public async Task <IActionResult> GetUserInfo(string id)
{
using (var context = CreateOperationContext())
{
var user = await UserManager.FindByIdAsync(id);
if (user == null)
{
throw new ArgumentException("Invalid user identifier", "id");
}
McUserEditorData result = await ToMcEditorUserData(user);
return(new JsonResult(result, JsonSettings));
}
}
public async Task <IActionResult> CreateUser([FromBody] McUserEditorData data)
{
using (var context = CreateOperationContext())
{
List <string> validationErrors = new List <string>();
if (null == data)
{
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input"));
}
if (!string.IsNullOrWhiteSpace(data.Id))
{
validationErrors.Add("ID_INVALID");
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input", validationErrors));
}
var existingUser = await UserManager.FindByNameAsync(data?.UserName ?? "");
if (null != existingUser)
{
validationErrors.Add("USERNAME_UNAVAILABLE");
}
existingUser = await UserManager.FindByEmailAsync(data?.Email ?? "");
if (null != existingUser)
{
validationErrors.Add("EMAIL_UNAVAILABLE");
}
if (!DataHelper.IsValidEMail(data.Email))
{
validationErrors.Add("EMAIL_INVALID");
}
if (string.IsNullOrWhiteSpace(data.UserName))
{
validationErrors.Add("USERNAME_INVALID");
}
if (string.IsNullOrWhiteSpace(data.DisplayName))
{
validationErrors.Add("NAME_INVALID");
}
if (string.IsNullOrWhiteSpace(data.Password))
{
validationErrors.Add("PASSWORD_INVALID");
}
// If there are validation errors on the input, stop here and now
if (validationErrors.Count > 0)
{
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input", validationErrors));
}
var user = new ApplicationUser
{
UserName = data.UserName,
DisplayName = data.DisplayName,
ProfilePictureBase64 = data.ProfilePictureBase64,
Email = data.Email,
EmailConfirmed = true,
CreationDateUTC = DateTime.UtcNow,
LastModificationDateUTC = DateTime.UtcNow,
LockoutEnabled = false,
};
// Ask the usermanager for the user to be created
var identityResult = await UserManager.CreateAsync(user, data.Password);
if (!identityResult.Succeeded)
{
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input", validationErrors, identityResult.Errors));
}
else
{
user = await UserManager.FindByNameAsync(data.UserName);
await UpdateRoleForUser(user, SecurityPolicy.RoleAdministrator, data.IsAdministrator);
await UserManager.SetLockoutEnabledAsync(user, false);
// Return the updated user
McUserEditorData result = await ToMcEditorUserData(await UserManager.FindByNameAsync(data.UserName));
return(new JsonResult(result, JsonSettings));
}
}
}
public async Task <IActionResult> UpdateUser([FromBody] McUserEditorData data)
{
using (var context = CreateOperationContext())
{
List <string> validationErrors = new List <string>();
if (null == data)
{
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input"));
}
var user = await UserManager.FindByIdAsync(data?.Id ?? "");
if (null == user)
{
validationErrors.Add("INTERNAL_ERROR");
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input", validationErrors));
}
bool isMe = string.Equals(User.FindFirst(ClaimTypes.NameIdentifier).Value, data?.Id, StringComparison.InvariantCultureIgnoreCase);
if (data.LockoutEnabled && isMe)
{
validationErrors.Add("CANNOT_LOCKOUT_SELF");
}
var roles = await UserManager.GetRolesAsync(user);
if (!data.IsAdministrator && roles.Contains(SecurityPolicy.RoleAdministrator) && isMe)
{
// Can't remove admin role for $self
if (string.IsNullOrWhiteSpace(user?.DisplayName))
{
validationErrors.Add("ADMIN_ROLE_CHANGE_FOR_SELF");
}
}
if (!string.Equals(user.UserName, data?.UserName))
{
var existingUser = await UserManager.FindByNameAsync(data?.UserName ?? "");
if (null != existingUser)
{
validationErrors.Add("USERNAME_UNAVAILABLE");
}
}
if (!string.Equals(user.Email, data?.Email))
{
var existingUser = await UserManager.FindByEmailAsync(data?.Email ?? "");
if (null != existingUser)
{
validationErrors.Add("EMAIL_UNAVAILABLE");
}
}
if (!DataHelper.IsValidEMail(data.Email))
{
validationErrors.Add("EMAIL_INVALID");
}
if (string.IsNullOrWhiteSpace(data.Id))
{
validationErrors.Add("ID_INVALID");
}
if (string.IsNullOrWhiteSpace(data.UserName))
{
validationErrors.Add("USERNAME_INVALID");
}
if (string.IsNullOrWhiteSpace(data.DisplayName))
{
validationErrors.Add("NAME_INVALID");
}
// If there are validation errors on the input, stop here and now
if (validationErrors.Count > 0)
{
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input", validationErrors));
}
// Change password on demand
if (!string.IsNullOrEmpty(data.Password))
{
user.PasswordHash = UserManager.PasswordHasher.HashPassword(user, data.Password);
}
user.UserName = data.UserName;
user.DisplayName = data.DisplayName;
user.ProfilePictureBase64 = data.ProfilePictureBase64;
user.Email = data.Email;
user.EmailConfirmed = true;
user.LastModificationDateUTC = DateTime.UtcNow;
if (await UserManager.GetLockoutEnabledAsync(user) != data.LockoutEnabled)
{
await UserManager.SetLockoutEnabledAsync(user, data.LockoutEnabled);
}
// Request an update by the identity manager.
var identityResult = await UserManager.UpdateAsync(user);
if (!identityResult.Succeeded)
{
return(JsonError(System.Net.HttpStatusCode.BadRequest, "Invalid input", "Invalid input", validationErrors, identityResult.Errors));
}
else
{
await UpdateRoleForUser(user, SecurityPolicy.RoleAdministrator, data.IsAdministrator);
// Return the updated user
McUserEditorData result = await ToMcEditorUserData(await UserManager.FindByIdAsync(data?.Id ?? ""));
return(new JsonResult(result, JsonSettings));
}
}
}