/// <summary> /// POST /admin/user /// /// creates a new user. /// /// returns HTTP Response => /// 201 Created /// Location: http://localhost/admin/user/{Username} /// </summary> public object Post(UserRequest user) { var new_user = new DBUser(); // TODO explicit mapping new_user.PopulateWith(user); // TODO move into RequestFilter if (string.IsNullOrEmpty(user.Username)) { throw new ArgumentNullException("user.Username"); } // TODO move into RequestFilter if (!(user.Username.IsOnlySafeChars() && user.Password.IsOnlySafeChars() && user.EmailAddress.Replace("@", "").IsOnlySafeChars())) { throw new ArgumentException("found unsafe/unallowed characters"); } // TODO move into RequestFilter // lowercase the username new_user.Username = new_user.Username.ToLower(); using (var conn = DbConfig.GetConnection()) { var existing_user = conn.FirstOrDefault <DBUser> ("Username = {0}", new_user.Username); if (existing_user != null) { throw new ConflictException() { ErrorMessage = "A user by that name already exists" } } ; conn.Insert <DBUser> (new_user); } return(new HttpResult(new_user) { StatusCode = HttpStatusCode.Created, StatusDescription = "Sucessfully created user " + new_user.Username, Headers = { { HttpHeaders.Location, base.Request.AbsoluteUri.CombineWith(new_user.Username) } } }); }
// TODO see if we can directly use DBUser // update existing user public object Put(UserRequest updated_user) { var user = new DBUser(); // TODO make explicit mapping user.PopulateWith(updated_user); using (var conn = DbConfig.GetConnection()) { var stored_user = conn.FirstOrDefault <DBUser>("Username = {0}", user.Username); if (stored_user == null) { // user did not exist, can't update return(new HttpResult { Status = 404, StatusDescription = "User " + user.Username + " was not found," + " and can't be updated. Try using HTTP POST to create a new user" }); } if (user.Password == "") { // password was not sent so use the old password // TODO hashing user.Password = stored_user.Password; } conn.Update <DBUser> (user, u => u.Username == user.Username); } Logger.DebugFormat("updating user information for user {0}", user.Username); // do not return the password over the wire user.Password = ""; return(new HttpResult(user) { StatusCode = System.Net.HttpStatusCode.OK, StatusDescription = "Successfully updated user " + user.Username }); }
public object Post(SignupUserRequest req) { req.AdditionalData = ""; req.Username = req.Username.ToLower(); // assert password is safe enough if (!req.Password.IsSafeAsPassword()) { throw new ValidationException() { ErrorMessage = "Password is unsafe" } } ; // assert username is not already taken using (var db = DbConfig.GetConnection()) { var user = db.FirstOrDefault <DBUser> (u => u.Username == req.Username); if (user != null) { throw new ConflictException() { ErrorMessage = "A user by that name already exists" } } ; } // assert email is not already registered using (var db = DbConfig.GetConnection()) { var user = db.FirstOrDefault <DBUser> (u => u.EmailAddress == req.EmailAddress); if (user != null) { throw new ConflictException() { ErrorMessage = "The emailaddress is already registered" } } ; } // assert all required fields are filled var db_user = new DBUser(); db_user.PopulateWith(req); db_user.IsActivated = false; db_user.IsVerified = false; db_user.VerifySecret = Guid.NewGuid().ToString().Replace("-", ""); // write user to db using (var db = DbConfig.GetConnection()) { db.Insert <DBUser> (db_user); } return(new HttpResult() { StatusCode = HttpStatusCode.OK }); }
public object Post(SignupUserRequest req) { if (!JsonConfig.Config.Global.AllowSignup) { throw new Rainy.ErrorHandling.UnauthorizedException(); } req.AdditionalData = ""; req.Username = req.Username.ToLower(); // assert password is safe enough //if (!req.Password.IsSafeAsPassword ()) // throw new ValidationException () {ErrorMessage = "Password is unsafe"}; // assert username is not already taken using (var db = connFactory.OpenDbConnection()) { var user = db.FirstOrDefault <DBUser> (u => u.Username == req.Username); if (user != null) { throw new ConflictException() { ErrorMessage = "A user by that name already exists" } } ; // assert email is not already registered user = db.FirstOrDefault <DBUser> (u => u.EmailAddress == req.EmailAddress); if (user != null) { throw new ConflictException() { ErrorMessage = "The emailaddress is already registered" } } ; } // assert all required fields are filled var db_user = new DBUser(); db_user.PopulateWith(req); db_user.IsActivated = false; if (JsonConfig.Config.Global.RequireModeration == false) { db_user.IsActivated = true; } db_user.IsVerified = true; db_user.VerifySecret = Guid.NewGuid().ToString().Replace("-", ""); db_user.CreateCryptoFields(req.Password); db_user.Password = ""; // write user to db using (var db = connFactory.OpenDbConnection()) { db.Insert <DBUser> (db_user); } return(new HttpResult() { StatusCode = HttpStatusCode.OK }); }