User endpoint additions and corrections (#15773)

* Make create user endpoint work with the supplied id Return 201 instead of 200 with correct resource identifier * Add ResetPassword endpoint * Bring changepassword route inline with other resource actions * Fixed User endpoints not advertising all their possible response codes/ models Fixed certain endpoints not authorizing targeted user(s) versus the admin needs admin authorization requirement Fixed a user not found response bug for the update flow Fix spacing * Fixed CurrentUser endpoints not advertising all their possible response codes/ models Fix incorrect responseStatus in UserService.GetPermissionsAsync * Update OpenApi definition Fix smal model oversights in previous commits * Update incorrect Response type * Check for duplicate id's in user create validation * Remove unnecasary returnmodel from changepassword Renamed the model to it's remaining usage * rename bad constructor parameter * Renamed method parameters for better readability and usage * Fixed wrong userkey being passed down because of (refactored) bad naming Technically doesn't change anything as the two id's should be the same in this case (reset with token is always for self) * Fixed resetpassword bug * Update openapi * Update src/Umbraco.Core/Services/UserService.cs Co-authored-by: Kenn Jacobsen <kja@umbraco.dk> * Remove old password from change user password request model Only makes sense when doing it for the logged in user => current endpoint --------- Co-authored-by: Sven Geusens <sge@umbraco.dk> Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>
2024-02-29 10:40:48 +01:00
parent 1e043cbcfb
commit 393d178b58
36 changed files with 1263 additions and 244 deletions
--- a/src/Umbraco.Infrastructure/Security/BackOfficeIdentityUser.cs
+++ b/src/Umbraco.Infrastructure/Security/BackOfficeIdentityUser.cs
@@ -123,7 +123,7 @@ public class BackOfficeIdentityUser : UmbracoIdentityUser
    /// <param name="email">This is allowed to be null (but would need to be filled in if trying to persist this instance)</param>
    /// <param name="culture"></param>
    /// <param name="name"></param>
-    public static BackOfficeIdentityUser CreateNew(GlobalSettings globalSettings, string? username, string email, string culture, string? name = null)
+    public static BackOfficeIdentityUser CreateNew(GlobalSettings globalSettings, string? username, string email, string culture, string? name = null, Guid? id = null)
    {
        if (string.IsNullOrWhiteSpace(username))
        {
@@ -139,8 +139,13 @@ public class BackOfficeIdentityUser : UmbracoIdentityUser
        user.DisableChangeTracking();
        user.UserName = username;
        user.Email = email;
-
        user.Id = string.Empty;
+
+        if (id is not null)
+        {
+            user.Key = id.Value;
+        }
+
        user.HasIdentity = false;
        user._culture = culture;
        user.Name = name;
--- a/src/Umbraco.Infrastructure/Security/BackOfficeUserStore.cs
+++ b/src/Umbraco.Infrastructure/Security/BackOfficeUserStore.cs
@@ -140,8 +140,10 @@ public class BackOfficeUserStore :
            StartContentIds = user.StartContentIds ?? new int[] { },
            StartMediaIds = user.StartMediaIds ?? new int[] { },
            IsLockedOut = user.IsLockedOut,
+            Key = user.Key,
        };

+
        // we have to remember whether Logins property is dirty, since the UpdateMemberProperties will reset it.
        var isLoginsPropertyDirty = user.IsPropertyDirty(nameof(BackOfficeIdentityUser.Logins));
        var isTokensPropertyDirty = user.IsPropertyDirty(nameof(BackOfficeIdentityUser.LoginTokens));