public async Task <IActionResult> VerifyUserToken(string userId, string code) { ApplicationUser user = await userManager.FindByIdAsync(userId).ConfigureAwait(false); if (user == null) { return(Redirect(string.Format("{0}{1}", configuration["WebAppUrl:Url"], configuration["WebAppUrl:NoUserExists"]))); } if (userManager.VerifyUserTokenAsync(user, userManager.Options.Tokens.PasswordResetTokenProvider, "ResetPassword", code).Result) { string baseUrl = string.Format(@"{0}{1}", configuration["WebAppUrl:Url"], configuration["WebAppUrl:forgotpassword"]); var callbackUrl = string.Format(@"{0}?userid={1}&token={2}", baseUrl, WebUtility.UrlEncode(userId), WebUtility.UrlEncode(code)); return(Redirect(callbackUrl)); } else { return(Redirect(string.Format("{0}{1}", configuration["WebAppUrl:Url"], configuration["WebAppUrl:tokenerror"]))); } }
/// <summary> /// Deletes all dependencies for the specified agent /// </summary> /// <param name="agentId"></param> public void DeleteAgentDependencies(Agent agent) { bool childExists = CheckReferentialIntegrity(agent.Id.ToString()); if (childExists) { throw new EntityOperationException("Referential Integrity in Schedule or job table, please remove those before deleting this agent"); } _personRepo.ForceIgnoreSecurity(); Person person = _personRepo.Find(0, 1).Items?.Where(p => p.IsAgent && p.Name == agent.Name && !(p.IsDeleted ?? false))?.FirstOrDefault(); if (person != null) { _personRepo.SoftDelete((Guid)person.Id); } _personRepo.ForceSecurity(); var aspUser = _usersRepo.Find(0, 1).Items?.Where(u => u.PersonId == person.Id)?.FirstOrDefault(); if (aspUser != null) { var user = _userManager.FindByIdAsync(aspUser.Id).Result; var deleteResult = _userManager.DeleteAsync(user).Result; if (!deleteResult.Succeeded) { throw new EntityOperationException("Something went wrong, unable to delete agent user"); } } //delete all group members with this agent id var allAgentMembers = GetAllMembersInGroup(agent.Id.ToString()).Items; foreach (var member in allAgentMembers) { _agentGroupMemberRepository.SoftDelete(member.Id ?? Guid.Empty); } DeleteExistingHeartbeats(agent.Id ?? Guid.Empty); }
public async Task <IActionResult> UpdateOrganizationMember(UpdateTeamMemberViewModel request, string personId, string organizationId) { var currentUser = await _userManager.FindByEmailAsync(_accessor.HttpContext.User.Identity.Name); OrganizationMember currentOrgMember = _organzationMemberRepo.Find(null, o => o.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); if (!currentOrgMember.IsAdministrator ?? false || currentOrgMember.OrganizationId != Guid.Parse(organizationId)) { throw new UnauthorizedOperationException("Only admins of this organization can update existing users", EntityOperationType.Update); } var userToUpdate = _aspNetUsersRepository.Find(null, u => u.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); var personToUpdate = _personRepo.Find(null, p => p.Id == Guid.Parse(personId)).Items?.FirstOrDefault(); ApplicationUser appUser = await _userManager.FindByIdAsync(userToUpdate.Id).ConfigureAwait(false); //check password's validity if one was provided if (!string.IsNullOrEmpty(request.Password)) { if (!IsPasswordValid(request.Password)) { throw new Exception(PasswordRequirementMessage(request.Password)); } } //if email was provided check its availability if (!string.IsNullOrEmpty(request.Email)) { //if email is not the same as user's current email if (!appUser.NormalizedEmail.Equals(request.Email.ToUpper())) { var existingEmailUser = _aspNetUsersRepository.Find(null, u => u.Email == request.Email).Items?.FirstOrDefault(); if (existingEmailUser != null) { throw new Exception("A user already exists for the provided email address"); } var personEmailToUpdate = _personEmailRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); var emailVerificationToUpdate = _emailVerificationRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); //update application user's email appUser.Email = request.Email; appUser.NormalizedEmail = request.Email.ToUpper(); appUser.UserName = request.Email; appUser.NormalizedUserName = request.Email.ToUpper(); //update additional email tables personEmailToUpdate.Address = request.Email; emailVerificationToUpdate.Address = request.Email; _personEmailRepository.Update(personEmailToUpdate); _emailVerificationRepository.Update(emailVerificationToUpdate); } } //update name if one was provided if (!string.IsNullOrEmpty(request.Name)) { appUser.Name = request.Name; personToUpdate.Name = request.Name; _personRepo.Update(personToUpdate); } //update password if (!string.IsNullOrEmpty(request.Password)) { appUser.ForcedPasswordChange = false; var token = await _userManager.GeneratePasswordResetTokenAsync(appUser); IdentityResult result = await _userManager.ResetPasswordAsync(appUser, token, request.Password); if (!result.Succeeded) { throw new Exception("Failed to set new password"); } } //update application user if (!string.IsNullOrEmpty(request.Password) || !string.IsNullOrEmpty(request.Email)) { _userManager.UpdateAsync(appUser); } return(new OkObjectResult(appUser)); }