public object Get(UserRequest request)
{
var u = new Tomboy.Sync.DTO.UserResponse ();
try {
var baseUri = ((HttpListenerRequest)this.Request.OriginalRequest).Url;
string baseUrl = baseUri.Scheme + "://" + baseUri.Authority + "/";
u.Username = request.Username;
u.Firstname = "Not";
u.Lastname = "Important";
u.NotesRef = new Tomboy.Sync.DTO.ContentRef () {
ApiRef = baseUrl + "/api/1.0/" + request.Username + "/notes",
Href = baseUrl + "/api/1.0/" + request.Username + "/notes"
};
using (var note_repo = GetNotes (request.Username)) {
u.LatestSyncRevision = note_repo.Manifest.LastSyncRevision;
u.CurrentSyncGuid = note_repo.Manifest.ServerId;
}
} catch (Exception e) {
Logger.Debug ("CAUGHT EXCEPTION: " + e.Message);
throw;
}
return u;
}
public ReturnObject CheckCaptcha(UserRequest Object)
{
try
{
OperationContext context = OperationContext.Current;
MessageProperties messageProperties = context.IncomingMessageProperties;
RemoteEndpointMessageProperty endpointProperty = messageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
Recaptcha.RecaptchaValidator captchaValidtor = new Recaptcha.RecaptchaValidator
{
PrivateKey = System.Web.Configuration.WebConfigurationManager.AppSettings["PRIVATE_KEY"].ToString(),
RemoteIP = endpointProperty.Address,
Challenge = Object.challenge,
Response = Object.response
};
Recaptcha.RecaptchaResponse recaptchaResponse = captchaValidtor.Validate();
ReturnObject rObj = new ReturnObject(recaptchaResponse.IsValid, recaptchaResponse.ErrorMessage, "");
return rObj;
}
catch (Exception ex) {
ReturnObject rObj = new ReturnObject(false, ex.Message, "");
return rObj;
}
}
public PostsRatingMaker()
{
vkFriends = new FriendsRequest();
vkWall = new WallRequest();
vkUser = new UserRequest();
vkLike = new LikeRequest();
}
public ReturnObject ForgotPassword(UserRequest Object)
{
bool isExist = true;
string message = "";
try
{
User user = UserDAO.GetUserAndResetChangePassword(Object.email);
if (user != null)
{
string code = HttpUtility.UrlEncode(Convert.ToBase64String(GenericUtility.CreateSHAHash(user.ChangePasswordCode)));
EmailUtility.SendPasswordEmail(Object.email, "عقاراتي - تغيير كلمة المرور", "http://94.236.98.81/Aqaraty/ChangePassword.aspx?userId=" + user.UserID + "&code=" + code);
message = "البريد الالكتروني ارسال لتغيير كلمة المرور";
}
else
{
isExist = false;
message = "عنوان البريد الإلكتروني غير صحيح";
}
ReturnObject rObj = new ReturnObject(isExist, message, "");
return rObj;
}catch(Exception ex){
ReturnObject rObj = new ReturnObject(false, ex.Message , "");
return rObj;
}
}
/// <summary>
/// DELETE /admin/user/{Username}
///
/// deletes a user.
