public IActionResult Create([FromBody] UserModel fromBodyUserModel) { // List of messages to return to the client var messages = new List <Message>(); // Authentication var controllerHelper = new ControllerHelper(context); var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity); if (authUserModel == null) { return(Unauthorized()); } // Authorization if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CR)) { return(Forbid()); } #region VALIDATIONS // New user ApplicationId must be the same as of authorized user var sharedValidationHelper = new SharedValidationHelper(); messages = sharedValidationHelper.ValidateApplicationId(fromBodyUserModel.ApplicationId, authUserModel.ApplicationId); if (messages.Count != 0) { return(BadRequest(messages)); } fromBodyUserModel.Application = authUserModel.Application; // New username must be nonempty if (String.IsNullOrEmpty(fromBodyUserModel.GetUsername())) { messages.Add(new Message(MessageTypeEnum.Error, 3001, new List <string>())); return(BadRequest(messages)); } // New username must be unique var userRepository = new UserRepository(context); var sameNameUser = userRepository.GetByApplicationIdAndUsername(authUserModel.ApplicationId, fromBodyUserModel.GetUsername()); if (sameNameUser != null) { messages.Add(new Message(MessageTypeEnum.Error, 3002, new List <string>() { fromBodyUserModel.GetUsername() })); return(BadRequest(messages)); } // Input data validations var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application); messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor, fromBodyUserModel.DataDictionary, validReferencesIdsDictionary); if (messages.Count != 0) { return(BadRequest(messages)); } #endregion // Reset password to default userRepository.ResetPassword(fromBodyUserModel); // Set defalut language from application fromBodyUserModel.Language = fromBodyUserModel.Application.ApplicationDescriptor.DefaultLanguage; userRepository.Add(fromBodyUserModel); messages.Add(new Message(MessageTypeEnum.Info, 3003, new List <string>() { fromBodyUserModel.GetUsername() })); return(Ok(messages)); }
public IActionResult Put([FromBody] UserModel fromBodyUserModel) { // List of messages to return to the client var messages = new List <Message>(); // Authentication var controllerHelper = new ControllerHelper(context); var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity); if (authUserModel == null) { return(Unauthorized()); } // Authorization if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CRU)) { return(Forbid()); } #region VALIDATIONS // Received user ApplicationId must be the same as of authorized user var sharedValidationHelper = new SharedValidationHelper(); messages = sharedValidationHelper.ValidateApplicationId(fromBodyUserModel.ApplicationId, authUserModel.ApplicationId); if (messages.Count != 0) { return(BadRequest(messages)); } fromBodyUserModel.Application = authUserModel.Application; // User must already exist in the database var userRepository = new UserRepository(context); var userModel = userRepository.GetById(authUserModel.ApplicationId, fromBodyUserModel.Id); if (userModel == null) { messages.Add(new Message(MessageTypeEnum.Error, 3004, new List <string>() { fromBodyUserModel.Application.LoginApplicationName, fromBodyUserModel.Id.ToString() })); Logger.LogMessagesToConsole(messages); return(BadRequest(messages)); } // New username must be nonempty if (string.IsNullOrEmpty(fromBodyUserModel.GetUsername())) { messages.Add(new Message(MessageTypeEnum.Error, 3001, new List <string>())); return(BadRequest(messages)); } // If the username was changed, the new one must be unique if (userModel.GetUsername() != fromBodyUserModel.GetUsername()) { var sameNameUser = userRepository.GetByApplicationIdAndUsername(authUserModel.ApplicationId, fromBodyUserModel.GetUsername()); if (sameNameUser != null) { messages.Add(new Message(MessageTypeEnum.Error, 3002, new List <string>() { fromBodyUserModel.GetUsername() })); return(BadRequest(messages)); } } // Input data validations var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application); messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor, fromBodyUserModel.DataDictionary, validReferencesIdsDictionary); if (messages.Count != 0) { return(BadRequest(messages)); } #endregion userRepository.SetRightsIdAndData(userModel, fromBodyUserModel.RightsId, fromBodyUserModel.DataDictionary); messages.Add(new Message(MessageTypeEnum.Info, 3007, new List <string>() { fromBodyUserModel.GetUsername() })); return(Ok(messages)); }
public IActionResult Put([FromBody] DataModel fromBodyDataModel) { // List of messages to return to the client var messages = new List <Message>(); // Authentication var controllerHelper = new ControllerHelper(context); var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity); if (authUserModel == null) { return(Unauthorized()); } // Dataset descriptor var datasetDescriptor = authUserModel.Application.ApplicationDescriptor.Datasets.FirstOrDefault(d => d.Id == fromBodyDataModel.DatasetId); if (datasetDescriptor == null) { messages.Add(new Message(MessageTypeEnum.Error, 2001, new List <string>() { fromBodyDataModel.DatasetId.ToString() })); Logger.LogMessagesToConsole(messages); return(BadRequest(messages)); } // Authorization if (!AuthorizationHelper.IsAuthorized(authUserModel, datasetDescriptor.Id, RightsEnum.CRU)) { return(Forbid()); } #region VALIDATIONS // Recieved data ApplicationId must be the same as of authorized user var sharedValidationHelper = new SharedValidationHelper(); messages = sharedValidationHelper.ValidateApplicationId(fromBodyDataModel.ApplicationId, authUserModel.ApplicationId); if (messages.Count != 0) { return(BadRequest(messages)); } fromBodyDataModel.Application = authUserModel.Application; // Data must already exist in the database var dataRepository = new DataRepository(context); var dataModel = dataRepository.GetById(fromBodyDataModel.ApplicationId, fromBodyDataModel.DatasetId, fromBodyDataModel.Id); if (dataModel == null) { messages.Add(new Message(MessageTypeEnum.Error, 2003, new List <string>() { fromBodyDataModel.Application.LoginApplicationName, datasetDescriptor.Name, fromBodyDataModel.Id.ToString() })); Logger.LogMessagesToConsole(messages); return(BadRequest(messages)); } // Input data validations var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application); messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(datasetDescriptor, fromBodyDataModel.DataDictionary, validReferencesIdsDictionary); if (messages.Count != 0) { return(BadRequest(messages)); } #endregion dataRepository.SetData(dataModel, fromBodyDataModel.DataDictionary); messages.Add(new Message(MessageTypeEnum.Info, 2005, new List <string>() { datasetDescriptor.Name })); return(Ok(messages)); }