public async Task ChangeUserToAdminWhenNoAdminPresent() { await using var context = new WebApiContext(_seeder.DbContextOptions); var controller = CreateController(context); await foreach (var user in context.Users) { user.GroupId = _userGroup.Id; context.Entry(user).State = EntityState.Modified; } await context.SaveChangesAsync(); var userToChange = await context.Users.FirstAsync(); var changes = new UserPutDto { Id = userToChange.Id, Login = "******", GroupId = _adminGroup.Id, }; var result = await controller.PutUser(userToChange.Id, changes); result.ShouldBeAssignableTo <OkResult>(); var changedUser = await context.Users.FindAsync(userToChange.Id); changedUser.Login.ShouldBe(changes.Login); changedUser.GroupId.ShouldBe(changes.GroupId); }
public async Task ChangeUserToAdminWhenAdminPresentFails() { await using var context = new WebApiContext(_seeder.DbContextOptions); var controller = CreateController(context); var users = context.Users.ToList(); foreach (var user in users) { user.GroupId = _userGroup.Id; context.Entry(user).State = EntityState.Modified; } users[new Random().Next(users.Count)].GroupId = _adminGroup.Id; await context.SaveChangesAsync(); var userToChange = await context.Users.FirstAsync(u => u.Group.Code != UserGroupCode.Admin); var oldData = new { userToChange.Login, userToChange.GroupId }; var changes = new UserPutDto { Id = userToChange.Id, Login = "******", GroupId = _adminGroup.Id, }; var result = await controller.PutUser(userToChange.Id, changes); result.ShouldBeAssignableTo <BadRequestResult>(); userToChange.Login.ShouldBe(oldData.Login); userToChange.GroupId.ShouldBe(oldData.GroupId); }
public async Task ChangeAdminUserToAdminGroup() { await using var context = new WebApiContext(_seeder.DbContextOptions); var controller = CreateController(context); var users = context.Users.ToList(); foreach (var user in users) { user.GroupId = _userGroup.Id; context.Entry(user).State = EntityState.Modified; } var admin = users[new Random().Next(users.Count)]; admin.GroupId = _adminGroup.Id; await context.SaveChangesAsync(); var changes = new UserPutDto { Id = admin.Id, Login = "******", GroupId = _adminGroup.Id, }; var result = await controller.PutUser(admin.Id, changes); result.ShouldBeAssignableTo <OkResult>(); var changedUser = await context.Users.FindAsync(admin.Id); changedUser.Login.ShouldBe(changes.Login); changedUser.GroupId.ShouldBe(changes.GroupId); }
public async Task <IHttpActionResult> PutUser(string username, UserPutDto userPutDto) { var isAllowed = ClaimsAuthorization.CheckAccess("Put", "User", username); if (!isAllowed) { return(StatusCode(HttpStatusCode.Unauthorized)); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (!username.Equals(userPutDto.Username)) { return(BadRequest()); } var userModel = Mapper.Map <UserPutDto, UserModel>(userPutDto); var result = await _repo.UpdateUser(userModel); if (result.Succeeded) { var user = Mapper.Map <UserPutDto, UserDto>(userPutDto); await _userService.UpdateAsync(user); } IHttpActionResult errorResult = GetErrorResult(result); if (errorResult != null) { return(errorResult); } return(StatusCode(HttpStatusCode.NoContent)); }
public async Task ChangeToInvalidGroupFails() { await using var context = new WebApiContext(_seeder.DbContextOptions); var controller = CreateController(context); var userToChange = await context.Users.FirstAsync(); var maxGroupId = await context.UserGroups.MaxAsync(g => g.Id); var oldData = new UserPutDto { Id = userToChange.Id, Login = userToChange.Login, GroupId = userToChange.GroupId }; var changes = new UserPutDto { Id = userToChange.Id, Login = "******", GroupId = maxGroupId + 1 }; var result = await controller.PutUser(changes.Id, changes); result.ShouldBeAssignableTo <BadRequestResult>(); userToChange.Login.ShouldBe(oldData.Login); userToChange.GroupId.ShouldBe(oldData.GroupId); }
