668 lines
29 KiB
C#
668 lines
29 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using System.ComponentModel.DataAnnotations;
|
|
using System.Linq;
|
|
using System.Net.Http;
|
|
using System.Net.Mime;
|
|
using System.Text;
|
|
using System.Threading.Tasks;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.Extensions.Logging;
|
|
using Umbraco.Cms.Core;
|
|
using Umbraco.Cms.Core.ContentApps;
|
|
using Umbraco.Cms.Core.Dictionary;
|
|
using Umbraco.Cms.Core.Events;
|
|
using Umbraco.Cms.Core.Mapping;
|
|
using Umbraco.Cms.Core.Models;
|
|
using Umbraco.Cms.Core.Models.ContentEditing;
|
|
using Umbraco.Cms.Core.Models.Membership;
|
|
using Umbraco.Cms.Core.PropertyEditors;
|
|
using Umbraco.Cms.Core.Security;
|
|
using Umbraco.Cms.Core.Serialization;
|
|
using Umbraco.Cms.Core.Services;
|
|
using Umbraco.Cms.Core.Services.Implement;
|
|
using Umbraco.Cms.Core.Strings;
|
|
using Umbraco.Cms.Web.BackOffice.Extensions;
|
|
using Umbraco.Cms.Web.BackOffice.Filters;
|
|
using Umbraco.Cms.Web.BackOffice.ModelBinders;
|
|
using Umbraco.Cms.Web.BackOffice.Security;
|
|
using Umbraco.Cms.Web.Common.ActionsResults;
|
|
using Umbraco.Cms.Web.Common.Attributes;
|
|
using Umbraco.Cms.Web.Common.Authorization;
|
|
using Umbraco.Cms.Web.Common.Filters;
|
|
using Umbraco.Cms.Web.Common.Security;
|
|
using Umbraco.Extensions;
|
|
|
|
namespace Umbraco.Cms.Web.BackOffice.Controllers
|
|
{
|
|
/// <remarks>
|
|
/// This controller is decorated with the UmbracoApplicationAuthorizeAttribute which means that any user requesting
|
|
/// access to ALL of the methods on this controller will need access to the member application.
|
|
/// </remarks>
|
|
[PluginController(Constants.Web.Mvc.BackOfficeApiArea)]
|
|
[Authorize(Policy = AuthorizationPolicies.SectionAccessMembers)]
|
|
[OutgoingNoHyphenGuidFormat]
|
|
public class MemberController : ContentControllerBase
|
|
{
|
|
private readonly PropertyEditorCollection _propertyEditors;
|
|
private readonly UmbracoMapper _umbracoMapper;
|
|
private readonly IMemberService _memberService;
|
|
private readonly IMemberTypeService _memberTypeService;
|
|
private readonly IMemberManager _memberManager;
|
|
private readonly IDataTypeService _dataTypeService;
|
|
private readonly ILocalizedTextService _localizedTextService;
|
|
private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
|
|
private readonly IJsonSerializer _jsonSerializer;
|
|
private readonly IShortStringHelper _shortStringHelper;
|
|
private readonly IPasswordChanger<MembersIdentityUser> _passwordChanger;
|
|
|
|
/// <summary>
|
|
/// Initializes a new instance of the <see cref="MemberController"/> class.
