public async Task <IActionResult> UnbanAccountAsync([FromRoute] string accountId)
{
var currentFunctionCodes = GetCurrentAccountFunctionCodes();
var account = await _accountRepository.GetAccountByIdAsync(accountId);
if (account == null)
{
throw new NotFound404Exception("account");
}
if (!currentFunctionCodes.Contains("Account_Full"))
{
var currentAccount = await _accountRepository.GetAccountByIdAsync(CurrentAccountId);
if (currentAccount.GroupId > account.GroupId)
{
throw new ForbiddenException(); // the lower the group id, the higher the authority; can only delete the group with authority lower than the current group
}
}
// bind data
account.GroupId = 3; // group: user
account.IsActive = true;
await _accountRepository.UpdateAccountAsync(account);
return(Ok(AccountDTO.GetFrom(account)));
}
public async Task <IActionResult> BanAccountAsync([FromRoute] string accountId)
{
var currentFunctionCodes = GetCurrentAccountFunctionCodes();
var account = await _accountRepository.GetAccountByIdAsync(accountId);
if (account == null)
{
throw new NotFound404Exception("account");
}
if (!currentFunctionCodes.Contains("Account_Full"))
{
var currentAccount = await _accountRepository.GetAccountByIdAsync(CurrentAccountId);
if (currentAccount.GroupId > account.GroupId)
{
throw new ForbiddenException();
}
}
// bind data
account.GroupId = 4; // group: visitor
account.IsActive = false;
await _accountRepository.UpdateAccountAsync(account);
return(Ok(AccountDTO.GetFrom(account)));
}
public async Task <IActionResult> GetAccountByIdAsync([FromRoute] string accountId)
{
var currentFunctionCodes = GetCurrentAccountFunctionCodes();
if (!currentFunctionCodes.Contains("Account_Full") && !currentFunctionCodes.Contains("Account_Read_All"))
{
if (accountId != CurrentAccountId)
{
throw new ForbiddenException();
}
}
var account = await _accountRepository.GetAccountByIdAsync(accountId);
if (account == null)
{
throw new NotFound404Exception("account");
}
return(Ok(AccountDTO.GetFrom(account)));
}
public async Task <IActionResult> AssignAccountAsync([FromRoute] string accountId, [FromBody] AccountAssignModel model)
{
var account = await _accountRepository.GetAccountByIdAsync(accountId);
if (account == null)
{
throw new NotFound404Exception("account");
}
if (!await _groupRepository.AnyByIdAsync(model.GroupId))
{
throw new NotFound404Exception("group");
}
// bind date
account.GroupId = model.GroupId;
account.UpdatedDate = DateTime.Now;
await _accountRepository.AssignAccountAsync(account);
return(Ok(AccountDTO.GetFrom(account)));
}
public async Task <IActionResult> UpdateAccountAsync([FromRoute] string accountId, [FromBody] AccountUpdateModel model)
{
var functions = GetCurrentAccountFunctionCodes();
if (!functions.Contains("Account_Full"))
{
if (accountId != CurrentAccountId)
{
throw new ForbiddenException();
}
}
var account = await _accountRepository.GetAccountByIdAsync(accountId);
if (account == null)
{
throw new NotFound404Exception("account");
}
if (model.Password != null)
{
if (model.Password.Length < 8 || model.Password.Length > 20)
{
throw new PasswordIsInvalidException();
}
}
if (model.Name != null)
{
if (model.Name.Length > 50)
{
throw new NameIsInvalidException();
}
}
if (model.BirthDate.HasValue)
{
if (model.BirthDate.Value.Year < Constants.MinBirthDate.Year || model.BirthDate.Value.Year > DateTime.Now.Year - Constants.MinAge)
{
throw new BirthDateIsInvalidException();
}
}
if (model.Email != null)
{
if (!model.Email.IsEmail())
{
throw new EmailIsInvalidException();
