/// <summary> /// Update Password /// </summary> /// <param name="obj">Request object</param> /// <returns>User object</returns> public ActionResponse UpdatePasswordAction(UpdatePasswordRequest obj) { try { int idProduct = obj.idProduct.Value; int idChannel = obj.idChannel.Value; decimal idClient = obj.idClient.Value; // STEP 0: Need to verify if product and channel exist or not ProductData prodData = new ProductData(); Product oProduct = prodData.GetProductById(idProduct); if (oProduct == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El producto no existe en el sistema", null)); } ChannelData channelData = new ChannelData(); Channel oChannel = channelData.GetChannelById(idChannel); if (oChannel == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El canal no existe en el sistema", null)); } // STEP 0.1: Verify if user exists ClienteData clientData = new ClienteData(); Cliente oClient = clientData.GetUserById(idClient); if (oClient.id_cliente == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "No existe el usuario en el sistema", null)); } // STEP 1: Check if user identify already exists by id_cliente + channel UserIdentifyData uiData = new UserIdentifyData(); UserIdentify ui = uiData.FindByIdUserAndIdChannel(idClient, idChannel); if (ui.id_cliente == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "La identidad del usuario no existe en el sistema", null)); } int idUserIdentify = ui.idUserIdentify.Value; // STEP 2: Check credential string oldPassAsMD5 = ""; string newPassAsMD5 = ""; using (MD5 md5Hash = MD5.Create()) { string oldPass = obj.oldPassword.Trim(); string newPass = obj.newPassword.Trim(); // Password integrity if (String.IsNullOrEmpty(newPass)) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña no puede ser una cadena vacía", null)); } int minLengthPass = Int32.Parse(functions.ConfigItem("MIN_PASS_LENGTH")); if (newPass.Length < minLengthPass) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña debe tener un mínimo de " + minLengthPass + " caracteres", null)); } if (oldPass == newPass) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La nueva contraseña no puede ser igual a la actual", null)); } // Passwords as MD5 oldPassAsMD5 = functions.GetMd5Hash(md5Hash, oldPass); newPassAsMD5 = functions.GetMd5Hash(md5Hash, newPass); } CredentialData credData = new CredentialData(); Credential oCredential = credData.FindByProductAndUserIdentifyAndPass(idProduct, idUserIdentify, oldPassAsMD5); if (oCredential.idCredential == null) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña no es válida", null)); } int idCredential = oCredential.idCredential.Value; // STEP 3: If Credential is OK, need to check if credential is NORMAL or TEMPORAL if (oCredential.idState.Value == (int)StateEnum.ACTIVE) { // Normal process bool updCredential = credData.UpdatePassword(idCredential, newPassAsMD5, (int)StateEnum.ACTIVE); if (!updCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la contraseña", null)); } } else if (oCredential.idState.Value == (int)StateEnum.TEMPORAL_PASSWORD) { // Will set normal credential with new password // Firstly, need to find it List <Credential> lstCredentials = credData.FindByProductAndUserIdentify(idProduct, idUserIdentify); foreach (Credential o in lstCredentials) { // Finding normal credential related to product and useridentify if (o.idState.Value == (int)StateEnum.ACTIVE) { bool updCredential = credData.UpdatePassword(o.idCredential.Value, newPassAsMD5, (int)StateEnum.ACTIVE); if (!updCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la contraseña", null)); } } } // Pass temporal credential to TEMPORAL_PASSWORD_USED bool updTmpCredential = credData.UpdatePassword(idCredential, oldPassAsMD5, (int)StateEnum.TEMPORAL_PASSWORD_USED); if (!updTmpCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la credencial temporal", null)); } } else { // Desactive, I can´t do anything return(functions.Response((int)CodeStatusEnum.CONFLICT, "La credencial se encuentra inactiva y no se puede actualizar", null)); } // OK, return true/false UpdatePasswordResponse response = new UpdatePasswordResponse(); response.updated = DateTime.Now; return(functions.Response((int)CodeStatusEnum.OK, "OK", response)); } catch (Exception e) { logger.Fatal(e.Message); return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, e.Message, null)); } }