Example #1
0
        public async Task <IActionResult> SharePassword([FromBody] SharePasswordModel sharePasswordModel, CancellationToken cancellationToken)
        {
            var result = await _walletService.SharePassword(sharePasswordModel, HttpContext.User, cancellationToken);

            if (result.Success)
            {
                return(Ok(result));
            }
            return(BadRequest(result));
        }
Example #2
0
        public async Task <Status> SharePassword(SharePasswordModel model, ClaimsPrincipal userClaims, CancellationToken cancellationToken)
        {
            var userIdString = userClaims.FindFirst(ClaimTypes.NameIdentifier).Value;

            Guid.TryParse(userIdString, out Guid userId);

            var function = await _passwordWalletContext.Functions
                           .FirstOrDefaultAsync(x => x.Name == FunctionName.Wallet.SharePassword, cancellationToken);

            await LogFunction(function.Id, userId, cancellationToken);

            var user = _passwordWalletContext.Users.FirstOrDefault(user => user.Login == model.Login);

            if (user == null)
            {
                return(new Status(false, string.Format("User: {0} not exist", model.Login)));
            }

            var owner = await _passwordWalletContext.Users
                        .FirstOrDefaultAsync(user => user.Id == userId, cancellationToken);

            if (owner == null)
            {
                return(new Status(false, string.Format("User: {0} not exist", userIdString)));
            }


            var password = await _passwordWalletContext.Passwords
                           .FirstOrDefaultAsync(password => password.Id == model.PasswordId, cancellationToken);

            if (password == null)
            {
                return(new Status(false, "Password not found"));
            }

            var authorizationResult = await _authorizationService
                                      .AuthorizeAsync(userClaims, password, Policy.OnlyOwner);

            if (!authorizationResult.Succeeded)
            {
                return(new Status(false, "You have to be an owner to share password"));
            }

            var isExist = _passwordWalletContext.SharedPasswords
                          .Any(x => x.PasswordId == model.PasswordId && x.UserId == user.Id);

            if (isExist)
            {
                return(new Status(false, string.Format("You already share this password to user: {0}", user.Login)));
            }

            var sharedPassword = new SharedPassword
            {
                PasswordId = password.Id,
                UserId     = user.Id
            };

            await _passwordWalletContext.AddAsync(sharedPassword);

            await _passwordWalletContext.SaveChangesAsync(cancellationToken);

            return(new Status(true, "Successful shared password"));
        }