private void btnAddUser_Click(object sender, EventArgs e)
{
if (ValidateControls())
{
try
{
SystemUser systemUser = new SystemUser();
if (cmbStaff.SelectedIndex != -1)
{
Staff staff = (Staff)cmbStaff.SelectedItem;
systemUser.PersonId = staff.PersonId;
if (staff.Email == string.Empty)
{
staff.Email = txtEmail.Text;
StaffData sd = new StaffData();
sd.Update(staff);
}
}
SystemUserData sud = new SystemUserData();
systemUser.FirstName = txtFirstName.Text;
systemUser.LastName = txtLastName.Text;
systemUser.UserName = txtUserName.Text;
systemUser.Email = txtEmail.Text;
systemUser.UserPassword = "******";
sud.CreateUser(systemUser);
this.DialogResult = DialogResult.OK;
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
private void btnOK_Click(object sender, EventArgs e)
{
if (CheckIfLoginDetailsProvided())
{
SystemUserData sd = new SystemUserData();
Jarvis.CurrentUser = sd.GetSystemUser(txtUsername.Text, txtPassword.Text);
if (Jarvis.CurrentUser == null)
{
// MessageBox.Show("Couldn't authenticate user", "Login error", MessageBoxButtons.OK, MessageBoxIcon.Error);
CouldntAuthenticateUser("Password or Username is incorrect");
this.DialogResult = System.Windows.Forms.DialogResult.None;
}
else
{
if (String.Compare(txtPassword.Text, Jarvis.CurrentUser.UserPassword) == 0)
{
this.DialogResult = System.Windows.Forms.DialogResult.OK;
}
else
{
CouldntAuthenticateUser("Password or Username is incorrect");
//MessageBox.Show("Couldn't authenticate user", "Login error", MessageBoxButtons.OK, MessageBoxIcon.Error);
this.DialogResult = System.Windows.Forms.DialogResult.None;
}
}
}
else
{
CouldntAuthenticateUser("Please provide login credentials");
// MessageBox.Show("Please provide login credentials", "Login error", MessageBoxButtons.OK, MessageBoxIcon.Error);
this.DialogResult = System.Windows.Forms.DialogResult.None;
}
}
private OrderData MapOrderData(UserOrder order)
{
if (order == null)
{
return(null);
}
SystemUserData systemUserData = new SystemUserData
{
Email = order.UserSystem.Email,
Phone = order.UserSystem.Phone,
FirstName = order.UserSystem.FirsName,
LastName = order.UserSystem.LastName,
IdUser = order.UserId
};
OrderData orderData = new OrderData
{
// ReSharper disable once PossibleInvalidOperationException
IdEntity = order.IdEntity.Value,
DateOrder = order.DateOrder,
Address = order.Address,
OrderStatus = order.OrderStatus,
Products = order.Products,
UserSystemData = systemUserData
};
return(orderData);
}
public ServiceResult Create(string sessionToken, SystemUserData userData)
{
#region Check the administrator password is correct
var user = _dbContext.UserAuthorizationsToken.GetByToken(sessionToken);
string login = user.UserSystem.UserAdmittance.Login;
string password = userData.OldPassword;
string newHash = _passwordHash.GeneratePasswordHash(login, password);
string oldHash = user.UserSystem.UserAdmittance.PasswordHash;
if (newHash != oldHash)
{
ServiceResult errorResult = new ServiceResult(ServiceResult.ResultConnectionEnum.AccessDenied,
"To create a new user, you must confirm the current password.");
return(errorResult);
}
#endregion
return(CreatByRegistration(userData));
}
public ActionResult Create([FromBody] SystemUserData userData)
{
if (userData == null)
{
return(BadRequest("Input request is empty"));
}
#region Check input data
try
{
var dataRequestValidator = new SystemUserDataValidator();
var validationResult = dataRequestValidator.Validate(userData);
if (!validationResult.IsValid)
{
string errorMessage = "";
foreach (var error in validationResult.Errors)
{
errorMessage += error.ErrorMessage + " ";
}
return(Conflict(errorMessage));
}
}
catch (Exception e)
{
_logger.LogError($"Create new system user. Input data failed validation. Full validator exception message: {e.Message}");
return(StatusCode(StatusCodes.Status500InternalServerError, "Internal server error"));
