public async Task ExecuteAsync(AddUserCommand command, IExecutionContext executionContext)
{
var userArea = _userAreaRepository.GetRequiredByCode(command.UserAreaCode);
var dbUserArea = await GetUserAreaAsync(userArea);
var role = await GetAndValidateRoleAsync(command, executionContext);
var user = new User()
{
FirstName = command.FirstName?.Trim(),
LastName = command.LastName?.Trim(),
RequirePasswordChange = command.RequirePasswordChange,
LastPasswordChangeDate = executionContext.ExecutionDate,
AccountVerifiedDate = command.IsAccountVerified ? executionContext.ExecutionDate : (DateTime?)null,
CreateDate = executionContext.ExecutionDate,
Role = role,
UserArea = dbUserArea,
CreatorId = executionContext.UserContext.UserId,
SecurityStamp = _securityStampGenerator.Generate()
};
if (!command.IsActive)
{
user.DeactivatedDate = executionContext.ExecutionDate;
}
await _userUpdateCommandHelper.UpdateEmailAndUsernameAsync(command.Email, command.Username, user, executionContext);
await ValidatePasswordAsync(userArea, user, command, executionContext);
SetPassword(user, command, userArea);
SetDisplayName(command, user);
_dbContext.Users.Add(user);
await _dbContext.SaveChangesAsync();
await _transactionScopeFactory.QueueCompletionTaskAsync(_dbContext, () => OnTransactionComplete(userArea, user));
command.OutputUserId = user.UserId;
}
public async Task ExecuteAsync(UpdateCurrentUserCommand command, IExecutionContext executionContext)
{
_permissionValidationService.EnforceIsSignedIn(executionContext.UserContext);
var userId = executionContext.UserContext.UserId.Value;
var user = await _dbContext
.Users
.FilterCanSignIn()
.FilterById(userId)
.SingleOrDefaultAsync();
EntityNotFoundException.ThrowIfNull(user, userId);
var updateResult = await _userUpdateCommandHelper.UpdateEmailAndUsernameAsync(command.Email, command.Username, user, executionContext);
UpdateName(command, user);
user.FirstName = command.FirstName?.Trim();
user.LastName = command.LastName?.Trim();
if (updateResult.HasUpdate())
{
_userSecurityStampUpdateHelper.Update(user);
}
using (var scope = _domainRepository.Transactions().CreateScope())
{
await _dbContext.SaveChangesAsync();
// Here we could assume that reset requests only need invalidating if the contact email changes, but if the
// user is updating their account details, then we could also assume that old requests are stale anyway.
await _domainRepository
.WithContext(executionContext)
.ExecuteCommandAsync(new InvalidateAuthorizedTaskBatchCommand(userId, UserAccountRecoveryAuthorizedTaskType.Code));
scope.QueueCompletionTask(() => OnTransactionComplete(user, updateResult));
await scope.CompleteAsync();
}
}