Files
mixtape/zero.Web/Controllers/UsersController.cs
T

95 lines
3.0 KiB
C#
Raw Normal View History

2020-04-17 15:32:33 +02:00
using Microsoft.AspNetCore.Mvc;
using System.Threading.Tasks;
using zero.Core.Api;
using zero.Core.Entities;
using zero.Core.Identity;
using zero.Web.Models;
namespace zero.Web.Controllers
{
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Read)]
public class UsersController : BackofficeController
2020-04-17 15:32:33 +02:00
{
IUserApi Api;
IAuthenticationApi AuthenticationApi;
IUserRolesApi RolesApi;
ILanguagesApi LanguagesApi;
IPermissionsApi PermissionsApi;
2020-04-29 12:11:35 +02:00
public UsersController(IUserApi api, IAuthenticationApi authenticationApi, IUserRolesApi rolesApi, ILanguagesApi languagesApi, IPermissionsApi permissionsApi)
2020-04-17 15:32:33 +02:00
{
Api = api;
2020-05-11 11:30:56 +02:00
AuthenticationApi = authenticationApi;
2020-04-29 12:11:35 +02:00
RolesApi = rolesApi;
LanguagesApi = languagesApi;
PermissionsApi = permissionsApi;
2020-04-17 15:32:33 +02:00
}
2020-07-06 14:35:58 +02:00
public async Task<IActionResult> GetById([FromQuery] string id) => Edit(await Api.GetUserById(id));
2020-04-17 15:32:33 +02:00
2020-07-06 14:35:58 +02:00
public IActionResult GetSupportedCultures() => Json(LanguagesApi.GetAllCultures(Options.SupportedLanguages));
public async Task<IActionResult> GetAll([FromQuery] ListQuery<IUser> query) => Json(await Api.GetByQuery(query));
2020-07-06 14:35:58 +02:00
public IActionResult GetAllPermissions() => Json(PermissionsApi.GetAll());
[ZeroAuthorize]
public async Task<IActionResult> UpdatePassword([FromBody] UserPasswordEditModel model)
{
EntityResult<IUser> result;
if (model.NewPassword != model.ConfirmNewPassword)
{
result = EntityResult<IUser>.Fail(nameof(model.NewPassword), "@errors.changepassword.newpasswordsnotmatching");
}
else
{
2020-05-11 11:30:56 +02:00
User user = await AuthenticationApi.GetUser();
result = await Api.UpdatePassword(user as IUser, model.CurrentPassword, model.NewPassword);
2020-05-11 11:30:56 +02:00
if (result.IsSuccess)
{
await AuthenticationApi.Logout();
}
}
return Json(result);
}
2020-08-11 16:01:10 +02:00
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
public async Task<IActionResult> Disable([FromBody] IUser model)
{
IUser entity = await Api.GetUserById(model.Id);
2020-07-06 14:35:58 +02:00
return Json(await Api.Disable(entity));
}
2020-08-11 16:01:10 +02:00
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
public async Task<IActionResult> Enable([FromBody] IUser model)
{
IUser entity = await Api.GetUserById(model.Id);
2020-07-06 14:35:58 +02:00
return Json(await Api.Enable(entity));
}
2020-05-11 11:30:56 +02:00
2020-08-11 16:01:10 +02:00
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
public async Task<IActionResult> Save([FromBody] IUser model) => Json(await Api.Save(model));
2020-05-11 11:30:56 +02:00
2020-08-11 16:01:10 +02:00
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
2020-05-11 11:30:56 +02:00
// TODO do not need settings.users authorization for editing current user profiles
public async Task<IActionResult> SaveCurrent([FromBody] IUser model) => Json(await Api.Save(model));
2020-05-11 11:30:56 +02:00
2020-08-11 16:01:10 +02:00
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Update)]
2020-07-06 14:35:58 +02:00
public async Task<IActionResult> Delete([FromQuery] string id) => Json(await Api.Delete(id));
2020-04-17 15:32:33 +02:00
}
}