public async Task <IActionResult> EditPassword([FromBody] PasswordWalletModel passwordWalletModel, CancellationToken cancellationToken) { var result = await _walletService.EditPassword(passwordWalletModel, HttpContext.User, cancellationToken); if (result.Success) { return(Ok(result)); } return(BadRequest(result)); }
public async Task <Status> EditPassword(PasswordWalletModel passwordWalletModel, ClaimsPrincipal user, CancellationToken cancellationToken) { var userIdString = user.FindFirst(ClaimTypes.NameIdentifier).Value; Guid.TryParse(userIdString, out Guid userId); var function = await _passwordWalletContext.Functions .FirstOrDefaultAsync(x => x.Name == FunctionName.Wallet.EditPassword, cancellationToken); await LogFunction(function.Id, userId, cancellationToken); var owner = await _passwordWalletContext.Users .FirstOrDefaultAsync(user => user.Id == userId, cancellationToken); if (owner == null) { return(new Status(false, "Owner not found")); } var password = await _passwordWalletContext.Passwords .FirstOrDefaultAsync(password => password.Id == passwordWalletModel.Id, cancellationToken); var authorizationResult = await _authorizationService .AuthorizeAsync(user, password, Policy.OnlyOwner); if (!authorizationResult.Succeeded) { return(new Status(false, "You have to be an owner to edit password")); } if (!string.IsNullOrEmpty(passwordWalletModel.Password)) { password.PasswordValue = SymmetricEncryptor.EncryptString(passwordWalletModel.Password, owner.PasswordHash); } var actionChanges = new DataChange { UserId = userId, PreviousValue = JsonConvert.SerializeObject(new Password { Id = password.Id, IsDeleted = password.IsDeleted, Login = password.Login, Description = password.Description, PasswordValue = password.PasswordValue, UserId = password.UserId, WebAddress = password.WebAddress, }), CurrentValue = null, ActionType = ActionType.EDIT, RecordId = password.Id, UpdatedAt = DateTime.Now, }; password.Login = passwordWalletModel.Login; password.WebAddress = passwordWalletModel.WebPage; password.Description = passwordWalletModel.Description; actionChanges.CurrentValue = JsonConvert.SerializeObject(new Password { Id = password.Id, IsDeleted = password.IsDeleted, Login = password.Login, Description = password.Description, PasswordValue = password.PasswordValue, UserId = password.UserId, WebAddress = password.WebAddress, }); _passwordWalletContext.Update(password); await _passwordWalletContext.AddAsync(actionChanges, cancellationToken); await _passwordWalletContext.SaveChangesAsync(cancellationToken); return(new Status(true, "Successful edit password")); }