private async Task UpdateSinglePermissionUpdate(
string originatingUserId,
EfEnums.GuildProfilePermissionLevel activeLevel,
UpdatePermission newPermission,
UserWithData targetUser,
int profileId,
bool isAdmin)
{
int newPermissionOrder = PermissionsOrder.Order((EfEnums.GuildProfilePermissionLevel)newPermission.NewPermissionLevel);
int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel);
if (originatingUserId == targetUser.Id)
{
throw new UserReportableError($"User may not modify their own permissions.", (int)HttpStatusCode.BadRequest);
}
var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id);
if (targetUserLevel == null)
{
throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest);
}
if (!isAdmin)
{
int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value);
if (newPermissionOrder > PermissionsOrder.Order(activeLevel))
{
throw new UserReportableError("User can't adjust permissions beyond their own level.", (int)HttpStatusCode.BadRequest);
}
if (PermissionsOrder.Order(activeLevel) < PermissionsOrder.Order(targetUserLevel.Value))
{
throw new UserReportableError($"Can't adjust permissions on user with a higher permission level.",
(int)HttpStatusCode.BadRequest);
}
}
var targetPermission = await this.context.User_GuildProfilePermissions.FirstOrDefaultAsync(
x => x.ProfileId == profileId && x.UserId == targetUser.Id);
targetPermission.PermissionLevelId = newPermission.NewPermissionLevel;
await this.context.SaveChangesAsync();
}
private async Task UpdateSinglePermission(
string originatingUserId,
EfEnums.GuildProfilePermissionLevel activeLevel,
UpdatePermission newPermission,
UserWithData targetUser,
int profileId,
bool isAdmin)
{
if (newPermission.Delete)
{
await this.UpdateSinglePermissionDelete(originatingUserId, activeLevel, targetUser, profileId, isAdmin);
}
else
{
await this.UpdateSinglePermissionUpdate(originatingUserId, activeLevel, newPermission, targetUser, profileId, isAdmin);
}
}
private async Task UpdateSinglePermissionDelete(
string originatingUserId,
EfEnums.GuildProfilePermissionLevel activeLevel,
UserWithData targetUser,
int profileId,
bool isAdmin)
{
int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel);
if (originatingUserId == targetUser.Id)
{
throw new UserReportableError($"User may not delete their own permissions.", (int)HttpStatusCode.BadRequest);
}
var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id);
if (targetUserLevel == null)
{
throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest);
}
int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value);
if (!isAdmin)
{
if (activeUserPermissionOrder < PermissionsOrder.Order(EfEnums.GuildProfilePermissionLevel.Officer))
{
throw new UserReportableError("User does not have permissions to delete a user.", (int)HttpStatusCode.Unauthorized);
}
if (activeUserPermissionOrder < targetUserOrder)
{
throw new UserReportableError("User can't delete another user with a higher permission level.", (int)HttpStatusCode.Unauthorized);
}
}
var targetPermission = await this.context.User_GuildProfilePermissions.SingleOrDefaultAsync(
x => x.ProfileId == profileId && x.UserId == targetUser.Id);
this.context.User_GuildProfilePermissions.Remove(targetPermission);
await this.context.SaveChangesAsync();
}
public async Task Register([FromBody] RegistrationDetails details)
{
if (!ModelState.IsValid)
{
var errorDescriptions = new List <string>();
foreach (var modelState in ModelState.Values)
{
foreach (ModelError error in modelState.Errors)
{
errorDescriptions.Add(error.ErrorMessage);
}
}
throw new UserReportableError("Encountered errors in registration request: "
+ string.Join(", ", errorDescriptions), (int)HttpStatusCode.BadRequest);
}
var user = new UserWithData()
{
UserName = details.Username,
Email = details.Email,
