From 33f39167162d2c272b98a37eba5dffb422ab44f7 Mon Sep 17 00:00:00 2001 From: Yunus Emre Kalkan Date: Thu, 6 Aug 2020 10:57:38 +0300 Subject: [PATCH 1/4] Do not show "password change" if the user has registered via social login resolves https://github.com/abpframework/abp/issues/4928 --- .../Pages/Account/Manage.cshtml | 31 ++++++++++--------- .../Pages/Account/Manage.cshtml.cs | 6 +++- .../Volo/Abp/Identity/ProfileDto.cs | 4 ++- ...ntityApplicationModuleAutoMapperProfile.cs | 6 ++-- .../Volo/Abp/Identity/ProfileAppService.cs | 19 +++++++++--- .../Volo/Abp/Identity/IdentityErrorCodes.cs | 3 +- .../Volo/Abp/Identity/Localization/en.json | 3 +- 7 files changed, 48 insertions(+), 24 deletions(-) diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml index 28aa876bba..92e9941d58 100644 --- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml +++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml @@ -25,33 +25,36 @@ - -

@L["ChangePassword"].Value

- - - - - + @if (!Model.DisablePasswordChange) + { + +

@L["ChangePassword"].Value

+ + + + + + } -

@L["PersonalSettings"].Value

+

@L["PersonalSettings"].Value

- + - + - + - + - + - +
diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs index 3c779dc870..500393caac 100644 --- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs +++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs @@ -12,6 +12,8 @@ namespace Volo.Abp.Account.Web.Pages.Account public PersonalSettingsInfoModel PersonalSettingsInfoModel { get; set; } + public bool DisablePasswordChange { get; set; } + protected IProfileAppService ProfileAppService { get; } public ManageModel(IProfileAppService profileAppService) @@ -25,6 +27,8 @@ namespace Volo.Abp.Account.Web.Pages.Account PersonalSettingsInfoModel = ObjectMapper.Map(user); + DisablePasswordChange = user.IsExternalLoggedIn; + return Page(); } @@ -54,7 +58,7 @@ namespace Volo.Abp.Account.Web.Pages.Account [DataType(DataType.Password)] public string NewPasswordConfirm { get; set; } } - + public class PersonalSettingsInfoModel { [Required] diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs index 4777c0ad23..f21f415f2d 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs @@ -13,5 +13,7 @@ namespace Volo.Abp.Identity public string Surname { get; set; } public string PhoneNumber { get; set; } + + public bool IsExternalLoggedIn { get; set; } } -} \ No newline at end of file +} diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs index 01a68dc677..4fe61aab88 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs @@ -1,4 +1,5 @@ using AutoMapper; +using Volo.Abp.AutoMapper; namespace Volo.Abp.Identity { @@ -11,9 +12,10 @@ namespace Volo.Abp.Identity CreateMap() .MapExtraProperties(); - + CreateMap() + .Ignore(x=>x.IsExternalLoggedIn) .MapExtraProperties(); } } -} \ No newline at end of file +} diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs index 45bcdf3e35..6379c7983f 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs @@ -1,4 +1,5 @@ -using System.Threading.Tasks; +using System.Linq; +using System.Threading.Tasks; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Volo.Abp.Identity.Settings; @@ -20,9 +21,12 @@ namespace Volo.Abp.Identity public virtual async Task GetAsync() { - return ObjectMapper.Map( - await UserManager.GetByIdAsync(CurrentUser.GetId()) - ); + var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId()); + + var profile = ObjectMapper.Map(currentUser); + profile.IsExternalLoggedIn = currentUser.Logins.Any(); + + return profile; } public virtual async Task UpdateAsync(UpdateProfileDto input) @@ -56,6 +60,13 @@ namespace Volo.Abp.Identity public virtual async Task ChangePasswordAsync(ChangePasswordInput input) { var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId()); + + var isExternalLoggedIn = currentUser.Logins.Any(); + if (isExternalLoggedIn) + { + throw new BusinessException(code: IdentityErrorCodes.ExternalUserPasswordChange); + } + (await UserManager.ChangePasswordAsync(currentUser, input.CurrentPassword, input.NewPassword)).CheckErrors(); } } diff --git a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs index d77ee9f5a9..d5e57a6953 100644 --- a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs +++ b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/IdentityErrorCodes.cs @@ -4,5 +4,6 @@ { public const string UserSelfDeletion = "Volo.Abp.Identity:010001"; public const string MaxAllowedOuMembership = "Volo.Abp.Identity:010002"; + public const string ExternalUserPasswordChange = "Volo.Abp.Identity:010003"; } -} \ No newline at end of file +} diff --git a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json index 8305ca9589..41d152b06c 100644 --- a/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json +++ b/modules/identity/src/Volo.Abp.Identity.Domain.Shared/Volo/Abp/Identity/Localization/en.json @@ -102,6 +102,7 @@ "Description:Abp.Identity.SignIn.RequireConfirmedPhoneNumber": "Whether a confirmed telephone number is required to sign in.", "Description:Abp.Identity.User.IsUserNameUpdateEnabled": "Whether the username can be updated by the user.", "Description:Abp.Identity.User.IsEmailUpdateEnabled": "Whether the email can be updated by the user.", - "Volo.Abp.Identity:010002": "Can not set more than {MaxUserMembershipCount} organization unit for a user!" + "Volo.Abp.Identity:010002": "Can not set more than {MaxUserMembershipCount} organization unit for a user!", + "Volo.Abp.Identity:010003": "Can not change password of an externally logged in user!" } } From 09ba60f8f9d672558d190c5179deb4dcdaad76bc Mon Sep 17 00:00:00 2001 From: Yunus Emre Kalkan Date: Fri, 7 Aug 2020 12:12:10 +0300 Subject: [PATCH 2/4] Revise how to change the password for external logins --- .../Pages/Account/Manage.cshtml | 11 ++++++++--- .../Pages/Account/Manage.cshtml.cs | 3 +++ .../Volo.Abp.Account.Web/Pages/Account/Manage.js | 4 ++-- .../Volo/Abp/Identity/ChangePasswordInput.cs | 8 +++++++- .../Volo/Abp/Identity/ProfileDto.cs | 2 ++ ...bpIdentityApplicationModuleAutoMapperProfile.cs | 1 + .../Volo/Abp/Identity/ProfileAppService.cs | 14 +++++++++++--- 7 files changed, 34 insertions(+), 9 deletions(-) diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml index 92e9941d58..23350442b2 100644 --- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml +++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml @@ -29,10 +29,15 @@ {

