public async Task SetDefaultRole(SetDefaultRole command)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(command.DefaultRole.UserName);
user.DefaultRole = command.DefaultRole.Rolename;
await this._userManager.UpdateAsync(user);
}
public async Task ChangePassword(ChangePasswordModel model)
{
if (model.OldPassword == model.NewPassword)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent("New password is the same as the current one"), ReasonPhrase = "Business exception"
});
}
ClientPortalUser user = await this._userManager.FindByNameAsync(this.User.Identity.Name);
var result = await this._userManager.ChangePasswordAsync(user.Id, model.OldPassword, model.NewPassword);
if (!result.Succeeded)
{
StringBuilder sb = new StringBuilder();
foreach (var error in result.Errors)
{
sb.Append(string.Format("{0} <br/>", error));
}
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent(sb.ToString()), ReasonPhrase = "Business exception"
});
}
else
{
user.LastPasswordResetDateUtc = DateTime.UtcNow;
await this._userManager.UpdateAsync(user);
}
}
public async Task <IList <RoleDto> > ReadRolesForUser(string userName)
{
IList <RoleDto> ret = new List <RoleDto>();
ClientPortalUser user = await this._userManager.FindByNameAsync(userName);
var assignedRoles = await this._userManager.GetRolesAsync(user.Id);
foreach (string role in assignedRoles)
{
var x = new RoleDto()
{
RoleName = role
};
// manage default role here
if (role == user.DefaultRole)
{
x.GroupName = "Default";
}
else
{
x.GroupName = "Standard";
}
ret.Add(x);
}
return(ret);
}
public async Task <UserEditDTO> SaveUser(UserEditDTO user)
{
if (string.IsNullOrEmpty(user.ProviderUserKey))
{
if (user.ProviderUserKey == null && this._userManager.Users.Where(u => u.UserName == user.UserName).Count() > 0)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent(string.Format("The username {0} is already in use", user.UserName)), ReasonPhrase = "Business exception"
});
}
ClientPortalUser newUser = new ClientPortalUser();
newUser.UserName = user.UserName;
newUser.TwoFactorEnabled = false;
newUser.PhoneNumberConfirmed = false;
newUser.PhoneNumber = user.Phone;
newUser.LockoutEnabled = true;
newUser.LastName = user.LastName;
//newUser.Department = user.Department;
newUser.IsApproved = true;
newUser.FirstName = user.FirstName;
newUser.Email = user.Email;
newUser.CreationDateUtc = DateTime.UtcNow;
newUser.DefaultRole = "GUEST";
//newUser.CdtId = user.CdtId ?? 0;
await this._userManager.CreateAsync(newUser, "Welcome1"); //default password should be changed
newUser = await this._userManager.FindByNameAsync(user.UserName);
await this._userManager.AddToRoleAsync(newUser.Id, "GUEST");
}
else
{
ClientPortalUser userEdit = await this._userManager.FindByNameAsync(user.UserName);
userEdit.Email = user.Email;
userEdit.FirstName = user.FirstName;
userEdit.LastName = user.LastName;
userEdit.PhoneNumber = user.Phone;
userEdit.IsApproved = user.IsApproved;
//userEdit.Department = user.Department;
//userEdit.CdtId = user.CdtId ?? 0;
if (user.IsLockedOut)
{
userEdit.LockoutEndDateUtc = SqlDateTime.MaxValue.Value;
}
else
{
userEdit.LockoutEndDateUtc = null;
}
await this._userManager.UpdateAsync(userEdit);
}
UserEditDTO userDto = await this.GetUser(user.UserName);
return(userDto);
}
public async Task AssignUsersToRole(AddUsersToRole command)
{
foreach (string username in command.Users)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(username);
await this._userManager.AddToRoleAsync(user.Id, command.Role);
}
}
public async Task RemoveUsersFromRole(RemoveUsersFromRole command)
{
ClientPortalRole role = await this._roleManager.FindByNameAsync(command.Role);
foreach (string username in command.Users)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(username);
await this._userManager.RemoveFromRoleAsync(user.Id, role.Name);
}
}
public async Task ToggleUserApproved([FromBody] string userName)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(userName);
