public Task <IResult> Patch(OwnUserSettings settings) { // The normal user can only update their own settings return(UpdateUserAsync(Context.UserID, settings)); }
/// <summary> /// Updates the user settings /// </summary> /// <param name="userid">The user to update</param> /// <param name="settings">The settings to apply</param> /// <returns>The request result</returns> protected async Task <IResult> UpdateUserAsync(string userid, OwnUserSettings settings) { var requestuserid = Context.UserID; // Only allow calls by logged in users if (string.IsNullOrWhiteSpace(requestuserid)) { return(Forbidden); } if (string.IsNullOrWhiteSpace(userid)) { return(BadRequest); } var isself = IsSelfUser(userid); if (settings == null) { return(Status(BadRequest, "Missing update information")); } try { Database.ChangeEmailRequest nx = null; Database.User user = null; string oldemail = null; var res = await DB.RunInTransactionAsync(db => { var isadmin = Services.AdminHelper.IsAdmin(db, requestuserid); if (!isself && !isadmin) { return(Forbidden); } user = db.SelectItemById <Database.User>(userid); if (!string.IsNullOrWhiteSpace(settings.Handle)) { user.Handle = settings.Handle; } if (!string.IsNullOrWhiteSpace(settings.Name)) { user.Name = settings.Name; } if (settings.InvoiceAddress != null) { user.InvoiceAddress = settings.InvoiceAddress; } if (settings.DeliveryAddress != null) { user.DeliveryAddress = settings.DeliveryAddress; } if (isadmin && settings.Disabled != null) { user.Disabled = settings.Disabled.Value; } if (isadmin && settings.Require2FA != null) { user.Require2FA = settings.Require2FA.Value; } // Register a new activation request if (!string.IsNullOrWhiteSpace(settings.Email) && settings.Email != user.Email) { if (!Services.PasswordPolicy.IsValidEmail(settings.Email)) { return(Status(BadRequest, "The new email address is not valid")); } oldemail = user.Email; if (isadmin) { user.Email = settings.Email; } else { db.InsertItem(nx = new Database.ChangeEmailRequest() { UserID = user.ID, NewEmail = settings.Email, Token = Services.PasswordPolicy.GenerateActivationCode() }); } } //TODO: The profile image? db.UpdateItem(user); // Toggle admin status if (isadmin && settings.Admin != null) { if (settings.Admin.Value) { db.InsertOrIgnoreItem(new Database.UserGroupIndex() { UserID = user.ID, GroupID = IDConstants.AdminGroupID }); } else { db.Delete <Database.UserGroupIndex>(x => x.UserID == user.ID && x.GroupID == IDConstants.AdminGroupID ); } } if (isadmin && !string.IsNullOrWhiteSpace(oldemail)) { //TODO: Implement the change email notification //Services.SendEmail.ChangeEmailNotification(oldemail, settings.Email); } return(OK); }); if (user != null && nx != null) { await Queues.SendEmailChangeConfirmationEmailAsync(user.Name, nx.NewEmail, nx.ID, Services.LocaleHelper.GetBestLocale(Context.Request)); } return(res); } catch (Exception ex) { var t = Ceen.Extras.CRUDExceptionHelper.WrapExceptionMessage(ex); if (t != null) { return(t); } throw; } }
public Task <IResult> Patch(string userid, OwnUserSettings settings) { // Admin users can update all users return(UpdateUserAsync(userid, settings)); }