public async Task <ApiResult> ModifySelf(Core.Models.Users.User user) { var currentUser = await _userManager.GetUserAsync(User); if (currentUser.Id != user.Id) { return(ApiResult.Forbidden("You do not have access to modify a different user using this endpoint.")); } var oldUser = await _userManager.FindByIdAsync(user.Id.ToString()); if (oldUser == null) { return(ApiResult.BadRequest()); } if (_userService.TryModifyUser(user, oldUser, out User newUser)) { var userModel = _mapper.Map <Core.Models.Users.User>(newUser); return(ApiResult.Success(userModel)); } return(ApiResult.BadRequest()); }
/// <summary> /// Returns if the user model is considered valid, assuming the user id's are correct. /// </summary> /// <param name="user"></param> /// <param name="oldUser"></param> /// <returns></returns> private bool IsUserValid(Core.Models.Users.User user, User oldUser) { if (user.Username != oldUser.UserName) { return(false); } return(true); }
public async Task <ApiResult> ModifyUser(Core.Models.Users.User user) { var oldUser = await _userManager.FindByIdAsync(user.Id.ToString()); if (oldUser == null) { return(ApiResult.BadRequest()); } if (_userService.TryModifyUser(user, oldUser, out User newUser)) { var userModel = _mapper.Map <Core.Models.Users.User>(newUser); return(ApiResult.Success(userModel)); } return(ApiResult.BadRequest()); }
/// <summary> /// Try to modify the user. /// </summary> /// <param name="user"></param> /// <param name="oldUser"></param> /// <param name="newUser"></param> /// <returns></returns> public bool TryModifyUser(Core.Models.Users.User user, User oldUser, out User newUser) { newUser = null; if (!IsUserValid(user, oldUser)) { return(false); } oldUser.About = user.About; oldUser.Hometown = user.Hometown; oldUser.Job = user.Job; oldUser.Email = user.Email; oldUser.Fullname = user.Fullname; _userManager.UpdateAsync(oldUser).Wait(); newUser = _userManager.FindByIdAsync(oldUser.Id.ToString()).Result; return(true); }
[InlineData(1, "admin", 0, "admin2", false)] //user can't change their username public void TryModifyUserTest(int userId, string username, int newUserId, string newUsername, bool shouldBeValid) { //Arrange var user = new User { Id = userId, UserName = username }; var userManager = CreateUserManager(options => { options.CreateAsync(user).Wait(); }); var userModel = new Core.Models.Users.User { Id = newUserId, Username = newUsername }; var userService = new UserService(userManager, null, null, null); //Act var result = userService.TryModifyUser(userModel, user, out User newUser); //Assert Assert.Equal(shouldBeValid, result); if (shouldBeValid) { Assert.Equal(newUsername, newUser.UserName); Assert.Equal(userId, newUser.Id); } else { Assert.Equal(username, user.UserName); Assert.Null(newUser); } }