示例#1
0
        public async Task <ResponseModel> RemoveClaimFromUserAsync(UserModel loggedInUser, UserModel userToModify, ClaimModel claimToRemove)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            if (currentUser == null)
            {
                throw new ArgumentException($"Could not find logged.");
            }

            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);
            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration);

            var response = new ResponseModel {
                Success = false
            };

            var modifiedUser = await GetDbUserFromUserModelByUserNameAsync(userToModify);

            var claim = await dbContext.Claims.FirstOrDefaultAsync(c => c.ClaimType == claimToRemove.ClaimType);

            var userClaim = modifiedUser.UserClaims.FirstOrDefault(c => c.Claim.ClaimType == claimToRemove.ClaimType);

            if (modifiedUser == null)
            {
                response.ErrorMessage = $"Could not find user '{userToModify.UserName}'.";
            }
            else if (claim == null)
            {
                response.ErrorMessage = $"Could not find claim type '{claimToRemove.ClaimType}'.";
            }
            else if (userClaim == null)
            {
                response.ErrorMessage = $"The user '{modifiedUser.UserName}' does not have claim type '{claimToRemove.ClaimType}'.";
            }
            else if (currentUser.UserName == userToModify.UserName &&
                     claimToRemove.ClaimType == ClaimTypes.AuthorizedToDoUserAdministration.ToString())
            {
                response.ErrorMessage = $"User '{userToModify.UserName} cannot remove claim '{ClaimTypes.AuthorizedToDoUserAdministration}' from self.";
            }
            else
            {
                dbContext.UserClaims.Remove(userClaim);
                dbContext.UserChangeLogs.Add(new UserChangeLog
                {
                    ChangedByUserId = currentUser.UserId,
                    ChangeDesc      = $"Remove claim from user; UserName = '******', claimType = '{claimToRemove.ClaimType}'.",
                    ModifiedOn      = DateTime.Now,
                    ChangedUserId   = currentUser.UserId
                });
                await dbContext.SaveChangesAsync();

                response = new ResponseModel {
                    Success = true
                };
            }

            return(response);
        }
示例#2
0
        public async Task <ResponseModel> AddClaimToUserAsync(UserModel loggedInUser, UserModel userToModify, ClaimModel claimToAdd)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            if (currentUser == null)
            {
                throw new ArgumentException($"Could not find logged.");
            }

            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);
            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration);

            var response = new ResponseModel {
                Success = false
            };

            var modifiedUser = await GetDbUserFromUserModelByUserNameAsync(userToModify);

            var claim = await dbContext.Claims.FirstOrDefaultAsync(c => c.ClaimType == claimToAdd.ClaimType);

            if (modifiedUser == null)
            {
                response.ErrorMessage = $"Could not find user '{userToModify.UserName}'.";
            }
            else if (claim == null)
            {
                response.ErrorMessage = $"Could not claim type '{claimToAdd.ClaimType}'.";
            }
            else if (modifiedUser.UserClaims.Any(c => c.Claim.ClaimType == claimToAdd.ClaimType))
            {
                response.ErrorMessage = $"User '{userToModify.UserName}' already has claim '{claimToAdd.ClaimType}'.";
            }
            else
            {
                dbContext.UserClaims.Add(new UserClaim
                {
                    User  = modifiedUser,
                    Claim = claim
                });
                dbContext.UserChangeLogs.Add(new UserChangeLog
                {
                    ChangedByUserId = currentUser.UserId,
                    ChangeDesc      = $"Add claim to user; UserName = '******', claimType = '{claimToAdd.ClaimType}'.",
                    ModifiedOn      = DateTime.Now,
                    ChangedUserId   = currentUser.UserId
                });
                await dbContext.SaveChangesAsync();

                response = new ResponseModel {
                    Success = true
                };
            }

            return(response);
        }
示例#3
0
        public async Task <IEnumerable <UserModel> > GetUsersAsync(UserModel loggedInUser)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);

            var dbUsers = await dbContext.Users.ToListAsync();

            return(mapper.Map <IList <User>, IList <UserModel> >(dbUsers));
        }
示例#4
0
        public async Task <ResponseModel> DeactivateUserAsync(UserModel loggedInUser, UserModel userToDeactivate)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);
            FiasmErrorHandling.VerifyArgNotNull(userToDeactivate);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            if (currentUser == null)
            {
                throw new ArgumentException($"Could not find logged.");
            }

            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);
            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration);

            var response = new ResponseModel {
                Success = false
            };

            var dbModifiedUser = await GetDbUserFromUserModelByUserNameAsync(userToDeactivate);

            if (dbModifiedUser == null)
            {
                response.ErrorMessage = $"Could not find user '{userToDeactivate.UserName}'";
            }
            else if (!dbModifiedUser.IsActive)
            {
                response.ErrorMessage = $"User '{userToDeactivate.UserName} is already deactivated.'";
            }
            else if (currentUser.UserName == userToDeactivate.UserName)
            {
                response.ErrorMessage = $"User '{userToDeactivate.UserName} cannot deactivated self.'";
            }
            else
            {
                dbModifiedUser.IsActive = false;
                dbContext.UserChangeLogs.Add(new UserChangeLog
                {
                    ChangedByUserId = currentUser.UserId,
                    ChangeDesc      = $"Deactivate user; UserId = {dbModifiedUser.UserId}.",
                    ModifiedOn      = DateTime.Now,
                    ChangedUserId   = currentUser.UserId
                });
                await dbContext.SaveChangesAsync();

                response = new ResponseModel {
                    Success = true
                };
            }

            return(response);
        }
示例#5
0
        public async Task <IEnumerable <ClaimModel> > GetUserClaimsAsync(UserModel loggedInUser)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            if (currentUser == null)
            {
                throw new ArgumentException($"Could not find logged.");
            }

