public async Task <HttpResponseMessage> Details(HttpRequestMessage request, string id)
{
if (string.IsNullOrEmpty(id))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, nameof(id) + Common.Constants.MessageSystem.NoValues));
}
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
var user = await _userService.FindUserById(id);
if (user == null)
{
return(request.CreateErrorResponse(HttpStatusCode.NoContent, Common.Constants.MessageSystem.NoData));
}
else
{
var roles = await AppUserManager.GetRolesAsync(user.Id);
var applicationUserViewModel = Mapper.Map <AppUser, AppUserViewModel>(user);
var listUserNo = _fingermachineuserService.GetFingerMachineUserByUserID(user.Id).Select(x => x.ID);
applicationUserViewModel.ListUserNo = string.Join("-", listUserNo);
applicationUserViewModel.Roles = roles;
return(request.CreateResponse(HttpStatusCode.OK, applicationUserViewModel));
}
}
public async Task <HttpResponseMessage> ChangePassword(HttpRequestMessage request, string id, string password, string newPassword)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
if (!string.IsNullOrEmpty(id))
{
var appUser = await AppUserManager.FindByIdAsync(id);
if (appUser != null)
{
bool passwordCheck = await AppUserManager.CheckPasswordAsync(appUser, password);
if (passwordCheck)
{
var result = await AppUserManager.ChangePasswordAsync(appUser.Id, password, newPassword);
return(request.CreateResponse(HttpStatusCode.OK, Common.Constants.MessageSystem.ChangePasswordSuccess));
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.ErrorOldPassword));
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.UserNotFound));
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.ErrorIdNull));
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
UserManager <AppUser> userManager = context.OwinContext.GetUserManager <UserManager <AppUser> >();
AppUser user;
try
{
user = await userManager.FindAsync(context.UserName, context.Password);
}
catch
{
// Could not retrieve the user due to error.
context.SetError(CommonConstants.ServerError, MessageSystem.ServerProcessingError);
return;
}
if (user != null)
{
if (!user.Status.Value)
{
context.SetError(CommonConstants.ServerError, MessageSystem.BlockAccount);
var b = context.Error;
// context.Rejected();
return;
}
var permissions = ServiceFactory.Get <IPermissionService>().GetByUserId(user.Id);
var permissionViewModels = AutoMapper.Mapper.Map <ICollection <Permission>, ICollection <PermissionViewModel> >(permissions);
var roles = userManager.GetRoles(user.Id);
ClaimsIdentity identity = await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ExternalBearer);
string email = string.IsNullOrEmpty(user.Email) ? "" : user.Email;
identity.AddClaim(new Claim("id", user.Id));
identity.AddClaim(new Claim("fullName", user.FullName));
identity.AddClaim(new Claim("email", email));
identity.AddClaim(new Claim("username", user.UserName));
identity.AddClaim(new Claim("roles", JsonConvert.SerializeObject(roles)));
identity.AddClaim(new Claim("permissions", JsonConvert.SerializeObject(permissionViewModels)));
identity.AddClaim(new Claim("groupId", user.GroupId.ToString()));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{ "id", user.Id },
{ "fullName", user.FullName },
{ "email", email },
{ "username", user.UserName },
{ "permissions", JsonConvert.SerializeObject(permissionViewModels) },
{ "roles", JsonConvert.SerializeObject(roles) },
{ "groupId", user.GroupId.ToString() }
});
context.Validated(new AuthenticationTicket(identity, props));
MemoryCacheHelper.RemoveUserEditByAdmin(user.UserName);
}
else
{
context.SetError(CommonConstants.Invalid_Grant, MessageSystem.WorngUserNameAndPassWord);
}
}
public async Task <HttpResponseMessage> ChangeStatusUserMulti(HttpRequestMessage request, [FromBody] string[] listUser)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
foreach (var item in listUser)
{
var appUser = await AppUserManager.FindByIdAsync(item);
appUser.Status = !appUser.Status;
var result = await AppUserManager.UpdateAsync(appUser);
_userService.AddListUserEditByAdmin(appUser.UserName);
}
return(request.CreateResponse(HttpStatusCode.OK, true));
}
public async Task <HttpResponseMessage> ChangeStatusUser(HttpRequestMessage request, string userId)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
var appUser = await AppUserManager.FindByIdAsync(userId);
if (appUser.Status == false)
{
appUser.ResignationDate = null;
}
appUser.Status = !appUser.Status;
var result = await AppUserManager.UpdateAsync(appUser);
_userService.AddListUserEditByAdmin(appUser.UserName);
return(request.CreateResponse(HttpStatusCode.OK, result));
}
//[Authorize(Roles ="DeleteUser")]
public async Task <HttpResponseMessage> Delete(HttpRequestMessage request, string id)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
var appUser = await AppUserManager.FindByIdAsync(id);
var result = await AppUserManager.DeleteAsync(appUser);
if (result.Succeeded)
{
