Beispiel #1
0
        public async Task SendForgotPasswordMail(API.Request.ValidEmail email)
        {
            var user = await _context.Users.
                       Include(x => x.EmailTokens).
                       FirstOrDefaultAsync(x =>
                                           x.Email == email.Email &&
                                           !x.EmailTokens.Any(y => y.TokenType == DaoEmailToken.Type.Validation));

            if (user != null)
            {
                using (var transaction = _context.Database.BeginTransaction()){
                    try{
                        var emailToken = new DaoEmailToken()
                        {
                            TokenType      = DaoEmailToken.Type.Password,
                            ExpirationDate = _timeService.UtcNow.AddDays(1),
                            Token          = _random.RandomString(40),
                            User           = user
                        };

                        await _context.EmailTokens.AddAsync(emailToken);

                        if (await _context.SaveChangesAsync() != 1)
                        {
                            throw new Exceptions.DatabaseException("token_not_saved");
                        }

                        await _emailService.SendMailAsync(MimeKit.Text.TextFormat.Text, user.DisplayName, email.Email, "Elfelejtett jelszó", $"Jelszó megváltoztatásához kattintson ide: {_uriConf.URIForEndUsers}/reset?token={emailToken.Token}");

                        transaction.Commit();
                    }
                    catch {
                        transaction.Rollback();
                        // Eat all exceptions, User cannot know if this was successfull only for debug
#if DEBUG
                        throw;
#endif
                    }
                }
            }
            else
            {
                // Don't handle, user can't know failure
#if DEBUG
                throw new Exceptions.ResourceNotFoundException("user");
#endif
            }
        }
Beispiel #2
0
        public async Task LogForGroup(long userId, long groupId, object data)
        {
            var group = _context.Groups.Include(x => x.Members).SingleOrDefault(x => x.Id == groupId);

            if (group == null)
            {
                throw new ResourceGoneException("group_gone");
            }

            if (!group.Members.Any(x => x.UserId == userId))
            {
                throw new ResourceForbiddenException("user_not_member");
            }

            var serializedMessage = JsonConvert.SerializeObject(data, Formatting.None, new JsonSerializerSettings()
            {
                TypeNameHandling = TypeNameHandling.All,
                MaxDepth         = 10
            });

            await _context.History.AddAsync(new DaoHistory()
            {
                UserId        = userId,
                GroupId       = groupId,
                SerializedLog = serializedMessage,
                Date          = DateTime.UtcNow
            });

            Console.WriteLine(serializedMessage);

            if (await _context.SaveChangesAsync() != 1)
            {
                throw new DatabaseException("log_not_saved");
            }
        }
Beispiel #3
0
        public async Task RemoveMember(long userId, long groupId, long memberId)
        {
            var group = (await GetGroupsOfUser(userId)).SingleOrDefault(x => x.Id == groupId);

            if (group == null)
            {
                throw new Exceptions.ResourceNotFoundException("group_not_found");
            }

            if (group.CreatorUserId != userId)
            {
                throw new Exceptions.ResourceForbiddenException("user_not_group_creator");
            }

            if (group.CreatorUserId == memberId)
            {
                throw new Exceptions.ResourceForbiddenException("member_group_creator");
            }

            var daoMember = group.Members.FirstOrDefault(x => x.UserId == memberId);

            if (daoMember == null)
            {
                throw new Exceptions.ResourceGoneException("member_not_found");
            }

            var delCount = 0;

            var daoDebtors = (await _spendingService.GetSpendingsForGroup(groupId))
                             .Select(x =>
                                     x.Debtors.SingleOrDefault(y => y.DebtorUserId == memberId))
                             .Where(x => x != null);

            foreach (var daoDebtor in daoDebtors)
            {
                _context.Debtors.Remove(daoDebtor);
                ++delCount;
            }

            _context.UsersGroupsMap.Remove(daoMember);
            ++delCount;

            if (await _context.SaveChangesAsync() != delCount)
            {
                throw new Exceptions.DatabaseException("group_member_not_removed");
            }
        }
Beispiel #4
0
        public async Task <bool> Register(NewUser newUser)
        {
            var existingUser = await _context.Users.FirstOrDefaultAsync(x => x.Email == newUser.Email);

            if (existingUser != null)
            {
                throw new Exceptions.BusinessException("email_taken");
            }

            using (var transaction = _context.Database.BeginTransaction()) {
                try {
                    var emailToken = new DaoEmailToken()
                    {
                        TokenType      = DaoEmailToken.Type.Validation,
                        ExpirationDate = _timeService.UtcNow.AddDays(1),
                        Token          = _random.RandomString(40)
                    };

                    var userToBeInserted = new DaoUser()
                    {
                        DisplayName = newUser.DisplayName,
                        Email       = newUser.Email,
                        Password    = Hasher.GetHash(newUser.Password),
                        EmailTokens = new DaoEmailToken[] {
                            emailToken
                        }
                    };

                    await _context.Users.AddAsync(userToBeInserted);

                    if (await _context.SaveChangesAsync() != 2)
                    {
                        throw new Exceptions.DatabaseException("registration_not_saved");
                    }

                    await _emailService.SendMailAsync(MimeKit.Text.TextFormat.Text, newUser.DisplayName, newUser.Email, "MShare Regisztráció", $"Sikeres regisztráció, az email cím megerősítéséhez kérem kattintson ide: {_uriConf.URIForEndUsers}/account/confirm/{emailToken.Token}");

                    transaction.Commit();
                    return(true);
                } catch {
                    transaction.Rollback();
                    throw;
                }
            }
        }