GuildName = details.GuildName,
GuildRealm = details.GuildRealm,
PlayerRegion = details.PlayerRegion,
PlayerName = details.PlayerName,
PlayerRealm = details.PlayerRealm
};
var result = await this.userManager.CreateAsync(user, details.Password);
if (result.Errors.Any())
{
var errorsMessages = string.Join(", ", result.Errors.Select(x => x.Description));
throw new UserReportableError("Encountered errors creating this user account: "
+ errorsMessages, (int)HttpStatusCode.BadRequest);
}
if (result.Succeeded)
{
await this.userManager.AddToRoleAsync(user, GuildToolsRoles.StandardUser.Name);
await userManager.AddClaimAsync(user, new Claim(GuildToolsClaims.UserId, user.Id));
var confirmationToken = await this.userManager.GenerateEmailConfirmationTokenAsync(user);
string baseUrl = this.GetBaseUrl();
string resetUrl = $"{baseUrl}/confirmemail?userId={user.Id}&token={HttpUtility.UrlEncode(confirmationToken)}";
var confirmationEmail = this.mailGenerator.GenerateRegistrationConfirmationEmail(resetUrl);
var mailResult = await this.mailSender.SendMailAsync(
user.Email,
this.commonValues.AdminEmail,
confirmationEmail.Subject,
confirmationEmail.TextContent,
confirmationEmail.HtmlContent);
if (!mailResult)
{
await this.userManager.DeleteAsync(user);
throw new UserReportableError("An error occurred while attempting to create this account.", (int)HttpStatusCode.InternalServerError);
}
}
else
{
if (result.Errors.Any(e => e.Code == "DuplicateUserName"))
{
throw new UserReportableError("This email address is already registered.", (int)HttpStatusCode.BadRequest);
}
throw new UserReportableError("Errors occurred while attempting to create this account: "
+ this.GetNumberedList(result.Errors.Select(x => x.Description)), (int)HttpStatusCode.InternalServerError);
}
}
private void UpdateClaims(IServiceProvider serviceProvider)
{
var adminUsername = "******";
var adminPlayername = "Kromp";
var adminPlayerRealm = "Burning Blade";
var adminGuild = "Longanimity";
var adminGuildRealm = "Burning Blade";
var adminRegion = "US";
var roleManager = serviceProvider.GetRequiredService <RoleManager <IdentityRole> >();
foreach (var roleName in GuildToolsRoles.AllRoleNames)
{
var role = roleManager.FindByNameAsync(roleName).Result;
if (role == null)
{
role = new IdentityRole(roleName);
roleManager.CreateAsync(role).Wait();
}
}
var userManager = serviceProvider.GetRequiredService <UserManager <UserWithData> >();
var adminEmail = Configuration.GetValue <string>("AdminCredentials:Email");
var adminUser = userManager.FindByEmailAsync(adminEmail).Result;
if (null == adminUser)
{
adminUser = new UserWithData {
UserName = adminUsername, Email = adminEmail
};
var adminPassword = Configuration.GetValue <string>("AdminCredentials:Password");
var result = userManager.CreateAsync(adminUser, adminPassword).Result;
if (!result.Succeeded)
{
throw new Exception("Failed to create admin user.");
}
}
if (!userManager.GetClaimsAsync(adminUser).Result.Any(c => c.Type == GuildToolsClaims.UserId))
{
userManager.AddClaimAsync(adminUser, new Claim(GuildToolsClaims.UserId, adminUser.Id)).Wait();
}
var adminUserRoles = userManager.GetRolesAsync(adminUser).Result;
if (!adminUserRoles.Contains(GuildToolsRoles.AdminRole.Name))
{
userManager.AddToRoleAsync(adminUser, GuildToolsRoles.AdminRole.Name).Wait();
}
var context = serviceProvider.GetRequiredService <GuildToolsContext>();
var efAdminUser = context.UserData.FirstOrDefault(u => u.Id == adminUser.Id);
efAdminUser.EmailConfirmed = true;
efAdminUser.Email = adminEmail;
efAdminUser.UserName = adminUsername;
efAdminUser.PlayerName = adminPlayername;
efAdminUser.PlayerRealm = adminPlayerRealm;
efAdminUser.PlayerRegion = adminRegion;
efAdminUser.GuildName = adminGuild;
efAdminUser.GuildRealm = adminGuildRealm;
context.SaveChanges();
}
