protected async Task <AuthorizationResult> GetAuthorizationResult(int id) { //get current user to check if availiable UserDtoEdit user = await _userService.GetUserById(id); var authorizationResult = await _authorizationService.AuthorizeAsync(User, user.Username, "EditUserPolicy"); return(authorizationResult); }
public async Task <IActionResult> EditProfile([FromBody] UserDtoEdit userDtoEdit) { var authorizationResult = await GetAuthorizationResult(userDtoEdit.Id); if (authorizationResult.Succeeded) { await _userService.EditProfile(userDtoEdit); return(Ok()); } return(Forbid()); }
public async Task <UserDtoEdit> GetUserById(int id) { var user = await _userRepository.FindByIdFirstAsync(id); if (user == null) { throw new ResourceNotFoundException("User with that id not found"); } UserDtoEdit userDto = _mapper.Map <User, UserDtoEdit>(user); return(userDto); }
public async Task EditProfile(UserDtoEdit userDtoEdit) { var user = await _userRepository.FindByIdFirstAsync(userDtoEdit.Id); if (user == null) { throw new ResourceNotFoundException("User with id: " + userDtoEdit.Id + " not found"); } user.LastName = userDtoEdit.LastName; user.FirstName = userDtoEdit.FirstName; user.ModificationDate = DateTime.Now; if (user.Email != userDtoEdit.Email) { if (await IsUserWithThisEmailIsInDatabase(userDtoEdit.Email)) { throw new BadRequestException("There is a user with this email!"); } } user.Email = userDtoEdit.Email; if (user.Username != userDtoEdit.Username) { if (user.Username == userDtoEdit.Username) { throw new BadRequestException("Username is exacly the same as previous one, please proivde different one"); } var userWithNewUsername = await _userRepository.FindByFirstAsync(u => u.Username == userDtoEdit.Username); if (userWithNewUsername != null) { throw new BadRequestException("There is already username with this name, please proviee different one"); } user.Username = userDtoEdit.Username; } _userRepository.Edit(user); await _userRepository.SaveAsync(); }