public IActionResult Put(int id_i, Users newUser)
{
if (XSS.CheckIfTooLong(newUser.HashPassword, 50))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad password", "The password is too long")));
}
if (XSS.CheckIfTooLong(newUser.Name, 20))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad name", "The name is too long")));
}
if (!XSS.CheckIfAlphaNum(newUser.Name))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 8, "Bad name", "The name contains forbidden signs")));
}
if (XSS.CheckIfTooLong(newUser.Surname, 20))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad surname", "The surname is too long")));
}
if (!XSS.CheckIfAlphaNum(newUser.Surname))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs")));
}
try
{
Users updatedUser = _query.APIGetById(id_i, _context);
if (updatedUser == null)
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(
HttpStatusCode.OK, String.Empty, false, 3,
"Invalid user", "User not found in database")));
}
else
{
// in this moment we assume that email, permissionid, salt
// is UNALTERABLE!!
_query.APIPut(updatedUser, newUser, _context);
}
}
catch (Exception ex)
{
ErrInfLogger.LockInstance.ErrorLog(ex.ToString());
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest,
String.Empty, false, 4, "Exception", "Application exception thrown")));
}
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, true, 0, "Updated", "User updated in database")));
}
public IActionResult Post(Users newUser)
{
if (_query.APIGetByEmail(newUser.Email, _context) != null)
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 5, "User exists", "User exists in database")));
}
if (XSS.CheckIfTooLong(newUser.Email, 30))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad email", "The email is too long")));
}
if (XSS.CheckIfContains(newUser.Email, XSS.forbiddenList_s))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 8, "Bad email", "The email contains forbidden signs")));
}
if (XSS.CheckIfTooLong(newUser.HashPassword, 50))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad password", "The password is too long")));
}
if (XSS.CheckIfTooLong(newUser.Name, 20))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad name", "The name is too long")));
}
if (!XSS.CheckIfAlphaNum(newUser.Name))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 8, "Bad name", "The name contains forbidden signs")));
}
if (XSS.CheckIfTooLong(newUser.Surname, 20))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 7, "Bad surname", "The surname is too long")));
}
if (!XSS.CheckIfAlphaNum(newUser.Surname))
{
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, false, 8, "Bad surname", "The surname contains forbidden signs")));
}
try
{
_query.APIPost(newUser, _context);
}
catch (Exception ex)
{
ErrInfLogger.LockInstance.ErrorLog(ex.ToString());
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.BadRequest,
String.Empty, false, 4, "Exception", "Application exception thrown")));
}
return(new ObjectResult(ResponsesContainer.Instance.GetResponseContent(HttpStatusCode.OK,
String.Empty, true, 0, "Created", "User created in database")));
}
