private async Task UpdateSinglePermissionUpdate( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UpdatePermission newPermission, UserWithData targetUser, int profileId, bool isAdmin) { int newPermissionOrder = PermissionsOrder.Order((EfEnums.GuildProfilePermissionLevel)newPermission.NewPermissionLevel); int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel); if (originatingUserId == targetUser.Id) { throw new UserReportableError($"User may not modify their own permissions.", (int)HttpStatusCode.BadRequest); } var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id); if (targetUserLevel == null) { throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest); } if (!isAdmin) { int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value); if (newPermissionOrder > PermissionsOrder.Order(activeLevel)) { throw new UserReportableError("User can't adjust permissions beyond their own level.", (int)HttpStatusCode.BadRequest); } if (PermissionsOrder.Order(activeLevel) < PermissionsOrder.Order(targetUserLevel.Value)) { throw new UserReportableError($"Can't adjust permissions on user with a higher permission level.", (int)HttpStatusCode.BadRequest); } } var targetPermission = await this.context.User_GuildProfilePermissions.FirstOrDefaultAsync( x => x.ProfileId == profileId && x.UserId == targetUser.Id); targetPermission.PermissionLevelId = newPermission.NewPermissionLevel; await this.context.SaveChangesAsync(); }
private async Task UpdateSinglePermission( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UpdatePermission newPermission, UserWithData targetUser, int profileId, bool isAdmin) { if (newPermission.Delete) { await this.UpdateSinglePermissionDelete(originatingUserId, activeLevel, targetUser, profileId, isAdmin); } else { await this.UpdateSinglePermissionUpdate(originatingUserId, activeLevel, newPermission, targetUser, profileId, isAdmin); } }
private async Task UpdateSinglePermissionDelete( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UserWithData targetUser, int profileId, bool isAdmin) { int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel); if (originatingUserId == targetUser.Id) { throw new UserReportableError($"User may not delete their own permissions.", (int)HttpStatusCode.BadRequest); } var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id); if (targetUserLevel == null) { throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest); } int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value); if (!isAdmin) { if (activeUserPermissionOrder < PermissionsOrder.Order(EfEnums.GuildProfilePermissionLevel.Officer)) { throw new UserReportableError("User does not have permissions to delete a user.", (int)HttpStatusCode.Unauthorized); } if (activeUserPermissionOrder < targetUserOrder) { throw new UserReportableError("User can't delete another user with a higher permission level.", (int)HttpStatusCode.Unauthorized); } } var targetPermission = await this.context.User_GuildProfilePermissions.SingleOrDefaultAsync( x => x.ProfileId == profileId && x.UserId == targetUser.Id); this.context.User_GuildProfilePermissions.Remove(targetPermission); await this.context.SaveChangesAsync(); }
public async Task Register([FromBody] RegistrationDetails details) { if (!ModelState.IsValid) { var errorDescriptions = new List <string>(); foreach (var modelState in ModelState.Values) { foreach (ModelError error in modelState.Errors) { errorDescriptions.Add(error.ErrorMessage); } } throw new UserReportableError("Encountered errors in registration request: " + string.Join(", ", errorDescriptions), (int)HttpStatusCode.BadRequest); } var user = new UserWithData() { UserName = details.Username, Email = details.Email, GuildName = details.GuildName, GuildRealm = details.GuildRealm, PlayerRegion = details.PlayerRegion, PlayerName = details.PlayerName, PlayerRealm = details.PlayerRealm }; var result = await this.userManager.CreateAsync(user, details.Password); if (result.Errors.Any()) { var errorsMessages = string.Join(", ", result.Errors.Select(x => x.Description)); throw new UserReportableError("Encountered errors creating this user account: " + errorsMessages, (int)HttpStatusCode.BadRequest); } if (result.Succeeded) { await this.userManager.AddToRoleAsync(user, GuildToolsRoles.StandardUser.Name); await userManager.AddClaimAsync(user, new Claim(GuildToolsClaims.UserId, user.Id)); var confirmationToken = await this.userManager.GenerateEmailConfirmationTokenAsync(user); string baseUrl = this.GetBaseUrl(); string resetUrl = $"{baseUrl}/confirmemail?userId={user.Id}&token={HttpUtility.UrlEncode(confirmationToken)}"; var confirmationEmail = this.mailGenerator.GenerateRegistrationConfirmationEmail(resetUrl); var mailResult = await this.mailSender.SendMailAsync( user.Email, this.commonValues.AdminEmail, confirmationEmail.Subject, confirmationEmail.TextContent, confirmationEmail.HtmlContent); if (!mailResult) { await this.userManager.DeleteAsync(user); throw new UserReportableError("An error occurred while attempting to create this account.", (int)HttpStatusCode.InternalServerError); } } else { if (result.Errors.Any(e => e.Code == "DuplicateUserName")) { throw new UserReportableError("This email address is already registered.", (int)HttpStatusCode.BadRequest); } throw new UserReportableError("Errors occurred while attempting to create this account: " + this.GetNumberedList(result.Errors.Select(x => x.Description)), (int)HttpStatusCode.InternalServerError); } }
private void UpdateClaims(IServiceProvider serviceProvider) { var adminUsername = "******"; var adminPlayername = "Kromp"; var adminPlayerRealm = "Burning Blade"; var adminGuild = "Longanimity"; var adminGuildRealm = "Burning Blade"; var adminRegion = "US"; var roleManager = serviceProvider.GetRequiredService <RoleManager <IdentityRole> >(); foreach (var roleName in GuildToolsRoles.AllRoleNames) { var role = roleManager.FindByNameAsync(roleName).Result; if (role == null) { role = new IdentityRole(roleName); roleManager.CreateAsync(role).Wait(); } } var userManager = serviceProvider.GetRequiredService <UserManager <UserWithData> >(); var adminEmail = Configuration.GetValue <string>("AdminCredentials:Email"); var adminUser = userManager.FindByEmailAsync(adminEmail).Result; if (null == adminUser) { adminUser = new UserWithData { UserName = adminUsername, Email = adminEmail }; var adminPassword = Configuration.GetValue <string>("AdminCredentials:Password"); var result = userManager.CreateAsync(adminUser, adminPassword).Result; if (!result.Succeeded) { throw new Exception("Failed to create admin user."); } } if (!userManager.GetClaimsAsync(adminUser).Result.Any(c => c.Type == GuildToolsClaims.UserId)) { userManager.AddClaimAsync(adminUser, new Claim(GuildToolsClaims.UserId, adminUser.Id)).Wait(); } var adminUserRoles = userManager.GetRolesAsync(adminUser).Result; if (!adminUserRoles.Contains(GuildToolsRoles.AdminRole.Name)) { userManager.AddToRoleAsync(adminUser, GuildToolsRoles.AdminRole.Name).Wait(); } var context = serviceProvider.GetRequiredService <GuildToolsContext>(); var efAdminUser = context.UserData.FirstOrDefault(u => u.Id == adminUser.Id); efAdminUser.EmailConfirmed = true; efAdminUser.Email = adminEmail; efAdminUser.UserName = adminUsername; efAdminUser.PlayerName = adminPlayername; efAdminUser.PlayerRealm = adminPlayerRealm; efAdminUser.PlayerRegion = adminRegion; efAdminUser.GuildName = adminGuild; efAdminUser.GuildRealm = adminGuildRealm; context.SaveChanges(); }