public IActionResult Put([FromBody] RightsModel fromBodyRightsModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Received rights ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyRightsModel.Application = authUserModel.Application;
// Rights must already exist in the database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, fromBodyRightsModel.Id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4003,
new List <string>()
{
fromBodyRightsModel.Application.LoginApplicationName,
fromBodyRightsModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// If the rights name was changed, the new one must be unique
if (rightsModel.Name != fromBodyRightsModel.Name)
{
var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
if (sameNameRights.Count() > 0)
{
messages.Add(new Message(MessageTypeEnum.Error,
4001,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(BadRequest(messages));
}
}
// Rights data validity and logic validity
messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
fromBodyRightsModel.DataDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
rightsRepository.SetNameAndData(rightsModel, fromBodyRightsModel.Name, fromBodyRightsModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
4007,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(Ok(messages));
}
public IActionResult PasswordChange([FromBody] PasswordChangeStructure passwords)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization - none, because every logged user is authorized to change an own password.
#region VALIDATIONS
// All passwords must not be null or empty strings
if (String.IsNullOrEmpty(passwords.OldPassword) ||
String.IsNullOrEmpty(passwords.NewPassword) ||
String.IsNullOrEmpty(passwords.NewPasswordCopy))
{
messages.Add(new Message(MessageTypeEnum.Error,
5001,
new List <string>()));
return(BadRequest(messages));
}
// Both new passwords must be equal
if (passwords.NewPassword != passwords.NewPasswordCopy)
{
messages.Add(new Message(MessageTypeEnum.Error,
5002,
new List <string>()));
return(BadRequest(messages));
}
// Old password must be correct
if (authUserModel.PasswordHash != PasswordHelper.ComputeHash(authUserModel.PasswordSalt + passwords.OldPassword))
{
messages.Add(new Message(MessageTypeEnum.Error,
5003,
new List <string>()));
return(BadRequest(messages));
}
// If passwords are required to be safer by application descriptor
if (authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Safer == true)
{
var sharedValidationHelper = new SharedValidationHelper();
if (!sharedValidationHelper.IsPasswordSafer(passwords.NewPassword))
{
messages.Add(new Message(MessageTypeEnum.Error,
5004,
new List <string>()));
return(BadRequest(messages));
}
}
// If minimal password length is set
var minPasswordLength = authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Min;
if (minPasswordLength != null)
{
if (passwords.NewPassword.Length < minPasswordLength)
{
messages.Add(new Message(MessageTypeEnum.Error,
5006,
new List <string>()
{
minPasswordLength.ToString(),
passwords.NewPassword.Length.ToString()
}));
return(BadRequest(messages));
}
}
#endregion
// Setting new password
var userRepository = new UserRepository(context);
userRepository.SetPassword(authUserModel, passwords.NewPassword);
messages.Add(new Message(MessageTypeEnum.Info,
5005,
new List <string>()));
return(Ok(messages));
}
public IActionResult Put([FromBody] UserModel fromBodyUserModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Received user ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyUserModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyUserModel.Application = authUserModel.Application;
// User must already exist in the database
var userRepository = new UserRepository(context);
var userModel = userRepository.GetById(authUserModel.ApplicationId, fromBodyUserModel.Id);
if (userModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3004,
new List <string>()
{
fromBodyUserModel.Application.LoginApplicationName,
fromBodyUserModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// New username must be nonempty
if (string.IsNullOrEmpty(fromBodyUserModel.GetUsername()))
{
messages.Add(new Message(MessageTypeEnum.Error,
3001,
new List <string>()));
return(BadRequest(messages));
}
// If the username was changed, the new one must be unique
if (userModel.GetUsername() != fromBodyUserModel.GetUsername())
{
var sameNameUser = userRepository.GetByApplicationIdAndUsername(authUserModel.ApplicationId, fromBodyUserModel.GetUsername());
if (sameNameUser != null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3002,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(BadRequest(messages));
}
}
// Input data validations
var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application);
messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor,
fromBodyUserModel.DataDictionary,
validReferencesIdsDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
userRepository.SetRightsIdAndData(userModel, fromBodyUserModel.RightsId, fromBodyUserModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
3007,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(Ok(messages));
}
public IActionResult Create([FromBody] UserModel fromBodyUserModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CR))
{
return(Forbid());
}
#region VALIDATIONS
// New user ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyUserModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyUserModel.Application = authUserModel.Application;
// New username must be nonempty
if (String.IsNullOrEmpty(fromBodyUserModel.GetUsername()))
{
messages.Add(new Message(MessageTypeEnum.Error,
3001,
new List <string>()));
return(BadRequest(messages));
}
// New username must be unique
var userRepository = new UserRepository(context);
var sameNameUser = userRepository.GetByApplicationIdAndUsername(authUserModel.ApplicationId, fromBodyUserModel.GetUsername());
if (sameNameUser != null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3002,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(BadRequest(messages));
}
// Input data validations
var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application);
messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor,
fromBodyUserModel.DataDictionary,
validReferencesIdsDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
// Reset password to default
userRepository.ResetPassword(fromBodyUserModel);
// Set defalut language from application
fromBodyUserModel.Language = fromBodyUserModel.Application.ApplicationDescriptor.DefaultLanguage;
userRepository.Add(fromBodyUserModel);
messages.Add(new Message(MessageTypeEnum.Info,
3003,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(Ok(messages));
}
public IActionResult Put([FromBody] DataModel fromBodyDataModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Dataset descriptor
var datasetDescriptor = authUserModel.Application.ApplicationDescriptor.Datasets.FirstOrDefault(d => d.Id == fromBodyDataModel.DatasetId);
if (datasetDescriptor == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2001,
new List <string>()
{
fromBodyDataModel.DatasetId.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, datasetDescriptor.Id, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Recieved data ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyDataModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyDataModel.Application = authUserModel.Application;
// Data must already exist in the database
var dataRepository = new DataRepository(context);
var dataModel = dataRepository.GetById(fromBodyDataModel.ApplicationId, fromBodyDataModel.DatasetId, fromBodyDataModel.Id);
if (dataModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2003,
new List <string>()
{
fromBodyDataModel.Application.LoginApplicationName,
datasetDescriptor.Name,
fromBodyDataModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Input data validations
var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application);
messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(datasetDescriptor,
fromBodyDataModel.DataDictionary,
validReferencesIdsDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
dataRepository.SetData(dataModel, fromBodyDataModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
2005,
new List <string>()
{
datasetDescriptor.Name
}));
return(Ok(messages));
}
public IActionResult Create([FromBody] RightsModel fromBodyRightsModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CR))
{
return(Forbid());
}
#region VALIDATIONS
// New rights ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyRightsModel.Application = authUserModel.Application;
// New rights must have a unique name
var rightsRepository = new RightsRepository(context);
var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
if (sameNameRights.Count() > 0)
{
messages.Add(new Message(MessageTypeEnum.Error,
4001,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(BadRequest(messages));
}
// Rights data validity and logic validity
messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
fromBodyRightsModel.DataDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
rightsRepository.Add(fromBodyRightsModel);
messages.Add(new Message(MessageTypeEnum.Info,
4002,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(Ok(messages));
}
