private BWebServiceResponse UpdateUserInfo_Internal(
HttpListenerContext _Context,
string _NewEmailChange,
string _NewUserNameChange,
JObject _UserObject,
JObject _UpdateFieldsUserEntry, JObject _UpdateFieldsAuthEntry,
Action <string> _ErrorMessageAction)
{
var UserKey = new BPrimitiveType(RequestedUserID);
if (_UpdateFieldsUserEntry.Count > 0)
{
string OldEmail = null;
string OldUserName = null;
if (_NewEmailChange != null && _UserObject.ContainsKey(UserDBEntry.USER_EMAIL_PROPERTY))
{
OldEmail = (string)_UserObject[UserDBEntry.USER_EMAIL_PROPERTY];
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL,
new BPrimitiveType(OldEmail));
Controller_DeliveryEnsurer.Get().DB_UpdateItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL,
new BPrimitiveType(_NewEmailChange),
new JObject()
{
[UserDBEntry.KEY_NAME_USER_ID] = RequestedUserID
});
}
if (_NewUserNameChange != null && _UserObject.ContainsKey(UserDBEntry.USER_NAME_PROPERTY))
{
OldUserName = (string)_UserObject[UserDBEntry.USER_NAME_PROPERTY];
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME,
new BPrimitiveType(OldUserName));
Controller_DeliveryEnsurer.Get().DB_UpdateItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME,
new BPrimitiveType(_NewUserNameChange),
new JObject()
{
[UserDBEntry.KEY_NAME_USER_ID] = RequestedUserID
});
}
Controller_DeliveryEnsurer.Get().DB_UpdateItem_FireAndForget(
_Context,
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
UserKey,
_UpdateFieldsUserEntry);
var NewEmail = _NewEmailChange ?? (string)_UserObject[UserDBEntry.USER_EMAIL_PROPERTY];
var NewUserName = _NewUserNameChange ?? (string)_UserObject[UserDBEntry.USER_NAME_PROPERTY];
Controller_UserActions.Get().BroadcastUserAction(new Action_UserUpdated(
RequestedUserID,
OldEmail ?? NewEmail,
NewEmail,
OldUserName ?? NewUserName,
NewUserName,
_UpdateFieldsUserEntry), _ErrorMessageAction);
}
if (_UpdateFieldsAuthEntry.Count > 0)
{
var UserData = JsonConvert.DeserializeObject <UserDBEntry>(_UserObject.ToString());
if (UserData.AuthMethods != null && UserData.AuthMethods.Count > 0)
{
foreach (var Method in UserData.AuthMethods)
{
string PasswordMD5 = null;
string OldField = null;
BPrimitiveType AuthMethodKey = null;
switch (Method.Method)
{
case AuthMethod.Methods.USER_EMAIL_PASSWORD_METHOD:
{
PasswordMD5 = Method.PasswordMD5;
OldField = Method.UserEmail;
AuthMethodKey = new BPrimitiveType(Method.UserEmail + PasswordMD5);
break;
}
case AuthMethod.Methods.USER_NAME_PASSWORD_METHOD:
{
PasswordMD5 = Method.PasswordMD5;
OldField = Method.UserName;
AuthMethodKey = new BPrimitiveType(Method.UserName + PasswordMD5);
break;
}
case AuthMethod.Methods.API_KEY_METHOD:
AuthMethodKey = new BPrimitiveType(Method.ApiKey);
break;
}
if (AuthMethodKey != null)
{
bool bRecreateNeed =
(_NewEmailChange != null && Method.Method == AuthMethod.Methods.USER_EMAIL_PASSWORD_METHOD) ||
(_NewUserNameChange != null && Method.Method == AuthMethod.Methods.USER_NAME_PASSWORD_METHOD);
if (bRecreateNeed)
{
MemoryService.DeleteKey(CommonData.MemoryQueryParameters, AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY + AuthMethodKey.AsString, _ErrorMessageAction);
//No in-memory recreation for security.