public async Task AddUserToUserGroupAndModifyUsingNotMatchingId() { await using var context = new WebApiContext(_seeder.DbContextOptions); var controller = CreateController(context); var userToAdd = new UserPostDto { Login = "******", Password = "******", GroupId = _userGroup.Id }; var postResult = await controller.PostUser(userToAdd); postResult.Result.ShouldBeAssignableTo <CreatedAtActionResult>(); var createdUser = (UserGetDto)((CreatedAtActionResult)postResult.Result).Value; var changes = new UserPutDto { Id = createdUser.Id, Login = "******", GroupId = _userGroup.Id, }; var putResult = await controller.PutUser(createdUser.Id + 1, changes); putResult.ShouldBeAssignableTo <BadRequestResult>(); var user = await context.Users.FindAsync(createdUser.Id); context.Users.Remove(user); await context.SaveChangesAsync(); }
private void SetupUserPutDto() { userPutDto = new UserPutDto { Email = email, Password = password }; }
public IActionResult Put([FromBody] UserPutDto dto) { _userAppService.Update(new User { Id = dto.Id, Name = dto.Name, Gender = dto.Gender }); return(NoContent()); }
public void Execute(UserPutDto request) { _validator.ValidateAndThrow(request); var user = _context.Users.Find(request.Id); user.FirstName = request.FirstName; user.LastName = request.LastName; user.Email = request.Email; _context.SaveChanges(); }
public async Task <IActionResult> UpdateUser(long id, [FromBody] UserPutDto userPutDto) { if (!await IsRequestorAdmin()) { return(Forbid()); } if (userPutDto == null) { return(BadRequest()); } if (string.IsNullOrEmpty(userPutDto.Email)) { ModelState.AddModelError("Email", "Email is required"); } if (string.IsNullOrEmpty(userPutDto.FirstName)) { ModelState.AddModelError("FirstName", "First name is required"); } if (string.IsNullOrEmpty(userPutDto.Role)) { ModelState.AddModelError("Role", "Role is required"); } var existingUser = await _unitOfWork.Users.SingleOrDefaultAsync(u => u.Id == id); if (existingUser == null) { return(NotFound()); } if (existingUser.Email != userPutDto.Email && await _unitOfWork.Users.Exists(u => u.Email == userPutDto.Email)) { ModelState.AddModelError("Email", "The provided email address is already in use by another user."); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Mapper.Map(userPutDto, existingUser); if (await _unitOfWork.Complete() <= 0) { return(StatusCode(304)); } return(Ok(Mapper.Map <UserGetDto>(existingUser))); }
public async Task <IActionResult> PutAsync([FromBody] UserPutDto dto) { await _userAppService.UpdateAsync(new User { Id = dto.Id, Name = dto.Name, Gender = dto.Gender }); return(NoContent()); }
public async Task <IActionResult> Edit([FromQuery] Guid id, [FromBody] UserPutDto userPutDto) { if (id != userPutDto.Id) { return(BadRequest()); } var authorizationResult = await authorizationService .AuthorizeAsync(User, "EditPolicy"); await userService.UpdateAsync(userPutDto); return(NoContent()); }
public async Task <IActionResult> PutUser(int id, UserPutDto user) { if (id != user.Id) { return(BadRequest()); } await using var transaction = await _context.Database.BeginTransactionAsync(IsolationLevel.Serializable); try { var entity = await _context.GetActiveUsers() .FirstOrDefaultAsync(u => u.Id == user.Id); if (entity == null) { return(NotFound()); } if (await _context.UserGroups.FindAsync(user.GroupId) == null) { return(BadRequest()); } if (!await _adminElevation.CanEnterGroup(user.GroupId, user.Id)) { return(BadRequest()); } entity.Login = user.Login; entity.GroupId = user.GroupId; _context.Entry(entity).State = EntityState.Modified; await _context.SaveChangesAsync(); await transaction.CommitAsync(); return(Ok()); } catch (DbUpdateConcurrencyException) { if (!UserExists(id)) { return(NotFound()); } return(Conflict()); } }
public async Task <bool> UpdateAsync(UserPutDto entity) { var exists = await _repository.GetByIdAsync(entity.Id); if (exists == null) { return(false); } else { await _repository.UpdateAsync(mapper.Map <User>(entity)); return(true); } }
