public override IActionResult OperationBody()
{
var users = _userQueries.Get();
var result = Mapper.Map <List <UserDto> >(users);
return(new OkObjectResult(result));
}
public override async Task <UserSession> HandleCommand(LoginAnotherCommand request, CancellationToken cancellationToken)
{
if (!request.LoginSession.IsSuperAdmin)
{
throw new NotPermissionException();
}
var user = await userQueries.Get(request.UserId);
if (user == null)
{
throw new BusinessException("User.NotExistedAccount");
}
if (!user.IsUsed)
{
throw new BusinessException("User.NotUsedAccount");
}
if (!user.IsActived)
{
throw new BusinessException("User.NotActivedAccount");
}
var token = SessionHelper.CreateAccessToken(user.Username);
return(await authenRepository.LoginAnotherUser(request.LoginSession.SessionId, user, token));
}
public override async Task <int> HandleCommand(UpdateCommand request, CancellationToken cancellationToken)
{
if (request.User.Id == 1) //Administrator
{
return(0);
}
var checkingUser = await userQueries.GetWithEmail(request.User.Email);
if (checkingUser != null && checkingUser.Id != request.User.Id)
{
throw new BusinessException("User.ExistedEmail");
}
var user = await userQueries.Get(request.User.Id);
if (user == null)
{
throw new BusinessException("User.NotExistedAccount");
}
user.DisplayName = request.User.DisplayName;
user.PhoneNumber = request.User.PhoneNumber;
user.Email = request.User.Email;
user.IsUsed = user.IsExternalUser || request.User.IsUsed;
user = UpdateBuild(user, request.LoginSession);
return(await userRepository.Update(user));
}
public async Task <ApiResult> Get(int userId)
{
var rs = await userQueries.Get(userId);
return(new ApiResult()
{
Result = 0,
Data = rs
});
}
public async Task <ApiResult> Get()
{
var user = await userQueries.Get(LoginSession.UserId);
return(new ApiResult()
{
Result = user == null ? -1 : 0,
Data = user
});
}
public override async Task <int> HandleCommand(UpdatePasswordCommand request, CancellationToken cancellationToken)
{
var user = await userQueries.Get(request.UserId);
if (user == null)
{
throw new BusinessException("User.NotExistedAccount");
}
user.Password = (request.Password.Trim() + user.SecurityPassword.ToString()).CalculateMD5Hash();
user = UpdateBuild(user, request.LoginSession);
return(await userRepository.Update(user));
}
public UserModel Get(string userId)
{
Guid userGuid = Guid.Empty;
Guid.TryParse(userId, out userGuid);
var result = _userQueries.Get(userGuid);
if (result == null)
{
return(null);
}
return(new UserModel()
{
Id = result.Id,
CreatedOnUtc = result.CreatedOnUtc,
LastLoginOnUtc = result.LastUpdatedOnUtc,
LastUpdatedOnUtc = result.LastUpdatedOnUtc,
Token = result.Token
});
}
public override async Task <int> HandleCommand(DeleteCommand request, CancellationToken cancellationToken)
{
if (request.UserId == 1) //Administrator
{
return(0);
}
var data = await userQueries.Get(request.UserId);
if (data != null && !data.IsDeleted)
{
data = DeleteBuild(data, request.LoginSession);
return(await userRepository.Update(data));
}
return(0);
}
public override async Task <int> HandleCommand(ChangePasswordCommand request, CancellationToken cancellationToken)
{
var user = await userQueries.Get(request.LoginSession.Username);
if (user == null)
{
throw new BusinessException("User.NotExistedAccount");
}
if (user.Password != (request.OldPassword.Trim() + user.SecurityPassword.ToString()).CalculateMD5Hash())
{
throw new BusinessException("User.WrongOldPasswordAccount");
}
return(await authenRepository.ChangePassword(request.LoginSession.UserId, (request.NewPassword.Trim() + user.SecurityPassword.ToString()).CalculateMD5Hash()));
}
public override async Task <int> HandleCommand(ResetPasswordCommand request, CancellationToken cancellationToken)
{
var user = await userQueries.Get(request.UserName);
if (user == null || user.PasswordResetCode == null || !user.IsUsed || !user.IsActived)
{
throw new BusinessException("User.NotEnoughConditionResetPassword");
