/// <summary>
/// Creates a new <see cref="User"/> from a given <paramref name="model"/>.
/// </summary>
/// <param name="model">The <see cref="Api.Models.Internal.UserApiBase"/> to use as a template.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/> for the operation.</param>
/// <returns>A <see cref="Task{TResult}"/> resulting in a new <see cref="User"/> on success, <see langword="null"/> if the requested <see cref="UserGroup"/> did not exist.</returns>
async Task <User> CreateNewUserFromModel(Api.Models.Internal.UserApiBase model, CancellationToken cancellationToken)
{
Models.PermissionSet permissionSet = null;
UserGroup group = null;
if (model.Group != null)
{
group = await DatabaseContext
.Groups
.AsQueryable()
.Where(x => x.Id == model.Group.Id)
.Include(x => x.PermissionSet)
.FirstOrDefaultAsync(cancellationToken)
.ConfigureAwait(false);
}
else
{
permissionSet = new Models.PermissionSet
{
AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None,
InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None,
}
};
return(new User
{
CreatedAt = DateTimeOffset.UtcNow,
CreatedBy = AuthenticationContext.User,
Enabled = model.Enabled ?? false,
PermissionSet = permissionSet,
Group = group,
Name = model.Name,
SystemIdentifier = model.SystemIdentifier,
OAuthConnections = model
.OAuthConnections
?.Select(x => new Models.OAuthConnection
{
Provider = x.Provider,
ExternalUserId = x.ExternalUserId
})
.ToList()
?? new List <Models.OAuthConnection>(),
});
}
}
public async Task <IActionResult> Create([FromBody] UserGroup model, CancellationToken cancellationToken)
{
if (model == null)
{
throw new ArgumentNullException(nameof(model));
}
if (model.Name == null)
{
return(BadRequest(new ErrorMessage(ErrorCode.ModelValidationFailure)));
}
var totalGroups = await DatabaseContext
.Groups
.AsQueryable()
.CountAsync(cancellationToken)
.ConfigureAwait(false);
if (totalGroups >= generalConfiguration.UserGroupLimit)
{
return(Conflict(new ErrorMessage(ErrorCode.UserGroupLimitReached)));
}
var permissionSet = new Models.PermissionSet
{
AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None,
InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None
};
var dbGroup = new Models.UserGroup
{
Name = model.Name,
PermissionSet = permissionSet,
};
DatabaseContext.Groups.Add(dbGroup);
await DatabaseContext.Save(cancellationToken).ConfigureAwait(false);
Logger.LogInformation("Created new user group {0} ({1})", dbGroup.Name, dbGroup.Id);
return(Created(dbGroup.ToApi(true)));
}
/// <summary>
/// Creates a new <see cref="User"/> from a given <paramref name="model"/>.
/// </summary>
/// <param name="model">The <see cref="Api.Models.Internal.UserApiBase"/> to use as a template.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/> for the operation.</param>
/// <returns>A <see cref="Task{TResult}"/> resulting in a new <see cref="User"/> on success, <see langword="null"/> if the requested <see cref="UserGroup"/> did not exist.</returns>
async Task <User> CreateNewUserFromModel(Api.Models.Internal.UserApiBase model, CancellationToken cancellationToken)
{
Models.PermissionSet permissionSet = null;
UserGroup group = null;
if (model.Group != null)
{
group = await DatabaseContext
.Groups
.AsQueryable()
.Where(x => x.Id == model.Group.Id)
.Include(x => x.PermissionSet)
.FirstOrDefaultAsync(cancellationToken)
.ConfigureAwait(false);
}
else
{
permissionSet = new Models.PermissionSet
{
AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None,
InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None,
}
};
return(new User
{
CreatedAt = DateTimeOffset.UtcNow,
CreatedBy = AuthenticationContext.User,
Enabled = model.Enabled ?? false,
PermissionSet = permissionSet,
Group = group,
Name = model.Name,
SystemIdentifier = model.SystemIdentifier,
OAuthConnections = model
.OAuthConnections
?.Select(x => new Models.OAuthConnection
{
Provider = x.Provider,
ExternalUserId = x.ExternalUserId,
})
.ToList()
?? new List <Models.OAuthConnection>(),
});
}
/// <summary>
/// Check if a given <paramref name="model"/> has a valid <see cref="UserName.Name"/> specified.
/// </summary>
/// <param name="model">The <see cref="UserUpdateRequest"/> to check.</param>
/// <param name="newUser">If this is a new <see cref="UserResponse"/>.</param>
/// <returns><see langword="null"/> if <paramref name="model"/> is valid, a <see cref="BadRequestObjectResult"/> otherwise.</returns>
BadRequestObjectResult CheckValidName(UserUpdateRequest model, bool newUser)
{
var userInvalidWithNullName = newUser && model.Name == null && model.SystemIdentifier == null;
if (userInvalidWithNullName || (model.Name != null && String.IsNullOrWhiteSpace(model.Name)))
{
return(BadRequest(new ErrorMessageResponse(ErrorCode.UserMissingName)));
}
model.Name = model.Name?.Trim();
if (model.Name != null && model.Name.Contains(':', StringComparison.InvariantCulture))
{
return(BadRequest(new ErrorMessageResponse(ErrorCode.UserColonInName)));
}
return(null);
}
/// <summary>
/// Attempt to change the password of a given <paramref name="dbUser"/>.
/// </summary>
/// <param name="dbUser">The user to update.</param>
/// <param name="newPassword">The new password.</param>
/// <param name="newUser">If this is for a new <see cref="UserResponse"/>.</param>
/// <returns><see langword="null"/> on success, <see cref="BadRequestObjectResult"/> if <paramref name="newPassword"/> is too short.</returns>
BadRequestObjectResult TrySetPassword(User dbUser, string newPassword, bool newUser)
{
newPassword ??= String.Empty;
if (newPassword.Length < generalConfiguration.MinimumPasswordLength)
{
return(BadRequest(new ErrorMessageResponse(ErrorCode.UserPasswordLength)
{
AdditionalData = $"Required password length: {generalConfiguration.MinimumPasswordLength}",
}));
}
cryptographySuite.SetUserPassword(dbUser, newPassword, newUser);
return(null);
}
}
