Skip to content

Commit 2a1a511

Browse files
Gid733Gid733
committed
User management CRUD
1 parent 5495f92 commit 2a1a511

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

49 files changed

+714
-486
lines changed

eFormAPI/eFormAPI/App_Start/Startup.Auth.cs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,10 @@
11
using System;
22
using eFormAPI.Web.Infrastructure.Data;
3+
using eFormAPI.Web.Infrastructure.Data.Entities;
34
using eFormAPI.Web.Infrastructure.Identity;
45
using eFormAPI.Web.Infrastructure.Security;
56
using Microsoft.AspNet.Identity;
7+
using Microsoft.AspNet.Identity.Owin;
68
using Microsoft.Owin;
79
using Microsoft.Owin.Security.Cookies;
810
using Microsoft.Owin.Security.OAuth;

eFormAPI/eFormAPI/App_Start/WebApiConfig.cs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
using System.Net.Http.Headers;
44
using System.Web.Http;
55
using Autofac.Integration.WebApi;
6+
using Microsoft.Owin.Security.Cookies;
67
using Microsoft.Owin.Security.OAuth;
78
using Newtonsoft.Json;
89
using Newtonsoft.Json.Serialization;
@@ -17,6 +18,7 @@ public static void Register(HttpConfiguration config)
1718
// Configure Web API to use only bearer token authentication.
1819
config.SuppressDefaultHostAuthentication();
1920
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
21+
config.Filters.Add(new HostAuthenticationFilter(CookieAuthenticationDefaults.AuthenticationType));
2022

2123
config.MapHttpAttributeRoutes();
2224
var container = AutofacConfig.Container;

eFormAPI/eFormAPI/Controllers/AccountController.cs

Lines changed: 33 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,15 @@
44
using System.Net.Http;
55
using System.Security.Claims;
66
using System.Security.Cryptography;
7+
using System.Threading.Tasks;
78
using System.Web;
89
using System.Web.Http;
10+
using eFormAPI.Web.Infrastructure.Data;
11+
using eFormAPI.Web.Infrastructure.Data.Entities;
912
using eFormAPI.Web.Infrastructure.Identity;
13+
using eFromAPI.Common.API;
1014
using eFromAPI.Common.Models.Auth;
15+
using eFromAPI.Common.Models.User;
1116
using Microsoft.AspNet.Identity;
1217
using Microsoft.AspNet.Identity.Owin;
1318
using Microsoft.Owin.Security;
@@ -40,7 +45,6 @@ public EformUserManager UserManager
4045
public ISecureDataFormat<AuthenticationTicket> AccessTokenFormat { get; private set; }
4146

4247
// GET api/account/user-info
43-
[HostAuthentication(DefaultAuthenticationTypes.ExternalBearer)]
4448
[Route("user-info")]
4549
public UserInfoViewModel GetUserInfo()
4650
{
@@ -49,15 +53,42 @@ public UserInfoViewModel GetUserInfo()
4953
{
5054
return null;
5155
}
56+
var rolemanager = new EformRoleManager(new EformRoleStore(BaseDbContext.Create()));
57+
var roleId = user.Roles.FirstOrDefault()?.RoleId;
58+
string role = null;
59+
if (roleId != null) role = rolemanager.FindById((int) roleId)?.Name;
5260
return new UserInfoViewModel
5361
{
5462
Email = user.Email,
5563
Id = user.Id,
5664
FirstName = user.FirstName,
57-
LastName = user.LastName
65+
LastName = user.LastName,
66+
Role = role
5867
};
5968
}
6069

70+
[HttpPost]
71+
[Route("change-password")]
72+
public async Task<OperationResult> ChangePassword(ChangePasswordModel model)
73+
{
74+
if (!ModelState.IsValid)
75+
{
76+
var allErrors = ModelState.Values.SelectMany(v => v.Errors);
77+
return new OperationResult(false, string.Join(" ", allErrors.Select(x=>x.ErrorMessage)));
78+
}
79+
80+
var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId<int>(),
81+
model.OldPassword,
82+
model.NewPassword);
83+
84+
if (!result.Succeeded)
85+
{
86+
return new OperationResult(false, string.Join(" ", result.Errors));
87+
}
88+
89+
return new OperationResult(true);
90+
}
91+
6192
#region Help Action
6293

