2020-04-17 15:32:33 +02:00
|
|
|
using Microsoft.AspNetCore.Mvc;
|
2020-09-16 10:51:26 +02:00
|
|
|
using System.Collections.Generic;
|
|
|
|
|
using System.Linq;
|
2020-04-17 15:32:33 +02:00
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
using zero.Core.Api;
|
|
|
|
|
using zero.Core.Entities;
|
|
|
|
|
using zero.Core.Identity;
|
|
|
|
|
using zero.Web.Models;
|
|
|
|
|
|
|
|
|
|
namespace zero.Web.Controllers
|
|
|
|
|
{
|
|
|
|
|
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Read)]
|
2020-08-27 16:12:47 +02:00
|
|
|
public class UsersController : BackofficeController
|
2020-04-17 15:32:33 +02:00
|
|
|
{
|
2020-08-27 16:12:47 +02:00
|
|
|
IUserApi Api;
|
2020-05-11 15:34:47 +02:00
|
|
|
IAuthenticationApi AuthenticationApi;
|
2020-05-14 13:32:33 +02:00
|
|
|
IPermissionsApi PermissionsApi;
|
2020-04-29 12:11:35 +02:00
|
|
|
|
|
|
|
|
|
2020-09-09 13:43:01 +02:00
|
|
|
public UsersController(IUserApi api, IAuthenticationApi authenticationApi, IPermissionsApi permissionsApi)
|
2020-04-17 15:32:33 +02:00
|
|
|
{
|
|
|
|
|
Api = api;
|
2020-05-11 11:30:56 +02:00
|
|
|
AuthenticationApi = authenticationApi;
|
2020-05-14 13:32:33 +02:00
|
|
|
PermissionsApi = permissionsApi;
|
2020-04-17 15:32:33 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EditModel<IBackofficeUser>> GetById([FromQuery] string id) => Edit(await Api.GetUserById(id));
|
2020-04-17 15:32:33 +02:00
|
|
|
|
|
|
|
|
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<ListResult<IBackofficeUser>> GetAll([FromQuery] ListQuery<IBackofficeUser> query) => await Api.GetByQuery(query);
|
2020-07-06 14:35:58 +02:00
|
|
|
|
|
|
|
|
|
2020-10-27 15:47:23 +01:00
|
|
|
public IList<PermissionCollection> GetAllPermissions() => PermissionsApi.GetAll();
|
2020-05-07 13:26:58 +02:00
|
|
|
|
|
|
|
|
|
2020-10-27 15:47:23 +01:00
|
|
|
public async Task<IEnumerable<SelectModel>> GetForPicker() => (await Api.GetAll()).Select(x => new SelectModel()
|
2020-09-16 10:51:26 +02:00
|
|
|
{
|
|
|
|
|
Id = x.Id,
|
|
|
|
|
Name = x.Name,
|
|
|
|
|
IsActive = x.IsActive
|
2020-10-27 15:47:23 +01:00
|
|
|
});
|
2020-09-16 10:51:26 +02:00
|
|
|
|
|
|
|
|
|
2020-10-29 19:29:30 +01:00
|
|
|
public async Task<IList<PreviewModel>> GetPreviews([FromQuery] List<string> ids)
|
2020-09-16 10:51:26 +02:00
|
|
|
{
|
2020-10-27 15:47:23 +01:00
|
|
|
return Previews(await Api.GetByIds(ids.ToArray()), item => new PreviewModel()
|
2020-09-16 10:51:26 +02:00
|
|
|
{
|
|
|
|
|
Id = item.Id,
|
|
|
|
|
Icon = item.AvatarId,
|
|
|
|
|
Name = item.Name
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2020-05-07 13:26:58 +02:00
|
|
|
[ZeroAuthorize]
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EntityResult<IBackofficeUser>> UpdatePassword([FromBody] UserPasswordEditModel model)
|
2020-05-07 13:26:58 +02:00
|
|
|
{
|
2020-11-05 00:27:02 +01:00
|
|
|
EntityResult<IBackofficeUser> result;
|
2020-05-07 13:26:58 +02:00
|
|
|
|
|
|
|
|
if (model.NewPassword != model.ConfirmNewPassword)
|
|
|
|
|
{
|
2020-11-05 00:27:02 +01:00
|
|
|
result = EntityResult<IBackofficeUser>.Fail(nameof(model.NewPassword), "@errors.changepassword.newpasswordsnotmatching");
|
2020-05-07 13:26:58 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2020-11-05 00:27:02 +01:00
|
|
|
BackofficeUser user = await AuthenticationApi.GetUser();
|
|
|
|
|
result = await Api.UpdatePassword(user as IBackofficeUser, model.CurrentPassword, model.NewPassword);
|
2020-05-11 11:30:56 +02:00
|
|
|
|
|
|
|
|
if (result.IsSuccess)
|
|
|
|
|
{
|
|
|
|
|
await AuthenticationApi.Logout();
|
|
|
|
|
}
|
2020-05-07 13:26:58 +02:00
|
|
|
}
|
|
|
|
|
|
2020-10-27 15:47:23 +01:00
|
|
|
return result;
|
2020-05-07 13:26:58 +02:00
|
|
|
}
|
2020-05-07 15:03:29 +02:00
|
|
|
|
|
|
|
|
|
2020-08-11 16:01:10 +02:00
|
|
|
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EntityResult<IBackofficeUser>> Disable([FromBody] IBackofficeUser model)
|
2020-05-07 15:03:29 +02:00
|
|
|
{
|
2020-11-05 00:27:02 +01:00
|
|
|
IBackofficeUser entity = await Api.GetUserById(model.Id);
|
2020-10-27 15:47:23 +01:00
|
|
|
return await Api.Disable(entity);
|
2020-05-07 15:03:29 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2020-08-11 16:01:10 +02:00
|
|
|
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EntityResult<IBackofficeUser>> Enable([FromBody] IBackofficeUser model)
|
2020-05-07 15:03:29 +02:00
|
|
|
{
|
2020-11-05 00:27:02 +01:00
|
|
|
IBackofficeUser entity = await Api.GetUserById(model.Id);
|
2020-10-27 15:47:23 +01:00
|
|
|
return await Api.Enable(entity);
|
2020-05-07 15:03:29 +02:00
|
|
|
}
|
2020-05-11 11:30:56 +02:00
|
|
|
|
|
|
|
|
|
2020-08-11 16:01:10 +02:00
|
|
|
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EntityResult<IBackofficeUser>> Save([FromBody] IBackofficeUser model) => await Api.Save(model);
|
2020-05-11 11:30:56 +02:00
|
|
|
|
|
|
|
|
|
2020-08-11 16:01:10 +02:00
|
|
|
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
|
2020-05-11 11:30:56 +02:00
|
|
|
// TODO do not need settings.users authorization for editing current user profiles
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EntityResult<IBackofficeUser>> SaveCurrent([FromBody] IBackofficeUser model) => await Api.Save(model);
|
2020-05-11 11:30:56 +02:00
|
|
|
|
|
|
|
|
|
2020-08-11 16:01:10 +02:00
|
|
|
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
|
2020-11-05 00:27:02 +01:00
|
|
|
public async Task<EntityResult<IBackofficeUser>> Delete([FromQuery] string id) => await Api.Delete(id);
|
2020-04-17 15:32:33 +02:00
|
|
|
}
|
|
|
|
|
}
|