public User ToUpdateUser(User user, UpdateUserRequestDTO requestChanges)
{
if (user == null)
{
throw new UserNotFoundException("User does not exist.");
}
user.City = requestChanges.City;
user.State = requestChanges.State;
user.Country = requestChanges.Country;
user.Disabled = requestChanges.Disabled;
user.IsAdministrator = requestChanges.IsAdmin;
user.ManagerId = null;
if (requestChanges.Manager != "" && requestChanges.Manager != null)
{
// check if manager id is valid ssoid
Guid managerId;
var validParse = Guid.TryParse(requestChanges.Manager, out managerId);
if (!validParse)
{
throw new InvalidGuidException("Invalid Manager Id.");
}
var manager = GetUser(managerId);
if (manager == null)
{
throw new UserNotFoundException("Manager does not exist.");
}
user.ManagerId = managerId;
}
return(user);
}
public void UpdateUser(User user)
{
UpdateUserRequestDTO updateUserRequestDTO = new UpdateUserRequestDTO(user);
updateUserResponse respone = MojUserPortClient.updateUser(updateUserRequestDTO.UpdateUserRequest);
LogIn(user.Username, user.Password);
}
public void UpdateUser_Authorized_200()
{
var controller = new UserManagementController();
var admin = _ut.CreateUserObject();
admin.IsAdministrator = true;
var adminSession = _ut.CreateSessionObject(admin);
_ut.CreateSessionInDb(adminSession);
var existingUser = _ut.CreateUserInDb();
// modify user
var modifiedUser = _ut.CreateUserObject();
modifiedUser.Id = existingUser.Id;
modifiedUser.IsAdministrator = existingUser.IsAdministrator;
modifiedUser.Disabled = true;
modifiedUser.City = "Long Beach";
// mock payload
var mock_payload = new UpdateUserRequestDTO
{
Id = modifiedUser.Id.ToString(),
City = modifiedUser.City,
State = modifiedUser.State,
Country = modifiedUser.Country,
Manager = modifiedUser.ManagerId.ToString(),
IsAdmin = modifiedUser.IsAdministrator,
Disabled = modifiedUser.Disabled
};
var expectedStatusCode = HttpStatusCode.OK;
var endpoint = API_Route_Local + "/user/update";
controller.Request = new HttpRequestMessage
{
RequestUri = new Uri(endpoint)
};
controller.Request.Headers.Add("token", adminSession.Token);
IHttpActionResult actionresult = controller.UpdateUser(mock_payload);
Assert.IsInstanceOfType(actionresult, typeof(NegotiatedContentResult <string>));
var contentresult = actionresult as NegotiatedContentResult <string>;
Assert.AreEqual(expectedStatusCode, contentresult.StatusCode);
// persistence test
using (var _db = _ut.CreateDataBaseContext())
{
var getUser = _db.Users.Find(modifiedUser.Id);
Assert.AreNotEqual(existingUser, getUser);
Assert.AreEqual(existingUser.Id, getUser.Id);
Assert.AreEqual(existingUser.IsAdministrator, getUser.IsAdministrator);
}
}
public static UpdateUserRequest FromDTO(this UpdateUserRequestDTO requestDTO, string id)
{
return(new UpdateUserRequest
{
Id = id,
Name = requestDTO.Name,
Email = requestDTO.Email,
});
}
public UserResponseDTO Update(UpdateUserRequestDTO requestDTO)
{
this.ThrowExceptionIfEmailExists(requestDTO.email);
User user = this.FindOneByUuidOrThrow(requestDTO.uuid);
user = this._autoMapper.Map <User>(requestDTO);
user = this._queryExecutor.Execute <User>(DatabaseConsts.USER_SCHEMA, this._sqlCommands.UPDATE_USER(user), this._modelMapper.MapToUserAfterUpdate);
return(this._autoMapper.Map <UserResponseDTO>(user));
}
public ActionResult <ReadUserDTO> Update(long id, UpdateUserRequestDTO model)
{
try
{
var user = _userService.Update(id, model);
return(Ok(user));
}
catch (AppException ex)
{
return(BadRequest(new { message = ex.Message }));
}
}
public void UpdateUser_NonexistingManager_404()
{
var controller = new UserManagementController();
var admin = _ut.CreateUserObject();
admin.IsAdministrator = true;
var adminSession = _ut.CreateSessionObject(admin);
_ut.CreateSessionInDb(adminSession);
var existingUser = _ut.CreateUserInDb();
var nonexistingManagerId = Guid.NewGuid();
// modify user
var modifiedUser = _ut.CreateUserObject();
modifiedUser.Id = existingUser.Id;
modifiedUser.IsAdministrator = existingUser.IsAdministrator;
modifiedUser.ManagerId = nonexistingManagerId;
// mock payload
var mock_payload = new UpdateUserRequestDTO
{
Id = modifiedUser.Id.ToString(),
