public async Task <HttpResponseMessage> Details(HttpRequestMessage request, string id) { if (string.IsNullOrEmpty(id)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, nameof(id) + Common.Constants.MessageSystem.NoValues)); } if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } var user = await _userService.FindUserById(id); if (user == null) { return(request.CreateErrorResponse(HttpStatusCode.NoContent, Common.Constants.MessageSystem.NoData)); } else { var roles = await AppUserManager.GetRolesAsync(user.Id); var applicationUserViewModel = Mapper.Map <AppUser, AppUserViewModel>(user); var listUserNo = _fingermachineuserService.GetFingerMachineUserByUserID(user.Id).Select(x => x.ID); applicationUserViewModel.ListUserNo = string.Join("-", listUserNo); applicationUserViewModel.Roles = roles; return(request.CreateResponse(HttpStatusCode.OK, applicationUserViewModel)); } }
public async Task <HttpResponseMessage> ChangePassword(HttpRequestMessage request, string id, string password, string newPassword) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } if (!string.IsNullOrEmpty(id)) { var appUser = await AppUserManager.FindByIdAsync(id); if (appUser != null) { bool passwordCheck = await AppUserManager.CheckPasswordAsync(appUser, password); if (passwordCheck) { var result = await AppUserManager.ChangePasswordAsync(appUser.Id, password, newPassword); return(request.CreateResponse(HttpStatusCode.OK, Common.Constants.MessageSystem.ChangePasswordSuccess)); } return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.ErrorOldPassword)); } return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.UserNotFound)); } return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.ErrorIdNull)); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { UserManager <AppUser> userManager = context.OwinContext.GetUserManager <UserManager <AppUser> >(); AppUser user; try { user = await userManager.FindAsync(context.UserName, context.Password); } catch { // Could not retrieve the user due to error. context.SetError(CommonConstants.ServerError, MessageSystem.ServerProcessingError); return; } if (user != null) { if (!user.Status.Value) { context.SetError(CommonConstants.ServerError, MessageSystem.BlockAccount); var b = context.Error; // context.Rejected(); return; } var permissions = ServiceFactory.Get <IPermissionService>().GetByUserId(user.Id); var permissionViewModels = AutoMapper.Mapper.Map <ICollection <Permission>, ICollection <PermissionViewModel> >(permissions); var roles = userManager.GetRoles(user.Id); ClaimsIdentity identity = await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ExternalBearer); string email = string.IsNullOrEmpty(user.Email) ? "" : user.Email; identity.AddClaim(new Claim("id", user.Id)); identity.AddClaim(new Claim("fullName", user.FullName)); identity.AddClaim(new Claim("email", email)); identity.AddClaim(new Claim("username", user.UserName)); identity.AddClaim(new Claim("roles", JsonConvert.SerializeObject(roles))); identity.AddClaim(new Claim("permissions", JsonConvert.SerializeObject(permissionViewModels))); identity.AddClaim(new Claim("groupId", user.GroupId.ToString())); var props = new AuthenticationProperties(new Dictionary <string, string> { { "id", user.Id }, { "fullName", user.FullName }, { "email", email }, { "username", user.UserName }, { "permissions", JsonConvert.SerializeObject(permissionViewModels) }, { "roles", JsonConvert.SerializeObject(roles) }, { "groupId", user.GroupId.ToString() } }); context.Validated(new AuthenticationTicket(identity, props)); MemoryCacheHelper.RemoveUserEditByAdmin(user.UserName); } else { context.SetError(CommonConstants.Invalid_Grant, MessageSystem.WorngUserNameAndPassWord); } }
public async Task <HttpResponseMessage> ChangeStatusUserMulti(HttpRequestMessage request, [FromBody] string[] listUser) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } foreach (var item in listUser) { var appUser = await AppUserManager.FindByIdAsync(item); appUser.Status = !appUser.Status; var result = await AppUserManager.UpdateAsync(appUser); _userService.AddListUserEditByAdmin(appUser.UserName); } return(request.CreateResponse(HttpStatusCode.OK, true)); }
public async Task <HttpResponseMessage> ChangeStatusUser(HttpRequestMessage request, string userId) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } var appUser = await AppUserManager.FindByIdAsync(userId); if (appUser.Status == false) { appUser.ResignationDate = null; } appUser.Status = !appUser.Status; var result = await AppUserManager.UpdateAsync(appUser); _userService.AddListUserEditByAdmin(appUser.UserName); return(request.CreateResponse(HttpStatusCode.OK, result)); }
//[Authorize(Roles ="DeleteUser")] public async Task <HttpResponseMessage> Delete(HttpRequestMessage request, string id) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } var appUser = await AppUserManager.FindByIdAsync(id); var result = await AppUserManager.DeleteAsync(appUser); if (result.Succeeded) { return(request.CreateResponse(HttpStatusCode.OK, id)); } else { return(request.CreateErrorResponse(HttpStatusCode.OK, string.Join(",", result.Errors))); } }
