Beispiel #1
0
        public IActionResult Put(int id_i, Users newUser)
        {
            if (XSS.CheckIfTooLong(newUser.HashPassword, 50))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad password", "The password is too long")));
            }

            if (XSS.CheckIfTooLong(newUser.Name, 20))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad name", "The name is too long")));
            }

            if (!XSS.CheckIfAlphaNum(newUser.Name))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad name", "The name contains forbidden signs")));
            }

            if (XSS.CheckIfTooLong(newUser.Surname, 20))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad surname", "The surname is too long")));
            }

            if (!XSS.CheckIfAlphaNum(newUser.Surname))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs")));
            }

            try
            {
                Users updatedUser = _query.APIGetById(id_i, _context);
                if (updatedUser == null)
                {
                    return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(
                                                HttpStatusCode.OK, String.Empty, false, 3,
                                                "Invalid user", "User not found in database")));
                }
                else
                {
                    // in this moment we assume that email, permissionid, salt
                    // is UNALTERABLE!!
                    _query.APIPut(updatedUser, newUser, _context);
                }
            }
            catch (Exception ex)
            {
                ErrInfLogger.LockInstance.ErrorLog(ex.ToString());
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest,
                                                                                       String.Empty, false, 4, "Exception", "Application exception thrown")));
            }
            return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                   String.Empty, true, 0, "Updated", "User updated in database")));
        }
Beispiel #2
0
        public IActionResult Post(Users newUser)
        {
            if (_query.APIGetByEmail(newUser.Email, _context) != null)
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 5, "User exists", "User exists in database")));
            }

            if (XSS.CheckIfTooLong(newUser.Email, 30))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad email", "The email is too long")));
            }

            if (XSS.CheckIfContains(newUser.Email, XSS.forbiddenList_s))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad email", "The email contains forbidden signs")));
            }

            if (XSS.CheckIfTooLong(newUser.HashPassword, 50))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad password", "The password is too long")));
            }

            if (XSS.CheckIfTooLong(newUser.Name, 20))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad name", "The name is too long")));
            }

            if (!XSS.CheckIfAlphaNum(newUser.Name))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad name", "The name contains forbidden signs")));
            }

            if (XSS.CheckIfTooLong(newUser.Surname, 20))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 7, "Bad surname", "The surname is too long")));
            }

            if (!XSS.CheckIfAlphaNum(newUser.Surname))
            {
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                       String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs")));
            }

            try
            {
                _query.APIPost(newUser, _context);
            }
            catch (Exception ex)
            {
                ErrInfLogger.LockInstance.ErrorLog(ex.ToString());
                return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest,
                                                                                       String.Empty, false, 4, "Exception", "Application exception thrown")));
            }
            return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
                                                                                   String.Empty, true, 0, "Created", "User created in database")));
        }