebControls.Label lblUserPrincipalName;
         
+        /// <summary>
+        /// upn control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.ExchangeServer.UserControls.EmailAddress upn;
+        
         /// <summary>
         /// locDisplayName control.
         /// </summary>