@L["ChangePassword"].Value

- - +
+ @if (!Model.HideOldPasswordInput) + { + + } + + - +
} diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs index 500393caac..a563ba346e 100644 --- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs +++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs @@ -14,6 +14,8 @@ namespace Volo.Abp.Account.Web.Pages.Account public bool DisablePasswordChange { get; set; } + public bool HideOldPasswordInput { get; set; } + protected IProfileAppService ProfileAppService { get; } public ManageModel(IProfileAppService profileAppService) @@ -28,6 +30,7 @@ namespace Volo.Abp.Account.Web.Pages.Account PersonalSettingsInfoModel = ObjectMapper.Map(user); DisablePasswordChange = user.IsExternalLoggedIn; + HideOldPasswordInput = !user.HasPassword; return Page(); } diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js index 68109eb6da..3c7c4148e8 100644 --- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js +++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.js @@ -15,13 +15,13 @@ if ( input.newPassword != input.newPasswordConfirm || - input.currentPassword == '' + input.newPassword == '' ) { abp.message.error(l('NewPasswordConfirmFailed')); return; } - if (input.currentPassword == '') { + if (input.currentPassword && input.currentPassword == ''){ return; } diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs index a5bd73908a..460e1407fd 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs @@ -1,9 +1,15 @@ -namespace Volo.Abp.Identity +using System.ComponentModel.DataAnnotations; +using Volo.Abp.Validation; + +namespace Volo.Abp.Identity { public class ChangePasswordInput { + [DynamicStringLength(typeof(IdentityUserConsts), nameof(IdentityUserConsts.MaxPasswordLength))] public string CurrentPassword { get; set; } + [Required] + [DynamicStringLength(typeof(IdentityUserConsts), nameof(IdentityUserConsts.MaxPasswordLength))] public string NewPassword { get; set; } } } diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs index f21f415f2d..4b97a518db 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs @@ -15,5 +15,7 @@ namespace Volo.Abp.Identity public string PhoneNumber { get; set; } public bool IsExternalLoggedIn { get; set; } + + public bool HasPassword { get; set; } } } diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs index 4fe61aab88..d4f27f1972 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs @@ -15,6 +15,7 @@ namespace Volo.Abp.Identity CreateMap() .Ignore(x=>x.IsExternalLoggedIn) + .Ignore(x=>x.HasPassword) .MapExtraProperties(); } } diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs index 6379c7983f..73e438b640 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs @@ -24,7 +24,8 @@ namespace Volo.Abp.Identity var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId()); var profile = ObjectMapper.Map(currentUser); - profile.IsExternalLoggedIn = currentUser.Logins.Any(); + profile.IsExternalLoggedIn = currentUser.IsExternal; + profile.HasPassword = currentUser.PasswordHash != null; return profile; } @@ -61,12 +62,19 @@ namespace Volo.Abp.Identity { var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId()); - var isExternalLoggedIn = currentUser.Logins.Any(); - if (isExternalLoggedIn) + if (currentUser.IsExternal) { throw new BusinessException(code: IdentityErrorCodes.ExternalUserPasswordChange); } + if (currentUser.PasswordHash == null) + { + (await UserManager.RemovePasswordAsync(currentUser)).CheckErrors(); + (await UserManager.AddPasswordAsync(currentUser, input.NewPassword)).CheckErrors(); + + return; + } + (await UserManager.ChangePasswordAsync(currentUser, input.CurrentPassword, input.NewPassword)).CheckErrors(); } } From 