public IActionResult Create([FromBody] User referee) { return(DbTransaction((c, t) => { if (referee == null) { throw new NoDataException(); } if (!IsOrganizationAdmin()) { throw new UnauthorizedAccessException(); } UsersController.CheckEmail(c, t, referee.Email); var dbUser = new User { Name = referee.Name, Email = referee.Email, Mobile = referee.Mobile, Lang = referee.Lang, AvatarImgUrl = referee.AvatarImgUrl, Level = (int)UserLevel.Referee, Password = "", Salt = "", EmailConfirmed = false }; var idUser = c.Insert(dbUser, t); SendInvitation(c, t, dbUser); PlayersController.AddUserToGlobalDirectory(Request, idUser, referee.Email); return idUser; })); }
public IActionResult Edit([FromBody] User referee) { return(DbTransaction((c, t) => { if (referee == null) { throw new NoDataException(); } var isReferee = IsReferee(); if (!IsOrganizationAdmin() && !isReferee) { throw new UnauthorizedAccessException(); } if (isReferee && (GetUserId() != referee.Id)) { throw new UnauthorizedAccessException(); } var dbUser = c.Get <User>(referee.Id); if (dbUser == null) { throw new Exception("Error.NotFound"); } var isNewEmail = false; if (referee.Email != dbUser.Email) { UsersController.CheckEmail(c, null, referee.Email); isNewEmail = true; } Mapper.MapExplicit(referee, dbUser, new string[] { "Name", "Email", "Mobile", "AvatarImgUrl" }); if (!String.IsNullOrWhiteSpace(referee.Password)) { UsersController.UpdatePassword(dbUser, referee.Password); dbUser.EmailConfirmed = true; } var result = c.Update(dbUser, t); if (isNewEmail) { PlayersController.UpdateUserInGlobalDirectory(Request, dbUser.Id, referee.Email); } return result; })); }