|
|
/// </summary>
|
|
/// <param name="cultureDictionary">The culture dictionary</param>
|
|
/// <param name="loggerFactory">The logger factory</param>
|
|
/// <param name="shortStringHelper">The string helper</param>
|
|
/// <param name="eventMessages">The event messages factory</param>
|
|
/// <param name="localizedTextService">The entry point for localizing key services</param>
|
|
/// <param name="propertyEditors">The property editors</param>
|
|
/// <param name="umbracoMapper">The mapper</param>
|
|
/// <param name="memberService">The member service</param>
|
|
/// <param name="memberTypeService">The member type service</param>
|
|
/// <param name="memberManager">The member manager</param>
|
|
/// <param name="dataTypeService">The data-type service</param>
|
|
/// <param name="backOfficeSecurityAccessor">The back office security accessor</param>
|
|
/// <param name="jsonSerializer">The JSON serializer</param>
|
|
/// <param name="passwordChanger">The password changer</param>
|
|
public MemberController(
|
|
ICultureDictionary cultureDictionary,
|
|
ILoggerFactory loggerFactory,
|
|
IShortStringHelper shortStringHelper,
|
|
IEventMessagesFactory eventMessages,
|
|
ILocalizedTextService localizedTextService,
|
|
PropertyEditorCollection propertyEditors,
|
|
UmbracoMapper umbracoMapper,
|
|
IMemberService memberService,
|
|
IMemberTypeService memberTypeService,
|
|
IMemberManager memberManager,
|
|
IDataTypeService dataTypeService,
|
|
IBackOfficeSecurityAccessor backOfficeSecurityAccessor,
|
|
IJsonSerializer jsonSerializer,
|
|
IPasswordChanger<MembersIdentityUser> passwordChanger)
|
|
: base(cultureDictionary, loggerFactory, shortStringHelper, eventMessages, localizedTextService, jsonSerializer)
|
|
{
|
|
_propertyEditors = propertyEditors;
|
|
_umbracoMapper = umbracoMapper;
|
|
_memberService = memberService;
|
|
_memberTypeService = memberTypeService;
|
|
_memberManager = memberManager;
|
|
_dataTypeService = dataTypeService;
|
|
_localizedTextService = localizedTextService;
|
|
_backOfficeSecurityAccessor = backOfficeSecurityAccessor;
|
|
_jsonSerializer = jsonSerializer;
|
|
_shortStringHelper = shortStringHelper;
|
|
_passwordChanger = passwordChanger;
|
|
}
|
|
|
|
/// <summary>
|
|
/// The paginated list of members
|
|
/// </summary>
|
|
/// <param name="pageNumber">The page number to display</param>
|
|
/// <param name="pageSize">The size of the page</param>
|
|
/// <param name="orderBy">The ordering of the member list</param>
|
|
/// <param name="orderDirection">The direction of the member list</param>
|
|
/// <param name="orderBySystemField">The system field to order by</param>
|
|
/// <param name="filter">The current filter for the list</param>
|
|
/// <param name="memberTypeAlias">The member type</param>
|
|
/// <returns>The paged result of members</returns>
|
|
public PagedResult<MemberBasic> GetPagedResults(
|
|
int pageNumber = 1,
|
|
int pageSize = 100,
|
|
string orderBy = "username",
|
|
Direction orderDirection = Direction.Ascending,
|
|
bool orderBySystemField = true,
|
|
string filter = "",
|
|
string memberTypeAlias = null)
|
|
{
|
|
|
|
if (pageNumber <= 0 || pageSize <= 0)
|
|
{
|
|
throw new NotSupportedException("Both pageNumber and pageSize must be greater than zero");
|
|
}
|
|
|
|
IMember[] members = _memberService.GetAll(
|
|
pageNumber - 1,
|
|
pageSize,
|
|
out var totalRecords,
|
|
orderBy,
|
|
orderDirection,
|
|
orderBySystemField,
|
|
memberTypeAlias,
|
|
filter).ToArray();
|
|
if (totalRecords == 0)
|
|
{
|
|
return new PagedResult<MemberBasic>(0, 0, 0);
|
|
}
|
|
|
|
var pagedResult = new PagedResult<MemberBasic>(totalRecords, pageNumber, pageSize)
|
|
{
|
|
Items = members.Select(x => _umbracoMapper.Map<MemberBasic>(x))
|
|
};
|
|
return pagedResult;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Returns a display node with a list view to render members
