public async Task <IActionResult> EditPassword([FromBody] PasswordWalletModel passwordWalletModel, CancellationToken cancellationToken)
{
var result = await _walletService.EditPassword(passwordWalletModel, HttpContext.User, cancellationToken);
if (result.Success)
{
return(Ok(result));
}
return(BadRequest(result));
}
public async Task <Status> EditPassword(PasswordWalletModel passwordWalletModel, ClaimsPrincipal user, CancellationToken cancellationToken)
{
var userIdString = user.FindFirst(ClaimTypes.NameIdentifier).Value;
Guid.TryParse(userIdString, out Guid userId);
var function = await _passwordWalletContext.Functions
.FirstOrDefaultAsync(x => x.Name == FunctionName.Wallet.EditPassword, cancellationToken);
await LogFunction(function.Id, userId, cancellationToken);
var owner = await _passwordWalletContext.Users
.FirstOrDefaultAsync(user => user.Id == userId, cancellationToken);
if (owner == null)
{
return(new Status(false, "Owner not found"));
}
var password = await _passwordWalletContext.Passwords
.FirstOrDefaultAsync(password => password.Id == passwordWalletModel.Id, cancellationToken);
var authorizationResult = await _authorizationService
.AuthorizeAsync(user, password, Policy.OnlyOwner);
if (!authorizationResult.Succeeded)
{
return(new Status(false, "You have to be an owner to edit password"));
}
if (!string.IsNullOrEmpty(passwordWalletModel.Password))
{
password.PasswordValue = SymmetricEncryptor.EncryptString(passwordWalletModel.Password, owner.PasswordHash);
}
var actionChanges = new DataChange
{
UserId = userId,
PreviousValue = JsonConvert.SerializeObject(new Password
{
Id = password.Id,
IsDeleted = password.IsDeleted,
Login = password.Login,
Description = password.Description,
PasswordValue = password.PasswordValue,
UserId = password.UserId,
WebAddress = password.WebAddress,
}),
CurrentValue = null,
ActionType = ActionType.EDIT,
RecordId = password.Id,
UpdatedAt = DateTime.Now,
};
password.Login = passwordWalletModel.Login;
password.WebAddress = passwordWalletModel.WebPage;
password.Description = passwordWalletModel.Description;
actionChanges.CurrentValue = JsonConvert.SerializeObject(new Password
{
Id = password.Id,
IsDeleted = password.IsDeleted,
Login = password.Login,
Description = password.Description,
PasswordValue = password.PasswordValue,
UserId = password.UserId,
WebAddress = password.WebAddress,
});
_passwordWalletContext.Update(password);
await _passwordWalletContext.AddAsync(actionChanges, cancellationToken);
await _passwordWalletContext.SaveChangesAsync(cancellationToken);
return(new Status(true, "Successful edit password"));
}
