Beispiel #1
0
 /// <summary>
 /// Validate form-level request
 /// </summary>
 /// <param name="validationDictionary"></param>
 public bool ValidateRequest(IValidationDictionary validationDictionary)
 {
     var requestDictionary = new ValidationDictionary();
     if (Password != ConfirmPassword)
     {
         requestDictionary.AddError("Password", "Passwords do not match.");
     }
     validationDictionary.Merge(requestDictionary);
     return requestDictionary.IsValid;
 }
Beispiel #2
0
 /// <summary>
 /// Validate form-level request
 /// </summary>
 /// <param name="validationDictionary"></param>
 public bool ValidateRequest(IValidationDictionary validationDictionary)
 {
     var requestDictionary = new ValidationDictionary();
     if (string.IsNullOrEmpty(ResetToken))
     {
         requestDictionary.AddError("ResetToken", "Reset token not specified.");
     }
     if (string.IsNullOrEmpty(Password))
     {
         requestDictionary.AddError("Password", "Password is required.");
     }
     if (Password != ConfirmPassword)
     {
         requestDictionary.AddError("Password", "Passwords do not match.");
     }
     validationDictionary.Merge(requestDictionary);
     return requestDictionary.IsValid;
 }
Beispiel #3
0
        public void Validate_Successful_With_Valid_Information()
        {
            // Arrange
            var model = new SignUpInputModel
            {
                Email = "*****@*****.**",
                Password = "******",
                ConfirmPassword = "******"
            };
            var validationDictionary = new ValidationDictionary();

            // Act

            var result = model.ValidateRequest(validationDictionary);

            // Assert
            Assert.IsTrue(result);
        }
Beispiel #4
0
        public void Validate_Fails_Mismatched_Passwords()
        {
            // Arrange
            var model = new SignUpInputModel
                {
                    Email = "*****@*****.**",
                    Password = "******",
                    ConfirmPassword = "******"
                };
            var validationDictionary = new ValidationDictionary();

            // Act

            var result = model.ValidateRequest(validationDictionary);

            // Assert
            Assert.IsFalse(result);
        }
Beispiel #5
0
        public BaseResponseModel Update(UpdateUserInputModel inputModel)
        {
            var vm = new BaseResponseModel();

            // Validate request
            var validationState = new ValidationDictionary();
            inputModel.ValidateRequest(validationState);

            // Get existing user
            var user = UserService.GetUserById(inputModel.UserId);
            if (user == null)
            {
                throw new HttpException(404, "User not found.");
            }

            // Do not allow editing of users other than yourself if you
            // don't have permissions
            if (!CurrentUser.HasPermission(Permission.EditUsers)
                && user.Id != CurrentUser.Id)
            {
                throw new HttpException(401, "You do not have permissions to complete this action.");
            }

            // Copy properties
            bool emailChanged = user.Email != inputModel.Email;
            user.Email = inputModel.Email;
            string newPass = String.IsNullOrWhiteSpace(inputModel.Password)
                ? null : inputModel.Password;

            // Additional properties for admin users
            if (CurrentUser.HasPermission(Permission.EditUsers))
            {
                if (inputModel.Role.HasValue) user.Role = inputModel.Role.Value;
            }

            if (UserService.ValidateUser(user, validationState))
            {
                UserService.UpdateUser(user, newPass);
                if (emailChanged)
                {
                    ReAuthorizeUser(inputModel.Email);
                }

                LogService.CreateLog(new Log
                {
                    Category = LogCategory.Application,
                    IpAddress = GetClientIp(ControllerContext.Request),
                    Level = LogLevel.Info,
                    Message = "User " + inputModel.Email + " (ID #" + user.Id + ") was updated.",
                    User = CurrentUser
                });

                vm.Success = true;
            }

            vm.Errors = validationState.Errors;
            return vm;
        }
Beispiel #6
0
        public BaseResponseModel SignUp(SignUpInputModel inputModel)
        {
            var vm = new AuthResponseModel();

            // Validate request
            var validationState = new ValidationDictionary();
            inputModel.ValidateRequest(validationState);

            var user = new User
                {
                    Email = inputModel.Email,
                    Role = Role.Member
                };
            UserService.GenerateUserPassword(user, inputModel.Password);

            if (UserService.ValidateUser(user, validationState))
            {
                UserService.CreateUser(user);

                // Authenticate to create token
                user = UserService.Authenticate(user.Email, inputModel.Password);
                _auth.DoAuth(user.Email, false);

                vm.Success = true;
                vm.Token = user.AuthToken.Token;
                vm.Expires = user.AuthToken.Expires;
            }

            vm.Errors = validationState.Errors;
            return vm;
        }
Beispiel #7
0
        public BaseResponseModel ResetPassword(ResetPasswordInputModel inputModel)
        {
            // Get existing user
            var vm = new BaseResponseModel();
            var validationState = new ValidationDictionary();
            inputModel.ValidateRequest(validationState);

            if (validationState.IsValid)
            {
                var user = UserService.GetUserByResetToken(inputModel.ResetToken);
                if (user != null)
                {
                    UserService.ResetPassword(user, inputModel.Password);
                    vm.Success = true;
                }
                else
                {
                    validationState.AddError("ResetToken", "Invalid reset token.");
                }
            }

            vm.Errors = validationState.Errors;

            return vm;
        }
Beispiel #8
0
        public BaseResponseModel Update(UpdateResourceInputModel inputModel)
        {
            var vm = new BaseResponseModel();

            // Validate request
            var validationState = new ValidationDictionary();

            // Get existing resource
            var resource = _resourceService.GetResourceById(inputModel.ResourceId);
            if (resource == null)
            {
                throw new HttpException(404, "Resource not found.");
            }

            // Do not allow editing of resources other than yourself if you
            // don't have permissions
            if (!CurrentUser.HasPermission(Permission.EditResources))
            {
                throw new HttpException(401, "You do not have permissions to complete this action.");
            }

            // Copy properties
            resource.Value = inputModel.Value;

            if (_resourceService.ValidateResource(resource, validationState))
            {
                _resourceService.UpdateResource(resource);

                LogService.CreateLog(new Log
                {
                    Category = LogCategory.Application,
                    IpAddress = GetClientIp(ControllerContext.Request),
                    Level = LogLevel.Info,
                    Message = "Resource " + resource.Name + " (ID #" + resource.Id + ") was updated.",
                    User = CurrentUser
                });

                vm.Success = true;
            }

            vm.Errors = validationState.Errors;
            return vm;
        }