public async Task Authenticated_AlreadyInUserStore_LeavesApiKey()
{
request.User = domainAdminUser;
store.Add(new ApiUser {
Username = domainAdminUser.Identity.Name, Key = "idemponent", Roles = new[] { RoleNames.AccountAdministrator }
});
await middleware.Invoke(context);
var apiUser = store.FindByUsername(domainAdminUser.Identity.Name);
Assert.That(apiUser.Key, Is.EqualTo("idemponent"), "apiUser.Key");
}
public async Task <Group> AddUserToGroup(string groupName, string subjectId, string identityProvider)
{
var group = await _groupStore.Get(groupName);
//only add users to a custom group
if (!string.Equals(group.Source, GroupConstants.CustomSource, StringComparison.OrdinalIgnoreCase))
{
throw new BadRequestException <Group>("The group to which you are attempting to add a user is not specified as a 'Custom' group. Only 'Custom' groups allow associations with users.");
}
User user;
try
{
user = await _userStore.Get($"{subjectId}:{identityProvider}");
}
catch (NotFoundException <User> )
{
user = await _userStore.Add(new User(subjectId, identityProvider));
}
if (!group.Users.Any(u =>
string.Equals(u.SubjectId, subjectId, StringComparison.OrdinalIgnoreCase) &&
string.Equals(u.IdentityProvider, identityProvider, StringComparison.OrdinalIgnoreCase)))
{
group.Users.Add(user);
}
else
{
throw new AlreadyExistsException <Group>($"The user {identityProvider}:{subjectId} has already been added to the group {groupName}.");
}
return(await _groupStore.AddUserToGroup(group, user));
}
public IActionResult OnPost(string emailAddress, string displayName, string password, string confirmPassword)
{
if (password != confirmPassword)
{
return(RedirectToAction("Join", new { message = "Password and confirmation password do not match", emailAddress, displayName }));
}
if (emailAddress.IsEmailAddress() == false)
{
return(RedirectToAction("Join", new { message = "Your email address doesn't look right", emailAddress, displayName }));
}
if (PasswordAnalyser.PasswordStrength(password) < 12)
{
return(RedirectToAction("Join", new { message = "Your password is a bit weak, try adding capitals, numbers or special characters", emailAddress, displayName }));
}
try
{
_userStore.Add(new User
{
EmailAddress = emailAddress,
DisplayName = displayName,
Password = password
});
}
catch (InvalidOperationException ex)
{
return(RedirectToAction("Join", new { message = ex.Message.Replace(",", "<br>"), emailAddress, displayName }));
}
return(Redirect("SignIn"));
}
public async Task <User> Add(User profile)
{
var entity = await _userStore.Add(
Mapper.Map <Data.User>(profile)
);
return(Mapper.Map <User>(entity));
}
public void Add_ReturnsTrue_WhenAddingUserToEmptyList()
{
// ACT
var result = _userStore.Add(_someUser);
// ASSERT
Assert.IsTrue(result);
}
public bool SignUp(string login, string password)
{
if (_userStore.GetUserByLogin(login) != null)
{
return(false);
}
var user = _userFactory.Create(login, password);
return(_userStore.Add(user));
}
public async Task <Group> AddUsersToGroup(GroupIdentifier groupIdentifier, IList <User> usersToAdd)
{
var group = await _groupStore.Get(groupIdentifier);
var customGroupChildUserWithSameName = (await _groupStore.Get(
usersToAdd.Select(u => new GroupIdentifier {
GroupName = u.IdentityProviderUserPrincipalName
}), true)).ToList();
if (customGroupChildUserWithSameName.Any())
{
throw new AlreadyExistsException <Group>(
$"The associated user or group name should not be the same as an existing custom group: {string.Join(", ", customGroupChildUserWithSameName.Select(g => g.Name))}");
}
// only add users to a custom group
if (!string.Equals(group.Source, GroupConstants.CustomSource, StringComparison.OrdinalIgnoreCase))
{
throw new BadRequestException <Group>("The group to which you are attempting to add a user is not specified as a 'Custom' group. Only 'Custom' groups allow associations with users.");
}
var exceptions = new List <Exception>();
foreach (var user in usersToAdd)
{
if (!group.Users.Any(u =>
string.Equals(u.SubjectId, user.SubjectId, StringComparison.OrdinalIgnoreCase) &&
string.Equals(u.IdentityProvider, user.IdentityProvider, StringComparison.OrdinalIgnoreCase)))
{
try
{
// check if the user exists in the DB - if not, create it
await _userStore.Get($"{user.SubjectId}:{user.IdentityProvider}");
}
catch (NotFoundException <User> )
{
await _userStore.Add(new User(user.SubjectId, user.IdentityProvider)
{ IdentityProviderUserPrincipalName = user.IdentityProviderUserPrincipalName });
}
}
else
{
exceptions.Add(new AlreadyExistsException <User>($"The user {user.IdentityProvider}:{user.SubjectId} has already been added to the group {groupIdentifier}."));
