public static Model.UserPatchInfo Convert(string username, Client.UserPatchInfo clientPatchInfo) { if (clientPatchInfo == null) { throw new ArgumentNullException(nameof(clientPatchInfo)); } var modelPatchInfo = new Model.UserPatchInfo(username) { OldPassword = clientPatchInfo.OldPassword, Password = clientPatchInfo.Password, ConfirmPassword = clientPatchInfo.ConfirmPassword }; return(modelPatchInfo); }
public async Task <IActionResult> PatchUserAsync([FromRoute] string userName, [FromBody] Client.UserPatchInfo clientPatchInfo, CancellationToken cancellationToken) { cancellationToken.ThrowIfCancellationRequested(); if (clientPatchInfo == null) { var error = Responses.BodyIsMissing(nameof(clientPatchInfo)); return(BadRequest(error)); } var isAuthorize = HttpContext.User.IsInRole("admin") || HttpContext.User.Identity.Name.CompareTo(userName.ToLower()) == 0; if (!isAuthorize) { return(Forbid()); } var modelPatchInfo = ModelConverters.Users.UserPatchInfoConverter.Convert(userName, clientPatchInfo); var user = await userManager.FindByNameAsync(userName); if (user == null) { return(BadRequest()); } var updated = false; if (modelPatchInfo.Password != null && modelPatchInfo.OldPassword != null) { var passwordValidator = HttpContext.RequestServices.GetService(typeof(IPasswordValidator <User>)) as IPasswordValidator <User>; var passwordHasher = HttpContext.RequestServices.GetService(typeof(IPasswordHasher <User>)) as IPasswordHasher <User>; IdentityResult result = await passwordValidator.ValidateAsync(userManager, user, modelPatchInfo.Password); if (result.Succeeded) { user.PasswordHash = passwordHasher.HashPassword(user, modelPatchInfo.Password); updated = true; } } if (updated) { await userManager.UpdateAsync(user); } return(Ok()); }
public async Task <IActionResult> PatchUserAsync([FromRoute] string userName, [FromBody] Client.UserPatchInfo clientPatchInfo, CancellationToken cancellationToken) { cancellationToken.ThrowIfCancellationRequested(); if (clientPatchInfo == null) { var error = ErrorResponsesService.BodyIsMissing(nameof(clientPatchInfo)); return(BadRequest(error)); } if (!HasAccessToUser(userName)) { return(Forbid()); } var modelPatchInfo = ModelConverters.Users.UserPatchInfoConverter.Convert(userName, clientPatchInfo); var user = await userManager.FindByNameAsync(userName); if (user == null) { var error = ErrorResponsesService.NotFoundError(Target, $"User with name '{userName}' not found."); return(NotFound(error)); } var updated = false; if (modelPatchInfo.OldPassword != null && modelPatchInfo.Password != null) { var passwordHasher = HttpContext.RequestServices. GetService(typeof(IPasswordHasher <User>)) as IPasswordHasher <User>; //todo неработает проверка на правильность старого пароля // var oldPasswordHash = passwordHasher.HashPassword(user, modelPatchInfo.OldPassword); // // if (!oldPasswordHash.Equals(user.PasswordHash)) // { // var error = ErrorResponsesService.ValidationError(nameof(clientPatchInfo.OldPassword), // "Old password doesn't match with actual."); // return BadRequest(error); // } if (!modelPatchInfo.Password.Equals(modelPatchInfo.ConfirmPassword)) { var error = ErrorResponsesService.ValidationError(nameof(clientPatchInfo.ConfirmPassword), PasswordValidationMessage); return(BadRequest(error)); } var passwordValidator = HttpContext.RequestServices. GetService(typeof(IPasswordValidator <User>)) as IPasswordValidator <User>; var result = await passwordValidator.ValidateAsync(userManager, user, modelPatchInfo.Password); if (result.Succeeded) { user.PasswordHash = passwordHasher.HashPassword(user, modelPatchInfo.Password); updated = true; } } if (updated) { user.LastUpdateAt = DateTime.UtcNow; await userManager.UpdateAsync(user); } var clientUser = ModelConverters.Users.UserConverter.Convert(user); return(Ok(clientUser)); }