City = modifiedUser.City,
State = modifiedUser.State,
Country = modifiedUser.Country,
Manager = modifiedUser.ManagerId.ToString(),
IsAdmin = modifiedUser.IsAdministrator,
Disabled = modifiedUser.Disabled
};
var expectedStatusCode = HttpStatusCode.NotFound;
var endpoint = API_Route_Local + "/user/update";
controller.Request = new HttpRequestMessage
{
RequestUri = new Uri(endpoint)
};
controller.Request.Headers.Add("token", adminSession.Token);
NegotiatedContentResult <string> actionresult = (NegotiatedContentResult <string>)controller.UpdateUser(mock_payload);
Assert.AreEqual(expectedStatusCode, actionresult.StatusCode);
}
public void UpdateUser_InvalidUserId_404()
{
newUser = _tu.CreateUserObject();
newUser.IsAdministrator = true;
Session newSession = _tu.CreateSessionObject(newUser);
_tu.CreateSessionInDb(newSession);
var endpoint = API_ROUTE_LOCAL + "/user/update";
_umController.Request = new HttpRequestMessage
{
RequestUri = new Uri(endpoint)
};
var userDTO = new UpdateUserRequestDTO
{
Id = Guid.NewGuid().ToString(),
City = newUser.City,
State = newUser.State,
Country = newUser.Country,
Manager = newUser.ManagerId.ToString(),
IsAdmin = newUser.IsAdministrator,
Disabled = newUser.Disabled
};
var request = new HttpRequestMessage();
request.Headers.Add("token", newSession.Token);
_umController.Request = request;
//non existent userID should result in UserNotFoundException
// and return a 404
NegotiatedContentResult <string> response = (NegotiatedContentResult <string>)_umController.UpdateUser(userDTO);
Assert.AreEqual(HttpStatusCode.NotFound, response.StatusCode);
}
public ReadUserDTO Update(long userId, UpdateUserRequestDTO model)
{
var user = GetUserDetails(userId);
// validate email
if (model.Email != user.Email && _userData.GetByEmail(model.Email) != null)
{
throw new AppException($"Email '{model.Email}' is already taken");
}
// hash password if it was entered
if (string.IsNullOrEmpty(model.Password) == false)
{
user.Password = BC.HashPassword(model.Password);
}
_mapper.Map(model, user);
user.UpdatedAt = DateTime.UtcNow;
this._userData.Update(user);
return(_mapper.Map <ReadUserDTO>(user));
}
public ActionResult <UserResponseDTO> HandleUpdateUser(UpdateUserRequestDTO requestDTO)
{
return(Ok(this._userService.Update(requestDTO)));
}
public async Task <IActionResult> UpdateUser([FromBody] UpdateUserRequestDTO request)
{
return(Ok());
}
public IHttpActionResult UpdateUser([FromBody] UpdateUserRequestDTO payload)
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.NoTokenProvidedException
// Throws ExceptionService.SessionNotFoundException
var session = ControllerHelpers.ValidateAndUpdateSession(Request);
// Throws ExceptionService.InvalidModelPayloadException
ControllerHelpers.ValidateModelAndPayload(ModelState, payload);
// Throws ExceptionService.InvalidGuidException
var UserId = ControllerHelpers.ParseAndCheckId(payload.Id);
var _userManager = new UserManagementManager(_db);
var user = _userManager.GetUser(session.UserId);
if (user.IsAdministrator)
{
var userToUpdate = _userManager.GetUser(UserId);
_userManager.ToUpdateUser(userToUpdate, payload);
_userManager.UpdateUser(userToUpdate);
_db.SaveChanges();
return(Content(HttpStatusCode.OK, "User updated"));
}
else
{
return(Content(HttpStatusCode.Unauthorized, "Non-administrators cannot delete users."));
}
}
catch (Exception e) when(e is UserNotFoundException)
{
return(Content(HttpStatusCode.NotFound, e.Message));
}
catch (Exception e) when(e is InvalidGuidException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e) when(e is NoTokenProvidedException ||
e is SessionNotFoundException)
{
return(Content(HttpStatusCode.Unauthorized, e.Message));
}
catch (Exception e) when(e is InvalidModelPayloadException)
{
return(Content(HttpStatusCode.PreconditionFailed, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(InternalServerError());
}
}
}
public async Task <ActionResult> Put(string id, [FromBody] UpdateUserRequestDTO dto)
{
await service.UpdateUser(dto.FromDTO(id));
return(NoContent());
}
public UserResponseDTO Update(UpdateUserRequestDTO requestDTO)
{
// todo
return(new UserResponseDTO());
}