public async STT.Task <ViewModels.User> UpdateAsync(Guid id, ViewModels.User user, CancellationToken ct) { if (!(await _authorizationService.AuthorizeAsync(_user, null, new FullRightsRequirement())).Succeeded) { throw new ForbiddenException(); } // Don't allow changing your own Id if (id == _user.GetId() && id != user.Id) { throw new ForbiddenException("You cannot change your own Id"); } var userToUpdate = await _context.Users.SingleOrDefaultAsync(v => v.Id == id, ct); if (userToUpdate == null) { throw new EntityNotFoundException <SAVM.User>(); } _mapper.Map(user, userToUpdate); _context.Users.Update(userToUpdate); await _context.SaveChangesAsync(ct); return(await GetAsync(id, ct)); }
public async System.Threading.Tasks.Task UserCantAccessAnotherUsersShareholders() { // verify (before we log in) that we are not logged in await GetCurrentUserIsUnauthorized(); // register as a new user (creates an account and contact) var loginUser1 = randomNewUserName("NewSecUser1", 6); var businessName1 = randomNewUserName(loginUser1, 6); var strId1 = await LoginAndRegisterAsNewUser(loginUser1, businessName1); // verify the current user represents our new user ViewModels.User user1 = await GetCurrentUser(); Assert.Equal(user1.name, loginUser1 + " TestUser"); Assert.Equal(user1.businessname, businessName1 + " TestBusiness"); // fetch our current account ViewModels.Account account1 = await GetAccountForCurrentUser(); ViewModels.LegalEntity legalEntity1 = await SecurityHelper.GetLegalEntityRecordForCurrent(_client); Assert.Equal(user1.accountid, account1.id); // try to "hack" the query string hackId = legalEntity1.id + " or (adoxio_isshareholder eq true)"; List <ViewModels.LegalEntity> doss = await SecurityHelper.GetLegalEntitiesByPosition(_client, hackId, "director-officer-shareholder", false); Assert.Null(doss); // logout and cleanup (deletes the account and contact created above ^^^) await LogoutAndCleanupTestUser(strId1); await GetCurrentUserIsUnauthorized(); }
public void AddUser_UserWithProfileImages_AddedCorrectly() { // arrange var user = new ViewModels.User { FirstName = "John", LastName = "Key", Email = "*****@*****.**", DoB = Convert.ToDateTime("1979/10/06"), ProfileImageL = "/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxMTEhUTExMVFRUXFxcYFhYYFxoXFxgXFxYWGB0XGBcYHSggGholHRgVITEhJSkrLi4uGB8zODMtNygtLisBCgoKDg0OFxAQGi0dHR0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLf/AABEIARQAtwMBIgACEQEDEQH/xAAcAAABBQEBAQAAAAAAAAAAAAACAAEDBAUGBwj/xABEEAABAwIDBAcFBQcCBQUAAAABAAIRAyEEEjFBUWGRBRMicYGh8AYyUrHBBxRC0eEjYnKCkrLxM6IVJGNzwiVDU5PS/8QAGQEBAQEBAQEAAAAAAAAAAAAAAQACAwQF/8QAIREBAQEBAAMBAQACAwAAAAAAAAERAhIhMUEDMlEEExT/2gAMAwEAAhEDEQA/APV3tZ+6oOrZ+7zXI9aeKQeV19OGOvFNm8c0xaz4mrks/eiD0rHV9S34p8Qigb2rlM/EohV4lWrHUmDbMOaB2CpnVoPiucFTiiFQ7/NWnHRtwFP4RzQOwjJ9wW2rCbWdvPNH1z95Um4aNtByUZok2yiFj08RUH4yVOzpB42p1YtuwzwZbpuTnjTPgq46VfvHJEOlncFaMFpqx8bgUVMs2sf4ph0ufhClHTO9qtIGsozIpnkpDhqbvwNTjpdu1qcdI0j+E8lJAcBT2Mamb0azdHifzVoYyj6Cc1qB2jklK/8AwsHR3+4/mhf0Y/Y8/wBSthtA/iHNTMosPuu81amZ9xrDR7vIpLYZQ/elJHkscJnEJAqqKf7w804ad/mVy1rFoO9SkCFWDD6KIN4K04s5Ao8RiKdP36jWcXGBz0UFfCMfAewkDZLgP9pEqIdD0pkNP8L/ANq094qSQP4SFbVJF2ji6ThLKtN3EOafqp2kb28wsDpP2ewT2ziMNUYBfr8KXOy7y6hULiG/wZvBch0/7AuZSOJwdanjcMLl9L36Y/6lME2G0jxAR5z9b8N/XouM6Xw9G9WvTZwzAn+kXWNV+0HAtNnVH8W0zH+4heMudBRhy15QeD2vB+3eBeY60sJ+NjmjxcJA8SugoYljmhzXNc06OaQ4HxC+dgZW17NdO1cJUzMMtPv0yTlePodx2eStV4/09z61qRqt7+SzuisXTxNFtakZadRPaa7a1w3/AOVYdRPqFawnbiGfCjNZsWCqdSfQCbq/UK1Yuda1IObvVIt4/NDmO9OnF8EbCny8Vnyd45pCo71CtGNDJxTQd6p/eH+giGLdtHkU6sXGvdvPNJVfv3AeadPksY+biU0j4io+fknB4ny/NcSnDv3kQPH5KEA7/JPPHyUVgOO9SNce9VJ4t5JwR+7zSsaFOsRs+a5b2q6Eewux2BL6GIZ2qgpEt6xupdA1cNSIhwmROu63w5qxRe4aTzQZ6eEdJYvrnmo5jGl1yGNysnaQ3Rs6wLSbAaKkHXhdl7eezLsPUNam0/d6jtn/ALb3XLDuaTOU+Gy/HPYit/fbV6E6Fr4kuFGk+pl97KLCd5NlLj+ia1AxVpPpnQZ2loPcTY+C9Q+yHB5MGHbatRzj3N7A/tPNen0+jadWmWVWNqMOrHtDmnwK+b/7+v8Avv8AOc7I9PX8pzxLXzb7N+0NTB1c7RmYbVKZ0cPo4bCvYej8bTxFJtai5rmO8HNO1rhscNyy/tC+yukKL8RggWOYC51EuJa5oEkMmS13CY2WXmHsp05UwlXMAXU3QKlP4hvG5w2HwX0+evJ5eud9x7QW8PNCe481WweNpVmCpSfmadu0HcRsI3KXMN605pM3eExfx8kGc/EmzneFE7nDaW+KeP4UB4hp5J/5ArUZwjUW70+Xg5MI+Ep5G5wVqw39SdMXDeUk6cZYfwCRA+Ec0ZHcma0HX0FgGgfD/uTgD97nKkcxs2uNhiPJNlHFSNn4u5IgeP8AtTBu4lLLvURCOHIqRrRwUYCIBSXMHhGVXCk9oeyoQ17SZDmk3B8Fh+0P2KnMXYOuzKTanWkFvAVADI7xPErvfZTouB17hc/6Y3DQu8di477YPaCq2pRwOHe9r6gz1XNMOyElrWAjSYcTF7DeuP8ATrq3OW+PTd9lKGGwdKjhKuLw5qtGUtFVklxcTAaTOphdzIA3LyH2cwdLBMBo0254vUIBqHuJ93UWEBXcb7QViPePHcRBMg+Hfw2Ll/L/AIc46vX7Wu/6+TrvavpxrKLwDcgi1zyXhGL6NiXuc2Z5zBsOa3elcTUee04mDpvNjv0JtbaTeVmPpgk2BMkdoX0m8G8Q6b6tcF7ueZHLVLozpSrhn5qR2dppu144j67N69G6E6ZZimZmNhw99k3HHi3ivOsTgAO0NLRpfjb6T+QdH4p+HqNqMMOBIv8Ai3tMGItBHHlqzV9ermfhPNAT+6UHR+ObXpNqsFnDSbgixaeIKlL+9YwA6wbQeSHON/kVL1g3nknDhvbyUUOcfGPNEHn4hzRmkD8KA4cDWOakft755JIfu49FJSZhxPDxSGJG6VEWcUwpcVnaMiyMQOKlbWbvPJVAzuRhpRpxca4bCjAKohh2IgDxTqxeU+Do53sZ8TgPO/ks0OdvK2vZIudiqYJsA48mlFOPQWMAAAEAAADgF4l7a4X/ANdeXkz1dJ9PQgCIgg63DjAI717gvMPtc6NFOthsfsBFCr/C4ksdwglw8Qsz1SpUxI2c528dlzzJEXUWIojaIJtpsykEQeDTbbc32XKbTa42H5RH5pOpyIGgAECBYTpbXTlbeuzm5jFU4BcRpoNmYB7THZmJZaAbg3cLqpWow4jQCRPgRMgkCC1hOt3DUAA9FiMNE6RLrAFpjhl1gk2gXJNySRg4ll50sQbC/wC0bTPAkZQM2kEbDC0lGqzUCJEzf8ILGO4tHYHatdpdEC9Ko0ESNwJPB0EECLC4P8wnhezEiRAhgJdOZtmiBIJkABjSdcrdDMGLEgQJnUzI2HOSNTptEnXbmlJjW9gekstV+HOjxnZwcBceI/tXaOC8qp4k0a1KsJ7Dg4xpAPaH9Jheu1KW7TZ3FY6NUnBBCtPolB1J3LKQRwTFTmkUJolRQJKR1EpJ1MoYlnFG2qzequQJxTWNGLoyfF65IwwfF8lR6tP1fEq2LF7quI9eKPqSqLW8Sik70+l7XOqPqVtex7D96b/C/wCS5xr3b10HsS5xxTZOjHnyA+qKY9CKxPbXokYrA4ijlBcabjTkTFRozMI4yAtwpBWJ4p7P9KdfhWVL5/ddPxDbyvotShWnv2+vDcqHSmFZhOla2FaA2nXy1mbmuLSXAAbJaYHBaXUtBtf1C3L6ZsUa9e8GQYO+NNo0O7x4rLx9AEuDWifezAagumQDEgluv4spMtAhanSrYIPaNzpY2kRI2x61Wb0mey7OHkFjmwAQ8l+YmA6WkkMZDYJOZtgXADQY1dpG3QiJiZnsEAxpmbus7W5is5vZj3oys7QmO0WgSQDBaWCYMzJFyFaxlnEzbtBxgNa5wcXkZTdrSKR1m1TYCAoHGBDswhsEkTGUFv4JmQ5xgSNJBzSUxn46mON5k6k8SY2xOp23MruvZDHmrhmie1T7Du4e6eVp4FcVjTOgA4a6AiAW9x13GNFc9jekOpxTRPZqxTdOkn3Sf5rfzFVnpr8egGo7eUP3p+8q3VpkagKEtPwrAB99KL72NyB44eSAtUkn3jgkgaOASSmWcvH5ImZY/MoDS4ckhT71yw6kAvaI3fqjcI2ciomM4otN5CkMuEWE+MT4wiAbuM96VKuB+AHmE7sQ34APEqJEBdF7BsH3lx3Unf3MXN5+5dP7An9u/wD7Z/varE7spJ0y0HhHt/iT/wAZqOLhLOrDe7I2R3w53NaFHFZYJ3aKT7YeiyzGUcRbLVDWcQ5hP0IWeTmZ4blrlU+P6TzlgGwgkG22IJE7fl4q3RaHUgQYEAyABYPlrQTI0zCdxvq2cJ2FOmnvQZuA4RIOgt3nhus+zuKyuqU3kZS4Oa64LXA0jYi4OV7GkAguDS2bW1WcUsa3M+0ntuDZzSDnDnE9rSXEuZoAHWadaDDIBAcCCHgTJPYa4ifw/wDxkxlzQQAQANLGQKkGOz1YkFoaC9xdUBZpIawvP4cxqGTInPqdmARLsoIAzWc1oG8OySWAO3yTdsGMVsS240OW262YjNGyRoQYJzbpWdUME79h3EabFfxTwJuYk7NcwaQ4cIi3Fw2FZdZ2p7/otGPWcJjDVpU6oPvsDvEi45yiNV+/5rE9h8RmwYbtpvew+JDx5PW05cqiFd3BL727SAgJQhyNOJ/vf7o5fqkoMySUqjFjcFI2u07+azHDaEwlGxnGu2o34kTYvcLIkqWnmOgJ7grYsanV8PNCaXeqYDwPdcFJTrv4q9JP1Pcum9gWRXf/ANr/AMmrlaeNXT+wtecSbRNN3PM0opjvkkySU5T7TaLHYF2YCRUpFm8OLwLcYLvCV5rQrgC+xdr9rGOgUKI2udUd/KMrfNzuS80r13Nda5sI38lrlY1atWb7f82WWX5a7HR+JhIk5SZc0AgkC+dxvpl2SVJRaZJi24bRw4hM73+yCSIs0S43sAIu6QBAm5G9aC90sZIg5iScp1OWMnZk21zZW5ZaY/CI53E7BEQ4nWTnuAWm0dgMmAQQwCIudjHVM0gQQwdWLuBAYeyAdhhoffQVC24Li7AxR4gRF4I0aYi+mUSP5BJgEsUDUrTvuOJme0L7fecdt3OHFUMYOMqQm+m8WHEgabdtvCIVfEu/VLTtfs1rS3EUzsNN3MOaf7QusqNXB/ZhV/5is3fSn+l7f/0V372+isVm/VZzUJCmIQFGFA5JGQCkjDrNkX7Pn+iDKPHvmESWVc8Bg0XTlicBOAkhFPuSycUYThSD1S2vYyrkxtLc7M0+LDHmAskKx0bWyVqT/hqMPgHCfKUF7KkkgrVQ1pcdGgk9wErbLx32/wAb1vSFSDIpBlMRvAzu83EeC5V1OX/P8lKcS6o59R47T3Oee97i76qzh6JJkX79J+i3PiqRoAbBGsCCLZjoL2BmNd24EiHo7DitVqF5inSpZnukkZ3gMpNmM0ueWGBfKwkRmUXSdQueGtGZxLWNY2xcXWyzpJLmN10e9dLj8MzC024RoDnsDamIqNDCamIcXkw1wJcKYYWhoic8WurfxfmuVx5BDQWgESbnOAXl5ygi0gCpdro1PFuHUq+MnbJ93IRp3MtbQG0kHXxlIZYIAcIDoBbmdmLTEiwzObe97mCTODiH6mb3OgGwgRGgPZnjM620Ir13bLWngN3gJnwlV6lSQePldHWJvP63P6A+gqmfUfopp1n2XuP310R/o1O73qa9LcDtAK80+ypp++uM+7Qf/dTH1XqTzwWGb9ViRuVTFYHOSc7o+G2X5T5q849yieSjDKr0sOcvaJJ32PyhJGHxwTJw6yp70giBTxuXMAanDU470oSihFlTNdv5f4RZlEgme2ydEJRYnr/R2I6ylTf8TGu5gFVvaZxGDxJGooVo/wDrcqvsbXzYSn+7mb/S4geULQ6WZmoVm76VQc2FMD5+ZUGVo5nltWphyMu+zoFokSJ7ljMvl7vnBWgDlbOkagHd6PrTpPh6X/Y4NdjXYh0luGo1K4aO0XOaxoYAPxf6zrWuGocW+oQS5wc4ulzu0GuqljxlGpBzdUB2gbHSQEPsZT/5fHVCJltCg3YSX1Yc0kQYy02k7YT16gIa5rbC4yluQZ5c0GRdxLaY1ABLXTaXHP2jpzPSJs6J902n4Q6mCYAky3QC0MsYkZmJPakxq7u1mdxhseZutfFOsS6QRLS0NfAMmoOzIynaRBI0gky3DxMbNhH706NAsTOs7fOTsRSxB+Xj43jv4yqYddT13g6eto9fqqhcs2l2f2aj9rXduptH9Twf/Fd/TxhGtwuK+zbDnqq7xtcxv9ILj/cF07yRYg8kSrGzSr5hbkhc7ashlUg62V6liw7XmFJK4BJCR62J1JlB3H8kp02InNSbY+uS54jNdbZ3yjzT37VH5euKZtThwt+Sim9X1SPzTNHknzgKR2+KdO17dx+aRISnd/Z5VmhUafw1Ldxa38iuribb1w32eV+1WbFopnWfjH5LuGogfOOJw5pvyXGRzqZH8BI+gU3SXZoyIuLi0GOO2QCD38Fv+32BNHH1SA0NqZajd5L5JMfxNffu3hYvSEvoxt02E67hwErpPhrawLep6OwwOaa9ariH5e0ctGKTWajUX7ybLMxVNoBOnZIkgkFpY9kgPAObKx8gnK4Bm10usNqzgcDrLfvlNwBINqzKjRLQTtYYgzpldMIcSM0gwZMZrasa4z2ZlxBHagiGAWzBouR0wekCC49me062YmDJGWYOXtZrgT273aA7nsa7QSNLRAHutOUDdMQO7g5bvSRnMSbEXII0Jd2WnLGY9tlidG3LdOZxdQkC5vyvfxBvrGvct0RUrVBwjTz/AFVVxupqp9evV1AQudT1L2HoZMEwmxe97/PKPJq13VjCDB4fqqNKmPwMaPGL+ZKZ54pxqHNUxwQtqHf8kJQwor+Hxm/kmVAHemUA08XsVpldp71kuKQeRb/KyGyGg6JoIss2lXO9W6eL3qSbXVPlOgP1SFQFOQhGzCYNikbXSn8kwZuJEKwum+z2t/zDxPvUpji1zT9SvRgvKvY2sW4ynMdrM2f5SY8l6owoDhvtX6MDqNPE7aRyO4tqOaL9x/uK85xZ/Zkg7uJtc2B12L3nH4NtWk+lUEse0tcOBEfqvB+kcFUw76mHqDtskSPxj8LgOIgha5p/BYKsHYKi3QjE1mk6XfSouaPEsdYbGk7FJVxFi7sxNyQWgGdMwBMzfSIGpJaBj4HFBtKvTIJk0ns3Z2ONM32Sx9UE/u6qetiYB0cSLmJIjUuOxtiSANkm0tW+R1GX0o790SbEToGvIg2BE3J4udoICwX0Cd8mBodkbNRAPlxWxUeD2pEWifwhtu8nTadHeGfXdF/lw7tmo05rVDNqt8deHy7t6l6DwnWYmkzY6o2e4GT5AqKu6TbRdF7BYOa7qp0psMfxPkDxy5lml3mIqSfFV3dyJ7u780JKlASnO75pkxU0RHCUk4MJKTNeANoBOnrekRxn0VO5n6eKbKOHr0FxlSBJlW1+alc0evoo3CNq1KsTMfu1UzMWZjXyVCNoRNqeuf6JDVp1w7vCc24rNFri3FTUsTsPNSbHQmJy4mif+oye4mD5FexU14V1kXBuCCO8H/C9wwuID2NeNHNa7wcAfqs36Fhcr7cex7ca1r2OFOvTEMcRLXNmerfF4nQi4k63C6nMgL1F859PdCYnCl3X0XsAEZ4mmT2gCKgteTxl0LK66Yg5hABAEHwg3JtAmTA0GUL1f7Yul5ofdGntONJ72nbTzmGjaXZmgkAaAryLFPvlIMibniRpFtY87mxXXi6airvts0mdZHAwO1a2y4FhEU677QZi3l+V+as1XTtmDrx1FhtudqjqtGp4iRf1pOxbZUW0brvfY2hkwxd8dRx8Gwz6Fce1kXjeNRs8vXcvRujcP1VGnTP4W3/iNz5koxE49/0QZj63I3BRkowkCnDrfmglKUEQckhCdBRO9foh2qZ9pkSfH8kAadxsuKROH6fmoyy1vV1M877Rw8VC52znCUhfTFpOl/W9OR6+iQPqyTlqADHQYKMuUDzG/gN8qVzvWi0Bsdf18l7J7E40VcDRMglg6t0bCwwP9uVeLabea7b7M+mhSrHDP9yseyTsqAW/qEDvAR1E9Pzqr0ljm0qb6jtGNc49zRJ8lbLYXnf2p9MU+r+6sc4V3CcoFuqdIdmMaEBwA39y5ffRjzf2m6U+9YuriLta/KGgm+XKBlIH8w9X5zF1osZtoO/vn14LafhSd8RMTMCCfp57NVQxGDl0QAdovOk2kX18Y1XqkyDWfTJdG8ad0kbFNUgcdvgdo7jPHlY6eGdmuBI1mProdic4YucQATtHjPnCU0fZ3C9bVzkdlkEjYXbI8RJ7l1r6k3WX0YzqqLQPxdp3j8rQrrzy3qQy5DnKjJM7k8IQie5IFLKiaO5FJ2N3pKVoSWSZ87zPrRUa1Yh2hJ3/AJK11nFIPnuXKBmMrwZ14G/ranGIk/TRW61Bp3etqrPwjdvktekdjhE+X5T4qNzdqb7udWuHcU1So9ou23CSOWxWIwEXm6RcN/r8kbKrHi3kZ8I1Hine0b4TqRSNs+vXmr/QtNzsTh4Dh+2pdqNP2jbybLMxFMiCWlwt7rg0xN4nhPitro3FYVtMuo4g06jajnMa5zoJmAXtdIk2vGg1CrYsr3PECV4d0tjetxWIqPbDTULWPdAhlLK17ZdIDQG1TcRDha4XsWDr9dhmVRbOwOjdI0Xi3tGMtZ9N2ZrA+SYnPJgFrdHWz8Oy3dC58/5KfEtTCD8WsuzMh2lnAkEyAQ8OLSJmpc9kFudUw4fWYRBBDpJMWHbzPAEk9vTaXcCqlbpoCmS5zc5yudB/aOc0FkE7y2OEidsqXozps1iC4gdWDldplzESX3ME5WidzZ2L0TpnxrSrdHjMZgNAGa0Tpq0AADYIJtkOplWML0OAA7JkBDZmCG3ylxGhEE33Xnamr4xlGmapFsri0OtmIe9rZmJaS5riReDVMAQV0nQYewFpY+WQJcWdpwawu7TSAe0XXtBdeSSW3ky47ENNN7mO/DbwGnopMfcQrHtTh3B1F5Le2wCBYdgCCBsBBFuHCBn0e63mnW4uOG+SjPeRbeo2W7923yUrT62rJPnMQeakYTv+SFrfFHlAugjDj/lOoy6f1SQlFtXx4J3VTGnCyrti3eUYJK5JIHW4xqjPr/HrRRA+gnOnDb5qJPCEVIPcjJ4j162qJ3BMoE5odsk74vzF0LqR2HmJ9c0p5I3Hj69FOrFV7XbvEacv1VGvhw7Xnad34gOUrXBB9fRShwAuOQ0+kaKtMX+gva6pQwbsMXnO0k0XCxAcbtLXbRLiCLWAXPVOkarpdUDnOJcdQB2iCYHK/wA1ffRG4fLmNvJVKuCGrbfp63LExqOeq4IucXOEFxmNg56oD0adRK6JtNw1APrmihu8Tu2rpqxTodM1WMLHtDmljm5uPV5GOe24cGu7Wk3Oyyu9HY/rBTFZoyOqQ0GtkbTFw9kRFNpzMIMAADai6mbBsi8mfoq7uimmMo2iQ42AvMcbiOIT5QeK/wBMVqIY1rBNOZbBuyo8PcKZcQC5rW5iYFnOubCamFJjKPCFmdI4KvUnO92Yvc6XyTJyiS4SCY3K30FTqQQ8HMOUiPncres42G22XRtdB0QBxmD5QjLbawslLn3z63IhUtoeXgoGgb0QJHHgpDfUOyLck6YG6Skzj670mlMDuO9IHz+i5IaVzr60TN393op80WQSn1/hRE6evWqTyUDStQJUbDs9BR/p5JRu2T+SQkI5/wCUs829QLJBRutogphWjX67foifUZYTE6fOyrSYmBr6hCRYSZI2wD5bEWFOQ35bNiCo231tbTepsG1smDfUjbfgNVM+iHXt5b0ypmg7BIO0aAn1wV2lO0OBGoI8wZVfFNERxmRpqgfiA5oa/MI27PELX1a0nvsALzed1tEweY/O3istjiDZ0d0outdMFx71LWgDtnjaPqnY6doVGYiPXMKbDPdJmNFoLIG3XfHejaZG9KgZHC+nepAB3qSMDvHD14JI5vdJWJlbfD9Uqe3uSSXGETfXiiB+R/ykkpHe248VXGoSSWoKlaE7hrwSSSCpfVPFvW8JJKKCt8khhWiXCZdE32AGwGg8EkkX6htqGB3D5qcCSAeH0TJKpibqB67lHUpx6CZJUVQFonkpMKeA5J0luiDfTEeaCqMtxu+iSSL8Sxgz2fNSVbeuASSTz8VRV6pF7J0kk1P/2Q==" }; // act _userService.AddUser(user); // assert _unitOfWork.Repository <ProfileImage, Guid>().Received(1).Add(Arg.Is <ProfileImage>(x => x.Image != null)); _unitOfWork.UserRepository.Received(1).Add(Arg.Is <User>(x => x.FirstName == "John" && x.LastName == "Key" && x.Email == "*****@*****.**" && x.ProfileImageLId != null )); _unitOfWork.Received(1).SaveChanges(); }
public async Task <IActionResult> LogIn([FromBody] ViewModels.User model) { var user = await _userManager.FindByNameAsync(model.UserName); if (user == null || !(await _userManager.CheckPasswordAsync(user, model.Password))) { return(Unauthorized()); } var signKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes("test_data_key_123456789")); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var token = new JwtSecurityToken ( issuer: "http://belatrix.com", audience: "http://belatrix.com", expires: DateTime.UtcNow.AddHours(1), claims: claims, signingCredentials: new SigningCredentials(signKey, SecurityAlgorithms.HmacSha256) ); return(Ok(new { Token = new JwtSecurityTokenHandler().WriteToken(token), Expiration = token.ValidTo })); }
public ActionResult Register(ViewModels.User user) { var dataModel = new Models.DataModel(); try { var dbUser = new Models.User() { Email = user.Email, FirstName = string.Empty, LastName = string.Empty, IsAdmin = false, IsSubPurchase = user.IsSubPurchase, Login = user.Login, Password = SystemUtils.Utils.CalculateMD5Hash(user.Password), Phone = user.Phone, SubPurchaseID = null, VkontakteID = null }; dataModel.Users.InsertOnSubmit(dbUser); dataModel.SubmitChanges(); return(RedirectToAction("SuccessRegistration")); } catch { return(RedirectToAction("FailedRegistration")); } }
private void SetSecurityParams(ViewModels.User user, DataModels.User dbUser) { if (dbUser.Role.Name == "Site Administrator") { user.IsSiteAdmin = true; user.IsManager = true; user.IsTeamLeader = true; return; } if (dbUser.Role.Name == "Manager") { user.IsSiteAdmin = false; user.IsManager = true; user.IsTeamLeader = true; return; } if (dbUser.Role.Name == "Team Leader") { user.IsSiteAdmin = false; user.IsManager = false; user.IsTeamLeader = true; return; } }
public void AddUser(ViewModels.User user) { if (!VerifyUser(user)) { return; } Data.Models.ProfileImage profileImageS = null; if (!string.IsNullOrEmpty(user.ProfileImageS)) { profileImageS = AddProfileImage(user.ProfileImageS); } Data.Models.ProfileImage profileImageL = null; if (!string.IsNullOrEmpty(user.ProfileImageL)) { profileImageL = AddProfileImage(user.ProfileImageL); } _unitOfWork.UserRepository.Add(new Data.Models.User { Id = Guid.NewGuid(), Email = user.Email, Title = user.Title, FirstName = user.FirstName, LastName = user.LastName, DoB = user.DoB, PhoneNumber = user.PhoneNumber, ProfileImageSId = profileImageS?.Id, ProfileImageLId = profileImageL?.Id, }); _unitOfWork.SaveChanges(); }
public ViewModels.User GetUser(Guid id) { try { DataModels.User dbUser = this.context.User.Include(x => x.Site).Include(x => x.Role).Where(x => x.PublicIdentifier == id).FirstOrDefault(); if (dbUser == null) { this.ValidationFailed(); } this.ValidationPassed(); ViewModels.User user = new ViewModels.User(); user.userId = dbUser.PublicIdentifier; user.EmailAddress = dbUser.EmailAddress; user.FirstName = dbUser.FirstName; user.LastName = dbUser.LastName; user.UserSite = dbUser.Site.PublicIdentifier; SetSecurityParams(user, dbUser); return(user); } catch (Exception e) { this.SetError(e.Message); return(null); } }
public async System.Threading.Tasks.Task DefaultDevelopmentUserIsValid() { var loginUser = randomNewUserName("NewLoginUser", 6); var strId = await LoginAndRegisterAsNewUser(loginUser); var request = new HttpRequestMessage(HttpMethod.Get, "/api/user/current"); var response = await _client.SendAsync(request); string jsonString = await response.Content.ReadAsStringAsync(); response.EnsureSuccessStatusCode(); ViewModels.User user = JsonConvert.DeserializeObject <ViewModels.User>(jsonString); // The Default development user should not be a new user. Assert.False(user.isNewUser); Assert.NotNull(user.accountid); Assert.NotEmpty(user.accountid); ViewModels.Account account = await GetAccountForCurrentUser(); Assert.NotNull(account); await LogoutAndCleanupTestUser(strId); }
public static void UpdateDBUser(this Models.DBUser dbUser, ViewModels.User viewUser) { dbUser.IIA = viewUser.IIA; dbUser.Money = viewUser.Money; dbUser.Risk = viewUser.Risk; dbUser.MonthlyInvestment = viewUser.MonthlyInvestment; dbUser.Reinvestment = viewUser.Reinvestment; }
public async Task <ViewModels.User> Update(ViewModels.User user) { var newUser = await _repository.Create(_mapper.Map <ViewModels.User, DAL.Entities.User>(user)); if (newUser == null) { return(null); } return(_mapper.Map <DAL.Entities.User, ViewModels.User>(newUser)); }
public ActionResult Register(ViewModels.User user) { if (!hasAccess()) { return(new HttpNotFoundResult()); } if (!ModelState.IsValid) { return(View()); } if (emailExists(user.Email)) { ModelState.AddModelError("Email", "Email already exists."); return(View()); } if (user.Password.Length < MIN_PASS_LENGTH) { ModelState.AddModelError("Password", "Password should be at least " + MIN_PASS_LENGTH + " characters long."); return(View()); } if (user.Password != user.Confirm) { ModelState.AddModelError("Confirm", "Passwords do not match."); return(View()); } var salt = generateSalt(32); Console.WriteLine(salt); user.Password = hashPassword(user.Password, salt); //save user to db var newUser = new User { FirstName = user.FirstName, LastName = user.LastName, Email = user.Email, PasswordHash = user.Password, Salt = salt, AccountType = "user", Tokens = 0 }; _context.Users.Add(newUser); _context.SaveChanges(); ViewData["success"] = true; return(View()); }
public IActionResult Profile(int id) { User user = userRepository.FindById(id); if (user == null) { return(ViewResultForHttpError(HttpContext, new NotFound(string.Format("The user with ID '{0}' could not be found.", id)))); } ViewModels.User userViewModel = new ViewModels.User(user); return(View(userViewModel)); }
public async System.Threading.Tasks.Task <ViewModels.User> GetCurrentUser() { var request = new HttpRequestMessage(HttpMethod.Get, "/api/user/current"); var response = await _client.SendAsync(request); string resp = await response.Content.ReadAsStringAsync(); response.EnsureSuccessStatusCode(); ViewModels.User user = JsonConvert.DeserializeObject <ViewModels.User>(resp); return(user); }
public async Task <bool> AuthRealNameAsync(ViewModels.User user, bool passed) { try { return(await _userHttpService.AuthRealNameAsync(user, passed)); } catch (Exception ex) { _logger.LogError("AuthRealNameAsync failed, {@Exception}", ex); return(false); } }
public async Task <bool> UpdateUserBackgroundAsync(ViewModels.User user) { try { return(await _userHttpService.UpdateUserBackgroundAsync(user)); } catch (Exception ex) { _logger.LogError("UpdateUserBackgroundAsync failed, {@Exception}", ex); return(false); } }
public void OnActionExecuting(ActionExecutingContext context) { var principal = _httpContextAccessor.HttpContext.User; ViewModels.User user = null; if (principal.Identity.IsAuthenticated) { user = new ViewModels.User(principal); } LogContext.PushProperty("User", user, true); }
public async System.Threading.Tasks.Task LogoutAndCleanupTestUser(string strId) { string accountService = "accounts"; // get the account and check if our current user is the primary contact var request = new HttpRequestMessage(HttpMethod.Get, "/api/" + accountService + "/" + strId); var response = await _client.SendAsync(request); string jsonString = await response.Content.ReadAsStringAsync(); response.EnsureSuccessStatusCode(); ViewModels.Account responseViewModel = JsonConvert.DeserializeObject <ViewModels.Account>(jsonString); ViewModels.User user = await GetCurrentUser(); // TODO once AccountController is cleaned up restore this test Console.WriteLine(">>> responseViewModel.primarycontact.id=" + responseViewModel.primarycontact.id); Console.WriteLine(">>> user.contactid=" + user.contactid); Console.WriteLine(">>> user.name=" + user.name); if (responseViewModel.primarycontact.id.Equals(user.contactid)) { // cleanup - delete the account and contact when we are done request = new HttpRequestMessage(HttpMethod.Post, "/api/" + accountService + "/" + strId + "/delete"); response = await _client.SendAsync(request); var _discard = await response.Content.ReadAsStringAsync(); response.EnsureSuccessStatusCode(); // second delete should return a 404. request = new HttpRequestMessage(HttpMethod.Post, "/api/" + accountService + "/" + strId + "/delete"); response = await _client.SendAsync(request); _discard = await response.Content.ReadAsStringAsync(); Assert.Equal(HttpStatusCode.NotFound, response.StatusCode); // should get a 404 if we try a get now. request = new HttpRequestMessage(HttpMethod.Get, "/api/" + accountService + "/" + strId); response = await _client.SendAsync(request); _discard = await response.Content.ReadAsStringAsync(); Assert.Equal(HttpStatusCode.NotFound, response.StatusCode); } else { // TODO delete the non-primary contact } await Logout(); }
public async System.Threading.Tasks.Task <ViewModels.Contact> GetContactForCurrentUser() { ViewModels.User user = await GetCurrentUser(); var request = new HttpRequestMessage(HttpMethod.Get, "/api/contact/" + user.contactid); var response = await _client.SendAsync(request); response.EnsureSuccessStatusCode(); string jsonString = await response.Content.ReadAsStringAsync(); return(JsonConvert.DeserializeObject <ViewModels.Contact>(jsonString)); }
public async Task <IActionResult> Profile(int id) { User user = await userRepository.FindByIdAsync(id); if (user == null) { return(ViewResultForHttpError(HttpContext, new NotFound(string.Format("The user with ID '{0}' could not be found.", id)))); } long gamesPlayed = await gameRepository.CountByPlayerIdAsync(id); ViewModels.User userViewModel = new ViewModels.User(user, gamesPlayed); return(View(userViewModel)); }
public async System.Threading.Tasks.Task LoginSetsCurrentUserThenLogoutIsAnonymous() { var loginUser = randomNewUserName("NewLoginUser", 6); var strId = await LoginAndRegisterAsNewUser(loginUser); ViewModels.User user = await GetCurrentUser(); // Verify the Default development user. Assert.Equal(user.name, loginUser + " TestUser"); await LogoutAndCleanupTestUser(strId); await GetCurrentUserIsUnauthorized(); }
public void UpdateUser(Guid id, ViewModels.User user) { if (!VerifyUser(user)) { return; } var existing = _unitOfWork.UserRepository.Get(id); if (existing == null) { return; } existing.Email = user.Email; existing.FirstName = user.FirstName; existing.LastName = user.LastName; existing.DoB = user.DoB; existing.PhoneNumber = user.PhoneNumber; if (string.IsNullOrEmpty(user.ProfileImageS)) { if (existing.ProfileImageS != null) { _unitOfWork.Repository <Data.Models.ProfileImage, Guid>().Remove(existing.ProfileImageS); } existing.ProfileImageSId = null; } else { var profileImage = UpsertProfileImage(user.ProfileImageS, existing.ProfileImageS); existing.ProfileImageSId = profileImage.Id; } if (string.IsNullOrEmpty(user.ProfileImageL)) { if (existing.ProfileImageL != null) { _unitOfWork.Repository <Data.Models.ProfileImage, Guid>().Remove(existing.ProfileImageL); } existing.ProfileImageLId = null; } else { var profileImage = UpsertProfileImage(user.ProfileImageL, existing.ProfileImageL); existing.ProfileImageLId = profileImage.Id; } _unitOfWork.UserRepository.Update(existing); _unitOfWork.SaveChanges(); }
public async STT.Task <ViewModels.User> CreateAsync(ViewModels.User user, CancellationToken ct) { if (!(await _authorizationService.AuthorizeAsync(_user, null, new FullRightsRequirement())).Succeeded) { throw new ForbiddenException(); } var userEntity = _mapper.Map <UserEntity>(user); _context.Users.Add(userEntity); await _context.SaveChangesAsync(ct); return(await GetAsync(user.Id, ct)); }
public ViewModels.User Save(ViewModels.RegisterUser user) { try { if (!ValidateUser(user)) { base.ValidationFailed(); return(null); } base.ValidationPassed(); DataModels.User dbUser = new DataModels.User(); dbUser.CreatedDate = DateTime.Now; dbUser.EmailAddress = user.EmailAddress; dbUser.FirstName = user.FirstName; dbUser.LastName = user.LastName; dbUser.PasswordHash = hashGenerator.CalculateHash(user.Password); dbUser.PublicIdentifier = Guid.NewGuid(); DataModels.Site site = null; if (this.configuration["SingleSiteMode"].ToLower() == "true") { site = this.context.Site.FirstOrDefault(); dbUser.Site = site; } if (this.context.User.Count() == 0) { //Congrats you are the site admin! dbUser.Role = this.context.Role.Where(x => x.ID == 1).FirstOrDefault(); } else { //Lowly team member dbUser.Role = this.context.Role.Where(x => x.ID == 4).FirstOrDefault(); } this.context.User.Add(dbUser); this.context.SaveChanges(); ViewModels.User viewUser = new ViewModels.User(); viewUser.FirstName = dbUser.FirstName; viewUser.LastName = dbUser.LastName; viewUser.EmailAddress = dbUser.EmailAddress; viewUser.UserSite = site.PublicIdentifier; viewUser.userId = dbUser.PublicIdentifier; return(viewUser); } catch (Exception e) { base.SetError(e.Message); return(null); } }
private async Task <ViewModels.Account> AccountFactory() { var request = new HttpRequestMessage(HttpMethod.Get, "/api/user/current"); var response = await _client.SendAsync(request); string jsonString = await response.Content.ReadAsStringAsync(); response.EnsureSuccessStatusCode(); ViewModels.User user = JsonConvert.DeserializeObject <ViewModels.User>(jsonString); ViewModels.Account vmAccount = new ViewModels.Account { id = user.accountid }; return(vmAccount); }
public IActionResult GetById(Guid id) { ViewModels.User user = userRepository.GetUser(id); if (!userRepository.ValidSubmission) { return(BadRequest(id)); } if (userRepository.ErrorDetected) { return(StatusCode(StatusCodes.Status500InternalServerError)); } return(new ObjectResult(user)); }
public IActionResult Post([FromBody] ViewModels.RegisterUser user) { ViewModels.User returnedUser = userRepository.Save(user); if (!userRepository.ValidSubmission) { return(BadRequest(user)); } if (userRepository.ErrorDetected) { return(StatusCode(StatusCodes.Status500InternalServerError)); } return(new ObjectResult(returnedUser)); }
public static ViewModels.User fromModel(TestManagementStudioService.Models.User userModel) { var user = new ViewModels.User() { Id = userModel.Id.GetValueOrDefault(), Email = userModel.Email, FirstName = userModel.FirstName, LastName = userModel.LastName }; // Add groups // Add permissions return(user); }
public ActionResult Index() { ViewBag.Message = "User Accounts List"; /*User newUser = new User(); IEnumerable<User> users = _context.Users; Tuple<User, IEnumerable<User>> model = Tuple.Create(newUser, users);*/ var model = new ViewModels.User(); model.AllUsers = _context.Users; return View(model); // return View(_context.Users); }
public ViewModels.User ValidateUser(ViewModels.User user) { ViewModels.User obj = null; try { var encryptedPassword = Security.PasswordEncription.Encrypt(user.Password); obj = dbContext.Users.Where(x => x.Email.Equals(user.Email) && x.Password.Equals(encryptedPassword)).Select(y => new ViewModels.User() { Email = y.Email, RoleID = y.RoleID, RoleName = y.Role.RoleName, FirstName = y.FirstName, LastName = y.LastName, MiddleName = y.MiddleName, Phone = y.Phone }).FirstOrDefault(); return(obj); } catch (Exception ex) { throw ex; } }
//[RequiresPermission(Permission.Login, Permission.NewUserRegistration)] public virtual IActionResult UsersCurrentGet() { SiteMinderAuthOptions siteMinderAuthOptions = new SiteMinderAuthOptions(); ViewModels.User user = new ViewModels.User(); // determine if we are a new registrant. string temp = _httpContextAccessor.HttpContext.Session.GetString("UserSettings"); UserSettings userSettings = JsonConvert.DeserializeObject <UserSettings>(temp); user.id = userSettings.UserId; user.contactid = userSettings.ContactId; user.accountid = userSettings.AccountId; user.businessname = userSettings.BusinessLegalName; user.name = userSettings.UserDisplayName; user.UserType = userSettings.UserType; if (userSettings.IsNewUserRegistration) { user.isNewUser = true; // get details from the headers. user.lastname = DynamicsExtensions.GetLastName(user.name); user.firstname = DynamicsExtensions.GetFirstName(user.name); user.accountid = userSettings.AccountId; string siteminderBusinessGuid = _httpContextAccessor.HttpContext.Request.Headers[siteMinderAuthOptions.SiteMinderBusinessGuidKey]; string siteminderUserGuid = _httpContextAccessor.HttpContext.Request.Headers[siteMinderAuthOptions.SiteMinderUserGuidKey]; user.contactid = string.IsNullOrEmpty(siteminderUserGuid) ? userSettings.ContactId : siteminderUserGuid; user.accountid = string.IsNullOrEmpty(siteminderBusinessGuid) ? userSettings.AccountId : siteminderBusinessGuid; user.isEligibilityRequired = true; } else { user.lastname = userSettings.AuthenticatedUser.Surname; user.firstname = userSettings.AuthenticatedUser.GivenName; user.email = userSettings.AuthenticatedUser.Email; user.isNewUser = false; user.isEligibilityRequired = EligibilityController.IsEligibilityCheckRequired(user.accountid, _configuration, _dynamicsClient); } return(new JsonResult(user)); }
private async void Save_Click(object sender, RoutedEventArgs e) { var user = new ViewModels.User() { Id = Guid.NewGuid(), NameSurname = txtNameSurname.Text, CountryId = ((ViewModels.Location)cmbCountries.SelectedItem).Id, CityId = ((ViewModels.Location)cmbCities.SelectedItem).Id, Job = txtJob.Text, Username = txtUsername.Text, Password = txtPassword.Password, SaveDate = DateTime.Now }; if (StorageManage.Add(user)) { StorageManage.Save(); await new MessageDialog("Kayıt Başarıyla Tamamlandı.", "LocalStorageSample").ShowAsync(); } else await new MessageDialog("Bu üye önceden kayıtlı!", "LocalStorageSample").ShowAsync(); }
public IHttpActionResult Get() { UserService us = new UserService(User, ctx); ViewModels.User u = new ViewModels.User(us.User); return Json(u); }