public async Task <IActionResult> Update([FromRoute] string id, [FromBody] UserPutDto model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (!id.Equals(model.Id)) { return(BadRequest($"Route id {id} doesn't match ApplicationUser id {model.Id}")); } var user = await _userManager.FindByIdAsync(id); if (user == null) { return(BadRequest($"User with id {id} does not exist")); } if (!user.Email.Equals(model.Email)) { var emailToken = await _userManager.GenerateChangeEmailTokenAsync(user, model.Email); var emailResult = await _userManager.ChangeEmailAsync(user, model.Email, emailToken); if (!emailResult.Succeeded) { return(BadRequest("Email could not be changed")); } } user.PhoneNumber = model.PhoneNumber; var result = await _userManager.UpdateAsync(user); if (!result.Succeeded) { return(BadRequest("User could not be updated")); } var dtoToReturn = await ReturnUserFromRoleAsync(user); return(dtoToReturn == null ? (IActionResult)BadRequest($"User with id {user.Id} could not be updated") : Ok(dtoToReturn)); }
public async Task AddUserToUserGroupAndModifyUsingMatchingId() { await using var context = new WebApiContext(_seeder.DbContextOptions); var controller = CreateController(context); var userToAdd = new UserPostDto { Login = "******", Password = "******", GroupId = _userGroup.Id }; var postResult = await controller.PostUser(userToAdd); postResult.Result.ShouldBeAssignableTo <CreatedAtActionResult>(); var createdUser = (UserGetDto)((CreatedAtActionResult)postResult.Result).Value; var changes = new UserPutDto { Id = createdUser.Id, Login = "******", GroupId = _userGroup.Id, }; var putResult = await controller.PutUser(createdUser.Id, changes); putResult.ShouldBeAssignableTo <OkResult>(); var getResult = await controller.GetUser(createdUser.Id); getResult.Result.ShouldBeAssignableTo <OkResult>(); var changedUser = getResult.Value; changedUser.Id.ShouldBe(createdUser.Id); changedUser.Login.ShouldBe(changes.Login); changedUser.State.ShouldBeEquivalentTo(_activeState); changedUser.Group.ShouldBeEquivalentTo(_userGroup); changedUser.CreatedDate.ShouldBe(createdUser.CreatedDate); var user = await context.Users.FindAsync(createdUser.Id); context.Users.Remove(user); await context.SaveChangesAsync(); }
public async Task <IActionResult> AddUser([FromBody] UserPutDto newUser) { if (newUser == null) { return(BadRequest()); } if (string.IsNullOrEmpty(newUser.Email) || string.IsNullOrEmpty(newUser.Password)) { return(UnprocessableEntity()); } var result = _mapper.Map <UserGetDto>(await _repo.NewUser(_mapper.Map <UserPutModel>(newUser))); if (result == null) { return(NotFound()); } return(Ok(result)); }
public async void Put_InvalidId_ReturnsNotFound_WithMessage() { const string id = "31588e97-5c6b-48dd-89a1-edd92deb3bca"; var path = $"{BaseUri}/update/{id}"; var dto = new UserPutDto() { Id = id, Email = "*****@*****.**", PhoneNumber = "+32496304944" }; var json = JsonConvert.SerializeObject(dto); var body = new StringContent(json, Encoding.UTF8, "application/json"); var response = await _client.PutAsync(path, body); var responseString = await response.Content.ReadAsStringAsync(); Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode); Assert.Equal($"User with id {id} does not exist", responseString); }
public async void Put_ValidModel_ReturnsOk_ReturnsUser() { const string id = "31588e97-5c6b-48dd-89a1-edd92deb3bcb"; var path = $"{BaseUri}/update/{id}"; var dto = new UserPutDto() { Id = id, Email = "*****@*****.**", PhoneNumber = "+32496304944" }; var json = JsonConvert.SerializeObject(dto); var body = new StringContent(json, Encoding.UTF8, "application/json"); var response = await _client.PutAsync(path, body); var content = await response.Content.ReadAsStringAsync(); var returnedUserDto = JsonConvert.DeserializeObject <UserDto>(content); Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Equal(dto.PhoneNumber, returnedUserDto.PhoneNumber); }
