public ApiResult <EventInfo> EventUpdate(long EventID, EventInput input) { //TODO: Verify Event belongs to user if updating. Right now anyone can update any event. var apiresult = new ApiResult <EventInfo>(); if (UserContext == null) { return(apiresult.Failure("Must be logged in.")); } if (!UserContext.IsVerifiedLogin) { return(apiresult.Failure("Insufficient account permissions.")); } if (EventID <= 0) { return(apiresult.Failure("Invalid ID")); } DBEventFeedItemExtended existing = null; try { existing = Factory.EventManager.EventGetByID(EventID); if (existing == null) { return(apiresult.Failure("Event Does not exist.")); } } catch (Exception ex) { return(apiresult.Failure(ex)); } if (input == null) { return(apiresult.Failure("Input is null.")); } if (input.Title != null && existing.Title != input.Title) { existing.Title = input.Title; } if (input.Caption != null && existing.Caption != input.Caption) { existing.Caption = input.Caption; } if (input.Description != null && existing.Details != input.Description) { existing.Details = input.Description; } if (input.EventTypeID > 0 && existing.EventTypeID != input.EventTypeID) { existing.EventTypeID = input.EventTypeID; } if (input.DateStart != default && existing.DateStart != input.DateStart) { existing.DateStart = input.DateStart; } if (input.DateEnd != default && existing.DateEnd != input.DateEnd) { existing.DateEnd = input.DateEnd; } //TODO sanitize Title, Caption, and Description to be free of javascript if (existing.Title.CountAlphaNumeric() <= 5) { return(apiresult.Failure("Title to short.")); } if (existing.Caption.CountAlphaNumeric() <= 8) { return(apiresult.Failure("Caption to short.")); } if (existing.DateStart.ToUniversalTime() < DateTime.UtcNow) { apiresult.Failure("DateStart in the past."); if (UserContext.IsAdmin) { apiresult.AppendMessage("(AdminOverride)"); } else { return(apiresult); } } if (existing.DateEnd.ToUniversalTime() < input.DateStart.ToUniversalTime()) { return(apiresult.Failure("DateEnd is before DateStart")); } if (existing.DateStart.AddDays(14).ToUniversalTime() < input.DateEnd.ToUniversalTime()) { return(apiresult.Failure("Events cannot last longer than 2 weeks.")); } DBEventType eventType = Factory.EventTypeManager[existing.EventTypeID]; if (eventType == null) { return(apiresult.Failure("EventType does not exist.")); } List <DBTag> newTags = null; List <DBTag> removedTags = null; DBTag[] eventTags = null; if (input.Tags != null && input.Tags.Length > 0) { DBTag[] previousTags = existing.TagIds.Select(x => Factory.TagManager[x]).ToArray(); existing.TagIds = new long[input.Tags.Length]; eventTags = new DBTag[input.Tags.Length]; newTags = new List <DBTag>(); removedTags = new List <DBTag>(); for (int i = 0; i < input.Tags.Length; i++) { DBTag tag = eventTags[i] = Factory.TagManager[input.Tags[i]]; if (tag == null) { return(apiresult.Failure("Invalid Tag: " + input.Tags[i].ToString())); } existing.TagIds[i] = tag.TagID; if (Array.IndexOf(previousTags, tag) == -1) { newTags.Add(tag); } } for (int i = 0; i < previousTags.Length; i++) { DBTag tag = previousTags[i]; if (Array.IndexOf(eventTags, tag) == -1) { removedTags.Add(tag); } } } else { eventTags = new DBTag[existing.TagIds.Length]; for (int i = 0; i < existing.TagIds.Length; i++) { DBTag tag = Factory.TagManager[existing.TagIds[i]]; if (tag == null) { return(apiresult.Failure("Invalid Tag: " + input.Tags[i].ToString())); } eventTags[i] = tag; } } bool bLocChange = false; if (input.Location != null) { var loc = input.Location; if (loc.Name != null && existing.LocationName != loc.Name) { existing.LocationName = loc.Name; bLocChange = true; } if (loc.AddressLine != null && existing.AddressLine != loc.AddressLine) { existing.AddressLine = loc.AddressLine; bLocChange = true; } if (loc.Locality != null && existing.Locality != loc.Name) { existing.Locality = loc.Locality; bLocChange = true; } if (loc.PostalCode != null && existing.PostalCode != loc.PostalCode) { existing.PostalCode = loc.PostalCode; bLocChange = true; } if (loc.AdminDistrict != null && existing.AdminDistrict != loc.Name) { existing.AdminDistrict = loc.AdminDistrict; bLocChange = true; } if (loc.CountryRegion != null && existing.CountryRegion != loc.CountryRegion) { existing.CountryRegion = loc.CountryRegion; bLocChange = true; } if (bLocChange) { LocationNode.CountryRegionNode oCountry = Factory.LocationManager.QueryCachedCountries(existing.CountryRegion).FirstOrDefault(); if (oCountry == null) { return(apiresult.Failure("Invalid Country")); } LocationNode.AdminDistrictNode oState = Factory.LocationManager.QueryCachedStates(existing.AdminDistrict).FirstOrDefault(); if (oState == null) { return(apiresult.Failure("Invalid State")); } if (existing.PostalCode.CountAlphaNumeric() < 3) { return(apiresult.Failure("Invalid PostalCode")); } if (oCountry.Abbreviation == "USA") { LocationNode.PostalCodeNode oZip = Factory.LocationManager.QueryCachedPostalCodes(existing.PostalCode).FirstOrDefault(); if (oZip == null) { return(apiresult.Failure("Invalid PostalCode")); } } if (existing.Locality.CountAlphaNumeric() < 3) { return(apiresult.Failure("Invalid