6394
//// GET api/Account/ManageInfo?returnUrl=%2F&generateState=true
@@ -99,25 +130,6 @@ public UserInfoViewModel GetUserInfo()
99130
// ExternalLoginProviders = GetExternalLogins(returnUrl, generateState)
100131
// };
101132
//}
102-
//[Route("change-password")]
103-
//public async Task<IHttpActionResult> ChangePassword(ChangePasswordBindingModel model)
104-
//{
105-
// if (!ModelState.IsValid)
106-
// {
107-
// return BadRequest(ModelState);
108-
// }
109-
110-
// IdentityResult result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId<int>(),
111-
// model.OldPassword,
112-
// model.NewPassword);
113-
114-
// if (!result.Succeeded)
115-
// {
116-
// return GetErrorResult(result);
117-
// }
118-
119-
// return Ok();
120-
//}
121133

122134
//// POST api/Account/SetPassword
123135
//[Route("SetPassword")]

eFormAPI/eFormAPI/Controllers/AdminController.cs

Lines changed: 134 additions & 63 deletions
Original file line numberDiff line numberDiff line change
@@ -4,32 +4,27 @@
44
using System.Linq;
55
using System.Net.Http;
66
using System.Web.Http;
7+
using eFormAPI.Web.Infrastructure.Consts;
78
using eFormAPI.Web.Infrastructure.Data;
9+
using eFormAPI.Web.Infrastructure.Data.Entities;
810
using eFormAPI.Web.Infrastructure.Identity;
9-
using eFormData;
1011
using eFromAPI.Common.API;
1112
using eFromAPI.Common.Models;
12-
using eFromAPI.Common.Models.Auth;
1313
using eFromAPI.Common.Models.User;
1414
using Microsoft.AspNet.Identity;
1515
using Microsoft.AspNet.Identity.Owin;
16-
using Microsoft.Owin.Security;
16+
using NLog;
1717

1818
namespace eFormAPI.Web.Controllers
1919
{
20-
[Authorize]
20+
[Authorize(Roles = EformRoles.Admin)]
2121
[RoutePrefix("api/admin")]
2222
public class AdminController : ApiController
2323
{
24-
private readonly BaseDbContext _dbContext;
2524
private EformUserManager _eformUserManager;
2625
private EformRoleManager _eformRoleManager;
26+
private readonly Logger _logger = LogManager.GetCurrentClassLogger();
2727

28-
public AdminController(BaseDbContext dbContext)
29-
{
30-
_dbContext = dbContext;
31-
}
32-
3328
public EformUserManager UserManager
3429
{
3530
get => _eformUserManager ?? Request.GetOwinContext().GetUserManager<EformUserManager>();
@@ -38,7 +33,7 @@ public EformUserManager UserManager
3833

3934
public EformRoleManager RoleManager
4035
{
41-
get => _eformRoleManager ?? Request.GetOwinContext().GetUserManager<EformRoleManager>();
36+
get => _eformRoleManager ?? new EformRoleManager(new EformRoleStore(BaseDbContext.Create()));
4237
private set => _eformRoleManager = value;
4338
}
4439

