/// <summary>
/// Update Password
/// </summary>
/// <param name="obj">Request object</param>
/// <returns>User object</returns>
public ActionResponse UpdatePasswordAction(UpdatePasswordRequest obj)
{
try
{
int idProduct = obj.idProduct.Value;
int idChannel = obj.idChannel.Value;
decimal idClient = obj.idClient.Value;
// STEP 0: Need to verify if product and channel exist or not
ProductData prodData = new ProductData();
Product oProduct = prodData.GetProductById(idProduct);
if (oProduct == null)
{
return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El producto no existe en el sistema", null));
}
ChannelData channelData = new ChannelData();
Channel oChannel = channelData.GetChannelById(idChannel);
if (oChannel == null)
{
return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El canal no existe en el sistema", null));
}
// STEP 0.1: Verify if user exists
ClienteData clientData = new ClienteData();
Cliente oClient = clientData.GetUserById(idClient);
if (oClient.id_cliente == null)
{
return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "No existe el usuario en el sistema", null));
}
// STEP 1: Check if user identify already exists by id_cliente + channel
UserIdentifyData uiData = new UserIdentifyData();
UserIdentify ui = uiData.FindByIdUserAndIdChannel(idClient, idChannel);
if (ui.id_cliente == null)
{
return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "La identidad del usuario no existe en el sistema", null));
}
int idUserIdentify = ui.idUserIdentify.Value;
// STEP 2: Check credential
string oldPassAsMD5 = "";
string newPassAsMD5 = "";
using (MD5 md5Hash = MD5.Create())
{
string oldPass = obj.oldPassword.Trim();
string newPass = obj.newPassword.Trim();
// Password integrity
if (String.IsNullOrEmpty(newPass))
{
return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña no puede ser una cadena vacía", null));
}
int minLengthPass = Int32.Parse(functions.ConfigItem("MIN_PASS_LENGTH"));
if (newPass.Length < minLengthPass)
{
return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña debe tener un mínimo de " + minLengthPass + " caracteres", null));
}
if (oldPass == newPass)
{
return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La nueva contraseña no puede ser igual a la actual", null));
}
// Passwords as MD5
oldPassAsMD5 = functions.GetMd5Hash(md5Hash, oldPass);
newPassAsMD5 = functions.GetMd5Hash(md5Hash, newPass);
}
CredentialData credData = new CredentialData();
Credential oCredential = credData.FindByProductAndUserIdentifyAndPass(idProduct,
idUserIdentify,
oldPassAsMD5);
if (oCredential.idCredential == null)
{
return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña no es válida", null));
}
int idCredential = oCredential.idCredential.Value;
// STEP 3: If Credential is OK, need to check if credential is NORMAL or TEMPORAL
if (oCredential.idState.Value == (int)StateEnum.ACTIVE)
{
// Normal process
bool updCredential = credData.UpdatePassword(idCredential, newPassAsMD5, (int)StateEnum.ACTIVE);
if (!updCredential)
{
return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la contraseña", null));
}
}
else if (oCredential.idState.Value == (int)StateEnum.TEMPORAL_PASSWORD)
{
// Will set normal credential with new password
// Firstly, need to find it
List <Credential> lstCredentials = credData.FindByProductAndUserIdentify(idProduct, idUserIdentify);
foreach (Credential o in lstCredentials)
{
// Finding normal credential related to product and useridentify
if (o.idState.Value == (int)StateEnum.ACTIVE)
{
bool updCredential = credData.UpdatePassword(o.idCredential.Value, newPassAsMD5, (int)StateEnum.ACTIVE);
if (!updCredential)
{
return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la contraseña", null));
}
}
}
// Pass temporal credential to TEMPORAL_PASSWORD_USED
bool updTmpCredential = credData.UpdatePassword(idCredential, oldPassAsMD5, (int)StateEnum.TEMPORAL_PASSWORD_USED);
if (!updTmpCredential)
{
return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la credencial temporal", null));
}
}
else
{
// Desactive, I can´t do anything
return(functions.Response((int)CodeStatusEnum.CONFLICT, "La credencial se encuentra inactiva y no se puede actualizar", null));
}
// OK, return true/false
UpdatePasswordResponse response = new UpdatePasswordResponse();
response.updated = DateTime.Now;
return(functions.Response((int)CodeStatusEnum.OK, "OK", response));
}
catch (Exception e)
{
logger.Fatal(e.Message);
return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, e.Message, null));
}
}