if (user == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent(string.Format("User {0} not found", userName)), ReasonPhrase = "Business exception"
});
}
user.IsApproved = !user.IsApproved;
await this._userManager.UpdateAsync(user);
}
public async Task <UserEditDTO> GetUser([FromUri] string userName)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(userName);
if (user == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent(string.Format("User {0} not found", userName)), ReasonPhrase = "Business exception"
});
}
var dto = BuildCdtUser(user);
return(dto);
}
public async Task UnlockUser([FromBody] string userName)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(userName);
if (user == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent(string.Format("User {0} not found", userName)), ReasonPhrase = "Business exception"
});
}
if (user.LockoutEndDateUtc > DateTime.UtcNow)
{
await this._userManager.ResetAccessFailedCountAsync(user.Id);
await this._userManager.SetLockoutEndDateAsync(user.Id, DateTime.UtcNow);
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// get ther current lifetimescope from the requqest
var autofacLifetimeScope = OwinContextExtensions.GetAutofacLifetimeScope(context.OwinContext);
var userManager = autofacLifetimeScope.Resolve <ClientPortalUserManager>();
ClientPortalUser user = await userManager.FindByNameAsync(context.UserName);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
if (await userManager.IsLockedOutAsync(user.Id) || user.IsApproved == false)
{
context.SetError("invalid_grant", "The user is locked out.");
return;
}
if (!await userManager.CheckPasswordAsync(user, context.Password))
{
await userManager.AccessFailedAsync(user.Id);
if (await userManager.IsLockedOutAsync(user.Id))
{
context.SetError("invalid_grant", "The user is locked out.");
return;
}
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
await userManager.ResetAccessFailedCountAsync(user.Id);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
}
//[HttpGet]
//public UserEditDTO GetUserByCdtId([FromUri]
// int correlationId)
//{
// ClientPortalUser user = this._userManager.Users.SingleOrDefault(x => x.CdtId == correlationId);
// if (user == null)
// {
// throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent(string.Format("User with correlationId {0} not found", correlationId)), ReasonPhrase = "Business exception" });
// }
// var dto = BuildCdtUser(user);
// return dto;
//}
private UserEditDTO BuildCdtUser(ClientPortalUser user)
{
UserEditDTO dto = new UserEditDTO();
dto.CreationDateUtc = user.CreationDateUtc;
dto.FirstName = user.FirstName;
dto.IsApproved = user.IsApproved;
dto.IsLockedOut = DateTime.UtcNow < user.LockoutEndDateUtc;
dto.LastLoginDateUtc = user.LastLoginDateUtc;
dto.LastName = user.LastName;
dto.LastPasswordResetDateUtc = user.LastPasswordResetDateUtc;
dto.Phone = user.PhoneNumber;
dto.ProviderUserKey = user.SecurityStamp;
dto.UserName = user.UserName;
dto.Email = user.Email;
dto.LockOutEndDateUtc = user.LockoutEndDateUtc;
//dto.CdtId = user.CdtId;
//dto.Department = user.Department;
return(dto);
}
public async Task <IList <RoleDto> > ReadAllAvailableRoles(string userName)
{
IList <RoleDto> ret = new List <RoleDto>();
var allRoles = this._roleManager.Roles.ToList();
ClientPortalUser user = await this._userManager.FindByNameAsync(userName);
var assignedRoles = await this._userManager.GetRolesAsync(user.Id);
foreach (ClientPortalRole role in allRoles)
{
if (!assignedRoles.Contains(role.Name))
{
ret.Add(new RoleDto()
{
RoleName = role.Name
});
}
}
return(ret);
}
public async Task RemoveRolesFromUser(RemoveUserRoles command)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(command.UserRoles.User);
await this._userManager.RemoveFromRolesAsync(user.Id, command.UserRoles.Roles.ToArray());
}
public async Task AssignRolesToUser(AddUserRoles command)
{
ClientPortalUser user = await this._userManager.FindByNameAsync(command.UserRoles.User);
await this._userManager.AddToRolesAsync(user.Id, command.UserRoles.Roles.ToArray());
}