@@ -48,55 +43,73 @@ public OperationDataResult<UserRegisterModel> GetUser(int userId)
4843
{
4944
try
5045
{
51-
var user = _dbContext.Users.Include(x => x.Roles).FirstOrDefault(x => x.Id == userId);
52-
53-
54-
var model = new UserRegisterModel
46+
var model = UserManager.Users
47+
.Include(x => x.Roles)
48+
.Select(userResult => new UserRegisterModel
49+
{
50+
Email = userResult.Email,
51+
Id = userResult.Id,
52+
FirstName = userResult.FirstName,
53+
LastName = userResult.LastName,
54+
UserName = userResult.UserName,
55+
RoleId = userResult.Roles.FirstOrDefault().RoleId
56+
}).FirstOrDefault(x => x.Id == userId);
57+
58+
if (model?.RoleId != null)
5559
{
56-
Email = user?.Email,
57-
Id = userId,
58-
FirstName = user.FirstName,
59-
LastName = user.LastName
60-
};
61-
62-
// var userRoles = user.Roles.FirstOrDefault();
63-
//
64-
// if (userRoles != null)
65-
// {
66-
// model.Role = _eformRoleManager.FindById(userRoles.RoleId).Name;
67-
// }
68-
60+
model.Role = RoleManager.FindById((int)model.RoleId).Name;
61+
}
6962
return new OperationDataResult<UserRegisterModel>(true, model);
70-
7163
}
7264
catch (Exception exception)
7365
{
66+
_logger.Error(exception.Message);
7467
return new OperationDataResult<UserRegisterModel>(false, "Error when obtaining users");
7568
}
7669
}
7770

7871
[HttpPost]
7972
[Route("get-users")]
80-
public OperationDataResult<List<UserInfoViewModel>> GetAllUsers(PaginationModel paginationModel)
73+
public OperationDataResult<UserInfoModelList> GetAllUsers(PaginationModel paginationModel)
8174
{
8275
try
8376
{
84-
var userList = _dbContext.Users.Include(x => x.Roles).ToList();
85-
86-
var model = userList.Select(user => new UserInfoViewModel
87-
{
88-
FirstName = user.FirstName,
89-
LastName = user.LastName,
90-
Email = user.Email,
91-
Id = user.Id
92-
})
77+
var roles = RoleManager.Roles.ToList();
78+
var userList = new List<UserInfoViewModel>();
79+
var userResult = UserManager.Users
80+
.Include(x => x.Roles)
81+
.OrderBy(z => z.Id)
82+
.Skip(paginationModel.Offset)
83+
.Take(paginationModel.PageSize)
9384
.ToList();
9485

95-
return new OperationDataResult<List<UserInfoViewModel>>(true, model);
86+
userResult.ForEach(userItem =>
87+
{
88+
var roleName =
89+
roles.FirstOrDefault(x => x.Id == userItem.Roles.Select(y => y.RoleId).FirstOrDefault());
90+
var modelItem = new UserInfoViewModel();
91+
if (roleName != null)
92+
{
93+
modelItem.Role = roleName.Name;
94+
}
95+
modelItem.FirstName = userItem.FirstName;
96+
modelItem.LastName = userItem.LastName;
97+
modelItem.Email = userItem.Email;
98+
modelItem.Id = userItem.Id;
99+
modelItem.UserName = userItem.UserName;
100+
userList.Add(modelItem);
101+
});
102+
var totalUsers = UserManager.Users.Count();
103+
return new OperationDataResult<UserInfoModelList>(true, new UserInfoModelList()
104+
{
105+
TotalUsers = totalUsers,
106+
UserList = userList
107+
});
96108
}
97109
catch (Exception exception)
98110
{
99-
return new OperationDataResult<List<UserInfoViewModel>>(false, "Error when obtaining users");
111+
_logger.Error(exception.Message);
112+
return new OperationDataResult<UserInfoModelList>(false, "Error when obtaining users");
100113
}
101114
}
102115