return(request.CreateResponse(HttpStatusCode.OK, id));
}
else
{
return(request.CreateErrorResponse(HttpStatusCode.OK, string.Join(",", result.Errors)));
}
}
public async Task <HttpResponseMessage> Resign(HttpRequestMessage request, string userId, DateTime resignationDate)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
var appUser = await AppUserManager.FindByIdAsync(userId);
appUser.Status = false;
appUser.ResignationDate = resignationDate.Date;
var result = await AppUserManager.UpdateAsync(appUser);
_userService.AddListUserEditByAdmin(appUser.UserName);
if (result.Succeeded)
{
return(request.CreateResponse(HttpStatusCode.OK, result));
}
else
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "Cannot update user resign !"));
}
}
protected async Task <HttpResponseMessage> CreateHttpResponse(HttpRequestMessage requestMessage, Func <HttpResponseMessage> function)
{
HttpResponseMessage response = null;
try
{
response = function.Invoke();
}
catch (DbEntityValidationException ex)
{
foreach (var eve in ex.EntityValidationErrors)
{
Trace.WriteLine($"Entity of type \"{eve.Entry.Entity.GetType().Name}\" in state \"{eve.Entry.State}\" has the following validation error.");
foreach (var ve in eve.ValidationErrors)
{
Trace.WriteLine($"- Property: \"{ve.PropertyName}\", Error: \"{ve.ErrorMessage}\"");
}
}
LogError(ex);
response = requestMessage.CreateResponse(HttpStatusCode.BadRequest, ex.InnerException.Message);
}
catch (DbUpdateException dbEx)
{
LogError(dbEx);
response = requestMessage.CreateResponse(HttpStatusCode.BadRequest, dbEx.InnerException.Message);
}
catch (Exception ex)
{
LogError(ex);
response = requestMessage.CreateResponse(HttpStatusCode.BadRequest, ex.Message);
}
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(requestMessage.CreateErrorResponse(HttpStatusCode.BadRequest, "Error_Edit_By_Admin"));
}
return(response);
}
//[Permission(Action = "Update", Function = "USER")]
public async Task <HttpResponseMessage> Update(HttpRequestMessage request, AppUserViewModel applicationUserViewModel)
{
if (ModelState.IsValid)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name) && User.Identity.Name != applicationUserViewModel.UserName)
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
var appUser = await AppUserManager.FindByIdAsync(applicationUserViewModel.Id);
if (applicationUserViewModel.Roles.Contains(CommonConstants.GroupLead) && applicationUserViewModel.GroupId != null)
{
var groupleaderID = AppRoleManager.FindByNameAsync(CommonConstants.GroupLead).Result.Id;
var groupLeader = AppUserManager.Users.Where(x => x.Roles.Any(r => r.RoleId.Equals(groupleaderID) && x.GroupId == applicationUserViewModel.GroupId)).FirstOrDefault();
if (groupLeader != null && !groupLeader.Equals(appUser))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.Error_Exist_Group_Lead));
}
}
var roleIDNew = AppRoleManager.FindByNameAsync(applicationUserViewModel.Roles.FirstOrDefault()).Result.Id;
if (applicationUserViewModel.UserName == User.Identity.Name && appUser.Roles.FirstOrDefault().RoleId != roleIDNew)
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.Unable_Update_Role_YourSelf));
}
var checkStartDateAndBirthDay = _userService.CheckStartDateAndBirthDay(applicationUserViewModel.BirthDay, applicationUserViewModel.StartWorkingDay);
if (!string.IsNullOrEmpty(checkStartDateAndBirthDay))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, checkStartDateAndBirthDay));
}
try
{
var FingerManchineUser = _fingermachineuserService.GetFingerMachineUserByUserID(applicationUserViewModel.Id);
var lstUserNoAdd = applicationUserViewModel.ListUserNo.Split('-').ToList().Except(FingerManchineUser.Select(x => x.ID));
if (!ValidateUserNo(lstUserNoAdd))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoNotValid));
}
if (FingerManchineUser.Count > 0)
{
var lstUserNoRemove = FingerManchineUser.Select(x => x.ID).Except(applicationUserViewModel.ListUserNo.Split('-').ToList());
if (FingerManchineUser.Select(x => x.ID).ToList().Count() > 0 && (lstUserNoAdd.Count() > 0 || lstUserNoRemove.Count() > 0))
{
if (_fingermachineuserService.IsUserNoExist(lstUserNoAdd.ToList()))//_fingermachineuserService.IsFingerManchineUserExist(applicationUserViewModel.AccNameInMachineFinger))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist));
}
if (_fingerTimeSheetService.IsUserNoExistTimeSheet(lstUserNoAdd.ToList()) || _fingerTimeSheetService.IsUserNoExistTimeSheet(lstUserNoRemove.ToList()))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageExistTimeSheetEmpNo));
}
_fingermachineuserService.Update(lstUserNoAdd.ToList(), lstUserNoRemove.ToList(), applicationUserViewModel.Id);
}
}
else
{
if (_fingermachineuserService.IsUserNoExist(lstUserNoAdd.ToList()))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist));
}
}
if (applicationUserViewModel.ListUserNo.Split('-').Count() > 0 && !string.IsNullOrEmpty(applicationUserViewModel.ListUserNo.Split('-')[0]) && FingerManchineUser.Count == 0)
{
