public async Task <ApiResult> ModifySelf(Core.Models.Users.User user)
{
var currentUser = await _userManager.GetUserAsync(User);
if (currentUser.Id != user.Id)
{
return(ApiResult.Forbidden("You do not have access to modify a different user using this endpoint."));
}
var oldUser = await _userManager.FindByIdAsync(user.Id.ToString());
if (oldUser == null)
{
return(ApiResult.BadRequest());
}
if (_userService.TryModifyUser(user, oldUser, out User newUser))
{
var userModel = _mapper.Map <Core.Models.Users.User>(newUser);
return(ApiResult.Success(userModel));
}
return(ApiResult.BadRequest());
}
/// <summary>
/// Returns if the user model is considered valid, assuming the user id's are correct.
/// </summary>
/// <param name="user"></param>
/// <param name="oldUser"></param>
/// <returns></returns>
private bool IsUserValid(Core.Models.Users.User user, User oldUser)
{
if (user.Username != oldUser.UserName)
{
return(false);
}
return(true);
}
public async Task <ApiResult> ModifyUser(Core.Models.Users.User user)
{
var oldUser = await _userManager.FindByIdAsync(user.Id.ToString());
if (oldUser == null)
{
return(ApiResult.BadRequest());
}
if (_userService.TryModifyUser(user, oldUser, out User newUser))
{
var userModel = _mapper.Map <Core.Models.Users.User>(newUser);
return(ApiResult.Success(userModel));
}
return(ApiResult.BadRequest());
}
/// <summary>
/// Try to modify the user.
/// </summary>
/// <param name="user"></param>
/// <param name="oldUser"></param>
/// <param name="newUser"></param>
/// <returns></returns>
public bool TryModifyUser(Core.Models.Users.User user, User oldUser, out User newUser)
{
newUser = null;
if (!IsUserValid(user, oldUser))
{
return(false);
}
oldUser.About = user.About;
oldUser.Hometown = user.Hometown;
oldUser.Job = user.Job;
oldUser.Email = user.Email;
oldUser.Fullname = user.Fullname;
_userManager.UpdateAsync(oldUser).Wait();
newUser = _userManager.FindByIdAsync(oldUser.Id.ToString()).Result;
return(true);
}
[InlineData(1, "admin", 0, "admin2", false)] //user can't change their username
public void TryModifyUserTest(int userId, string username, int newUserId, string newUsername, bool shouldBeValid)
{
//Arrange
var user = new User {
Id = userId, UserName = username
};
var userManager = CreateUserManager(options =>
{
options.CreateAsync(user).Wait();
});
var userModel = new Core.Models.Users.User
{
Id = newUserId,
Username = newUsername
};
var userService = new UserService(userManager, null, null, null);
//Act
var result = userService.TryModifyUser(userModel, user, out User newUser);
//Assert
Assert.Equal(shouldBeValid, result);
if (shouldBeValid)
{
Assert.Equal(newUsername, newUser.UserName);
Assert.Equal(userId, newUser.Id);
}
else
{
Assert.Equal(username, user.UserName);
Assert.Null(newUser);
}
}