}
#endregion
#region Check password
var validatorPassword = new PasswordValidator();
var validatorPasswordResult = validatorPassword.Validate(userData.NewPassword);
if (!validatorPasswordResult.IsValid)
{
string messageError = validatorPasswordResult.Errors.FirstOrDefault()?.ErrorMessage;
return(Conflict(messageError));
}
#endregion
var claims = HttpContext.User.Claims.ToList();
string sessionToken = claims.FirstOrDefault(c => c.Type == AuthorizationDataModel.ClaimSessionToken)?.Value;
ServiceResult result = _userSystemService.Create(sessionToken, userData);
if (result.ResultConnection != ServiceResult.ResultConnectionEnum.Correct)
{
_logger.LogError($"User system service error: {result.Message}");
return(StatusCode(StatusCodes.Status500InternalServerError, result.Message));
}
return(StatusCode(StatusCodes.Status201Created));
}
private void PopulateUsers()
{
SystemUserData data = new SystemUserData();
List <SystemUser> list = data.GetList().ConvertAll(x => x as SystemUser);
cmbUserName.ValueMember = "PersonId";
cmbUserName.DisplayMember = "UserName";
cmbUserName.DataSource = list;
cmbUserName.SelectedIndex = -1;
}
private void btnSave_Click(object sender, EventArgs e)
{
if (MessageBox.Show("Are you sure you want to save changes?", "Save changes", MessageBoxButtons.YesNo, MessageBoxIcon.Question) == DialogResult.Yes)
{
try
{
sud = new SystemUserData("WithTransaction");
// sud = new SystemUserData();
sud.SaveSystemUserRoleActions(_userList);
this.DialogResult = DialogResult.OK;
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Save changes", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
public ServiceResult CreateNewUser(RegistrationRequest registrationData)
{
SystemUserData systemUserData = new SystemUserData
{
Login = registrationData.Login,
OldPassword = registrationData.Password,
NewPassword = registrationData.Password,
Email = registrationData.Email,
Phone = registrationData.Phone,
FirstName = registrationData.FirstName,
LastName = registrationData.LastName,
IdUser = 0,
Role = (new UserRole(UserRole.RoleEnum.User)).GetRoleName(),
Status = (new UserStatus(UserStatus.StatusEnum.Active)).GetStatusName()
};
var serviceResult = _userSystemService.CreatByRegistration(systemUserData);
return(serviceResult);
}
public void Update_CorrectParametersAdmin()
{
string userLogin = "******";
string userToken = _sessionTokenMock.GenerateSessionToken(userLogin);
SystemUserData userData = new SystemUserData
{
Login = "******",
Email = "test",
FirstName = "test",
LastName = "test",
IdUser = 2,
OldPassword = "******",
NewPassword = "******",
Phone = "test",
Role = new UserRole(UserRole.RoleEnum.User).GetRoleName(),
Status = new UserStatus(UserStatus.StatusEnum.Active).GetStatusName()
};
var result = _userSystemService.Update(userToken, userData);
Assert.IsTrue(result.ResultConnection == ServiceResult.ResultConnectionEnum.Correct);
}
private SystemUserData MapUserToData(UserSystem user)
{
if (user == null)
{
return(null);
}
SystemUserData result = new SystemUserData
{
IdUser = user.IdEntity.Value,
FirstName = user.FirsName,
LastName = user.LastName,
Phone = user.Phone,
Email = user.Email,
Login = user.UserAdmittance.Login,
OldPassword = "",
NewPassword = "",
Role = user.UserAdmittance.UserRole.GetRoleName(),
Status = user.UserAdmittance.UserStatus.GetStatusName()
};
return(result);
}
public SystemUserList()
{
InitializeComponent();
sud = new SystemUserData();
}
public ServiceResult CreatByRegistration(SystemUserData userData)
{
#region Check uniq login
bool loginIsUnique = _dbContext.UserAdmittances.LoginUserIsUnique(userData.Login);
if (!loginIsUnique)
{
var typeError = ServiceResult.ResultConnectionEnum.InvalidRequestData;
var resultError = new ServiceResult(typeError, "User with the same name already exists!");