}
if (model.Email != account.Email && await _accountRepository.AnyByEmailAsync(model.Email))
{
throw new AlreadyExistsException("email");
}
}
if (model.Phone != null)
{
if (!model.Phone.IsMobile())
{
throw new PhoneIsInvalidException();
}
if (model.Phone != account.Phone && await _accountRepository.AnyByPhoneAsync(model.Phone))
{
throw new AlreadyExistsException("phone");
}
}
if (model.WardId.HasValue)
{
if (!await _wardRepository.AnyByIdAsync(model.WardId.Value))
{
throw new NotFound400Exception("ward");
}
}
// bind data
account.WardId = model.WardId.HasValue ? model.WardId.Value : account.WardId;
account.Password = model.Password != null ? model.Password : account.Password;
account.Name = model.Name != null ? model.Name : account.Name;
account.Gender = model.Gender.HasValue ? model.Gender.Value : account.Gender;
account.BirthDate = model.BirthDate.HasValue ? model.BirthDate : account.BirthDate;
account.Address = model.Address != null ? model.Address : account.Address;
account.Email = model.Email != null ? model.Email : account.Email;
account.Phone = model.Phone != null ? model.Phone : account.Phone;
account.Avatar = model.Avatar != null ? model.Avatar : account.Avatar;
account.Description = model.Description != null ? model.Description : account.Description;
account.UpdatedDate = DateTime.Now;
await _accountRepository.UpdateAccountAsync(account);
return(Ok(AccountDTO.GetFrom(account)));
}
public async Task <IActionResult> CreateAccountAsync([FromBody] AccountCreateModel model)
{
if (string.IsNullOrWhiteSpace(model.Password))
{
throw new IsRequiredException("password");
}
if (model.Password.Length < 8 || model.Password.Length > 20)
{
throw new PasswordIsInvalidException();
}
if (model.Name != null)
{
if (model.Name.Length > 50)
{
throw new NameIsInvalidException();
}
}
if (model.BirthDate.HasValue)
{
if (model.BirthDate.Value.Year < Constants.MinBirthDate.Year || model.BirthDate.Value.Year > DateTime.Now.Year - Constants.MinAge)
{
throw new BirthDateIsInvalidException();
}
}
if (model.Email != null)
{
if (!model.Email.IsEmail())
{
throw new EmailIsInvalidException();
}
if (await _accountRepository.AnyByEmailAsync(model.Email))
{
throw new AlreadyExistsException("email");
}
}
if (model.Phone != null)
{
if (!model.Phone.IsMobile())
{
throw new PhoneIsInvalidException();
}
if (await _accountRepository.AnyByPhoneAsync(model.Phone))
{
throw new AlreadyExistsException("phone");
}
}
if (string.IsNullOrWhiteSpace(model.AccountId))
{
throw new IsRequiredException("accountId");
}
if (model.AccountId.Length > 20)
{
throw new AccountIdIsInvalidException();
}
if (await _accountRepository.AnyByIdAsync(model.AccountId))
{
throw new AlreadyExistsException("account");
}
if (model.WardId.HasValue)
{
if (!await _wardRepository.AnyByIdAsync(model.WardId.Value))
{
throw new NotFound400Exception("ward");
}
}
var now = DateTime.Now;
var account = new Account
{
AccountId = model.AccountId,
GroupId = 4,
WardId = model.WardId.HasValue ? model.WardId.Value : 0,
Password = model.Password,
Name = model.Name != null ? model.Name : null,
Gender = model.Gender.HasValue ? model.Gender.Value : null,
BirthDate = model.BirthDate.HasValue ? model.BirthDate : null,
Address = model.Address != null ? model.Address : null,
Email = model.Email != null ? model.Email : null,
Phone = model.Phone != null ? model.Phone : null,
CreatedDate = now,
UpdatedDate = now
};
await _accountRepository.CreateAccountAsync(account);
return(Ok(AccountDTO.GetFrom(account)));
}