public IHttpActionResult Put(Guid id, [FromBody] OrgUserDTO value)
{
if (id == Guid.Empty)
{
return(BadRequest("id is empty"));
}
var orguser = UnitOfWork.OrgUsersRepository.Find(id);
if (orguser == null)
{
return(NotFound());
}
orguser.Email = value.Email;
orguser.EmailConfirmed = value.EmailConfirmed;
orguser.FirstName = value.FirstName;
orguser.Surname = value.Surname;
orguser.TypeId = value.Type.Id;
orguser.IsWebUser = value.IsWebUser;
orguser.IsMobileUser = value.IsMobileUser;
orguser.Gender = value.Gender;
orguser.Birthdate = value.Birthdate;
orguser.Address = value.Address;
if (!orguser.PhoneNumberConfirmed)
{
orguser.PhoneNumber = string.IsNullOrEmpty(value.PhoneNumber) ? null : value.PhoneNumber;
}
if (CurrentUser is SuperUser || CurrentUser is PlatformUser)
{
if (value.CurrentProject != null)
{
if (Guid.Parse(value.CurrentProject.Organisation.Id) != orguser.Organisation.Id)
{
return(BadRequest("The selected current project does not belong to this user's organisation"));
}
orguser.CurrentProjectId = value.CurrentProject.Id;
}
}
try
{
var result = UnitOfWork.UserManager.UpdateSync(orguser);
if (result.Succeeded)
{
MemoryCacher.DeleteStartingWith(CACHE_KEY);
return(Ok());
}
else
{
return(BadRequest(result.Errors.ToString(", ")));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public async Task <IHttpActionResult> Post([FromBody] OrgUserDTO value)
{
// not necessary to validate password,
// because we generate a random password and
// send it as part of the account confirmation email.
//if (string.IsNullOrEmpty(value.Password))
// ModelState.AddModelError("Password", "Please provide password.");
//if (value.Password != value.ConfirmPassword)
// ModelState.AddModelError("ConfirmPassword", "'Password' and 'Confirm password' must be the same.");
if (value.AccountType == AccountType.MobileAccount)
{
// the OrgUserType property is hidden in mobile-users' edit form.
// so the Type is null at this point. fetch and populate.
// TeamUser Type ID: 379c989a-9919-4338-a468-a7c20eb76e28
var teamUserType = UnitOfWork.OrgUserTypesRepository
.AllAsNoTracking
.Where(x => x.SystemName == "TeamUser")
.SingleOrDefault();
value.Type = Mapper.Map <OrgUserTypeDTO>(teamUserType);
}
var orguser = Mapper.Map <OrgUser>(value);
orguser.UserName = orguser.Email;
if (CurrentUser is SuperUser || CurrentUser is PlatformUser)
{
orguser.OrganisationId = Guid.Parse(value.Organisation.Id);
orguser.Organisation = null;
}
else if (CurrentUser is OrgUser)
{
orguser.OrganisationId = CurrentOrgUser.OrganisationId.Value;
}
// generate a random password
var randomPassword = System.Web.Security.Membership.GeneratePassword(12, 1);
var identityResult = ServiceContext.UserManager.CreateSync(orguser, randomPassword);
if (!identityResult.Succeeded)
{
throw new Exception(identityResult.Errors.ToString(". "));
}
// assign roles by type.
orguser.Type = UnitOfWork.OrgUserTypesRepository.Find(orguser.TypeId);
UnitOfWork.UserManager.AssignRolesByUserType(orguser);
var organisation = UnitOfWork.OrganisationRepository.Find(orguser.OrganisationId.Value);
if (value.Type.Name.ToLower() == "administrator")
{
var projects = UnitOfWork.ProjectsRepository
.AllAsNoTracking
.Where(p => p.OrganisationId == orguser.OrganisationId.Value)
.Select(x => x.Id)
.ToList();
foreach (var projectId in projects)
{
var orgUserAssignment = new Assignment
{
ProjectId = projectId,
OrgUserId = orguser.Id,
CanView = true,
CanAdd = true,
CanEdit = true,
CanDelete = true,
CanExportPdf = true,
CanExportZip = true
};
UnitOfWork.AssignmentsRepository.InsertOrUpdate(orgUserAssignment);
}
UnitOfWork.Save();
}
// create a project for this user
var project = new Project()
{
Name = $"{orguser.FirstName} {orguser.Surname}",
StartDate = DateTimeService.UtcNow,
OrganisationId = organisation.Id,
CreatedById = orguser.Id
};
UnitOfWork.ProjectsRepository.InsertOrUpdate(project);
UnitOfWork.Save();
// assign this user to their project.
var assignment = new Assignment()
{
ProjectId = project.Id,
OrgUserId = orguser.Id,
CanView = true,
CanAdd = true,
CanEdit = true,
CanDelete = true,
CanExportPdf = true, // temporary. turn off in production.
CanExportZip = true // temporary. turn off in production.
};
UnitOfWork.AssignmentsRepository.InsertOrUpdate(assignment);
// assign organisation admin to this project
if (organisation.RootUser != null)
{
UnitOfWork.AssignmentsRepository.InsertOrUpdate(new Assignment
{
ProjectId = project.Id,
OrgUserId = organisation.RootUserId.Value,
CanView = true,
CanAdd = true,
CanEdit = true,
CanDelete = true,
CanExportPdf = true,
CanExportZip = true
});
}
UnitOfWork.Save();
// set user's current project
var _orgUser = UnitOfWork.OrgUsersRepository.Find(orguser.Id);
_orgUser.CurrentProjectId = project.Id;
UnitOfWork.OrgUsersRepository.InsertOrUpdate(_orgUser);
UnitOfWork.Save();
// subscribe this user to the current organization
if (!_orgUser.Subscriptions.Any())
{
var subscription = new Subscription
{
IsActive = true,
Type = UserSubscriptionType.Organisation,
StartDate = DateTimeService.UtcNow,
EndDate = null,
Note = $"Joined organisation - {organisation.Name}",
OrgUserId = _orgUser.Id,
OrganisationId = organisation.Id
};
UnitOfWork.SubscriptionsRepository.InsertOrUpdate(subscription);
_orgUser.IsSubscribed = true;
UnitOfWork.Save();
}
// send account confirmation email
var code = await UserManager.GenerateEmailConfirmationTokenAsync(orguser.Id);
var encodedCode = HttpUtility.UrlEncode(code);
var rootIndex = WebHelpers.GetRootIndexPath();
var baseUrl = $"{Request.RequestUri.Scheme}://{Request.RequestUri.Authority}/{rootIndex}";
var callbackUrl = $"{baseUrl}#!/verify-email?userId={orguser.Id}&code={encodedCode}";
var content = @"<p>Complete your registration by verifying your email address. Click the link below to continue.</p>
<p><a href='" + callbackUrl + @"'>Verify Email Address</a></p><br>
<p>Your password is <strong>" + randomPassword + @"</strong></p>
<p>Make sure to change your password after you've signed in.</p>
<p>For more information please read our <a href='https://onrecord.tech/privacy-policy/' target='_blank'>privacy policy</a> guide.</p>";
var emailBody = WebHelpers.GenerateEmailTemplate(content, "Welcome to OnRecord");
await UserManager.SendEmailAsync(orguser.Id, "Confirm your account", emailBody);
MemoryCacher.DeleteStartingWith(CACHE_KEY);
return(Ok());
}
