public ActionResult Edit(int id, User updatedUser)
{
User user = Current.DB.Users.Get(id);
if (updatedUser.DOB < DateTime.UtcNow.AddYears(-100) || updatedUser.DOB > DateTime.UtcNow.AddYears(-6))
{
updatedUser.DOB = null;
}
if (user.Id == updatedUser.Id && (updatedUser.Id == CurrentUser.Id || CurrentUser.IsAdmin))
{
var violations = updatedUser.GetBusinessRuleViolations(ChangeAction.Update);
if (violations.Count == 0)
{
var snapshot = Snapshotter.Start(user);
user.Login = HtmlUtilities.Safe(updatedUser.Login);
user.AboutMe = updatedUser.AboutMe;
user.DOB = updatedUser.DOB;
user.Email = HtmlUtilities.Safe(updatedUser.Email);
user.Website = HtmlUtilities.Safe(updatedUser.Website);
user.Location = HtmlUtilities.Safe(updatedUser.Location);
// Preferences are updated separately, so we should likely do this elsewhere instead...
// Can likely move it out if we have introduce a fancier OpenID management panel like
// the network has.
user.EnforceSecureOpenId = updatedUser.EnforceSecureOpenId;
var diff = snapshot.Diff();
if (diff.ParameterNames.Any())
{
Current.DB.Users.Update(user.Id, snapshot.Diff());
}
return Redirect("/users/" + user.Id);
}
else
{
foreach (var violation in violations)
ModelState.AddModelError(violation.PropertyName, violation.ErrorMessage);
return Edit(user.Id);
}
}
else
{
return Redirect("/");
}
}
public static User CreateUser(string login, string email, string openIdClaim)
{
var u = new User
{
CreationDate = DateTime.UtcNow
};
login = CleanLogin(login ?? string.Empty);
if (login.Length == 0)
{
login = emptyLogin;
}
u.Login = login;
u.Email = email;
int retries = 0;
bool success = false;
int maxId = Current.DB.Query <int?>("select max(Id) + 1 from Users").First() ?? 0;
maxId += 1;
while (!success)
{
var violations = u.GetBusinessRuleViolations(ChangeAction.Insert);
if (violations.Any(v => v.PropertyName == "Login"))
{
u.Login = login + (maxId + retries);
}
else if (violations.Count > 0)
{
throw new NotImplementedException("The User isn't valid, and we can't compensate for it right now.");
}
else
{
success = true;
}
}
u.Id = Current.DB.Users.Insert(new { u.Email, u.Login, u.CreationDate }).Value;
if (openIdClaim != null)
{
Current.DB.UserOpenIds.Insert(new { OpenIdClaim = openIdClaim, UserId = u.Id });
}
return(u);
}
public ActionResult Edit(int id, User updatedUser)
{
User user = Current.DB.Users.First(u => u.Id == id);
if (updatedUser.DOB < DateTime.Now.AddYears(-100) || updatedUser.DOB > DateTime.Now.AddYears(-6))
{
updatedUser.DOB = null;
}
if (user.Id == updatedUser.Id && (updatedUser.Id == CurrentUser.Id || CurrentUser.IsAdmin))
{
var violations = updatedUser.GetBusinessRuleViolations(ChangeAction.Update);
if (violations.Count == 0)
{
user.Login = HtmlUtilities.Safe(updatedUser.Login);
user.AboutMe = updatedUser.AboutMe;
user.DOB = updatedUser.DOB;
user.Email = HtmlUtilities.Safe(updatedUser.Email);
user.Website = HtmlUtilities.Safe(updatedUser.Website);
user.Location = HtmlUtilities.Safe(updatedUser.Location);
Current.DB.SubmitChanges();
return Redirect("/users/" + user.Id);
}
else
{
foreach (var violation in violations)
ModelState.AddModelError(violation.PropertyName, violation.ErrorMessage);
return Edit(user.Id);
}
}
else
{
return Redirect("/");
}
}
public static User CreateUser(string login, string email, string openIdClaim)
{
var u = new User();
u.CreationDate = DateTime.UtcNow;
login = CleanLogin(login ?? string.Empty);
if (login.Length == 0)
{
login = emptyLogin;
}
u.Login = login;
u.Email = email;
int retries = 0;
bool success = false;
int maxId = Current.DB.Query<int?>("select max(Id) + 1 from Users").First() ?? 0;
maxId += 1;
while (!success)
{
IList<BusinessRuleViolation> violations = u.GetBusinessRuleViolations(ChangeAction.Insert);
if (violations.Any(v => v.PropertyName == "Login"))
{
u.Login = login + (maxId + retries);
}
else if (violations.Count > 0)
{
throw new NotImplementedException("The User isn't valid, and we can't compensate for it right now.");
}
else
{
success = true;
}
}
u.Id = Current.DB.Users.Insert(new { u.Email, u.Login, u.CreationDate }).Value;
Current.DB.UserOpenIds.Insert(new { OpenIdClaim = openIdClaim, UserId = u.Id });
return u;
}
public static User CreateUser(string login, string email, string openIdClaim)
{
var u = new User();
u.CreationDate = DateTime.UtcNow;
login = CleanLogin(login ?? string.Empty);
if (login.Length == 0)
{
/* email scrubbing got people upset, so it is gone now
if (email != null)
login = CleanLogin(email.Split('@')[0]);
*/
if (login.Length == 0)
login = emptyLogin;
}
u.Login = login;
u.Email = email;
int retries = 0;
bool success = false;
int maxId = Current.DB.ExecuteQuery<int?>("select max(Id) + 1 from Users").First() ?? 0;
maxId += 1;
while (!success)
{
IList<BusinessRuleViolation> violations = u.GetBusinessRuleViolations(ChangeAction.Insert);
if (violations.Any(v => v.PropertyName == "Login"))
{
u.Login = login + (maxId + retries);
}
else if (violations.Count > 0)
{
throw new NotImplementedException("The User isn't valid, and we can't compensate for it right now.");
}
else
{
success = true;
}
}
Current.DB.Users.InsertOnSubmit(u);
var o = new UserOpenId();
o.OpenIdClaim = openIdClaim;
o.User = u;
Current.DB.UserOpenIds.InsertOnSubmit(o);
Current.DB.SubmitChanges();
return u;
}
