Using SystemUsing System.TextUsing System.Security.CryptographyDclNamespace

1. Using System
2. Using System.Text
3. Using System.Security.Cryptography
4.  
5. DclNamespace ASNA.Helpers.App
6.  
7. BegClass User Access(*Public)
8.  
9. DclDB DGDB DBName("*Public/DG Net Local")
10.  
11. DclDiskFile DGUser +
12. Type(*Update) +
13. Org(*Indexed) +
14. AddRec(*Yes) +
15. Prefix(User_) +
16. File("Devo/DGUser") +
17. DB(DGDB) +
18. ImpOpen( *No )
19.  
20. BegEnum ErrorStatus Access(*Public)
21. DclEnumFld Success Value(1)
22. DclEnumFld UserNameAlreadyExists Value(2)
23. DclEnumFld UserNotFound Value(3)
24. DclEnumFld PasswordInvalid Value(4)
25. DclEnumFld UserStatusNotValid Value(5)
26. DclEnumFld PasswordDoesNotMatch Value(6)
27. DclEnumFld UserAccountIsDisabled Value(7)
28. EndEnum
29.  
30. BegEnum Status Access(*Public)
31. DclEnumFld Active Value(1)
32. DclEnumFld Inactive Value(2)
33. DclEnumFld Disabled Value(3)
34. EndEnum
35.  
36. BegSr OpenDB
37. Connect DGDB
38. Open DGUser
39. EndSr
40.  
41. BegSr CloseDB
42. Close *All
43. Disconnect DGDB
44. EndSr
45.  
46. BegFunc CreateUser Access(*Public) Type(*Integer4)
47. DclSrParm UserName Like(User_UserName)
48. DclSrParm FullName Like(User_FullName)
49. DclSrParm Email Like(User_Email)
50. DclSrParm Password Type(*String)
51.  
52. OpenDB()
53.  
54. Chain DGUser Key(UserName)
55. If (DGUser.IsFound)
56. CloseDB()
57. LeaveSr ErrorStatus.UserNameAlreadyExists
58. EndIf
59.  
60. If (NOT ValidatePassword(Password))
61. CloseDB()
62. LeaveSr ErrorStatus.PasswordInvalid
63. EndIf
64.  
65. User_UserName = UserName
66. User_FullName = FullName
67. User_Email = Email
68. User_Status = Status.Active
69. User_Salt = Guid.NewGuid().ToString()
70. User_Password = GetHashedString(Password + User_Salt)
71.  
72. Write DGUser
73.  
74. CloseDB()
75.  
76. LeaveSr ErrorStatus.Success
77. EndFunc
78.  
79. BegFunc ChangeUserEmail Access(*Public) Type(*Integer4)
80. DclSrParm UserName Like(User_UserName)
81. DclSrParm Email Like(User_Email)
82.  
83. OpenDB()
84.  
85. Chain DGUser Key(UserName)
86. If (NOT DGUser.IsFound)
87. CloseDB()
88. LeaveSr ErrorStatus.UserNotFound
89. EndIf
90.  
91. User_Email = Email
92.  
93. Update DGUser
94.  
95. CloseDB()
96.  
97. LeaveSr ErrorStatus.Success
98. EndFunc
99.  
100. BegFunc ChangeUserStatus Access(*Public) Type(*Integer4)
101. DclSrParm UserName Like(User_UserName)
102. DclSrParm UserStatus Type(*Integer4)
103.  
104. OpenDB()
105.  
106. Chain DGUser Key(UserName)
107. If (NOT DGUser.IsFound)
108. CloseDB()
109. LeaveSr ErrorStatus.UserNotFound
110. EndIf
111.  
112. // Validate UserStatus here. If a literal is passed instead of
113. // an enumeration field its possible to get an invalid UserStatus
114. // value.
115. If NOT ConfirmUserStatus(UserStatus)
116. CloseDB()
117. LeaveSr ErrorStatus.UserStatusNotValid
118. EndIf
119.  
120. User_Status = UserStatus
121.  
122. Update DGUser
123.  
124. CloseDB()
125.  
126. LeaveSr ErrorStatus.Success
127. EndFunc
128.  
129. BegFunc ChangeUserPassword Access(*Public) Type(*Integer4)
130. DclSrParm UserName Like(User_UserName)
131. DclSrParm Password Type(*String)
132.  
133. OpenDB()
134.  
135. Chain DGUser Key(UserName)
136. If (NOT DGUser.IsFound)
137. CloseDB()
138. LeaveSr ErrorStatus.UserNotFound
139. EndIf
140.  
141. If (NOT ValidatePassword(Password))
142. CloseDB()
143. LeaveSr ErrorStatus.PasswordInvalid
144. EndIf
145.  
146. User_Salt = Guid.NewGuid().ToString()
147. User_Password = GetHashedString(Password + User_Salt)
148.  
149. Update DGUser
150.  
151. CloseDB()
152.  
153. LeaveSr ErrorStatus.Success
154. EndFunc
155.  
156. BegFunc ConfirmUserCredentials Access(*Public) Type(*Integer4)
157. DclSrParm UserName Type(*String)
158. DclSrParm UserPassword Type(*String)
159.  
160. DclFld HashedSubmittedPassword Type(*String)
161. DclFld Result Type(*Boolean)
162.  
163. OpenDB()
164.  
165. Chain DGUser Key(UserName)
166. If (NOT DGUser.IsFound)
167. CloseDB()
168. LeaveSr ErrorStatus.UserNotFound
169. EndIf
170.  
171. CloseDB()
172.  
173. If User_Status = ErrorStatus.UserAccountIsDisabled
174. LeaveSr ErrorStatus.UserAccountIsDisabled
175. EndIf
176.  
177. HashedSubmittedPassword = GetHashedString(UserPassword + User_Salt)
178.  
179. Result = GetHashedString(UserPassword + User_Salt) = User_Password
180.  
181. If Result
182. LeaveSr ErrorStatus.Success
183. Else
184. LeaveSr ErrorStatus.PasswordDoesNotMatch
185. EndIf
186. EndFunc
187.  
188. BegFunc GetHashedString Type(*String) Shared(*Yes) Access(*Public)
189. DclSrParm InputString Type(*String)
190.  
191. DclFld Sha512 Type(SHA512CryptoServiceProvider) New()
192. DclFld Encoding Type(AsciiEncoding) New()
193. DclFld HashedString Type(*String)
194.  
195. DclArray Bytes Type(*Byte) Rank(1)
196.  
197. // Compute hash as array of bytes.
198. Bytes = Sha512.ComputeHash(Encoding.GetBytes(InputString) )
199.  
200. // Get Base64 value of the hash.
201. HashedString = System.Convert.ToBase64String(Bytes)
202.  
203. LeaveSr HashedString
204. EndFunc
205.  
206. BegFunc ValidatePassword Type(*Boolean)
207. DclSrParm Password Type(*String)
208.  
209. If Password.Length > 128
210. LeaveSr *False
211. EndIf
212.  
213. LeaveSr *True
214. EndFunc
215.  
216. BegFunc ConfirmUserStatus Type(*Boolean)
217. DclSrParm UserStatus Type(*Integer4)
218.  
219. ForEach StatusValue Type(Status) Collection(Enum.GetValues(*TypeOf(Status)))
220. If UserStatus = StatusValue
221. LeaveSr *True
222. EndIf
223. EndFor
224.  
225. LeaveSr *False
226. EndFunc
227.  
228. EndClass