if (!DatabaseService.DeleteItem(
AuthDBEntry.DBSERVICE_AUTHMETHODS_TABLE(),
AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY,
AuthMethodKey,
out JObject DeletedAuthMethodObject,
EBReturnItemBehaviour.ReturnAllOld,
_ErrorMessageAction))
{
DatabaseService.GetItem(
AuthDBEntry.DBSERVICE_AUTHMETHODS_TABLE(),
AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY,
AuthMethodKey,
AuthDBEntry.Properties,
out DeletedAuthMethodObject,
_ErrorMessageAction);
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
AuthDBEntry.DBSERVICE_AUTHMETHODS_TABLE(),
AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY,
AuthMethodKey);
}
if (DeletedAuthMethodObject != null)
{
DeletedAuthMethodObject.Merge(_UpdateFieldsAuthEntry, new JsonMergeSettings()
{
MergeArrayHandling = MergeArrayHandling.Replace
});
_UpdateFieldsAuthEntry = DeletedAuthMethodObject;
}
if (_NewEmailChange != null && Method.Method == AuthMethod.Methods.USER_EMAIL_PASSWORD_METHOD)
{
AuthMethodKey = new BPrimitiveType(_NewEmailChange + PasswordMD5);
}
else if (_NewUserNameChange != null && Method.Method == AuthMethod.Methods.USER_NAME_PASSWORD_METHOD)
{
AuthMethodKey = new BPrimitiveType(_NewUserNameChange + PasswordMD5);
}
Controller_DeliveryEnsurer.Get().DB_PutItem_FireAndForget(
_Context,
AuthDBEntry.DBSERVICE_AUTHMETHODS_TABLE(),
AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY,
AuthMethodKey,
_UpdateFieldsAuthEntry);
}
else
{
Controller_DeliveryEnsurer.Get().DB_UpdateItem_FireAndForget(
_Context,
AuthDBEntry.DBSERVICE_AUTHMETHODS_TABLE(),
AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY,
AuthMethodKey,
_UpdateFieldsAuthEntry);
}
}
}
}
}
return(BWebResponse.StatusOK("User has been updated."));
}
private BWebServiceResponse DeleteUser(HttpListenerContext _Context, out bool _bSetClearanceForApiKeys, out List <string> _ApiKeys, Action <string> _ErrorMessageAction)
{
_bSetClearanceForApiKeys = false;
_ApiKeys = new List <string>();
var UserKey = new BPrimitiveType(RequestedUserID);
if (!DatabaseService.GetItem(
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
UserKey,
UserDBEntry.Properties,
out JObject UserObject,
_ErrorMessageAction))
{
return(BWebResponse.InternalError("Database fetch-user-info operation has failed."));
}
if (UserObject == null)
{
return(BWebResponse.NotFound("User does not exist."));
}
var UserData = JsonConvert.DeserializeObject <UserDBEntry>(UserObject.ToString());
if (UserData.AuthMethods != null && UserData.AuthMethods.Count > 0)
{
foreach (var AMethod in UserData.AuthMethods)
{
string OldField = null;
BPrimitiveType AuthMethodKey = null;
switch (AMethod.Method)
{
case AuthMethod.Methods.USER_EMAIL_PASSWORD_METHOD:
{
AuthMethodKey = new BPrimitiveType(AMethod.UserEmail + AMethod.PasswordMD5);
OldField = AMethod.UserEmail;
break;
}
case AuthMethod.Methods.USER_NAME_PASSWORD_METHOD:
{
AuthMethodKey = new BPrimitiveType(AMethod.UserName + AMethod.PasswordMD5);
OldField = AMethod.UserName;
break;
}
case AuthMethod.Methods.API_KEY_METHOD:
{
AuthMethodKey = new BPrimitiveType(AMethod.ApiKey);
_bSetClearanceForApiKeys = true;
_ApiKeys.Add(AMethod.ApiKey);
if (!Controller_AtomicDBOperation.Get().GetClearanceForDBOperation(InnerProcessor, UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(), UniqueUserFieldsDBEntry.KEY_NAME_API_KEY + ":" + AMethod.ApiKey, _ErrorMessageAction))
{
return(BWebResponse.InternalError("Atomic operation control has failed."));
}
break;
}
}
if (AuthMethodKey != null)
{
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
AuthDBEntry.DBSERVICE_AUTHMETHODS_TABLE(),
AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY,
AuthMethodKey);
MemoryService.DeleteKey(CommonData.MemoryQueryParameters, AuthDBEntry.KEY_NAME_AUTH_DB_ENTRY + AuthMethodKey.AsString, _ErrorMessageAction);
}
}
}
MemoryService.DeleteKey(CommonData.MemoryQueryParameters, UserBaseAccessMEntry.M_KEY_NAME_USER_ID + RequestedUserID, _ErrorMessageAction);
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
UserKey);
Controller_UserActions.Get().BroadcastUserAction(new Action_UserDeleted
(
RequestedUserID,
UserData.UserEmail,
UserData.UserName,
UserData.UserModels,
UserData.UserSharedModels
),
_ErrorMessageAction);
if (UserData.UserEmail != null && UserData.UserEmail.Length > 0)
{