///
/// returns HTTP Response =>
/// 204 No Content
/// Location: http://localhost/admin/user/
/// </summary>
public object Delete(UserRequest user)
{
using (var conn = connFactory.OpenDbConnection ()) {
using (var trans = conn.BeginTransaction ()) {
try {
conn.Delete<DBUser> (u => u.Username == user.Username);
conn.Delete<DBNote> (n => n.Username == user.Username);
conn.Delete<DBAccessToken> (t => t.UserName == user.Username);
conn.Delete<DBArchivedNote> (an => an.Username == user.Username);
trans.Commit ();
} catch (Exception e) {
Logger.DebugFormat ("error deleting user {0}, msg was: {1}",
user.Username, e.Message);
return new HttpResult {
StatusCode = HttpStatusCode.InternalServerError,
StatusDescription = "Error occured, msg was: " + e.Message
};
}
}
}
return new HttpResult {
StatusCode = HttpStatusCode.NoContent,
Headers = {
{ HttpHeaders.Location, this.RequestContext.AbsoluteUri }
}
};
}
public void DeleteUser()
{
var user_delete_url = new UserRequest () { Username = "******" }.ToUrl ("DELETE");
adminClient.Delete<UserRequest> (user_delete_url);
// make sure johndoe is not in the list of our users
var alluser_url = new AllUserRequest ().ToUrl ("GET");
var allusers = adminClient.Get<DTOUser[]> (alluser_url);
var list_of_johndoes = allusers.Where(u => u.Username == "johndoe").ToArray ();
Assert.AreEqual (0, list_of_johndoes.Count ());
}
private SrirachaUser Save(UserRequest request)
{
_permissionValidator.VerifyCurrentUserSystemPermission(EnumSystemPermission.EditUsers);
if (string.IsNullOrEmpty(request.Id))
{
return _userManager.CreateUser(request.UserName, request.EmailAddress, request.Password);
}
else
{
return _userManager.UpdateUser(request.Id, request.UserName, request.EmailAddress, request.Password);
}
}
public void Post_Called_BuildsUri()
{
// Given
var request = new UserRequest { Item = new User { Name = "Owner Name" } };
var userResource = new UserResource(_client.Object);
// When
userResource.Post(request);
// Then
_client.Setup(b => b.BuildUri(It.IsAny<string>(), ""));
}
public DTOUser Get(UserRequest req)
{
DBUser found_user;
using (var conn = DbConfig.GetConnection ()) {
found_user = conn.FirstOrDefault<DBUser> ("Username = {0}", req.Username);
}
if (found_user == null)
throw new InvalidRequestDtoException (){ErrorMessage = "User not found!"};
return (DTOUser) found_user;
}
public override void SetUp()
{
base.SetUp ();
adminClient = GetAdminServiceClient ();
// add some sample users to the server
var client = GetAdminServiceClient ();
var url = new UserRequest ().ToUrl("POST");
foreach (DTOUser user in GetSampleUser ()) {
client.Post<UserRequest> (url, user);
}
}
public object Delete(UserRequest request)
{
_permissionValidator.VerifyCurrentUserSystemPermission(EnumSystemPermission.EditUsers);
if (request == null)
{
throw new ArgumentNullException("request is null");
}
if(string.IsNullOrEmpty(request.Id))
{
throw new ArgumentNullException("request.id is null");
}
return _userManager.DeleteUser(request.Id);
}
/// <summary>
/// The any.
/// </summary>
/// <param name="request">
/// The request.
/// </param>
/// <returns>
/// The <see cref="CompetitionResponse"/>.
/// </returns>
public UserResponse Get(UserRequest request)
{
var session = this.GetSession() as CustomUserSession;
if (session != null && session.User != null)
{
return new UserResponse
{
IsLoggedIn = true,
DisplayName = session.User.DisplayName,
Email = session.User.Email
};
}
return new UserResponse { IsLoggedIn = false };
}
public void AddNewUserWithEmptyPasswordFails()
{
var user = new DTOUser ();
user.Username = "******";
user.EmailAddress = "*****@*****.**";
user.Password = "";
user.AdditionalData = "Some more info about Michael";
var user_url = new UserRequest ().ToUrl("POST");
try {
adminClient.Post<UserRequest> (user_url, user);
} catch (WebServiceException e) {
Assert.AreEqual (400, e.StatusCode);
throw e;
}
}
public object Get(UserRequest request)
{
//_permissionValidator.VerifyCurrentUserSystemPermission(EnumSystemPermission.EditUsers);
