public async Task <ActionResult <PutUserDTO> > PutUser(string email, PutUser putUser)
{
var userToPut = await _context.Users.Where(user => user.Email == email).FirstAsync();
PutUser putUserModel = putUser;
if (userToPut == null)
{
return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
}
if (putUser.AccessToken == null || !putUserModel.AccessToken.Equals(userToPut.AccessToken))
{
return(BadRequest(this.GetError(Error.INVALID_TOKEN)));
}
if (userToPut.tokenExpired())
{
return(BadRequest(this.GetError(Error.EXPIRED_TOKEN)));
}
if (putUserModel.Name != null && putUserModel.Name.Length > 0)
{
userToPut.Name = putUser.Name;
}
if (putUserModel.Email != null && putUserModel.Email.Length > 0)
{
var emailExistUser = await _context.Users.Where(user => user.Email == putUserModel.Email).FirstAsync();
if (emailExistUser != null)
{
return(BadRequest(this.GetError(Error.DUPLICATED_EMAIL)));
}
userToPut.Email = putUser.Email;
}
if (putUserModel.Password != null && putUserModel.Password.Length > 0)
{
userToPut.Password = new AES().EncryptToBase64String(putUser.Password);
}
_context.Entry(userToPut).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
throw;
}
PutUserDTO putUserDTO = new PutUserDTO(userToPut);
return(putUserDTO);
}
/// <summary>
/// The put.
/// </summary>
/// <param name="id">
/// The id.
/// </param>
/// <param name="item">
/// The item.
/// </param>
/// <returns>
/// The <see cref="HttpResponseMessage"/>.
/// </returns>
/// <exception cref="NotFoundException">
/// Thrown for invalid user id.
/// </exception>
/// <remarks>
/// PUT users/B5608F8E-F449-E211-BB40-1040F3A7A3B1
/// </remarks>
public HttpResponseMessage Put(Guid id, PutUser item)
{
User user = _userDataMapper.FindById(id);
if (user == null)
{
throw new NotFoundException();
}
user.Username = item.Username;
if (user.IsValid)
{
_userDataMapper.Update(user);
return(Request.CreateResponse(HttpStatusCode.OK));
}
return(Request.CreateResponse(HttpStatusCode.BadRequest, user.ValidationErrors));
}
public IActionResult UpdateUser([FromBody] PutUser model)
{
if (ModelState.IsValid)
{
var userData = authService.GetCurrentUserData();
var command = new UpdateUser(userData.UserId, model.FirstName, model.LastName);
commandBus.AddCommand(command);
commandBus.InvokeCommandsQueue();
var result = GetUserDetails(userData.UserId);
return(CreatedAtRoute(
"GetUser",
new { firstName = command.FirstName, lastName = command.LastName },
result
));
}
return(BadRequest(ModelState));
}
public async Task EditUserAsync(PutUser user)
{
var actualUser = _userRepository.GetUserById(user.Id);
if (actualUser == null)
{
throw new UserDoesNotExistException();
}
var isUpdateUsernameDesired = !string.IsNullOrEmpty(user.Username) && user.Username != actualUser.Username;
if (isUpdateUsernameDesired)
{
AssertUsernameIsAvailable(user.Username !);
actualUser.Username = user.Username !;
}
var isUpdatePasswordDesired = !Verify(user.Password, actualUser.HashedPassword);
if (isUpdatePasswordDesired)
{
actualUser.HashedPassword = HashPassword(user.Password);
}
var isUpdateRolesDesired = !actualUser.Roles.All(x => user.Roles.Contains(x.Id));
if (isUpdateRolesDesired)
{
actualUser.Roles = user.Roles.Select(x => new Role {
Id = x
}).ToArray();
}
_userRepository.UpdateUser(actualUser);
await _userRepository.SaveAsync();
}
/// <summary>
/// Creates a test user if doesn't exist.
/// </summary>
private void EnsureTestUserExists()
{
//look up the user based on user name.
var getUserResponse = ApiClient.GetUser(new GetUser
{
Criteria = new GetUserSearchCriteria
{
UserName = TestUserName
}
});
var user = getUserResponse.User;
if (user == null)
{
//user doesn't exist yet, create it.
var putUser = new PutUser
{
//whenever you use PutUser always fill the entire User object out.
User = new User
{
UserName = TestUserName,
FirstName = "Unit",
LastName = "Test User",
Email = "UserTests.unit.test@" + Credential.Site,
Status = "Active",
LanguagePreference = "en-US",
//list of already existing organization Id this user will have access to
OrganizationIds = new List <string>
{
//"Organization123"
},
//list of already existing location ids for this user.
LocationIds = new List <string>
{
//"Location123", "Location456"
},
//list of already existing profile ids for this user.
ProfileIds = new List <string>
{
//"Profile 123", "Profile 456"
},
//Keyvalue pair data of extra info:
ExtraInformation = new Dictionary <string, string>
{
{ "Key1", "Value1" },
{ "Stuff", "Good stuff" },
{ "MoreStuff", "More Good stuff" }
},
//Set flag to trigger EULA when they login?
ForceEndUserLicenseAcceptance = false,
//Set flag to trigger email notification re: new user?
SendNewUserNotification = false
}
};
var response = ApiClient.PutUser(putUser);
Console.WriteLine("PutUser returned external record id: {0}", response.StoreId);
}
}
public async Task <IActionResult> EditUserAsync(PutUser user)
{
await UserService.EditUserAsync(user);
return(Ok());
}
public async Task <IActionResult> PutUser([FromRoute] int id, PutUser user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var role = StaticHelper.GetCurrentRole(User);
var oldUser = await _context.Users.FirstOrDefaultAsync(x => x.Id == id);
var curUser = await _context.Users.FirstOrDefaultAsync(x => x.Email == User.Identity.Name);
if (curUser == null || oldUser == null)
{
return(BadRequest());
}
if (role == "user" && oldUser.Id != curUser.Id)
{
return(BadRequest());
}
if (role == "superuser" && oldUser.DepartamentId != curUser.DepartamentId)
{
return(BadRequest());
}
if (user.Email != null)
{
var cl = _context.Clients.FirstOrDefault(x => x.Email == user.Email);
var us = _context.Users.FirstOrDefault(x => x.Email == user.Email);
if (cl == null && us == null)
{
oldUser.Email = user.Email;
}
else
{
return(BadRequest("Provided email is occupied by someone."));
}
}
var hasher = new PasswordHasher <AppUser>();
if (user.Password != null)
{
if (hasher.VerifyHashedPassword(new AppUser(), oldUser.Password, user.Password)
== PasswordVerificationResult.Success)
{
oldUser.Password = hasher.HashPassword(new AppUser(), user.Password);
}
}
if (role == "admin")
{
oldUser.DepartamentId = user.DepartamentId ?? oldUser.DepartamentId;
}
oldUser.StatusId = user.StatusId ?? oldUser.StatusId;
oldUser.FullName = user.FullName ?? oldUser.FullName;
if (role == "admin" && user.RoleId != null)
{
if (user.RoleId != 2)
{
user.RoleId = 1;
}
oldUser.RoleId = (int)user.RoleId;
}
_context.Entry(oldUser).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