8c3b9b9fc901934c41cbfa94c1304174ae6b0d68 Mon Sep 17 00:00:00 2001 From: Yunus Emre Kalkan Date: Fri, 7 Aug 2020 12:20:35 +0300 Subject: [PATCH 3/4] Update ChangePasswordInput.cs --- .../Volo/Abp/Identity/ChangePasswordInput.cs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs index 460e1407fd..04f7879f15 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ChangePasswordInput.cs @@ -1,14 +1,17 @@ using System.ComponentModel.DataAnnotations; +using Volo.Abp.Auditing; using Volo.Abp.Validation; namespace Volo.Abp.Identity { public class ChangePasswordInput { + [DisableAuditing] [DynamicStringLength(typeof(IdentityUserConsts), nameof(IdentityUserConsts.MaxPasswordLength))] public string CurrentPassword { get; set; } [Required] + [DisableAuditing] [DynamicStringLength(typeof(IdentityUserConsts), nameof(IdentityUserConsts.MaxPasswordLength))] public string NewPassword { get; set; } } From 36fa40e61e2617c9f51944fea72a98e2c898ff59 Mon Sep 17 00:00:00 2001 From: Yunus Emre Kalkan Date: Mon, 10 Aug 2020 09:39:27 +0300 Subject: [PATCH 4/4] Refactor pull/4975 --- .../Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs | 2 +- .../Volo/Abp/Identity/ProfileDto.cs | 2 +- .../AbpIdentityApplicationModuleAutoMapperProfile.cs | 4 ++-- .../Volo/Abp/Identity/ProfileAppService.cs | 7 +------ 4 files changed, 5 insertions(+), 10 deletions(-) diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs index a563ba346e..db51f9890c 100644 --- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs +++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Manage.cshtml.cs @@ -29,7 +29,7 @@ namespace Volo.Abp.Account.Web.Pages.Account PersonalSettingsInfoModel = ObjectMapper.Map(user); - DisablePasswordChange = user.IsExternalLoggedIn; + DisablePasswordChange = user.IsExternal; HideOldPasswordInput = !user.HasPassword; return Page(); diff --git a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs index 4b97a518db..98469700a9 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application.Contracts/Volo/Abp/Identity/ProfileDto.cs @@ -14,7 +14,7 @@ namespace Volo.Abp.Identity public string PhoneNumber { get; set; } - public bool IsExternalLoggedIn { get; set; } + public bool IsExternal { get; set; } public bool HasPassword { get; set; } } diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs index d4f27f1972..4c28e37f01 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/AbpIdentityApplicationModuleAutoMapperProfile.cs @@ -14,8 +14,8 @@ namespace Volo.Abp.Identity .MapExtraProperties(); CreateMap() - .Ignore(x=>x.IsExternalLoggedIn) - .Ignore(x=>x.HasPassword) + .ForMember(dest => dest.HasPassword, + op => op.MapFrom(src => src.PasswordHash != null)) .MapExtraProperties(); } } diff --git a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs index 73e438b640..c08eb7ce32 100644 --- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs +++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/ProfileAppService.cs @@ -23,11 +23,7 @@ namespace Volo.Abp.Identity { var currentUser = await UserManager.GetByIdAsync(CurrentUser.GetId()); - var profile = ObjectMapper.Map(currentUser); - profile.IsExternalLoggedIn = currentUser.IsExternal; - profile.HasPassword = currentUser.PasswordHash != null; - - return profile; + return ObjectMapper.Map(currentUser); } public virtual async Task UpdateAsync(UpdateProfileDto input) @@ -69,7 +65,6 @@ namespace Volo.Abp.Identity if (currentUser.PasswordHash == null) { - (await UserManager.RemovePasswordAsync(currentUser)).CheckErrors(); (await UserManager.AddPasswordAsync(currentUser, input.NewPassword)).CheckErrors(); return;