public async Task <ResponseModel> RemoveClaimFromUserAsync(UserModel loggedInUser, UserModel userToModify, ClaimModel claimToRemove) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); if (currentUser == null) { throw new ArgumentException($"Could not find logged."); } FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration); var response = new ResponseModel { Success = false }; var modifiedUser = await GetDbUserFromUserModelByUserNameAsync(userToModify); var claim = await dbContext.Claims.FirstOrDefaultAsync(c => c.ClaimType == claimToRemove.ClaimType); var userClaim = modifiedUser.UserClaims.FirstOrDefault(c => c.Claim.ClaimType == claimToRemove.ClaimType); if (modifiedUser == null) { response.ErrorMessage = $"Could not find user '{userToModify.UserName}'."; } else if (claim == null) { response.ErrorMessage = $"Could not find claim type '{claimToRemove.ClaimType}'."; } else if (userClaim == null) { response.ErrorMessage = $"The user '{modifiedUser.UserName}' does not have claim type '{claimToRemove.ClaimType}'."; } else if (currentUser.UserName == userToModify.UserName && claimToRemove.ClaimType == ClaimTypes.AuthorizedToDoUserAdministration.ToString()) { response.ErrorMessage = $"User '{userToModify.UserName} cannot remove claim '{ClaimTypes.AuthorizedToDoUserAdministration}' from self."; } else { dbContext.UserClaims.Remove(userClaim); dbContext.UserChangeLogs.Add(new UserChangeLog { ChangedByUserId = currentUser.UserId, ChangeDesc = $"Remove claim from user; UserName = '******', claimType = '{claimToRemove.ClaimType}'.", ModifiedOn = DateTime.Now, ChangedUserId = currentUser.UserId }); await dbContext.SaveChangesAsync(); response = new ResponseModel { Success = true }; } return(response); }
public async Task <ResponseModel> AddClaimToUserAsync(UserModel loggedInUser, UserModel userToModify, ClaimModel claimToAdd) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); if (currentUser == null) { throw new ArgumentException($"Could not find logged."); } FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration); var response = new ResponseModel { Success = false }; var modifiedUser = await GetDbUserFromUserModelByUserNameAsync(userToModify); var claim = await dbContext.Claims.FirstOrDefaultAsync(c => c.ClaimType == claimToAdd.ClaimType); if (modifiedUser == null) { response.ErrorMessage = $"Could not find user '{userToModify.UserName}'."; } else if (claim == null) { response.ErrorMessage = $"Could not claim type '{claimToAdd.ClaimType}'."; } else if (modifiedUser.UserClaims.Any(c => c.Claim.ClaimType == claimToAdd.ClaimType)) { response.ErrorMessage = $"User '{userToModify.UserName}' already has claim '{claimToAdd.ClaimType}'."; } else { dbContext.UserClaims.Add(new UserClaim { User = modifiedUser, Claim = claim }); dbContext.UserChangeLogs.Add(new UserChangeLog { ChangedByUserId = currentUser.UserId, ChangeDesc = $"Add claim to user; UserName = '******', claimType = '{claimToAdd.ClaimType}'.", ModifiedOn = DateTime.Now, ChangedUserId = currentUser.UserId }); await dbContext.SaveChangesAsync(); response = new ResponseModel { Success = true }; } return(response); }
public async Task <IEnumerable <UserModel> > GetUsersAsync(UserModel loggedInUser) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); var dbUsers = await dbContext.Users.ToListAsync(); return(mapper.Map <IList <User>, IList <UserModel> >(dbUsers)); }
public async Task <ResponseModel> DeactivateUserAsync(UserModel loggedInUser, UserModel userToDeactivate) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); FiasmErrorHandling.VerifyArgNotNull(userToDeactivate); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); if (currentUser == null) { throw new ArgumentException($"Could not find logged."); } FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration); var response = new ResponseModel { Success = false }; var dbModifiedUser = await GetDbUserFromUserModelByUserNameAsync(userToDeactivate); if (dbModifiedUser == null) { response.ErrorMessage = $"Could not find user '{userToDeactivate.UserName}'"; } else if (!dbModifiedUser.IsActive) { response.ErrorMessage = $"User '{userToDeactivate.UserName} is already deactivated.'"; } else if (currentUser.UserName == userToDeactivate.UserName) { response.ErrorMessage = $"User '{userToDeactivate.UserName} cannot deactivated self.'"; } else { dbModifiedUser.IsActive = false; dbContext.UserChangeLogs.Add(new UserChangeLog { ChangedByUserId = currentUser.UserId, ChangeDesc = $"Deactivate user; UserId = {dbModifiedUser.UserId}.", ModifiedOn = DateTime.Now, ChangedUserId = currentUser.UserId }); await dbContext.SaveChangesAsync(); response = new ResponseModel { Success = true }; } return(response); }