@@ -106,47 +119,105 @@ public OperationResult UpdateUser(UserRegisterModel userRegisterModel)
106119
{
107120
try
108121
{
109-
var user = _dbContext.Users.Include(x => x.Roles).FirstOrDefault(x => x.Id == userRegisterModel.Id);
110-
111-
if (user == null) throw new Exception();
112-
113-
114-
if (userRegisterModel.Password.Equals(userRegisterModel.PasswordConfimation))
122+
var user = UserManager.FindById(userRegisterModel.Id);
123+
if (user == null)
115124
{
116-
user.Email = userRegisterModel.Email;
117-
user.UserName = userRegisterModel.UserName;
118-
user.FirstName = userRegisterModel.FirstName;
119-
user.LastName = userRegisterModel.LastName;
120-
user.PasswordHash = new PasswordHasher().HashPassword(userRegisterModel.Password);
125+
return new OperationResult(false, $"User {userRegisterModel.UserName} not found");
121126
}
122-
123-
_dbContext.Entry(user).State = EntityState.Modified;
124-
_dbContext.SaveChanges();
125-
126-
return new OperationResult (true, $"User {userRegisterModel.Id} was updated");
127+
if (userRegisterModel.Role == null)
128+
{
129+
return new OperationResult(false, $"Role is required");
130+
}
131+
user.Email = userRegisterModel.Email;
132+
user.UserName = userRegisterModel.UserName;
133+
user.FirstName = userRegisterModel.FirstName;
134+
user.LastName = userRegisterModel.LastName;
135+
var result = UserManager.Update(user);
136+
if (!result.Succeeded)
137+
{
138+
return new OperationResult(false, string.Join(" ", result.Errors));
139+
}
140+
// password
141+
if (userRegisterModel.Password != null)
142+
{
143+
UserManager.RemovePassword(user.Id);
144+
UserManager.AddPassword(user.Id, userRegisterModel.Password);
145+
}
146+
// change role
147+
UserManager.RemoveFromRoles(user.Id, EformRoles.Admin, EformRoles.User);
148+
UserManager.AddToRole(user.Id, userRegisterModel.Role);
149+
return new OperationResult(true, $"User {user.UserName} was updated");
127150
}
128151
catch (Exception exception)
129152
{
153+
_logger.Error(exception.Message);
130154
return new OperationResult(false, "Error when updating user");
131155
}
132156
}
133157

134158
[HttpPost]
159+
[Route("create-user")]
160+
public OperationResult CreateUser(UserRegisterModel userRegisterModel)
161+
{
162+
try
163+
{
164+
var userResult = UserManager.FindByName(userRegisterModel.UserName);
165+
if (userResult != null)
166+
{
167+
return new OperationResult(false, $"User {userRegisterModel.UserName} already exist");
168+
}
169+
if (userRegisterModel.Role == null)
170+
{
171+
return new OperationResult(false, $"Role is required");
172+
}
173+
var user = new EformUser
174+
{
175+
Email = userRegisterModel.Email,
176+
UserName = userRegisterModel.UserName,
177+
FirstName = userRegisterModel.FirstName,
178+
LastName = userRegisterModel.LastName,
179+
};
180+
var result = UserManager.Create(user, userRegisterModel.Password);
181+
if (!result.Succeeded)
182+
{
183+
return new OperationResult(false, string.Join(" ", result.Errors));
184+
}
185+
// change role
186+
UserManager.AddToRole(user.Id, userRegisterModel.Role.ToLower());
187+
return new OperationResult(true, $"User {user.UserName} was created");
188+
}
189+
catch (Exception exception)
190+
{
191+
_logger.Error(exception.Message);
192+
return new OperationResult(false, "Error when creating user");
193+
}
194+
}
195+
196+
[HttpGet]
135197
[Route("delete-user/{userId}")]
136198
public OperationResult DeleteUser(int userId)
137199
{
138200
try
139201
{
140-
var user = _dbContext.Users.Include(x => x.Roles).FirstOrDefault(x => x.Id == userId);
141-
142-
if (user == null) throw new Exception();
143-
144-
_dbContext.Entry(user).State = EntityState.Deleted;
145-
202+
if (userId == 1)
203+
{
204+
return new OperationResult(false, "Can't delete primary admin user");
205+
}
206+
var user = UserManager.FindById(userId);
207+
if (user == null)
208+
{
209+
return new OperationResult(false, $"User {userId} not found");
210+
}
211+
var result = UserManager.Delete(user);
212+
if (!result.Succeeded)
213+
{
214+
return new OperationResult(false, string.Join(" ", result.Errors));
215+
}
146216
return new OperationResult(true, $"User {userId} was deleted");
147217
}
148218
catch (Exception exception)
149219
{
220+
_logger.Error(exception.Message);
150221
return new OperationResult(false, "Error while deleting user");
151222
}
152223
}

0 commit comments

Comments
 (0)