|
|
/// </summary>
|
|
/// <param name="listName">The member type to list</param>
|
|
/// <returns>The member list for display</returns>
|
|
public MemberListDisplay GetListNodeDisplay(string listName)
|
|
{
|
|
IMemberType foundType = _memberTypeService.Get(listName);
|
|
string name = foundType != null ? foundType.Name : listName;
|
|
|
|
var apps = new List<ContentApp>();
|
|
apps.Add(ListViewContentAppFactory.CreateContentApp(_dataTypeService, _propertyEditors, listName, "member", Core.Constants.DataTypes.DefaultMembersListView));
|
|
apps[0].Active = true;
|
|
|
|
var display = new MemberListDisplay
|
|
{
|
|
ContentTypeAlias = listName,
|
|
ContentTypeName = name,
|
|
Id = listName,
|
|
IsContainer = true,
|
|
Name = listName == Constants.Conventions.MemberTypes.AllMembersListId ? "All Members" : name,
|
|
Path = "-1," + listName,
|
|
ParentId = -1,
|
|
ContentApps = apps
|
|
};
|
|
|
|
return display;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets the content json for the member
|
|
/// </summary>
|
|
/// <param name="key">The Guid key of the member</param>
|
|
/// <returns>The member for display</returns>
|
|
[OutgoingEditorModelEvent]
|
|
public MemberDisplay GetByKey(Guid key)
|
|
{
|
|
IMember foundMember = _memberService.GetByKey(key);
|
|
if (foundMember == null)
|
|
{
|
|
HandleContentNotFound(key);
|
|
}
|
|
|
|
return _umbracoMapper.Map<MemberDisplay>(foundMember);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets an empty content item for the
|
|
/// </summary>
|
|
/// <param name="contentTypeAlias">The content type</param>
|
|
/// <returns>The empty member for display</returns>
|
|
[OutgoingEditorModelEvent]
|
|
public ActionResult<MemberDisplay> GetEmpty(string contentTypeAlias = null)
|
|
{
|
|
if (contentTypeAlias == null)
|
|
{
|
|
return NotFound();
|
|
}
|
|
|
|
IMemberType contentType = _memberTypeService.Get(contentTypeAlias);
|
|
if (contentType == null)
|
|
{
|
|
return NotFound();
|
|
}
|
|
|
|
string newPassword = _memberManager.GeneratePassword();
|
|
|
|
IMember emptyContent = new Member(contentType);
|
|
emptyContent.AdditionalData["NewPassword"] = newPassword;
|
|
return _umbracoMapper.Map<MemberDisplay>(emptyContent);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Saves member
|
|
/// </summary>
|
|
/// <param name="contentItem">The content item to save as a member</param>
|
|
/// <returns>The resulting member display object</returns>
|
|
[FileUploadCleanupFilter]
|
|
[OutgoingEditorModelEvent]
|
|
[MemberSaveValidation]
|
|
public async Task<ActionResult<MemberDisplay>> PostSave([ModelBinder(typeof(MemberBinder))] MemberSave contentItem)
|
|
{
|
|
if (contentItem == null)
|
|
{
|
|
throw new ArgumentNullException("The member content item was null");
|
|
}
|
|
|
|
// If we've reached here it means:
|
|
// * Our model has been bound
|
|
// * and validated
|
|
// * any file attachments have been saved to their temporary location for us to use
|
|
// * we have a reference to the DTO object and the persisted object
|
|
// * Permissions are valid
|
|
|
|
// map the properties to the persisted entity
|
|
MapPropertyValues(contentItem);
|
|
|
|
await ValidateMemberDataAsync(contentItem);
|
|
|
|
// Unlike content/media - if there are errors for a member, we do NOT proceed to save them, we cannot so return the errors
|
|
if (ModelState.IsValid == false)
|
|
{
|
|
MemberDisplay forDisplay = _umbracoMapper.Map<MemberDisplay>(contentItem.PersistedContent);
|
|
forDisplay.Errors = ModelState.ToErrorDictionary();
|
|
return new ValidationErrorResult(forDisplay);
|
|
}
|
|
|
|
// Depending on the action we need to first do a create or update using the membership manager
|
|
// this ensures that passwords are formatted correctly and also performs the validation on the provider itself.