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL,
new BPrimitiveType(UserData.UserEmail));
}
if (UserData.UserName != null && UserData.UserName.Length > 0)
{
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME,
new BPrimitiveType(UserData.UserName));
}
foreach (var ApiKey in _ApiKeys)
{
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_API_KEY,
new BPrimitiveType(ApiKey));
}
return(BWebResponse.StatusOK("User has been deleted."));
}
private BWebServiceResponse CreateUser(HttpListenerContext _Context, Action <string> _ErrorMessageAction)
{
var NewUserParameters = new JObject();
bool bIsInternalCall =
BWebUtilities.DoesContextContainHeader(out List <string> ICHVs, out string _, _Context, "internal-call-secret") &&
BUtility.CheckAndGetFirstStringFromList(ICHVs, out string ICH) &&
ICH == CommonData.INTERNAL_CALL_PRIVATE_KEY;
using (var InputStream = _Context.Request.InputStream)
{
using (var ResponseReader = new StreamReader(InputStream))
{
try
{
var ParsedBody = JObject.Parse(ResponseReader.ReadToEnd());
var PropertiesList = new List <string>();
foreach (var Child in ParsedBody)
{
PropertiesList.Add(Child.Key);
}
foreach (var MustHaveProperty in UserDBEntry.MustHaveProperties)
{
if (!PropertiesList.Contains(MustHaveProperty))
{
return(BWebResponse.BadRequest("Request body must contain all necessary fields."));
}
}
foreach (var Child in ParsedBody)
{
if (UserDBEntry.UpdatableProperties.Contains(Child.Key))
{
if (!UserDBEntry.UpdatablePropertiesValidityCheck[Child.Key](Child.Value))
{
return(BWebResponse.BadRequest("Given field " + Child.Key + " has invalid value."));
}
NewUserParameters[Child.Key] = Child.Value;
}
}
}
catch (Exception e)
{
_ErrorMessageAction?.Invoke("User_CreateListUsers->UpdateUserInfo: Read request body stage has failed. Exception: " + e.Message + ", Trace: " + e.StackTrace);
return(BWebResponse.BadRequest("Malformed request body. Request must be a valid json form."));
}
}
}
int ExistenceTrial = 0;
string NewUserID = null;
while (NewUserID == null && ExistenceTrial < 3)
{
if (!UserDBEntry.GenerateUserID(out NewUserID, _ErrorMessageAction))
{
return(BWebResponse.InternalError("User ID generation has failed."));
}
if (!Controller_AtomicDBOperation.Get().GetClearanceForDBOperation(InnerProcessor, UserDBEntry.DBSERVICE_USERS_TABLE(), NewUserID, _ErrorMessageAction))
{
return(BWebResponse.InternalError("Atomic operation control has failed."));
}
if (!DatabaseService.GetItem(
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
new BPrimitiveType(NewUserID),
UserDBEntry.MustHaveProperties,
out JObject ExistenceCheck,
_ErrorMessageAction))
{
return(BWebResponse.InternalError("Database existence check operation has failed."));
}
if (ExistenceCheck != null)
{
Controller_AtomicDBOperation.Get().SetClearanceForDBOperationForOthers(InnerProcessor, UserDBEntry.DBSERVICE_USERS_TABLE(), NewUserID, _ErrorMessageAction);
NewUserID = null;
ExistenceTrial++;
}
else
{
break;
}
}
if (NewUserID == null)
{
return(BWebResponse.InternalError("Unique ID generation operation has failed."));
}
//For other elements to be created without any elements
var NewUserObject = JsonConvert.DeserializeObject <UserDBEntry>(NewUserParameters.ToString());
bool bEmailAtomicnessSet = false, bUsernameAtomicnessSet = false;
try
{
if (NewUserObject.UserEmail != null && NewUserObject.UserEmail.Length > 0)
{
NewUserObject.UserEmail = NewUserObject.UserEmail.ToLower();
if (!bIsInternalCall && NewUserObject.UserEmail.EndsWith(Controller_SSOAccessToken.EMAIL_USER_NAME_POSTFIX))
{
return(BWebResponse.BadRequest("E-mail address cannot end with " + Controller_SSOAccessToken.EMAIL_USER_NAME_POSTFIX));
}
if (!Controller_AtomicDBOperation.Get().GetClearanceForDBOperation(InnerProcessor, UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(), UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL + ":" + NewUserObject.UserEmail, _ErrorMessageAction))
{
return(BWebResponse.InternalError("Atomic operation control has failed."));
}
bEmailAtomicnessSet = true;
if (!DatabaseService.GetItem(
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL,
new BPrimitiveType(NewUserObject.UserEmail),
UniqueUserFieldsDBEntry.Properties,
out JObject _ExistenceCheck,
_ErrorMessageAction))
{