            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);
            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration);

            return(currentUser.UserClaims.Select(c => mapper.Map <ClaimModel>(c)));
        }
示例#6
0
        public async Task <ResponseModel> CreateNewUserAsync(UserModel loggedInUser, UserModel newUser, string password)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);
            FiasmErrorHandling.VerifyArgNotNull(newUser);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            if (currentUser == null)
            {
                throw new ArgumentException($"Could not find logged.");
            }

            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);
            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration);

            var response = new ResponseModel {
                Success = false
            };

            if ((await GetDbUserFromUserModelByUserNameAsync(newUser)) != null)
            {
                response.ErrorMessage = $"A user '{newUser.UserName}' already exists.";
            }
            else if ((await GetDbUserFromUserModelByEmailAsync(newUser)) != null)
            {
                response.ErrorMessage = $"A user with email address '{newUser.EmailAddress}' already exists.";
            }
            else
            {
                var dbUser = new User
                {
                    UserName                = newUser.UserName,
                    EmailAddress            = newUser.EmailAddress,
                    PhoneNumber             = newUser.PhoneNumber,
                    HashedPassword          = hasher.HashPassword(newUser.UserName, password),
                    IsPasswordReseting      = false,
                    IsPasswordResetRequired = true,
                    IsActive                = true
                };
                dbContext.Users.Add(dbUser);
                await dbContext.SaveChangesAsync();

                var dbAuthUserClaim = dbContext.Claims.Single(c => c.ClaimType == ClaimTypes.AuthorizedUser.ToString());
                dbContext.UserClaims.Add(new UserClaim
                {
                    User  = dbUser,
                    Claim = dbAuthUserClaim
                });
                await dbContext.SaveChangesAsync();

                dbContext.UserChangeLogs.Add(new UserChangeLog
                {
                    ChangedByUserId = currentUser.UserId,
                    ChangeDesc      = $"Create new user; UserName = {newUser.UserName}.",
                    ModifiedOn      = DateTime.Now,
                    ChangedUserId   = currentUser.UserId
                });
                await dbContext.SaveChangesAsync();

                response = new ResponseModel {
                    Success = true
                };
            }

            return(response);
        }
示例#7
0
        /// <summary>
        /// Change the user email or phone number. This function will throw an InvalidCredentialException
        /// if the logged in user is trying to change the user information of another user without having
        /// the user administraction authorization claim.
        /// </summary>
        /// <param name="loggedInUser"></param>
        /// <param name="modifiedUser"></param>
        /// <returns></returns>
        public async Task <ResponseModel> UpdateUserAsync(UserModel loggedInUser, UserModel modifiedUser)
        {
            FiasmErrorHandling.VerifyArgNotNull(loggedInUser);
            FiasmErrorHandling.VerifyArgNotNull(modifiedUser);

            var currentUser = await GetLoggedInUserFromUserModelAsync(loggedInUser);

            if (currentUser == null)
            {
                throw new ArgumentException($"Could not find logged.");
            }
            FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedUser);

            // if the current user is modifying another user, check the permissions
            if (loggedInUser.UserName != modifiedUser.UserName)
            {
                FiasmErrorHandling.VerifyUserPermission(currentUser, ClaimTypes.AuthorizedToDoUserAdministration);
            }

            var response = new ResponseModel {
                Success = false
            };

            var dbModifiedUser = await GetDbUserFromUserModelByUserNameAsync(modifiedUser);

            if (dbModifiedUser == null)
            {
                response.ErrorMessage = $"Could not find user '{modifiedUser.UserName}'";
            }
            else
            {
                var changeDesc = "";
                if (dbModifiedUser.PhoneNumber != modifiedUser.PhoneNumber)
                {
                    changeDesc += $"Changed PhoneNumber from {dbModifiedUser.PhoneNumber} to {modifiedUser.PhoneNumber}.";
                    dbModifiedUser.PhoneNumber = modifiedUser.PhoneNumber;
                }
                if (dbModifiedUser.EmailAddress != modifiedUser.EmailAddress)
                {
                    changeDesc += $"Changed PhoneNumber from {dbModifiedUser.EmailAddress} to {modifiedUser.EmailAddress}.";
                    dbModifiedUser.EmailAddress = modifiedUser.EmailAddress;
                }
                if (string.IsNullOrEmpty(changeDesc))
                {
                    response.ErrorMessage = $"No user settings were different for user '{modifiedUser.UserName}'";
                }
                else
                {
                    dbContext.UserChangeLogs.Add(new UserChangeLog
                    {
                        ChangedByUserId = currentUser.UserId,
                        ChangeDesc      = $"Update user ; UserId = {dbModifiedUser.UserId}. {changeDesc}",
                        ModifiedOn      = DateTime.Now,
                        ChangedUserId   = currentUser.UserId
                    });
                    await dbContext.SaveChangesAsync();

                    response = new ResponseModel {
                        Success = true
                    };
                }
            }

            return(response);
        }