return(resultError);
}
#endregion
string passwordHash;
passwordHash = _passwordHash.GeneratePasswordHash(userData.Login, userData.NewPassword);
var userStatus = new UserStatus(userData.Status);
var userRole = new UserRole(userData.Role);
var userAdmittance = new UserAdmittance(userData.Login, passwordHash, userStatus, userRole);
var systemUser = new UserSystem
{
FirsName = userData.FirstName,
LastName = userData.LastName,
Phone = userData.Phone,
Email = userData.Email,
UserAdmittance = userAdmittance
};
bool userIsSave;
#region Save new user
int?idUserAdmittance = _dbContext.UserAdmittances.Insert(systemUser.UserAdmittance);
if (idUserAdmittance.HasValue && idUserAdmittance.Value > 0)
{
systemUser.UserAdmittanceId = idUserAdmittance.Value;
int?idUser = _dbContext.UsersSystem.Insert(systemUser);
if (idUser.HasValue && idUser > 0)
{
userIsSave = true;
}
else
{
_dbContext.UserAdmittances.Delete(idUserAdmittance.Value);
userIsSave = false;
}
}
else
{
userIsSave = false;
}
#endregion
if (!userIsSave)
{
var typeError = ServiceResult.ResultConnectionEnum.SystemError;
var resultError = new ServiceResult(typeError, "Save new user failed, please try again");
return(resultError);
}
var typeResult = ServiceResult.ResultConnectionEnum.Correct;
var result = new ServiceResult(typeResult, "Save new user completed");
return(result);
}
public ServiceResult Update(string sessionToken, SystemUserData userData)
{
#region Check access
var userAccess = _dbContext.UserAuthorizationsToken.GetByToken(sessionToken);
if (userAccess.UserSystem.UserAdmittance.Login != userData.Login &&
userAccess.UserSystem.UserAdmittance.UserRole.Role != UserRole.RoleEnum.Admin)
{
string messageError = "Only user and administrator can change user information. ";
var resultError = new ServiceResult(ServiceResult.ResultConnectionEnum.AccessDenied, messageError);
return(resultError);
}
if (userAccess.UserSystem.IdEntity != null && userAccess.UserSystem.IdEntity.Value == userData.IdUser)
{
if (userAccess.UserSystem.UserAdmittance.UserRole.Role != new UserRole(userData.Role).Role ||
userAccess.UserSystem.UserAdmittance.UserStatus.Status != new UserStatus(userData.Status).Status)
{
string messageError = "Information about this user can be changed only through the user's personal account.";
var resultError = new ServiceResult(ServiceResult.ResultConnectionEnum.AccessDenied, messageError);
return(resultError);
}
}
string checkHash = _passwordHash.GeneratePasswordHash(userAccess.UserSystem.UserAdmittance.Login, userData.OldPassword);
if (checkHash != userAccess.UserSystem.UserAdmittance.PasswordHash)
{
ServiceResult errorResult = new ServiceResult(ServiceResult.ResultConnectionEnum.AccessDenied,
"To update user information, you must confirm the current password. ");
return(errorResult);
}
#endregion
var user = _dbContext.UsersSystem.GetUserByLogin(userData.Login);
user.FirsName = userData.FirstName;
user.LastName = userData.LastName;
user.Email = userData.Email;
user.Phone = userData.Phone;
user.UserAdmittance.UserRole = new UserRole(userData.Role);
user.UserAdmittance.UserStatus = new UserStatus(userData.Status);
if (!string.IsNullOrEmpty(userData.NewPassword))
{
user.UserAdmittance.PasswordHash = _passwordHash.GeneratePasswordHash(userData.Login, userData.NewPassword);
}
bool updateResultAdmittances;
bool updateResultUser = false;
updateResultAdmittances = _dbContext.UserAdmittances.Update(user.UserAdmittance);
if (updateResultAdmittances)
{
updateResultUser = _dbContext.UsersSystem.Update(user);
}
if (!updateResultAdmittances || !updateResultUser)
{
return(new ServiceResult(ServiceResult.ResultConnectionEnum.SystemError, "Failed to save user information."));
}
return(new ServiceResult(ServiceResult.ResultConnectionEnum.Correct, "User information successfully changed"));
}
