public static Model.UserPatchInfo Convert(string username, Client.UserPatchInfo clientPatchInfo)
{
if (clientPatchInfo == null)
{
throw new ArgumentNullException(nameof(clientPatchInfo));
}
var modelPatchInfo = new Model.UserPatchInfo(username)
{
OldPassword = clientPatchInfo.OldPassword,
Password = clientPatchInfo.Password,
ConfirmPassword = clientPatchInfo.ConfirmPassword
};
return(modelPatchInfo);
}
public async Task <IActionResult> PatchUserAsync([FromRoute] string userName, [FromBody] Client.UserPatchInfo clientPatchInfo,
CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (clientPatchInfo == null)
{
var error = Responses.BodyIsMissing(nameof(clientPatchInfo));
return(BadRequest(error));
}
var isAuthorize = HttpContext.User.IsInRole("admin") ||
HttpContext.User.Identity.Name.CompareTo(userName.ToLower()) == 0;
if (!isAuthorize)
{
return(Forbid());
}
var modelPatchInfo = ModelConverters.Users.UserPatchInfoConverter.Convert(userName, clientPatchInfo);
var user = await userManager.FindByNameAsync(userName);
if (user == null)
{
return(BadRequest());
}
var updated = false;
if (modelPatchInfo.Password != null && modelPatchInfo.OldPassword != null)
{
var passwordValidator = HttpContext.RequestServices.GetService(typeof(IPasswordValidator <User>)) as IPasswordValidator <User>;
var passwordHasher = HttpContext.RequestServices.GetService(typeof(IPasswordHasher <User>)) as IPasswordHasher <User>;
IdentityResult result = await passwordValidator.ValidateAsync(userManager, user, modelPatchInfo.Password);
if (result.Succeeded)
{
user.PasswordHash = passwordHasher.HashPassword(user, modelPatchInfo.Password);
updated = true;
}
}
if (updated)
{
await userManager.UpdateAsync(user);
}
return(Ok());
}
public async Task <IActionResult> PatchUserAsync([FromRoute] string userName, [FromBody] Client.UserPatchInfo clientPatchInfo,
CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (clientPatchInfo == null)
{
var error = ErrorResponsesService.BodyIsMissing(nameof(clientPatchInfo));
return(BadRequest(error));
}
if (!HasAccessToUser(userName))
{
return(Forbid());
}
var modelPatchInfo = ModelConverters.Users.UserPatchInfoConverter.Convert(userName, clientPatchInfo);
var user = await userManager.FindByNameAsync(userName);
if (user == null)
{
var error = ErrorResponsesService.NotFoundError(Target, $"User with name '{userName}' not found.");
return(NotFound(error));
}
var updated = false;
if (modelPatchInfo.OldPassword != null && modelPatchInfo.Password != null)
{
var passwordHasher = HttpContext.RequestServices.
GetService(typeof(IPasswordHasher <User>)) as IPasswordHasher <User>;
//todo неработает проверка на правильность старого пароля
// var oldPasswordHash = passwordHasher.HashPassword(user, modelPatchInfo.OldPassword);
//
// if (!oldPasswordHash.Equals(user.PasswordHash))
// {
// var error = ErrorResponsesService.ValidationError(nameof(clientPatchInfo.OldPassword),
// "Old password doesn't match with actual.");
// return BadRequest(error);
// }
if (!modelPatchInfo.Password.Equals(modelPatchInfo.ConfirmPassword))
{
var error = ErrorResponsesService.ValidationError(nameof(clientPatchInfo.ConfirmPassword),
PasswordValidationMessage);
return(BadRequest(error));
}
var passwordValidator = HttpContext.RequestServices.
GetService(typeof(IPasswordValidator <User>)) as IPasswordValidator <User>;
var result = await passwordValidator.ValidateAsync(userManager, user, modelPatchInfo.Password);
if (result.Succeeded)
{
user.PasswordHash = passwordHasher.HashPassword(user, modelPatchInfo.Password);
updated = true;
}
}
if (updated)
{
user.LastUpdateAt = DateTime.UtcNow;
await userManager.UpdateAsync(user);
}
var clientUser = ModelConverters.Users.UserConverter.Convert(user);
return(Ok(clientUser));
}