From f7df8817e2df9593da2d8c37fa4769c1b0a5a699 Mon Sep 17 00:00:00 2001
From: MarkSPowell <40869491+MarkSPowell@users.noreply.github.com>
Date: Wed, 15 Jan 2020 15:49:15 -0500
Subject: [PATCH] Update UserController.cs

Chaning CreateNewUser to use the samAccountName instead of the email address for the LoginId of a new user. This matches what the LoginController uses to look up a user. Previously, this would only work if a users samAccountName matched their email address- this is not allowed in highly regulated enviroments, as it discloses users samAccountName.
---
 EMIEWebPortal.Controllers/Controllers/UserController.cs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/EMIEWebPortal.Controllers/Controllers/UserController.cs b/EMIEWebPortal.Controllers/Controllers/UserController.cs
index 3df994f..23e60c7 100644
--- a/EMIEWebPortal.Controllers/Controllers/UserController.cs
+++ b/EMIEWebPortal.Controllers/Controllers/UserController.cs
@@ -645,7 +645,9 @@ private string InsertUser(UserMapping user)
         /// <returns>result of insert operation</returns>
         private int CreateNewUser(UserMapping user)
         {
-            var logonId = user.User.Email.Split('@');
+            var logonId = User.Identity.Name;
+            var Index = logonId.Split('\\');
+            logonId = Index[1];
 
             User newUser = new User();
             newUser.UserName = user.User.UserName;
@@ -655,7 +657,7 @@ private int CreateNewUser(UserMapping user)
             newUser.ModifiedById = user.User.CreatedById;
             newUser.ModifiedDate = DateTime.Now;
             newUser.IsActive = user.IsActive;
-            newUser.LoginId = logonId[0].ToString();
+            newUser.LoginId = logonId;
 
             DbEntity.Users.Add(newUser);
 
@@ -988,4 +990,4 @@ public JsonResult ChangeEMIEAdminCredentials(string newpassword)
 
         #endregion
     }
-}
\ No newline at end of file
+}