}
}
if (exceptions.Count > 0)
{
throw new AggregateException("There was an issue adding users to the group. Please see the inner exception(s) for details.", exceptions);
}
return(await _groupStore.AddUsersToGroup(group, usersToAdd));
}
public IActionResult SignUp(string email, string displayName, string password)
{
User newUser = new User
{
EmailAddress = email,
DisplayName = displayName,
Password = password
};
_userStore.Add(newUser);
return(View());
}
public async Task <Group> AddUsersToGroup(string groupName, IList <User> usersToAdd)
{
var group = await _groupStore.Get(groupName);
// only add users to a custom group
if (!string.Equals(group.Source, GroupConstants.CustomSource, StringComparison.OrdinalIgnoreCase))
{
throw new BadRequestException <Group>("The group to which you are attempting to add a user is not specified as a 'Custom' group. Only 'Custom' groups allow associations with users.");
}
var exceptions = new List <Exception>();
foreach (var user in usersToAdd)
{
if (!group.Users.Any(u =>
string.Equals(u.SubjectId, user.SubjectId, StringComparison.OrdinalIgnoreCase) &&
string.Equals(u.IdentityProvider, user.IdentityProvider, StringComparison.OrdinalIgnoreCase)))
{
try
{
// check if the user exists in the DB - if not, create it
await _userStore.Get($"{user.SubjectId}:{user.IdentityProvider}");
}
catch (NotFoundException <User> )
{
await _userStore.Add(new User(user.SubjectId, user.IdentityProvider));
}
}
else
{
exceptions.Add(new AlreadyExistsException <User>($"The user {user.IdentityProvider}:{user.SubjectId} has already been added to the group {groupName}."));
}
}
if (exceptions.Count > 0)
{
throw new AggregateException("There was an issue adding users to the group. Please see the inner exception(s) for details.", exceptions);
}
return(await _groupStore.AddUsersToGroup(group, usersToAdd));
}
public async Task <User> AddUser(User user)
{
return(await _userStore.Add(user));
}
public async Task Add(UserModel user)
{
await userStore.Add(user);
}
public UserModule(IAuthenticationProvider authenticationProvider, IUserStore userStore)
: base(authenticationProvider, "/user")
{
this.Get["/"] = parameters =>
{
try
{
var users = userStore.GetAll();
return(this.Response.AsJson(users));
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
this.Get["/self"] = parameters =>
{
try
{
var user = this.CurrentUser;
if (user == null)
{
return(HttpStatusCode.NotFound);
}
IUser dbUser = null;
try
{
dbUser = userStore.GetById(user.Id);
}
catch (Exception ex)
{
}
return(this.Response.AsJson(new
{
Auth = user,
Exists = dbUser != null,
Identity = dbUser
}));
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
this.Get["{id}"] = parameters =>
{
try
{
var userX = this.CurrentUser;
string id = parameters.id;
var user = userStore.GetById(id);
if (user == null)
{
return(HttpStatusCode.NotFound);
}
return(this.Response.AsJson(user));
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
this.Get["{id}/credentials/{repositoryType}/password"] = parameters =>
{
try
{
var userX = this.CurrentUser;
string id = parameters.id;
string repositoryType = parameters.repositoryType;
SvcRepositoryType rt;
if (!Enum.TryParse(repositoryType, out rt))
{
return(this.Negotiate
.WithStatusCode(HttpStatusCode.BadRequest)
.WithReasonPhrase("Invalid repository type."));
}
string passphrase = this.Request.Query.passphrase;
var user = userStore.GetById(id);
if (user == null)
{
return(HttpStatusCode.NotFound);
}
try
{
string password = userStore.GetPassword(id, rt, passphrase);
return(this.Response.AsJson(new { Password = password }));
}
catch (CryptographicException cex)
{
Logging.Log().Error(cex, $"Failed to retrieve user {id} password.");
return(HttpStatusCode.Unauthorized);
}
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
this.Post["/"] = parameters =>
{
try
{
var userX = this.CurrentUser;
var dto = this.Bind <UserWithPasswordsDto>();
var user = userStore.Add(dto);
return(this.Response.AsJson(user));
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
this.Put["/{id}"] = parameters =>
{
try
{
var user = this.CurrentUser;
string id = parameters.id;
var dto = this.Bind <UserWithPasswordsDto>();
var x = userStore.GetById(id);
if (x == null)
{
return(HttpStatusCode.NotFound);
}
userStore.Update(id, dto);
return(HttpStatusCode.OK);
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
this.Delete["/{id}"] = parameters =>
{
try
{
var user = this.CurrentUser;
string id = parameters.id;
userStore.Delete(id);
return(HttpStatusCode.OK);
}
catch (Exception e)
{
return(this.ResponseFromException(e));
}
};
}
