public IHttpActionResult DeleteUser(string userId)
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.NoTokenProvidedException
// Throws ExceptionService.SessionNotFoundException
var session = ControllerHelpers.ValidateAndUpdateSession(Request);
// Throws ExceptionService.InvalidModelPayloadException
ControllerHelpers.ValidateModelAndPayload(ModelState, userId);
// Throws ExceptionService.InvalidGuidException
var UserId = ControllerHelpers.ParseAndCheckId(userId);
var _userManager = new UserManagementManager(_db);
var user = _userManager.GetUser(session.UserId);
if (user.IsAdministrator)
{
_userManager.DeleteUser(UserId);
_db.SaveChanges();
var responseDeleted = Content(HttpStatusCode.OK, "User was deleted.");
return(responseDeleted);
}
else
{
return(Content(HttpStatusCode.Unauthorized, "Non-administrators cannot delete users."));
}
}
catch (Exception e) when(e is UserNotFoundException)
{
return(Content(HttpStatusCode.NotFound, e.Message));
}
catch (Exception e) when(e is InvalidGuidException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e) when(e is NoTokenProvidedException ||
e is SessionNotFoundException)
{
return(Content(HttpStatusCode.Unauthorized, e.Message));
}
catch (Exception e) when(e is InvalidModelPayloadException)
{
return(Content(HttpStatusCode.PreconditionFailed, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(InternalServerError());
}
}
}
public async Task <IHttpActionResult> DeleteFromSSO()
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.NoTokenProvidedException
// Throws ExceptionService.SessionNotFoundException
var session = ControllerHelpers.ValidateAndUpdateSession(Request);
var _userManager = new UserManagementManager(_db);
var user = _userManager.GetUser(session.UserId);
if (user == null)
{
return(Ok());
}
var _ssoAPIManager = new KFC_SSO_Manager(_db);
var requestSuccessful = await _ssoAPIManager.DeleteUserFromSSOviaPointmap(user);
if (requestSuccessful)
{
_userManager.DeleteUser(user.Id);
_db.SaveChanges();
return(Ok("User was deleted from Pointmap and SSO"));
}
var response = Content(HttpStatusCode.InternalServerError, "User was not able to be deleted from SSO.");
return(response);
}
catch (Exception e) when(e is InvalidGuidException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e) when(e is NoTokenProvidedException ||
e is SessionNotFoundException)
{
return(Content(HttpStatusCode.Unauthorized, e.Message));
}
catch (Exception e) when(e is KFCSSOAPIRequestException)
{
return(Content(HttpStatusCode.ServiceUnavailable, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(Content(HttpStatusCode.InternalServerError, e.Message));
}
}
}
[Route("sso/user/delete")] // Request from sso to delete user self from sso to all apps
public IHttpActionResult DeleteViaSSO([FromBody, Required] LoginRequestPayload requestPayload)
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.InvalidModelPayloadException
ControllerHelpers.ValidateModelAndPayload(ModelState, requestPayload);
// Throws ExceptionService.InvalidGuidException
var userSSOID = ControllerHelpers.ParseAndCheckId(requestPayload.SSOUserId);
// Check valid signature
var _ssoServiceAuth = new SignatureService();
var validSignature = _ssoServiceAuth.IsValidClientRequest(userSSOID.ToString(), requestPayload.Email, requestPayload.Timestamp, requestPayload.Signature);
if (!validSignature)
{
return(Content(HttpStatusCode.Unauthorized, "Invalid Token signature."));
}
var _userManagementManager = new UserManagementManager(_db);
// Throw exception if user does not exist
var user = _userManagementManager.GetUser(userSSOID);
if (user == null)
{
return(Content(HttpStatusCode.OK, "User does not exist"));
}
_userManagementManager.DeleteUser(userSSOID);
_db.SaveChanges();
return(Ok("User was deleted"));
}
catch (Exception e) when(e is InvalidGuidException ||
e is InvalidModelPayloadException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(Content(HttpStatusCode.InternalServerError, e.Message));
}
}
}
public IHttpActionResult Delete() // User delete self from pointmap
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.NoTokenProvidedException
// Throws ExceptionService.SessionNotFoundException
var session = ControllerHelpers.ValidateAndUpdateSession(Request);
var _userManager = new UserManagementManager(_db);
// Throw exception if user not found
var user = _userManager.GetUser(session.UserId);
if (user == null)
{
return(Content(HttpStatusCode.NotFound, "User does not exist."));
}
// Delete user self and their sessions
_userManager.DeleteUser(user.Id);
_db.SaveChanges();
var response = Content(HttpStatusCode.OK, "User was deleted from Pointmap.");
return(response);
}
catch (Exception e) when(e is InvalidGuidException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e) when(e is NoTokenProvidedException ||
e is SessionNotFoundException)
{
return(Content(HttpStatusCode.Unauthorized, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(Content(HttpStatusCode.InternalServerError, e.Message));
}
}
}
public IHttpActionResult Delete([FromBody, Required] ParkingMasterFrontendDTO request)
{
if (request == null)
{
return(Content((HttpStatusCode)400, "Request is null."));
}
UserManagementManager userManager = new UserManagementManager();
ResponseDTO <bool> managerResponse = userManager.DeleteUser(request);
if (managerResponse.Data)
{
return(Ok());
}
else
{
ResponseDTO <HttpStatusCode> statusResponse = ResponseManager.ConvertErrorToStatus(managerResponse.Error);
return(Content(statusResponse.Data, statusResponse.Error));
}
}
public IHttpActionResult DeleteUser([FromBody, Required] SsoUserRequestDTO request)
{
if (request == null)
{
return(Content((HttpStatusCode)400, "Request is null."));
}
UserManagementManager _userManagementManager = new UserManagementManager();
ResponseDTO <HttpStatusCode> managerResponse = _userManagementManager.DeleteUser(request);
if (managerResponse.Data != (HttpStatusCode)200)
{
return(Content(managerResponse.Data, managerResponse.Error));
}
else
{
return(Ok());
}
}
public void LoginCheckUserExists_Success_ReturnTrue()
{
// Arrange
User newUser = tu.CreateUserInDbManager();
bool result;
request.email = newUser.Email;
request.password = "******";
using (var _db = tu.CreateDataBaseContext())
{
// Act
result = lm.LoginCheckUserExists(request.email);
// Assert
Assert.AreEqual(true, result);
um.DeleteUser(newUser.Id);
_db.SaveChanges();
}
}
