/// <summary>
/// Validate form-level request
/// </summary>
/// <param name="validationDictionary"></param>
public bool ValidateRequest(IValidationDictionary validationDictionary)
{
var requestDictionary = new ValidationDictionary();
if (Password != ConfirmPassword)
{
requestDictionary.AddError("Password", "Passwords do not match.");
}
validationDictionary.Merge(requestDictionary);
return requestDictionary.IsValid;
}
/// <summary>
/// Validate form-level request
/// </summary>
/// <param name="validationDictionary"></param>
public bool ValidateRequest(IValidationDictionary validationDictionary)
{
var requestDictionary = new ValidationDictionary();
if (string.IsNullOrEmpty(ResetToken))
{
requestDictionary.AddError("ResetToken", "Reset token not specified.");
}
if (string.IsNullOrEmpty(Password))
{
requestDictionary.AddError("Password", "Password is required.");
}
if (Password != ConfirmPassword)
{
requestDictionary.AddError("Password", "Passwords do not match.");
}
validationDictionary.Merge(requestDictionary);
return requestDictionary.IsValid;
}
public void Validate_Successful_With_Valid_Information()
{
// Arrange
var model = new SignUpInputModel
{
Email = "*****@*****.**",
Password = "******",
ConfirmPassword = "******"
};
var validationDictionary = new ValidationDictionary();
// Act
var result = model.ValidateRequest(validationDictionary);
// Assert
Assert.IsTrue(result);
}
public void Validate_Fails_Mismatched_Passwords()
{
// Arrange
var model = new SignUpInputModel
{
Email = "*****@*****.**",
Password = "******",
ConfirmPassword = "******"
};
var validationDictionary = new ValidationDictionary();
// Act
var result = model.ValidateRequest(validationDictionary);
// Assert
Assert.IsFalse(result);
}
public BaseResponseModel Update(UpdateUserInputModel inputModel)
{
var vm = new BaseResponseModel();
// Validate request
var validationState = new ValidationDictionary();
inputModel.ValidateRequest(validationState);
// Get existing user
var user = UserService.GetUserById(inputModel.UserId);
if (user == null)
{
throw new HttpException(404, "User not found.");
}
// Do not allow editing of users other than yourself if you
// don't have permissions
if (!CurrentUser.HasPermission(Permission.EditUsers)
&& user.Id != CurrentUser.Id)
{
throw new HttpException(401, "You do not have permissions to complete this action.");
}
// Copy properties
bool emailChanged = user.Email != inputModel.Email;
user.Email = inputModel.Email;
string newPass = String.IsNullOrWhiteSpace(inputModel.Password)
? null : inputModel.Password;
// Additional properties for admin users
if (CurrentUser.HasPermission(Permission.EditUsers))
{
if (inputModel.Role.HasValue) user.Role = inputModel.Role.Value;
}
if (UserService.ValidateUser(user, validationState))
{
UserService.UpdateUser(user, newPass);
if (emailChanged)
{
ReAuthorizeUser(inputModel.Email);
}
LogService.CreateLog(new Log
{
Category = LogCategory.Application,
IpAddress = GetClientIp(ControllerContext.Request),
Level = LogLevel.Info,
Message = "User " + inputModel.Email + " (ID #" + user.Id + ") was updated.",
User = CurrentUser
});
vm.Success = true;
}
vm.Errors = validationState.Errors;
return vm;
}
public BaseResponseModel SignUp(SignUpInputModel inputModel)
{
var vm = new AuthResponseModel();
// Validate request
var validationState = new ValidationDictionary();
inputModel.ValidateRequest(validationState);
var user = new User
{
Email = inputModel.Email,
Role = Role.Member
};
UserService.GenerateUserPassword(user, inputModel.Password);
if (UserService.ValidateUser(user, validationState))
{
UserService.CreateUser(user);
// Authenticate to create token
user = UserService.Authenticate(user.Email, inputModel.Password);
_auth.DoAuth(user.Email, false);
vm.Success = true;
vm.Token = user.AuthToken.Token;
vm.Expires = user.AuthToken.Expires;
}
vm.Errors = validationState.Errors;
return vm;
}
public BaseResponseModel ResetPassword(ResetPasswordInputModel inputModel)
{
// Get existing user
var vm = new BaseResponseModel();
var validationState = new ValidationDictionary();
inputModel.ValidateRequest(validationState);
if (validationState.IsValid)
{
var user = UserService.GetUserByResetToken(inputModel.ResetToken);
if (user != null)
{
UserService.ResetPassword(user, inputModel.Password);
vm.Success = true;
}
else
{
validationState.AddError("ResetToken", "Invalid reset token.");
}
}
vm.Errors = validationState.Errors;
return vm;
}
public BaseResponseModel Update(UpdateResourceInputModel inputModel)
{
var vm = new BaseResponseModel();
// Validate request
var validationState = new ValidationDictionary();
// Get existing resource
var resource = _resourceService.GetResourceById(inputModel.ResourceId);
if (resource == null)
{
throw new HttpException(404, "Resource not found.");
}
// Do not allow editing of resources other than yourself if you
// don't have permissions
if (!CurrentUser.HasPermission(Permission.EditResources))
{
throw new HttpException(401, "You do not have permissions to complete this action.");
}
// Copy properties
resource.Value = inputModel.Value;
if (_resourceService.ValidateResource(resource, validationState))
{
_resourceService.UpdateResource(resource);
LogService.CreateLog(new Log
{
Category = LogCategory.Application,
IpAddress = GetClientIp(ControllerContext.Request),
Level = LogLevel.Info,
Message = "Resource " + resource.Name + " (ID #" + resource.Id + ") was updated.",
User = CurrentUser
});
vm.Success = true;
}
vm.Errors = validationState.Errors;
return vm;
}