public async Task <HttpResponseMessage> Resign(HttpRequestMessage request, string userId, DateTime resignationDate) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } var appUser = await AppUserManager.FindByIdAsync(userId); appUser.Status = false; appUser.ResignationDate = resignationDate.Date; var result = await AppUserManager.UpdateAsync(appUser); _userService.AddListUserEditByAdmin(appUser.UserName); if (result.Succeeded) { return(request.CreateResponse(HttpStatusCode.OK, result)); } else { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "Cannot update user resign !")); } }
protected async Task <HttpResponseMessage> CreateHttpResponse(HttpRequestMessage requestMessage, Func <HttpResponseMessage> function) { HttpResponseMessage response = null; try { response = function.Invoke(); } catch (DbEntityValidationException ex) { foreach (var eve in ex.EntityValidationErrors) { Trace.WriteLine($"Entity of type \"{eve.Entry.Entity.GetType().Name}\" in state \"{eve.Entry.State}\" has the following validation error."); foreach (var ve in eve.ValidationErrors) { Trace.WriteLine($"- Property: \"{ve.PropertyName}\", Error: \"{ve.ErrorMessage}\""); } } LogError(ex); response = requestMessage.CreateResponse(HttpStatusCode.BadRequest, ex.InnerException.Message); } catch (DbUpdateException dbEx) { LogError(dbEx); response = requestMessage.CreateResponse(HttpStatusCode.BadRequest, dbEx.InnerException.Message); } catch (Exception ex) { LogError(ex); response = requestMessage.CreateResponse(HttpStatusCode.BadRequest, ex.Message); } if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(requestMessage.CreateErrorResponse(HttpStatusCode.BadRequest, "Error_Edit_By_Admin")); } return(response); }
//[Permission(Action = "Update", Function = "USER")] public async Task <HttpResponseMessage> Update(HttpRequestMessage request, AppUserViewModel applicationUserViewModel) { if (ModelState.IsValid) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name) && User.Identity.Name != applicationUserViewModel.UserName) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } var appUser = await AppUserManager.FindByIdAsync(applicationUserViewModel.Id); if (applicationUserViewModel.Roles.Contains(CommonConstants.GroupLead) && applicationUserViewModel.GroupId != null) { var groupleaderID = AppRoleManager.FindByNameAsync(CommonConstants.GroupLead).Result.Id; var groupLeader = AppUserManager.Users.Where(x => x.Roles.Any(r => r.RoleId.Equals(groupleaderID) && x.GroupId == applicationUserViewModel.GroupId)).FirstOrDefault(); if (groupLeader != null && !groupLeader.Equals(appUser)) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.Error_Exist_Group_Lead)); } } var roleIDNew = AppRoleManager.FindByNameAsync(applicationUserViewModel.Roles.FirstOrDefault()).Result.Id; if (applicationUserViewModel.UserName == User.Identity.Name && appUser.Roles.FirstOrDefault().RoleId != roleIDNew) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.Unable_Update_Role_YourSelf)); } var checkStartDateAndBirthDay = _userService.CheckStartDateAndBirthDay(applicationUserViewModel.BirthDay, applicationUserViewModel.StartWorkingDay); if (!string.IsNullOrEmpty(checkStartDateAndBirthDay)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, checkStartDateAndBirthDay)); } try { var FingerManchineUser = _fingermachineuserService.GetFingerMachineUserByUserID(applicationUserViewModel.Id); var lstUserNoAdd = applicationUserViewModel.ListUserNo.Split('-').ToList().Except(FingerManchineUser.Select(x => x.ID)); if (!ValidateUserNo(lstUserNoAdd)) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoNotValid)); } if (FingerManchineUser.Count > 0) { var lstUserNoRemove = FingerManchineUser.Select(x => x.ID).Except(applicationUserViewModel.ListUserNo.Split('-').ToList()); if (FingerManchineUser.Select(x => x.ID).ToList().Count() > 0 && (lstUserNoAdd.Count() > 0 || lstUserNoRemove.Count() > 0)) { if (_fingermachineuserService.IsUserNoExist(lstUserNoAdd.ToList()))//_fingermachineuserService.IsFingerManchineUserExist(applicationUserViewModel.AccNameInMachineFinger)) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist)); } if (_fingerTimeSheetService.IsUserNoExistTimeSheet(lstUserNoAdd.ToList()) || _fingerTimeSheetService.IsUserNoExistTimeSheet(lstUserNoRemove.ToList())) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageExistTimeSheetEmpNo)); } _fingermachineuserService.Update(lstUserNoAdd.ToList(), lstUserNoRemove.ToList(), applicationUserViewModel.Id); } } else { if (_fingermachineuserService.IsUserNoExist(lstUserNoAdd.ToList())) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist)); } } if (applicationUserViewModel.ListUserNo.Split('-').Count() > 0 && !string.IsNullOrEmpty(applicationUserViewModel.ListUserNo.Split('-')[0]) && FingerManchineUser.Count == 0) { foreach (var item in applicationUserViewModel.ListUserNo.Split('-').Distinct()) { _fingermachineuserService.Create(new FingerMachineUser() { ID = item, UserId = applicationUserViewModel.Id }); } _unitOfWork.Commit(); } //Update Not Done appUser.UpdateUser(applicationUserViewModel); var result = await AppUserManager.UpdateAsync(appUser); if (result.Succeeded) { if (User.IsInRole(CommonConstants.Admin) && User.Identity.Name != applicationUserViewModel.UserName) { _userService.AddListUserEditByAdmin(applicationUserViewModel.UserName); } var userRoles = await AppUserManager.GetRolesAsync(appUser.Id); var selectedRole = applicationUserViewModel.Roles.ToArray(); selectedRole = selectedRole ?? new string[] { }; await AppUserManager.RemoveFromRolesAsync(appUser.Id, userRoles.ToArray()); await AppUserManager.AddToRolesAsync(appUser.Id, selectedRole.ToArray()); return(request.CreateResponse(HttpStatusCode.OK, applicationUserViewModel)); } return(request.CreateResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.MessageDuplicateEmail)); } catch (NameDuplicatedException dex) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, dex.Message)); } } return(request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); }
public async Task <HttpResponseMessage> Create(HttpRequestMessage request, AppUserViewModel applicationUserViewModel) { if (ModelState.IsValid) { if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin)); } if (applicationUserViewModel.Roles.Contains(CommonConstants.GroupLead) && applicationUserViewModel.GroupId != null) { var groupleaderID = AppRoleManager.FindByNameAsync(CommonConstants.GroupLead).Result.Id; var groupLeader = AppUserManager.Users.Where(x => x.Roles.Any(r => r.RoleId.Equals(groupleaderID) && x.GroupId == applicationUserViewModel.GroupId)).FirstOrDefault(); if (groupLeader != null && !groupLeader.Equals(applicationUserViewModel)) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.Error_Create_Exist_Group_Lead)); } } var username = AppUserManager.FindByNameAsync(applicationUserViewModel.UserName).Result; var email = AppUserManager.FindByEmailAsync(applicationUserViewModel.Email).Result; //if (username != null && email != null) //{ // if (username.Status == false) // { // return request.CreateResponse(HttpStatusCode.OK, "Inaction"); // } //} if (username != null) { if (username.Status == true) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, MessageSystem.MessageDuplicateUserName)); } } if (email != null) { if (email.Status == true) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, MessageSystem.MessageDuplicateEmail)); } else { return(request.CreateResponse(HttpStatusCode.OK, "Inaction")); } } var newAppUser = new AppUser(); newAppUser.UpdateUser(applicationUserViewModel); newAppUser.Status = true; try { newAppUser.Id = Guid.NewGuid().ToString(); if (applicationUserViewModel.ListUserNo != null && applicationUserViewModel.ListUserNo.Count() > 0) { if (!ValidateUserNo(applicationUserViewModel.ListUserNo.Split('-'))) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoNotValid)); } if (_fingermachineuserService.IsUserNoExist(applicationUserViewModel.ListUserNo.Split('-').ToList())) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist)); } } var checkStartDateAndBirthDay = _userService.CheckStartDateAndBirthDay(applicationUserViewModel.BirthDay, applicationUserViewModel.StartWorkingDay); if (!string.IsNullOrEmpty(checkStartDateAndBirthDay)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, checkStartDateAndBirthDay)); } var result = await AppUserManager.CreateAsync(newAppUser, applicationUserViewModel.Password); if (result.Succeeded) { var roles = applicationUserViewModel.Roles.ToArray(); await AppUserManager.AddToRolesAsync(newAppUser.Id, roles); //Create entitle day of user new _entitleDayAppUserService.CreateEntitleDayAppUser(newAppUser); //Add user into table config delegation var configDelegation = new ConfigDelegation(); configDelegation.UserId = newAppUser.Id; _configDelegateionService.Add(configDelegation); _configDelegateionService.SaveChange(); if (applicationUserViewModel.ListUserNo != null) { List <string> lstUserno = applicationUserViewModel.ListUserNo.Split('-').ToList(); if (lstUserno.Count() > 0) { if (_fingermachineuserService.IsUserNoExist(lstUserno)) { return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist)); } else { foreach (var item in lstUserno) { _fingermachineuserService.Create(new FingerMachineUser() { ID = item, UserId = newAppUser.Id }); } _unitOfWork.Commit(); } } } return(request.CreateResponse(HttpStatusCode.OK, applicationUserViewModel)); } else { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, string.Join(",", result.Errors))); } } catch (NameDuplicatedException dex) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, dex.Message)); } catch (Exception ex) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message)); } } else { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } }