public IActionResult Put(int id_i, Users newUser) { if (XSS.CheckIfTooLong(newUser.HashPassword, 50)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad password", "The password is too long"))); } if (XSS.CheckIfTooLong(newUser.Name, 20)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad name", "The name is too long"))); } if (!XSS.CheckIfAlphaNum(newUser.Name)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 8, "Bad name", "The name contains forbidden signs"))); } if (XSS.CheckIfTooLong(newUser.Surname, 20)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad surname", "The surname is too long"))); } if (!XSS.CheckIfAlphaNum(newUser.Surname)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs"))); } try { Users updatedUser = _query.APIGetById(id_i, _context); if (updatedUser == null) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent( HttpStatusCode.OK, String.Empty, false, 3, "Invalid user", "User not found in database"))); } else { // in this moment we assume that email, permissionid, salt // is UNALTERABLE!! _query.APIPut(updatedUser, newUser, _context); } } catch (Exception ex) { ErrInfLogger.LockInstance.ErrorLog(ex.ToString()); return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest, String.Empty, false, 4, "Exception", "Application exception thrown"))); } return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, true, 0, "Updated", "User updated in database"))); }
public IActionResult Post(Users newUser) { if (_query.APIGetByEmail(newUser.Email, _context) != null) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 5, "User exists", "User exists in database"))); } if (XSS.CheckIfTooLong(newUser.Email, 30)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad email", "The email is too long"))); } if (XSS.CheckIfContains(newUser.Email, XSS.forbiddenList_s)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 8, "Bad email", "The email contains forbidden signs"))); } if (XSS.CheckIfTooLong(newUser.HashPassword, 50)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad password", "The password is too long"))); } if (XSS.CheckIfTooLong(newUser.Name, 20)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad name", "The name is too long"))); } if (!XSS.CheckIfAlphaNum(newUser.Name)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 8, "Bad name", "The name contains forbidden signs"))); } if (XSS.CheckIfTooLong(newUser.Surname, 20)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 7, "Bad surname", "The surname is too long"))); } if (!XSS.CheckIfAlphaNum(newUser.Surname)) { return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs"))); } try { _query.APIPost(newUser, _context); } catch (Exception ex) { ErrInfLogger.LockInstance.ErrorLog(ex.ToString()); return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest, String.Empty, false, 4, "Exception", "Application exception thrown"))); } return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK, String.Empty, true, 0, "Created", "User created in database"))); }