internal static void DeleteUser(kUser user)
{
Db.GetCollection<kUser>("users").FindAndRemove(new FindAndRemoveArgs
{
Query = Query.EQ("_id", user.Id)
});
}
public string SaveUser(string id, kUser user, bool delete)
{
//Admins can update all users, users can only update themselves
if (!(Context.User.IsInRole("Admin") || Context.User.FindFirst(ClaimTypes.NameIdentifier).Value == id))
{
Response.StatusCode = 401;
return null;
}
//User must have an email
if (user.Email == null)
{
Response.StatusCode = 400;
return null;
}
//Create or update user?
if (id == null)
{
//Create new user
user.Id = ObjectId.GenerateNewId();
user.TimeZoneOffset = 0;
user.NotificationSettings = new NotificationSettings
{
ReceiveEmail = false,
EmailStart = new TimeSpan(0, 0, 0),
EmailEnd = new TimeSpan(23, 59, 59)
};
}
else
{
//Use existing user
user.Id = ObjectId.Parse(id);
//Admins cannot demote or delete themselves; ensure they aren't trying
if (Context.User.FindFirst(ClaimTypes.NameIdentifier).Value == user.Id.ToString())
{
user.Admin = true;
delete = false;
}
}
//Only admins can delete users
if (Context.User.IsInRole("Admin") && delete)
{
Mongo.DeleteUser(user);
return null;
}
else
{
Mongo.SaveUser(user);
return user.Id.ToString();
}
}
public string FirstUser(FirstUserInfo info)
{
if (Mongo.HasUsers())
{
Response.StatusCode = 400;
return "A user already exists in the database.";
}
if (info == null)
{
Response.StatusCode = 400;
return "Please fill out all fields.";
}
if (info.Password != info.ConfirmPassword)
{
Response.StatusCode = 400;
return "Passwords did not match.";
}
kUser user = new kUser
{
Admin = true,
Email = info.Email,
Password = PasswordHash.CreateHash(info.Password),
TimeZoneOffset = 0,
NotificationSettings = new NotificationSettings
{
ReceiveEmail = true,
EmailStart = new TimeSpan(0, 0, 0),
EmailEnd = new TimeSpan(23, 59, 59)
}
};
Mongo.AddUser(user);
Login(new LoginUserInfo
{
UsernameOrEmail = info.Email,
Password = info.Password
});
Response.StatusCode = 200;
return "First user created! You have been automatically logged in.";
}
internal static void AddUser(kUser user)
{
Db.GetCollection("users").Insert(user);
}
internal static void UpdatePassword(kUser user)
{
Db.GetCollection<kUser>("users").FindAndModify(new FindAndModifyArgs
{
Query = Query.EQ("_id", user.Id),
Update = Update.Set("Password", user.Password)
});
}
internal static void SaveUser(kUser user)
{
Db.GetCollection<kUser>("users").FindAndModify(new FindAndModifyArgs
{
Upsert = true,
Query = Query.EQ("_id", user.Id),
Update = Update
.Set("Name", user.Name ?? "")
.Set("Email", user.Email ?? "")
.Set("Admin", user.Admin)
.Set("TimeZoneOffset", user.TimeZoneOffset)
.Set("NotificationSettings", user.NotificationSettings.ToBsonDocument())
});
}
public ChatUser(kUser user)
{
Id = user.Id;
Name = user.GetName();
Admin = user.Admin;
}