if (request == null)
{
throw new ArgumentNullException("request is null");
}
else if(!string.IsNullOrEmpty(request.Id))
{
return _userManager.GetUser(request.Id);
}
else
{
return _userManager.GetUserList(request.BuildListOptions(), request.UserNameList);
}
}
public ReturnObject IsEmailExist(UserRequest Object)
{
try
{
bool isExist = false;
if (UserDAO.GetUserByEmail(Object.email) != null)
{
isExist = true;
}
ReturnObject rObj = new ReturnObject(isExist, "البريد الإلكتروني موجود بالفعل", "");
return rObj;
}
catch (Exception ex) {
ReturnObject rObj = new ReturnObject(false, ex.Message, "");
return rObj;
}
}
public void AddNewUser()
{
var user = new DTOUser ();
user.Username = "******";
user.EmailAddress = "*****@*****.**";
user.AdditionalData = "Some more info about Michael";
var user_url = new UserRequest ().ToUrl("POST");
adminClient.Post<UserRequest> (user_url, user);
var user_get_url = new UserRequest () { Username = "******" }.ToUrl("GET");
var resp = adminClient.Get<DTOUser[]> (user_get_url);
Assert.AreEqual (1, resp.Length);
Assert.AreEqual (user.Username, resp[0].Username);
Assert.AreEqual (user.EmailAddress, resp[0].EmailAddress);
Assert.AreEqual (user.AdditionalData, resp[0].AdditionalData);
}
private async void LoginCommandExecute()
{
var login = new DeviceUid_Uwp().GetIdentifier(); // Calculate login
var password = "";
var loginRepsonse = await App.QbProvider.LoginWithLoginValueAsync(login, password, Quickblox.Sdk.GeneralDataModel.Models.Platform.windows_phone, login);
if (loginRepsonse > 0)
{
var updateUserRequest = new UserRequest();
updateUserRequest.TagList = Group;
var updateUserResponse = await App.QbProvider.UpdateUserDataAsync(App.QbProvider.UserId, updateUserRequest);
if (updateUserResponse != null)
{
App.NavigationFrame.Navigate(typeof(ChatsPage));
}
}
}
public void ChangeUserPassword()
{
var user = new DTOUser ();
user.Username = "******";
user.EmailAddress = "*****@*****.**";
user.Password = "******";
user.AdditionalData = "Some more info about Michael";
var user_url = new UserRequest ().ToUrl("POST");
adminClient.Post<UserRequest> (user_url, user);
user.Password = "******";
var update_url = new UserRequest ().ToUrl ("PUT");
adminClient.Put<UserRequest> (update_url, user);
// authorization with the old password fails for the user
Assert.Fail ("TODO: Password changing not possible with encryption");
// TODO: authorization with the new password works
}
public object Get(UserRequest request)
{
var u = new DTO.UserResponse ();
var baseUri = ((HttpListenerRequest)this.Request.OriginalRequest).Url;
string baseUrl = baseUri.Scheme + "://" + baseUri.Authority + "/";
u.Username = request.Username;
u.Firstname = "Not";
u.Lastname = "Important";
u.NotesRef = new DTO.ContentRef () {
ApiRef = baseUrl + "/api/1.0/" + request.Username + "/notes/",
Href = baseUrl + "/api/1.0/" + request.Username + "/notes/"
};
using (var note_repo = GetNotes ()) {
u.LatestSyncRevision = note_repo.Manifest.LastSyncRevision;
u.CurrentSyncGuid = note_repo.Manifest.ServerId;
}
return u;
}
public async Task Encrypt_Password_On_Update(IMailService mailService, Guid id, User user, UserRequest request, string password)
{
user.Id = id;
request.Password = password;
var context = TestSetup.SetupContext();
await context.Users.AddAsync(user);
await context.SaveChangesAsync();
var service = new UserService(context, TestSetup.SetupHttpContext(), mailService);
var result = await service.Update(id, request);
result.Should().NotBeNull();
BCrypt.Net.BCrypt.EnhancedVerify(password, result.Password).Should().BeTrue();
}
//modyfikacja danych uzytkownika
public object Patch(UserRequest request)
{
User user;
UserResponse Response = new UserResponse();
if (request.Login.IsNullOrEmpty())
{
base.Response.StatusCode = (int)HttpStatusCode.BadRequest;
return Response;
}
user = Response.Patch(request);
if(user == null)
{
base.Response.StatusCode = (int)HttpStatusCode.NotFound;
