using Microsoft.AspNetCore.Mvc;
using System.Threading.Tasks;
using zero.Core.Api;
using zero.Core.Entities;
using zero.Core.Identity;
using zero.Web.Models;
namespace zero.Web.Controllers
{
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Read)]
public class UsersController : BackofficeController
{
IUserApi Api;
IAuthenticationApi AuthenticationApi;
IUserRolesApi RolesApi;
ILanguagesApi LanguagesApi;
IPermissionsApi PermissionsApi;
public UsersController(IUserApi api, IAuthenticationApi authenticationApi, IUserRolesApi rolesApi, ILanguagesApi languagesApi, IPermissionsApi permissionsApi)
{
Api = api;
AuthenticationApi = authenticationApi;
RolesApi = rolesApi;
LanguagesApi = languagesApi;
PermissionsApi = permissionsApi;
}
///
/// Get user by id
///
public async Task GetById([FromQuery] string id)
{
User user = await Api.GetUserById(id);
if (user == null)
{
return new StatusCodeResult(404);
}
UserEditModel model = await Mapper.Map(user);
model.SupportedCultures = LanguagesApi.GetAllCultures(Options.SupportedLanguages);
return Json(model);
}
///
/// Get all users
///
public async Task GetAll([FromQuery] ListQuery query)
{
return await As(await Api.GetByQuery(query, "zero.applications.1-A"));
}
///
/// Get all permissions for selection
///
public IActionResult GetAllPermissions()
{
return Json(PermissionsApi.GetAll());
}
///
/// Updates a user password
///
[ZeroAuthorize]
public async Task UpdatePassword([FromBody] UserPasswordEditModel model)
{
EntityResult result;
if (model.NewPassword != model.ConfirmNewPassword)
{
result = EntityResult.Fail(nameof(model.NewPassword), "@errors.changepassword.newpasswordsnotmatching");
}
else
{
User user = await AuthenticationApi.GetUser();
result = await Api.UpdatePassword(user, model.CurrentPassword, model.NewPassword);
if (result.IsSuccess)
{
await AuthenticationApi.Logout();
}
}
return Json(result);
//return await As(await Api.);
}
///
/// Disables a user
///
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Write)]
public async Task Disable([FromBody] UserEditModel model)
{
User entity = await Api.GetUserById(model.Id);
return await As(await Api.Disable(entity));
}
///
/// Enables a user
///
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Write)]
public async Task Enable([FromBody] UserEditModel model)
{
User entity = await Api.GetUserById(model.Id);
return await As(await Api.Enable(entity));
}
///
/// Save user
///
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Write)]
public async Task Save([FromBody] UserEditModel model)
{
User entity = await Mapper.Map(model, await Api.GetUserById(model.Id));
return await As(await Api.Save(entity));
}
///
/// Update current user
///
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Write)]
// TODO do not need settings.users authorization for editing current user profiles
public async Task SaveCurrent([FromBody] UserEditModel model)
{
User entity = await Mapper.Map(model, await Api.GetUserById(model.Id));
return await As(await Api.Save(entity));
}
///
/// Deletes a user
///
[ZeroAuthorize(Permissions.Settings.Users, PermissionsValue.Write)]
public async Task Delete([FromQuery] string id)
{
return await As(await Api.Delete(id));
}
}
}