return(BWebResponse.InternalError("Database operation failed."));
}
if (_ExistenceCheck != null)
{
return(BWebResponse.Conflict("A user with same user e-mail already exists."));
}
}
if (NewUserObject.UserName != null && NewUserObject.UserName.Length > 0)
{
if (!bIsInternalCall && NewUserObject.UserName.EndsWith(Controller_SSOAccessToken.EMAIL_USER_NAME_POSTFIX))
{
return(BWebResponse.BadRequest("Username cannot end with " + Controller_SSOAccessToken.EMAIL_USER_NAME_POSTFIX));
}
if (!Controller_AtomicDBOperation.Get().GetClearanceForDBOperation(InnerProcessor, UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(), UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME + ":" + NewUserObject.UserName, _ErrorMessageAction))
{
return(BWebResponse.InternalError("Atomic operation control has failed."));
}
bUsernameAtomicnessSet = true;
if (!DatabaseService.GetItem(
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME,
new BPrimitiveType(NewUserObject.UserName),
UniqueUserFieldsDBEntry.Properties,
out JObject _ExistenceCheck,
_ErrorMessageAction))
{
return(BWebResponse.InternalError("Database operation failed."));
}
if (_ExistenceCheck != null)
{
return(BWebResponse.Conflict("A user with same username already exists."));
}
}
if (!Controller_Rights_Internal.Get().PerformGetRequestToGetGloballySharedModelIds(out List <string> GloballySharedModelIds, _ErrorMessageAction))
{
return(BWebResponse.InternalError("Get-globally-shared-models operation failed."));
}
NewUserObject.UserSharedModels = GloballySharedModelIds;
if (!DatabaseService.UpdateItem(
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
new BPrimitiveType(NewUserID),
JObject.Parse(JsonConvert.SerializeObject(NewUserObject)),
out JObject _, EBReturnItemBehaviour.DoNotReturn,
DatabaseService.BuildAttributeNotExistCondition(UserDBEntry.KEY_NAME_USER_ID),
_ErrorMessageAction))
{
return(BWebResponse.InternalError("Database operation failed."));
}
if (!Controller_Rights_Internal.Get().GetUserDefaultRights(out JArray DefaultRights, NewUserID, _ErrorMessageAction))
{
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
new BPrimitiveType(NewUserID));
return(BWebResponse.InternalError("Default rights obtaining operation has failed."));
}
if (!Controller_Rights_Internal.Get().GrantUserWithRights(true, NewUserID, DefaultRights, _ErrorMessageAction))
{
Controller_DeliveryEnsurer.Get().DB_DeleteItem_FireAndForget(
_Context,
UserDBEntry.DBSERVICE_USERS_TABLE(),
UserDBEntry.KEY_NAME_USER_ID,
new BPrimitiveType(NewUserID));
return(BWebResponse.InternalError("Right granting operation has failed."));
}
if (NewUserObject.UserEmail != null && NewUserObject.UserEmail.Length > 0)
{
Controller_DeliveryEnsurer.Get().DB_UpdateItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL,
new BPrimitiveType(NewUserObject.UserEmail),
new JObject()
{
[UserDBEntry.KEY_NAME_USER_ID] = NewUserID
});
}
if (NewUserObject.UserName != null && NewUserObject.UserName.Length > 0)
{
Controller_DeliveryEnsurer.Get().DB_UpdateItem_FireAndForget(
_Context,
UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(),
UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME,
new BPrimitiveType(NewUserObject.UserName),
new JObject()
{
[UserDBEntry.KEY_NAME_USER_ID] = NewUserID
});
}
Controller_UserActions.Get().BroadcastUserAction(new Action_UserCreated(
NewUserID,
NewUserObject.UserEmail,
NewUserObject.UserName
), _ErrorMessageAction);
}
finally
{
Controller_AtomicDBOperation.Get().SetClearanceForDBOperationForOthers(InnerProcessor, UserDBEntry.DBSERVICE_USERS_TABLE(), NewUserID, _ErrorMessageAction);
if (bEmailAtomicnessSet)
{
Controller_AtomicDBOperation.Get().SetClearanceForDBOperationForOthers(InnerProcessor, UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(), UniqueUserFieldsDBEntry.KEY_NAME_USER_EMAIL + ":" + NewUserObject.UserEmail, _ErrorMessageAction);
}
if (bUsernameAtomicnessSet)
{
Controller_AtomicDBOperation.Get().SetClearanceForDBOperationForOthers(InnerProcessor, UniqueUserFieldsDBEntry.DBSERVICE_UNIQUEUSERFIELDS_TABLE(), UniqueUserFieldsDBEntry.KEY_NAME_USER_NAME + ":" + NewUserObject.UserName, _ErrorMessageAction);
}
}
return(BWebResponse.StatusCreated("User has been created.", new JObject()
{
[UserDBEntry.KEY_NAME_USER_ID] = NewUserID
}));
}