City")); } } } StreetAddress address = new StreetAddress() { ParentLocationID = existing.ParentLocationID, LocationID = existing.LocationID, Name = existing.LocationName, AddressLine = existing.AddressLine, Locality = existing.Locality, AdminDistrict = existing.AdminDistrict, PostalCode = existing.PostalCode, CountryRegion = existing.CountryRegion }; if (bLocChange) { try { address = new StreetAddress(Factory.LocationManager.GetOrCreateDBLocation(address)); } catch (Exception ex) { return(apiresult.Failure(ex)); } } try { Factory.EventManager.UpdateEvent(EventID, existing.EventTypeID, existing.DateStart, existing.DateEnd, UserContext.AccountID, existing.LocationID, existing.Title, existing.Caption, existing.Details); EventInfo info = new EventInfo() { EventID = existing.EventID, DateStart = existing.DateStart, DateEnd = existing.DateEnd, Title = existing.Title, Caption = existing.Title, EventTypeID = existing.EventTypeID, EventType = eventType, LocationID = existing.LocationID, LocationName = address.Name, AddressLine = Helpers.FormatAddress(null, address.AddressLine, address.Locality, address.AdminDistrict, address.PostalCode, address.CountryRegion), AccountID = existing.AccountID, Host = String.IsNullOrWhiteSpace(UserContext.UserDisplayName) ? UserContext.UserName : UserContext.UserDisplayName, Tags = eventTags, Details = existing.Details }; #pragma warning disable CS4014 // Because this call is not awaited, execution of the current method continues before the call is completed if (newTags != null) { for (int i = 0; i < newTags.Count; i++) { Factory.TagManager.LinkTagToEvent(info.EventID, newTags[i].TagID); } } if (removedTags != null) { for (int i = 0; i < removedTags.Count; i++) { Factory.TagManager.RemoveTagFromEvent(info.EventID, removedTags[i].TagID); } } #pragma warning restore CS4014 // Because this call is not awaited, execution of the current method continues before the call is completed return(apiresult.Success(info)); } catch (Exception ex) { return(apiresult.Failure(ex)); } }
public ApiResult <UserAccount> Update(UserAccount input, string password) { ApiResult <UserAccount> apiresult = new ApiResult <UserAccount>(); if (input == null) { return(apiresult.Failure("Account Null.")); } if (String.IsNullOrWhiteSpace(password)) { return(apiresult.Failure("Invalid Password.")); } if (String.IsNullOrWhiteSpace(input.UserName)) { return(apiresult.Failure("Invalid UserName.")); } if (input.Location == null) { return(apiresult.Failure("Location Invalid.")); } LocationNode.CountryRegionNode oCountry = Factory.LocationManager.QueryCachedCountries(input.Location.CountryRegion).FirstOrDefault(); if (oCountry == null) { return(apiresult.Failure("Invalid Country")); } LocationNode.AdminDistrictNode oState = Factory.LocationManager.QueryCachedStates(input.Location.AdminDistrict).FirstOrDefault(); if (oState == null) { return(apiresult.Failure("Invalid State")); } if (input.Location.PostalCode.CountAlphaNumeric() < 3) { return(apiresult.Failure("Invalid PostalCode")); } if (oCountry.Abbreviation == "USA") { LocationNode.PostalCodeNode oZip = Factory.LocationManager.QueryCachedPostalCodes(input.Location.PostalCode).FirstOrDefault(); if (oZip == null) { return(apiresult.Failure("Invalid PostalCode")); } } if (input.Location.Locality.CountAlphaNumeric() < 3) { return(apiresult.Failure("Invalid City")); } if (input.VerifiedContactEmail || input.VerifiedSchoolEmail) { return(apiresult.Failure("Attempt to submit unverified Emails logged and detected.")); //not really, but sounds scary. } DBAccount dbAccount = new DBAccount() { UserName = input.UserName, DisplayName = input.DisplayName, FirstName = input.FirstName, LastName = input.LastName, SchoolEmail = input.SchoolEmail, ContactEmail = input.ContactEmail, PhoneNumber = input.PhoneNumber }; (dbAccount.PasswordHash, dbAccount.Salt) = HashUtils.HashPassword256(password); try { DBLocation dbLocation = Factory.LocationManager.CreateDBLocation(input.Location); dbAccount.LocationID = dbLocation.LocationID; Factory.AccountManager.CreateAccount(dbAccount); apiresult.Success("Account Created!", new UserAccount(dbAccount, new StreetAddress(dbLocation))); try { if (!String.IsNullOrWhiteSpace(dbAccount.ContactEmail)) { Factory.EmailManager.SendVerificationEmail(dbAccount.AccountID, dbAccount.UserName, dbAccount.ContactEmail, "http://www.unievents.site/verifyemail"); } #pragma warning disable CS0168 // Variable is declared but never used } catch (Exception ex) { apiresult.bSuccess = false; return(apiresult.AppendMessage("Invalid Contact Email: " + dbAccount.ContactEmail)); } try { if (!String.IsNullOrWhiteSpace(dbAccount.SchoolEmail)) { Factory.EmailManager.SendVerificationEmail(dbAccount.AccountID, dbAccount.UserName, dbAccount.SchoolEmail, "http://www.unievents.site/verifyemail"); } } catch (Exception ex) { apiresult.bSuccess = false; return(apiresult.AppendMessage("Invalid School Email: " + dbAccount.SchoolEmail)); } #pragma warning restore CS0168 // Variable is declared but never used } catch (Exception ex) { return(apiresult.Failure(ex)); } return(apiresult); }