foreach (var item in applicationUserViewModel.ListUserNo.Split('-').Distinct())
{
_fingermachineuserService.Create(new FingerMachineUser()
{
ID = item, UserId = applicationUserViewModel.Id
});
}
_unitOfWork.Commit();
}
//Update Not Done
appUser.UpdateUser(applicationUserViewModel);
var result = await AppUserManager.UpdateAsync(appUser);
if (result.Succeeded)
{
if (User.IsInRole(CommonConstants.Admin) && User.Identity.Name != applicationUserViewModel.UserName)
{
_userService.AddListUserEditByAdmin(applicationUserViewModel.UserName);
}
var userRoles = await AppUserManager.GetRolesAsync(appUser.Id);
var selectedRole = applicationUserViewModel.Roles.ToArray();
selectedRole = selectedRole ?? new string[] { };
await AppUserManager.RemoveFromRolesAsync(appUser.Id, userRoles.ToArray());
await AppUserManager.AddToRolesAsync(appUser.Id, selectedRole.ToArray());
return(request.CreateResponse(HttpStatusCode.OK, applicationUserViewModel));
}
return(request.CreateResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.MessageDuplicateEmail));
}
catch (NameDuplicatedException dex)
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, dex.Message));
}
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
public async Task <HttpResponseMessage> Create(HttpRequestMessage request, AppUserViewModel applicationUserViewModel)
{
if (ModelState.IsValid)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
if (applicationUserViewModel.Roles.Contains(CommonConstants.GroupLead) && applicationUserViewModel.GroupId != null)
{
var groupleaderID = AppRoleManager.FindByNameAsync(CommonConstants.GroupLead).Result.Id;
var groupLeader = AppUserManager.Users.Where(x => x.Roles.Any(r => r.RoleId.Equals(groupleaderID) && x.GroupId == applicationUserViewModel.GroupId)).FirstOrDefault();
if (groupLeader != null && !groupLeader.Equals(applicationUserViewModel))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.Error_Create_Exist_Group_Lead));
}
}
var username = AppUserManager.FindByNameAsync(applicationUserViewModel.UserName).Result;
var email = AppUserManager.FindByEmailAsync(applicationUserViewModel.Email).Result;
//if (username != null && email != null)
//{
// if (username.Status == false)
// {
// return request.CreateResponse(HttpStatusCode.OK, "Inaction");
// }
//}
if (username != null)
{
if (username.Status == true)
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, MessageSystem.MessageDuplicateUserName));
}
}
if (email != null)
{
if (email.Status == true)
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, MessageSystem.MessageDuplicateEmail));
}
else
{
return(request.CreateResponse(HttpStatusCode.OK, "Inaction"));
}
}
var newAppUser = new AppUser();
newAppUser.UpdateUser(applicationUserViewModel);
newAppUser.Status = true;
try
{
newAppUser.Id = Guid.NewGuid().ToString();
if (applicationUserViewModel.ListUserNo != null && applicationUserViewModel.ListUserNo.Count() > 0)
{
if (!ValidateUserNo(applicationUserViewModel.ListUserNo.Split('-')))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoNotValid));
}
if (_fingermachineuserService.IsUserNoExist(applicationUserViewModel.ListUserNo.Split('-').ToList()))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist));
}
}
var checkStartDateAndBirthDay = _userService.CheckStartDateAndBirthDay(applicationUserViewModel.BirthDay, applicationUserViewModel.StartWorkingDay);
if (!string.IsNullOrEmpty(checkStartDateAndBirthDay))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, checkStartDateAndBirthDay));
}
var result = await AppUserManager.CreateAsync(newAppUser, applicationUserViewModel.Password);
if (result.Succeeded)
{
var roles = applicationUserViewModel.Roles.ToArray();
await AppUserManager.AddToRolesAsync(newAppUser.Id, roles);
//Create entitle day of user new
_entitleDayAppUserService.CreateEntitleDayAppUser(newAppUser);
//Add user into table config delegation
var configDelegation = new ConfigDelegation();
configDelegation.UserId = newAppUser.Id;
_configDelegateionService.Add(configDelegation);
_configDelegateionService.SaveChange();
if (applicationUserViewModel.ListUserNo != null)
{
List <string> lstUserno = applicationUserViewModel.ListUserNo.Split('-').ToList();
if (lstUserno.Count() > 0)
{
if (_fingermachineuserService.IsUserNoExist(lstUserno))
{
return(request.CreateResponse(HttpStatusCode.BadRequest, MessageSystem.MessageUserNoExist));
}
else
{
foreach (var item in lstUserno)
{
_fingermachineuserService.Create(new FingerMachineUser()
{
ID = item, UserId = newAppUser.Id
});
}
_unitOfWork.Commit();
}
}
}
return(request.CreateResponse(HttpStatusCode.OK, applicationUserViewModel));
}
else
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, string.Join(",", result.Errors)));
}
}
catch (NameDuplicatedException dex)
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, dex.Message));
}
catch (Exception ex)
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message));
}
}
else
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
}