return Response;
}
string response = JsonConvert.SerializeObject(user, Formatting.Indented);
return response;
}
public void CreateDemoAccounts()
{
var users = @"testuser testpass
aiden QSmCmH
alexander fcOYGZ
alexis XwG4Hy
allison Fm84Pz
alyssa msS0yK
amelia MmFTkh
andrew dhFHJu
anna jMmkjo
anthony sbck8m
ashley NkPu9U
aubrey Q0JkFr
audrey WNmaru
ava vxpGuz
avery fQZPjm
benjamin QlRHFr
brandon 9EQUYz
brayden TERA4w
brianna 480eZe
brooklyn bl3cqZ
caleb b9IIS3
camila jb4QR5
carter Og5630
charlotte SM9yUr
chloe xy0gfH
christian JFpfFr
christopher gXEuhD
claire Tks9GN
daniel 7djYGV
david uT4kWZ
dylan lPinW0
elijah yW9YQY
elizabeth VNquj0
ella vPMMfj
emily Y5LLgf
emma oH7Lda
ethan UdGHfc
evan rnKrac
evelyn DTjkV1
gabriel 3qRnkp
gabriella IujWTS
gavin bFDyb5
grace zEHd9O
hailey jgOwtp
hannah SN5OPs
isaac WS71tv
isabella ghrF6b
isaiah 9cUEET
jack ZINEES
jackson x7kslI
jacob hhx9q0";
var userdata = users.Split (new char[] { '\n' });
var userlist = new Dictionary<string, string> ();
foreach (var user in userdata) {
var credentials = user.Split (new char[] { ' ', '\t' }, StringSplitOptions.RemoveEmptyEntries);
userlist.Add (credentials [0], credentials [1]);
Console.WriteLine ("{0}\t{1}", credentials[0], credentials[1]);
}
var adminClient = this.GetAdminServiceClient ();
foreach (var kvp in userlist) {
var username = kvp.Key;
var password = kvp.Value;
var user = new DTOUser { Username = username, Password = password };
user.EmailAddress = username + "@example.com";
user.IsActivated = true;
user.IsVerified = true;
var user_url = new UserRequest ().ToUrl ("POST");
adminClient.Post<UserRequest> (user_url, user);
// get the user and verify
var user_get_url = new UserRequest () { Username = username }.ToUrl("GET");
var resp = adminClient.Get<DTOUser[]> (user_get_url);
Assert.AreEqual (username, resp[0].Username);
}
}
// TODO see if we can directly use DBUser
// update existing user
public object Put(UserRequest updated_user)
{
using (var conn = connFactory.OpenDbConnection ()) {
var stored_user = conn.FirstOrDefault<DBUser>("Username = {0}", updated_user.Username);
if (stored_user == null) {
// user did not exist, can't update
return new HttpResult {
Status = 404,
StatusDescription = "User " + updated_user.Username + " was not found," +
" and can't be updated. Try using HTTP POST to create a new user"
};
}
// TODO automapping
stored_user.IsActivated = updated_user.IsActivated;
stored_user.IsVerified = updated_user.IsVerified;
stored_user.AdditionalData = updated_user.AdditionalData;
stored_user.EmailAddress = updated_user.EmailAddress;
if (updated_user.Password != "") {
throw new NotImplementedException ("Password changing is not possible due to encryption!");
}
conn.Update<DBUser> (stored_user, u => u.Username == updated_user.Username);
}
Logger.DebugFormat ("updating user information for user {0}", updated_user.Username);
// do not return the password over the wire
updated_user.Password = "";
return new HttpResult (updated_user) {
StatusCode = System.Net.HttpStatusCode.OK,
StatusDescription = "Successfully updated user " + updated_user.Username
};
}
public void UpdateUser()
{
var user = new DTOUser () {
Username = "******",
Password = "******",
EmailAddress = "*****@*****.**",
AdditionalData = "some text",
FirstName = "Jane",
LastName = "Doeson"
};
var user_url = new UserRequest ().ToUrl ("PUT");
adminClient.Put<UserRequest> (user_url, user);
var all_users_url = new AllUserRequest ().ToUrl ("GET");
var all_users = adminClient.Get<DTOUser[]> (all_users_url);
var johndoe = all_users.First (u => u.Username == "johndoe");
Assert.AreEqual (user.Username, johndoe.Username);
Assert.AreEqual (user.Password, johndoe.Password);
Assert.AreEqual (user.EmailAddress, johndoe.EmailAddress);
Assert.AreEqual (user.AdditionalData, johndoe.AdditionalData);
Assert.AreEqual (user.FirstName, johndoe.FirstName);
Assert.AreEqual (user.LastName, johndoe.LastName);
}
/// <summary>
/// POST /admin/user
///
/// creates a new user.
///
/// returns HTTP Response =>
/// 201 Created
/// Location: http://localhost/admin/user/{Username}
/// </summary>
public object Post(UserRequest user)
{
var new_user = new DBUser ();
// TODO explicit mapping
new_user.PopulateWith (user);
// TODO move into RequestFilter
if (string.IsNullOrEmpty (user.Username))
throw new InvalidRequestDtoException { ErrorMessage = "Username was empty" };
if (string.IsNullOrEmpty (user.Password))
throw new InvalidRequestDtoException { ErrorMessage = "Password was empty" };
// TODO move into RequestFilter
if (! (user.Username.IsOnlySafeChars ()
&& user.Password.IsOnlySafeChars ()
&& user.EmailAddress.Replace ("@", "").IsOnlySafeChars ())) {
throw new ValidationException { ErrorMessage = "found unsafe/unallowed characters" };
}
// TODO move into RequestFilter
// lowercase the username
new_user.Username = new_user.Username.ToLower ();
// TODO move into API
new_user.CreateCryptoFields (user.Password);
using (var conn = connFactory.OpenDbConnection ()) {
var existing_user = conn.FirstOrDefault<DBUser> ("Username = {0}", new_user.Username);
if (existing_user != null)
throw new ConflictException (){ErrorMessage = "A user by that name already exists"};
conn.Insert<DBUser> (new_user);
}
return new HttpResult (new_user) {
StatusCode = HttpStatusCode.Created,
StatusDescription = "Sucessfully created user " + new_user.Username,
Headers = {
{ HttpHeaders.Location, base.Request.AbsoluteUri.CombineWith (new_user.Username) }
}
};
}
// TODO see if we can directly use DBUser
// update existing user
public object Put(UserRequest updated_user)
{
var user = new DBUser ();
// TODO make explicit mapping
user.PopulateWith (updated_user);
using (var conn = DbConfig.GetConnection ()) {
var stored_user = conn.FirstOrDefault<DBUser>("Username = {0}", user.Username);
if (stored_user == null) {
// user did not exist, can't update
return new HttpResult {
Status = 404,
StatusDescription = "User " + user.Username + " was not found," +
" and can't be updated. Try using HTTP POST to create a new user"
};
}
if (user.Password == "") {
// password was not sent so use the old password
// TODO hashing
user.Password = stored_user.Password;
}
conn.Update<DBUser> (user, u => u.Username == user.Username);
}
Logger.DebugFormat ("updating user information for user {0}", user.Username);
// do not return the password over the wire
user.Password = "";
return new HttpResult (user) {
StatusCode = System.Net.HttpStatusCode.OK,
StatusDescription = "Successfully updated user " + user.Username
};
}
public ReturnObject IsLoginUser(UserRequest Object)
{
bool isExist = false;
string message = "";
try
{
byte[] passwordText = GenericUtility.CreateSHAHash(Object.password);
string id = UserDAO.GetUserIDByUNamePass(Object.email, passwordText);
string sessionId = "";
OperationContext context = OperationContext.Current;
MessageProperties messageProperties = context.IncomingMessageProperties;
RemoteEndpointMessageProperty endpointProperty = messageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
if (id != null)
{
sessionId = UserDAO.InsertSession(id, Object.remember, endpointProperty.Address, System.Web.Configuration.WebConfigurationManager.AppSettings["SessionTime"].ToString());
isExist = true;
message = "مستخدم تسجيل الدخول بنجاح";
}
else {
isExist = false;
message = "البريد الإلكتروني غير صحيح أو كلمة المرور";
}
ReturnObject rObj = new ReturnObject(isExist, message, sessionId);
return rObj;
}catch(Exception ex){
ReturnObject rObj = new ReturnObject(false, ex.Message , "");
return rObj;
}
}
public void Post_CalledWithUser_ReturnsUserReponse()
{
// Given
var response = new UserResponse { Item = new User { Name = "Owner Name" } };
var request = new UserRequest { Item = new User { Name = "Owner Name" } };
_client.Setup(b => b.Post<UserResponse>(It.IsAny<Uri>(), request, "application/json")).Returns(response);
var userResource = new UserResource(_client.Object);
// When
var result = userResource.Post(request);
// Then
Assert.That(result, Is.EqualTo(response));
}
public async Task Ignore_Null_Password_On_Update(IMailService mailService, Guid id, User user, UserRequest request, string password)
{
user.Id = id;
user.Password = password;
request.Password = null;
var context = TestSetup.SetupContext();
await context.Users.AddAsync(user);
await context.SaveChangesAsync();
var service = new UserService(context, TestSetup.SetupHttpContext(), mailService);
var result = await service.Update(id, request);
result.Should().NotBeNull();
result.Password.Should().Be(password);
}
public async Task <IActionResult> PostUser([FromBody] UserRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest(new Response
{
IsSuccess = false,
Message = "Bad request",
Result = ModelState
}));
}
CultureInfo cultureInfo = new CultureInfo(request.CultureInfo);
Resource.Culture = cultureInfo;
UserEntity user = await _userHelper.GetUserAsync(request.Email);
if (user != null)
{
return(BadRequest(new Response
{
IsSuccess = false,
Message = Resource.UserAlreadyExists
}));
}
string picturePath = string.Empty;
if (request.PictureArray != null && request.PictureArray.Length > 0)
{
picturePath = await _blobHelper.UploadBlobAsync(request.PictureArray, "users");
}
user = new UserEntity
{
Address = request.Address,
Document = request.Document,
Email = request.Email,
FirstName = request.FirstName,
LastName = request.LastName,
PhoneNumber = request.Phone,
UserName = request.Email,
PicturePath = picturePath,
UserType = UserType.User,
Team = await _dataContext.Teams.FindAsync(request.TeamId)
};
IdentityResult result = await _userHelper.AddUserAsync(user, request.Password);
if (result != IdentityResult.Success)
{
return(BadRequest(result.Errors.FirstOrDefault().Description));
}
UserEntity userNew = await _userHelper.GetUserAsync(request.Email);
await _userHelper.AddUserToRoleAsync(userNew, user.UserType.ToString());
string myToken = await _userHelper.GenerateEmailConfirmationTokenAsync(user);
string tokenLink = Url.Action("ConfirmEmail", "Account", new
{
userid = user.Id,
token = myToken
}, protocol: HttpContext.Request.Scheme);
_mailHelper.SendMail(request.Email, Resource.ConfirmEmail, $"<h1>{Resource.ConfirmEmail}</h1>" +
$"{Resource.ConfirmEmailSubject}</br></br><a href = \"{tokenLink}\">{Resource.ConfirmEmail}</a>");
return(Ok(new Response
{
IsSuccess = true,
Message = Resource.ConfirmEmailMessage
}));
}
public void Post(UserRequest request)
{
UserRepo.Instance.AddUser(request.ToUser(UniqueId.Next()));
}
public ReturnObject VerificationCodeEmail(UserRequest Object)
{
bool isExist = false;
string message = "";
try
{
User user = UserDAO.GetUserByID(Object.id);
if (user != null)
{
string code = HttpUtility.UrlEncode(Convert.ToBase64String(GenericUtility.CreateSHAHash(user.VerificationCode)));
EmailUtility.SendVerifiyCodeEmail(user.Email, "عقاراتي - التحقق من الحساب", "http://94.236.98.81/Aqaraty/AccountVerification.aspx?userId=" + user.UserID + "&code=" + code);
message = "مسجل بنجاح - البريد الإلكتروني المرسلة للتحقق منها";
isExist = true;
}
else
{
isExist = false;
message = "فشل تسجيل";
}
ReturnObject rObj = new ReturnObject(isExist, message, "");
return rObj;
}
catch (Exception ex)
{
ReturnObject rObj = new ReturnObject(false, ex.Message, "");
return rObj;
}
}
public async Task<UserResponse> UpdateUserDataAsync(int qbUserId, UserRequest updateUserRequest)
{
var updateData = new UpdateUserRequest();
updateData.User = updateUserRequest;
var response = await this.client.UsersClient.UpdateUserAsync(qbUserId, updateData);
if (await HandleResponse(response, HttpStatusCode.OK))
{
return response.Result;
}
return null;
}
//
// GET: /Account/peAppUser/
public ActionResult Index(UserRequest request)
{
var result = this.AccountService.GetUserList(request);
return(View(result));
}