public async Task <IEnumerable <ClaimModel> > GetUserClaimsAsync(UserModel loggedInUser) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); if (currentUser == null) { throw new ArgumentException($"Could not find logged."); } FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration); return(currentUser.UserClaims.Select(c => mapper.Map <ClaimModel>(c))); }
public async Task <ResponseModel> CreateNewUserAsync(UserModel loggedInUser, UserModel newUser, string password) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); FiasmErrorHandling.VerifyArgNotNull(newUser); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); if (currentUser == null) { throw new ArgumentException($"Could not find logged."); } FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration); var response = new ResponseModel { Success = false }; if ((await GetDbUserFromUserModelByUserNameAsync(newUser)) != null) { response.ErrorMessage = $"A user '{newUser.UserName}' already exists."; } else if ((await GetDbUserFromUserModelByEmailAsync(newUser)) != null) { response.ErrorMessage = $"A user with email address '{newUser.EmailAddress}' already exists."; } else { var dbUser = new User { UserName = newUser.UserName, EmailAddress = newUser.EmailAddress, PhoneNumber = newUser.PhoneNumber, HashedPassword = hasher.HashPassword(newUser.UserName, password), IsPasswordReseting = false, IsPasswordResetRequired = true, IsActive = true }; dbContext.Users.Add(dbUser); await dbContext.SaveChangesAsync(); var dbAuthUserClaim = dbContext.Claims.Single(c => c.ClaimType == ClaimTypes.AuthorizedUser.ToString()); dbContext.UserClaims.Add(new UserClaim { User = dbUser, Claim = dbAuthUserClaim }); await dbContext.SaveChangesAsync(); dbContext.UserChangeLogs.Add(new UserChangeLog { ChangedByUserId = currentUser.UserId, ChangeDesc = $"Create new user; UserName = {newUser.UserName}.", ModifiedOn = DateTime.Now, ChangedUserId = currentUser.UserId }); await dbContext.SaveChangesAsync(); response = new ResponseModel { Success = true }; } return(response); }
/// <summary> /// Change the user email or phone number. This function will throw an InvalidCredentialException /// if the logged in user is trying to change the user information of another user without having /// the user administraction authorization claim. /// </summary> /// <param name="loggedInUser"></param> /// <param name="modifiedUser"></param> /// <returns></returns> public async Task <ResponseModel> UpdateUserAsync(UserModel loggedInUser, UserModel modifiedUser) { FiasmErrorHandling.VerifyArgNotNull(loggedInUser); FiasmErrorHandling.VerifyArgNotNull(modifiedUser); var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser); if (currentUser == null) { throw new ArgumentException($"Could not find logged."); } FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser); // if the current user is modifying another user, check the permissions if (loggedInUser.UserName != modifiedUser.UserName) { FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration); } var response = new ResponseModel { Success = false }; var dbModifiedUser = await GetDbUserFromUserModelByUserNameAsync(modifiedUser); if (dbModifiedUser == null) { response.ErrorMessage = $"Could not find user '{modifiedUser.UserName}'"; } else { var changeDesc = ""; if (dbModifiedUser.PhoneNumber != modifiedUser.PhoneNumber) { changeDesc += $"Changed PhoneNumber from {dbModifiedUser.PhoneNumber} to {modifiedUser.PhoneNumber}."; dbModifiedUser.PhoneNumber = modifiedUser.PhoneNumber; } if (dbModifiedUser.EmailAddress != modifiedUser.EmailAddress) { changeDesc += $"Changed PhoneNumber from {dbModifiedUser.EmailAddress} to {modifiedUser.EmailAddress}."; dbModifiedUser.EmailAddress = modifiedUser.EmailAddress; } if (string.IsNullOrEmpty(changeDesc)) { response.ErrorMessage = $"No user settings were different for user '{modifiedUser.UserName}'"; } else { dbContext.UserChangeLogs.Add(new UserChangeLog { ChangedByUserId = currentUser.UserId, ChangeDesc = $"Update user ; UserId = {dbModifiedUser.UserId}. {changeDesc}", ModifiedOn = DateTime.Now, ChangedUserId = currentUser.UserId }); await dbContext.SaveChangesAsync(); response = new ResponseModel { Success = true }; } } return(response); }