/// <summary> /// Creates a new <see cref="User"/> from a given <paramref name="model"/>. /// </summary> /// <param name="model">The <see cref="Api.Models.Internal.UserApiBase"/> to use as a template.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the operation.</param> /// <returns>A <see cref="Task{TResult}"/> resulting in a new <see cref="User"/> on success, <see langword="null"/> if the requested <see cref="UserGroup"/> did not exist.</returns> async Task <User> CreateNewUserFromModel(Api.Models.Internal.UserApiBase model, CancellationToken cancellationToken) { Models.PermissionSet permissionSet = null; UserGroup group = null; if (model.Group != null) { group = await DatabaseContext .Groups .AsQueryable() .Where(x => x.Id == model.Group.Id) .Include(x => x.PermissionSet) .FirstOrDefaultAsync(cancellationToken) .ConfigureAwait(false); } else { permissionSet = new Models.PermissionSet { AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None, InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None, } }; return(new User { CreatedAt = DateTimeOffset.UtcNow, CreatedBy = AuthenticationContext.User, Enabled = model.Enabled ?? false, PermissionSet = permissionSet, Group = group, Name = model.Name, SystemIdentifier = model.SystemIdentifier, OAuthConnections = model .OAuthConnections ?.Select(x => new Models.OAuthConnection { Provider = x.Provider, ExternalUserId = x.ExternalUserId }) .ToList() ?? new List <Models.OAuthConnection>(), }); } }
public async Task <IActionResult> Create([FromBody] UserGroup model, CancellationToken cancellationToken) { if (model == null) { throw new ArgumentNullException(nameof(model)); } if (model.Name == null) { return(BadRequest(new ErrorMessage(ErrorCode.ModelValidationFailure))); } var totalGroups = await DatabaseContext .Groups .AsQueryable() .CountAsync(cancellationToken) .ConfigureAwait(false); if (totalGroups >= generalConfiguration.UserGroupLimit) { return(Conflict(new ErrorMessage(ErrorCode.UserGroupLimitReached))); } var permissionSet = new Models.PermissionSet { AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None, InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None }; var dbGroup = new Models.UserGroup { Name = model.Name, PermissionSet = permissionSet, }; DatabaseContext.Groups.Add(dbGroup); await DatabaseContext.Save(cancellationToken).ConfigureAwait(false); Logger.LogInformation("Created new user group {0} ({1})", dbGroup.Name, dbGroup.Id); return(Created(dbGroup.ToApi(true))); }
/// <summary> /// Creates a new <see cref="User"/> from a given <paramref name="model"/>. /// </summary> /// <param name="model">The <see cref="Api.Models.Internal.UserApiBase"/> to use as a template.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the operation.</param> /// <returns>A <see cref="Task{TResult}"/> resulting in a new <see cref="User"/> on success, <see langword="null"/> if the requested <see cref="UserGroup"/> did not exist.</returns> async Task <User> CreateNewUserFromModel(Api.Models.Internal.UserApiBase model, CancellationToken cancellationToken) { Models.PermissionSet permissionSet = null; UserGroup group = null; if (model.Group != null) { group = await DatabaseContext .Groups .AsQueryable() .Where(x => x.Id == model.Group.Id) .Include(x => x.PermissionSet) .FirstOrDefaultAsync(cancellationToken) .ConfigureAwait(false); } else { permissionSet = new Models.PermissionSet { AdministrationRights = model.PermissionSet?.AdministrationRights ?? AdministrationRights.None, InstanceManagerRights = model.PermissionSet?.InstanceManagerRights ?? InstanceManagerRights.None, } }; return(new User { CreatedAt = DateTimeOffset.UtcNow, CreatedBy = AuthenticationContext.User, Enabled = model.Enabled ?? false, PermissionSet = permissionSet, Group = group, Name = model.Name, SystemIdentifier = model.SystemIdentifier, OAuthConnections = model .OAuthConnections ?.Select(x => new Models.OAuthConnection { Provider = x.Provider, ExternalUserId = x.ExternalUserId, }) .ToList() ?? new List <Models.OAuthConnection>(), }); } /// <summary> /// Check if a given <paramref name="model"/> has a valid <see cref="UserName.Name"/> specified. /// </summary> /// <param name="model">The <see cref="UserUpdateRequest"/> to check.</param> /// <param name="newUser">If this is a new <see cref="UserResponse"/>.</param> /// <returns><see langword="null"/> if <paramref name="model"/> is valid, a <see cref="BadRequestObjectResult"/> otherwise.</returns> BadRequestObjectResult CheckValidName(UserUpdateRequest model, bool newUser) { var userInvalidWithNullName = newUser && model.Name == null && model.SystemIdentifier == null; if (userInvalidWithNullName || (model.Name != null && String.IsNullOrWhiteSpace(model.Name))) { return(BadRequest(new ErrorMessageResponse(ErrorCode.UserMissingName))); } model.Name = model.Name?.Trim(); if (model.Name != null && model.Name.Contains(':', StringComparison.InvariantCulture)) { return(BadRequest(new ErrorMessageResponse(ErrorCode.UserColonInName))); } return(null); } /// <summary> /// Attempt to change the password of a given <paramref name="dbUser"/>. /// </summary> /// <param name="dbUser">The user to update.</param> /// <param name="newPassword">The new password.</param> /// <param name="newUser">If this is for a new <see cref="UserResponse"/>.</param> /// <returns><see langword="null"/> on success, <see cref="BadRequestObjectResult"/> if <paramref name="newPassword"/> is too short.</returns> BadRequestObjectResult TrySetPassword(User dbUser, string newPassword, bool newUser) { newPassword ??= String.Empty; if (newPassword.Length < generalConfiguration.MinimumPasswordLength) { return(BadRequest(new ErrorMessageResponse(ErrorCode.UserPasswordLength) { AdditionalData = $"Required password length: {generalConfiguration.MinimumPasswordLength}", })); } cryptographySuite.SetUserPassword(dbUser, newPassword, newUser); return(null); } }