ECM Users and Roles

Let me state that one of the things I have to do is help clients come up with a solution for some situation that they find themselves in and Sitecore doesn’t have an out of the box solution for.  Tonight I had a request from a co-worker to see if I had any ideas on how to clean up a mess they made trying to implement Email Campaign Manager without any real plan for what they doing or the impact that it would have on the site.  Essentially, what happened is that a young, eager beaver developer read through what ECM did, decided it was the perfect tool to handle the all the correspondence that they sent to their users and promptly installed the module for a closer look.  After a quick investigation, he found the import function, quickly downloaded their userbase into CSV and started the import process happily on his way to sending glorious emails.  At some point he either decided it was taking too long or something.. but he managed to make a huge mess out of the user base that they had.  I’m not sure the whole extent since this was a co-worker, but now they needed to know how to get rid of all those users out of their database.  Sitecore, by default, allows you to delete users.. one at a time.  This is just not feasible if you mistakenly import your whole user base in and decide you don’t want it.  I’ve done that before and ended up just starting with a fresh Core database so then used serialization to get my data back. I happened to be working on another thing for another client that was actually the exact opposite of this situation and decided that if I could use the API to import users.. I could do it to get rid of them.   I built out a page that handles this and thought it might come in handy to someone else out there.   I’ve tested this briefly with test content and it worked just fine.  Your results may vary.. so please, please, if you use this, back up your CORE database first.  It’s only something I wrote for a quick fix that might be easier than starting with a fresh Core DB.

This is a simple .aspx page that I would suggest placing in your /sitecore/admin folder.  That ensures that only an administrator level user can access it at all.  Once logged in, it will allow you to choose a domain.. which auto populates all the roles for that domain.  The domain selection wasn’t really necessary, but I also had the idea that you could edit the selection of domains to restrict someone from accidentally deleting something like your whole extranet user base by accident. You then choose the role that you want to remove and presto.. any user that belongs to that role will be deleted along with the role.  Again, this is NOT really meant for anything other than cleaning up an ECM install or some other situation that you need to get rid of a lot of users in one fell swoop that are stored in the Core database so don’t leave nasty grams complaining that it didn’t work for you if you are doing anything other than using the out of the box Sitecore ASP.NET membership provider.   Also, if you simply want to remove users from roles, this can easiliy be edited to do that.. but at this time, it is NOT.  This deletes the user account and the role completely.

Finally, I have, by default, disabled this page by default.  One must edit the page, similar to how some other admin type of pages that come with Sitecore are configured to work. Enabling or disabling it means manually editing the .aspx page and setting a property on the page to true.. which enables and disabled the button that submits things.  Enjoy and again, please note that it’s very late and I’m very tired and if you find obvoius flaws. please share them politely so that I may correct my code.

Thank you and happy Sitecoreing!

<%@ Page Language="C#" AutoEventWireup="true" %>
<DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">
// TODO: to enable the page, set enableUnlockButton = true;
private bool enableUnlockButton = false;

protected void Page_Load(object sender, EventArgs e)
{
 this.SubmitButton.Enabled = this.enableUnlockButton;
 if (!Page.IsPostBack)
 {
 this.Domain.DataSource = Sitecore.Configuration.Factory.GetDomainNames();
 this.Domain.DataBind();
 this.Domain.Items.Insert(0,new ListItem("Please select a domain",""));
 SubmitButton.OnClientClick = "return confirm('Are you sure you wish to delete the users in this role and the role?');";
 }
}

protected void SubmitButton_Click(object sender, EventArgs e)
{
 try
 {
 if (Roles.SelectedValue.Length > 0)
 {
 List<string> users = new List<string>(System.Web.Security.Roles.GetUsersInRole(Domain.SelectedValue + '\\' + Roles.SelectedValue));
 if (users.Count > 0)
 {

foreach (string s in users)
 {
 System.Web.Security.Membership.DeleteUser(s);
 }
 }
 System.Web.Security.Roles.DeleteRole(Domain.SelectedValue + '\\' + Roles.SelectedValue);
 Domain.SelectedIndex = 0;
 Roles.Items.Clear();
 }
 }
 catch (Exception)
 {

throw;
 }
}

protected void Domain_SelectedIndexChanged(object sender, EventArgs e)
{
 try
 {
   if (Domain.SelectedValue.Length > 0)
   {
      List<string> roles = new List<string>();
      foreach (string s in System.Web.Security.Roles.GetAllRoles())
      {
        if (s.Contains(Domain.SelectedValue))
           roles.Add(s.Remove(0, s.LastIndexOf('\\') + 1));
      }
      Roles.DataSource = roles;
      Roles.DataBind();
   }
  else
   Roles.Items.Clear();
 }
 catch (Exception)
 {
    throw;
 }
}

protected void descriptionLiteral_PreRender(object sender, EventArgs e)
{
   this.descriptionLiteral.Visible = !this.enableUnlockButton;
}
</script>
<head runat="server">
 <title>Remove Users in Sitecore Role</title>
<style type="text/css">
body
 {
   font-family: normal 11pt "Times New Roman", Serif;
 }

.Warning
 {
   color: red;
 }

</style>
</head>
<body>
 <form id="form1" runat="server">
 <asp:ScriptManager ID="ScriptManager1" runat="server" />
 <div>
    <asp:Literal runat="server" ID="descriptionLiteral" EnableViewState="false" OnPreRender="descriptionLiteral_PreRender">
      <p>This page is currently disabled.</p></pre>
To enable the page, modify the ASPX page and set enableUnlockButton = true.
    </asp:Literal>
    <h1>Remove All Sitecore Users in a Sitecore Role </h1>
    <h2>Use this form to remove all users permanently that are in the selected Domain and Role.</pre>
    <h2>In order for this form to work, it must be placed in the /sitecore/admin folder.&nbsp;</h2>
    <h2 class="Warning">PLEASE BACK UP YOUR CORE DATABASE! </h2>
    <h2 class="Warning">This is NOT reversible!! Please make sure you know what you're doing!!!</h2>
      <table>
          <tr>
           <td style="width:200px;">
             <asp:Label ID="DomainLabel" runat="server" AssociatedControlID="Domain">
              <asp:Literal text="Domain:" runat="server" />
             </asp:Label>
           </td>
           <td>
           <asp:DropDownList AutoPostBack="true" ID="Domain" runat="server" style="width:300;" onselectedindexchanged="Domain_SelectedIndexChanged" />
           </td>
         </tr>
          <tr>
            <td align="right">
             <asp:Label ID="RolesLabel" runat="server" AssociatedControlID="Roles">
             <asp:Literal Text="Roles:" runat="server" />
             </asp:Label>
          </td>
           <td>
             <asp:UpdatePanel ID="UpdatePanel1" runat="server">
              <ContentTemplate>
                <asp:DropDownList ID="Roles" runat="server" />
              </ContentTemplate>
              <Triggers>
                <asp:PostBackTrigger ControlID="Domain" />
              </Triggers>
             </asp:UpdatePanel>
            </td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td><asp:Button ID="SubmitButton" runat="server" Text="Submit" OnClick="SubmitButton_Click" /></td>
          </tr>
        </table>
       </div>
      </form>
   </body>
</html>