public async Task <IActionResult> VerifyUserToken(string userId, string code)
{
ApplicationUser user = await userManager.FindByIdAsync(userId).ConfigureAwait(false);
if (user == null)
{
return(Redirect(string.Format("{0}{1}", configuration["WebAppUrl:Url"], configuration["WebAppUrl:NoUserExists"])));
}
if (userManager.VerifyUserTokenAsync(user, userManager.Options.Tokens.PasswordResetTokenProvider, "ResetPassword", code).Result)
{
string baseUrl = string.Format(@"{0}{1}", configuration["WebAppUrl:Url"], configuration["WebAppUrl:forgotpassword"]);
var callbackUrl = string.Format(@"{0}?userid={1}&token={2}", baseUrl, WebUtility.UrlEncode(userId), WebUtility.UrlEncode(code));
return(Redirect(callbackUrl));
}
else
{
return(Redirect(string.Format("{0}{1}", configuration["WebAppUrl:Url"], configuration["WebAppUrl:tokenerror"])));
}
}
/// <summary>
/// Deletes all dependencies for the specified agent
/// </summary>
/// <param name="agentId"></param>
public void DeleteAgentDependencies(Agent agent)
{
bool childExists = CheckReferentialIntegrity(agent.Id.ToString());
if (childExists)
{
throw new EntityOperationException("Referential Integrity in Schedule or job table, please remove those before deleting this agent");
}
_personRepo.ForceIgnoreSecurity();
Person person = _personRepo.Find(0, 1).Items?.Where(p => p.IsAgent && p.Name == agent.Name && !(p.IsDeleted ?? false))?.FirstOrDefault();
if (person != null)
{
_personRepo.SoftDelete((Guid)person.Id);
}
_personRepo.ForceSecurity();
var aspUser = _usersRepo.Find(0, 1).Items?.Where(u => u.PersonId == person.Id)?.FirstOrDefault();
if (aspUser != null)
{
var user = _userManager.FindByIdAsync(aspUser.Id).Result;
var deleteResult = _userManager.DeleteAsync(user).Result;
if (!deleteResult.Succeeded)
{
throw new EntityOperationException("Something went wrong, unable to delete agent user");
}
}
//delete all group members with this agent id
var allAgentMembers = GetAllMembersInGroup(agent.Id.ToString()).Items;
foreach (var member in allAgentMembers)
{
_agentGroupMemberRepository.SoftDelete(member.Id ?? Guid.Empty);
}
DeleteExistingHeartbeats(agent.Id ?? Guid.Empty);
}
public async Task <IActionResult> UpdateOrganizationMember(UpdateTeamMemberViewModel request, string personId, string organizationId)
{
var currentUser = await _userManager.FindByEmailAsync(_accessor.HttpContext.User.Identity.Name);
OrganizationMember currentOrgMember = _organzationMemberRepo.Find(null, o => o.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
if (!currentOrgMember.IsAdministrator ?? false || currentOrgMember.OrganizationId != Guid.Parse(organizationId))
{
throw new UnauthorizedOperationException("Only admins of this organization can update existing users", EntityOperationType.Update);
}
var userToUpdate = _aspNetUsersRepository.Find(null, u => u.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var personToUpdate = _personRepo.Find(null, p => p.Id == Guid.Parse(personId)).Items?.FirstOrDefault();
ApplicationUser appUser = await _userManager.FindByIdAsync(userToUpdate.Id).ConfigureAwait(false);
//check password's validity if one was provided
if (!string.IsNullOrEmpty(request.Password))
{
if (!IsPasswordValid(request.Password))
{
throw new Exception(PasswordRequirementMessage(request.Password));
}
}
//if email was provided check its availability
if (!string.IsNullOrEmpty(request.Email))
{
//if email is not the same as user's current email
if (!appUser.NormalizedEmail.Equals(request.Email.ToUpper()))
{
var existingEmailUser = _aspNetUsersRepository.Find(null, u => u.Email == request.Email).Items?.FirstOrDefault();
if (existingEmailUser != null)
{
throw new Exception("A user already exists for the provided email address");
}
var personEmailToUpdate = _personEmailRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var emailVerificationToUpdate = _emailVerificationRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
//update application user's email
appUser.Email = request.Email;
appUser.NormalizedEmail = request.Email.ToUpper();
appUser.UserName = request.Email;
appUser.NormalizedUserName = request.Email.ToUpper();
//update additional email tables
personEmailToUpdate.Address = request.Email;
emailVerificationToUpdate.Address = request.Email;
_personEmailRepository.Update(personEmailToUpdate);
_emailVerificationRepository.Update(emailVerificationToUpdate);
}
}
//update name if one was provided
if (!string.IsNullOrEmpty(request.Name))
{
appUser.Name = request.Name;
personToUpdate.Name = request.Name;
_personRepo.Update(personToUpdate);
}
//update password
if (!string.IsNullOrEmpty(request.Password))
{
appUser.ForcedPasswordChange = false;
var token = await _userManager.GeneratePasswordResetTokenAsync(appUser);
IdentityResult result = await _userManager.ResetPasswordAsync(appUser, token, request.Password);
if (!result.Succeeded)
{
throw new Exception("Failed to set new password");
}
}
//update application user
if (!string.IsNullOrEmpty(request.Password) || !string.IsNullOrEmpty(request.Email))
{
_userManager.UpdateAsync(appUser);
}
return(new OkObjectResult(appUser));
}