public async Task <IActionResult> UpdateUser([FromRoute] string userId, [FromBody] UserPutDto updatedUser) { if (string.IsNullOrEmpty(userId) || updatedUser == null) { return(BadRequest()); } if (string.IsNullOrEmpty(updatedUser.Email) || string.IsNullOrEmpty(updatedUser.Password)) { return(UnprocessableEntity()); } var user = _mapper.Map <UserGetDto>(await _repo.GetUser(userId)); if (user == null || !await _repo.EditUser(_mapper.Map <UserPutModel>(updatedUser), userId)) { return(NotFound()); } user.Email = updatedUser.Email; user.UserName = updatedUser.Email; user.Roles = await _repo.GetRoles(userId); return(Ok(user)); }
public void Put([FromBody] UserPutDto dto, [FromServices] IUpdateUserCommand command) { executor.ExecuteCommand(command, dto); }
public async Task <IActionResult> UpdateUser([FromRoute] string userId, [FromBody] UserPutDto updatedUser) { if (string.IsNullOrEmpty(userId) || updatedUser == null) { return(BadRequest()); } var user = await UserManager.FindByIdAsync(userId); if (user == null) { return(NotFound()); } foreach (var tUser in UserManager.Users) // for all users { if (tUser.Id != user.Id) // not the same user { // tUser no number, skip if (tUser.PhoneNumber == null) { continue; } // if the user has the same phone number as the request update to the current user then badrequest // as two members cannot have the same number in this system. if (tUser.PhoneNumber.Equals(updatedUser.PhoneNumber)) { return(BadRequest()); } } } user.Email = updatedUser.Email ?? user.Email; // Craig Martin 04-12-19 -- Altering username on update, and phone number user.UserName = updatedUser.Email ?? user.Email; user.PhoneNumber = updatedUser.PhoneNumber ?? user.PhoneNumber; user.FullName = updatedUser.FullName ?? user.FullName; await UserManager.UpdateAsync(user); if (!string.IsNullOrEmpty(updatedUser.Password)) { await UserManager.RemovePasswordAsync(user); await UserManager.AddPasswordAsync(user, updatedUser.Password); } var roles = await UserManager.GetRolesAsync(user); var rolesToAdd = updatedUser.Roles.Where(r => !roles.Contains(r)); await UserManager.AddToRolesAsync(user, rolesToAdd); var rolesToRemove = roles.Where(r => !updatedUser.Roles.Contains(r)); await UserManager.RemoveFromRolesAsync(user, rolesToRemove); roles = await UserManager.GetRolesAsync(user); var dto = new UserGetDto { Id = user.Id, UserName = user.UserName, Email = user.Email, PhoneNumber = user.PhoneNumber, FullName = user.FullName, Roles = roles }; return(Ok(dto)); }
public async Task <IActionResult> AddUser([FromBody] UserPutDto newUser) { if (newUser == null) { return(BadRequest()); } // CRAIG MARTIN - check if the phone number is already in the system, if so then BadRequest if (UserManager.Users.Any(x => x.PhoneNumber.Equals(newUser.PhoneNumber))) { return(BadRequest()); } var user = new AppUser { Email = newUser.Email, FullName = newUser.FullName, UserName = newUser.Email, PhoneNumber = newUser.PhoneNumber // Craig Martin - Added phone number }; var result = await UserManager.CreateAsync(user, newUser.Password); if (!result.Succeeded) { return(BadRequest()); } // CRAIG MARTIN - Generate email confirmation token string token = await UserManager.GenerateEmailConfirmationTokenAsync(user); string confirmationLink = Url.Action("ConfirmEmail", "EmailConfirmation", new { userId = user.Id, token = token }, Request.Scheme); //Send email with confirmationn link. EmailSender emailSender = new EmailSender(); emailSender.SendEmail(user, configuration, confirmationLink, "Three Amigos -- Confirm Email"); user = await UserManager.FindByEmailAsync(newUser.Email); await UserManager.AddToRolesAsync(user, newUser.Roles); var roles = await UserManager.GetRolesAsync(user); var dto = new UserGetDto { Id = user.Id, UserName = user.UserName, Email = user.Email, PhoneNumber = user.PhoneNumber, // Craig Martin - Added phone number FullName = user.FullName, Roles = roles }; return(Ok(dto)); }