}
if (user.PasswordResetCode != request.PinCode)
{
throw new BusinessException("User.WrongPinCodeAccount");
}
return(await authenRepository.ResetPassword(user.Id, (request.Password.Trim() + user.SecurityPassword.ToString()).CalculateMD5Hash()));
}
public override async Task <int> HandleCommand(ActiveUserPasswordCommand request, CancellationToken cancellationToken)
{
var user = await userQueries.Get(request.UserName);
if (user != null)
{
if (user.IsActived)
{
throw new BusinessException("User.ActivedAccount");
}
else
{
return(await authenRepository.ActiveUser(user.Id, (request.Password + user.SecurityPassword.ToString()).CalculateMD5Hash()));
}
}
throw new BusinessException("User.NotExistedAccount");
}
public override async Task <int> HandleCommand(ResetPasswordByAdminCommand request, CancellationToken cancellationToken)
{
if (request.UserId == 1)
{
return(0);
}
//check existed username
var user = await userQueries.Get(request.UserId);
if (user == null)
{
throw new BusinessException("User.NotExistedAccount");
}
user.Password = (GlobalConfiguration.DefaultResetPassword + user.SecurityPassword.ToString()).CalculateMD5Hash();
user = UpdateBuild(user, request.LoginSession);
return(await userRepository.Update(user));
}
public void Invoke(ReplyPosted e)
{
var user = _userQueries.Get(e.PosterId);
_client.Send(new MailMessage(user.Email, "bla bla"));
}
public override async Task <int> HandleCommand(AddCommand request, CancellationToken cancellationToken)
{
// Role is null that this action is made by the staff. But LoginSession must not null
if (request.LoginSession == null && request.RoleId == 0)
{
throw new NotPermissionException();
}
//check existed username
var user = await userQueries.Get(request.UserName);
if (user != null)
{
throw new BusinessException("ExistedAccount");
}
//check existed email
user = await userQueries.GetWithEmail(request.Email);
if (user != null)
{
throw new BusinessException("ExistedEmail");
}
//Add user
Guid securityPassword = Guid.NewGuid();
var userId = await this.userRepository.Add(new UserAccount()
{
Username = request.UserName,
Password = (request.Password.Trim() + securityPassword.ToString()).CalculateMD5Hash(),
Email = request.Email,
DisplayName = request.DisplayName,
PhoneNumber = request.PhoneNumber,
SecurityPassword = securityPassword,
IsExternalUser = request.RoleId != 0,
IsActived = request.RoleId == 0,
IsUsed = request.RoleId != 0 || request.IsUsed,
CreatedDate = DateTime.Now
}, request.LoginSession == null?null : (int?)request.LoginSession.UserId);
// for who is't the staff
if (userId > 0 && request.RoleId != 0)
{
var role = await roleQueries.Get(request.RoleId);
if (role != null && role.IsExternalRole)
{
await userRoleRepository.Add(new UserAccountRole()
{
UserId = userId,
RoleId = role.Id
});
}
else
{
throw new BusinessException("Role.NotExisted");
}
}
//Send email for active here
return(userId);
}
public override async Task <int> HandleCommand(ChangeRolesCommand request, CancellationToken cancellationToken)
{
var user = await userQueries.Get(request.UserId);
if (user == null)
{
throw new BusinessException("NotExistedAccount");
}
if (user.IsExternalUser)
{
throw new BusinessException("ExternalAccount");
}
var rs = -1;
using (var conn = DalHelper.GetConnection())
{
conn.Open();
using (var trans = conn.BeginTransaction())
{
try
{
userRoleRepository.JoinTransaction(conn, trans);
roleQueries.JoinTransaction(conn, trans);
await userRoleRepository.DeleteRole(user.Id);
foreach (var item in request.RoleIds)
{
var role = await roleQueries.Get(item);
if (role != null && role.IsActive && !role.IsExternalRole && role.Id != 1) // != Administrator
{
await userRoleRepository.Add(new UI.Models.UserAccountRole()
{
RoleId = role.Id,
UserId = user.Id
});
}
}
return(rs = 0);
}
finally
{
if (rs == 0)
{
trans.Commit();
}
else
{
try
{
trans.Rollback();
}
catch (Exception ex)
{
LogHelper.GetLogger().Error(ex);
}
}
}
}
}
}