|
|
|
|
switch (contentItem.Action)
|
|
{
|
|
case ContentSaveAction.Save:
|
|
ActionResult<bool> updateSuccessful = await UpdateMemberAsync(contentItem);
|
|
if (!(updateSuccessful.Result is null))
|
|
{
|
|
return updateSuccessful.Result;
|
|
}
|
|
|
|
break;
|
|
case ContentSaveAction.SaveNew:
|
|
ActionResult<bool> createSuccessful = await CreateMemberAsync(contentItem);
|
|
if (!(createSuccessful.Result is null))
|
|
{
|
|
return createSuccessful.Result;
|
|
}
|
|
|
|
break;
|
|
default:
|
|
// we don't support anything else for members
|
|
return NotFound();
|
|
}
|
|
|
|
// TODO: There's 3 things saved here and we should do this all in one transaction, which we can do here by wrapping in a scope
|
|
// but it would be nicer to have this taken care of within the Save method itself
|
|
|
|
// return the updated model
|
|
MemberDisplay display = _umbracoMapper.Map<MemberDisplay>(contentItem.PersistedContent);
|
|
|
|
// lastly, if it is not valid, add the model state to the outgoing object and throw a 403
|
|
if (!ModelState.IsValid)
|
|
{
|
|
display.Errors = ModelState.ToErrorDictionary();
|
|
return new ValidationErrorResult(display, StatusCodes.Status403Forbidden);
|
|
}
|
|
|
|
ILocalizedTextService localizedTextService = _localizedTextService;
|
|
|
|
// put the correct messages in
|
|
switch (contentItem.Action)
|
|
{
|
|
case ContentSaveAction.Save:
|
|
case ContentSaveAction.SaveNew:
|
|
display.AddSuccessNotification(
|
|
localizedTextService.Localize("speechBubbles/editMemberSaved"),
|
|
localizedTextService.Localize("speechBubbles/editMemberSaved"));
|
|
break;
|
|
}
|
|
|
|
return display;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Maps the property values to the persisted entity
|
|
/// </summary>
|
|
/// <param name="contentItem">The member content item to map properties from</param>
|
|
private void MapPropertyValues(MemberSave contentItem)
|
|
{
|
|
// Don't update the name if it is empty
|
|
if (contentItem.Name.IsNullOrWhiteSpace() == false)
|
|
{
|
|
contentItem.PersistedContent.Name = contentItem.Name;
|
|
}
|
|
|
|
// map the custom properties - this will already be set for new entities in our member binder
|
|
contentItem.PersistedContent.Email = contentItem.Email;
|
|
contentItem.PersistedContent.Username = contentItem.Username;
|
|
|
|
// use the base method to map the rest of the properties
|
|
MapPropertyValuesForPersistence<IMember, MemberSave>(
|
|
contentItem,
|
|
contentItem.PropertyCollectionDto,
|
|
(save, property) => property.GetValue(), // get prop val
|
|
(save, property, v) => property.SetValue(v), // set prop val
|
|
null); // member are all invariant
|
|
}
|
|
|
|
/// <summary>
|
|
/// Create a member from the supplied member content data
|
|
///
|
|
/// All member password processing and creation is done via the identity manager
|
|
/// </summary>
|
|
/// <param name="contentItem">Member content data</param>
|
|
/// <returns>The identity result of the created member</returns>
|
|
private async Task<ActionResult<bool>> CreateMemberAsync(MemberSave contentItem)
|
|
{
|
|
IMemberType memberType = _memberTypeService.Get(contentItem.ContentTypeAlias);
|
|
if (memberType == null)
|
|
{
|
|
throw new InvalidOperationException($"No member type found with alias {contentItem.ContentTypeAlias}");
|
|
}
|
|
|
|
var identityMember = MembersIdentityUser.CreateNew(
|
|
contentItem.Username,
|
|
contentItem.Email,
|
|
memberType.Alias,
|
|
contentItem.Name);
|
|
|
|
IdentityResult created = await _memberManager.CreateAsync(identityMember, contentItem.Password.NewPassword);
|
|
|
|
if (created.Succeeded == false)
|
|
{
|
|
return new ValidationErrorResult(created.Errors.ToErrorMessage());
|
|
}
|
|
|
|
// now re-look up the member, which will now exist
|
|
IMember member = _memberService.GetByEmail(contentItem.Email);
|
|
|
|
// map the save info over onto the user
|
|
member = _umbracoMapper.Map<MemberSave, IMember>(contentItem, member);
|
|
|
|
int creatorId = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id;
|
|
member.CreatorId = creatorId;
|
|
|
|
// assign the mapped property values that are not part of the identity properties
|
|
string[] builtInAliases = ConventionsHelper.GetStandardPropertyTypeStubs(_shortStringHelper).Select(x => x.Key).ToArray();
|
|
foreach (ContentPropertyBasic property in contentItem.Properties)
|
|
{
|
|
if (builtInAliases.Contains(property.Alias) == false)
|
|
{
|
|
member.Properties[property.Alias].SetValue(property.Value);
|
|
}
|
|
}
|
|
|
|
//TODO: do we need to resave the key?
|
|
// contentItem.PersistedContent.Key = contentItem.Key;
|
|
|
|
// now the member has been saved via identity, resave the member with mapped content properties
|
|
_memberService.Save(member);
|
|
contentItem.PersistedContent = member;
|
|
|
|
await AddOrUpdateRoles(contentItem, identityMember);
|
|
return true;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Update the member security data
|
|
/// If the password has been reset then this method will return the reset/generated password, otherwise will return null.
|
|
/// </summary>
|
|
/// <param name="contentItem">The member to save</param>
|
|
private async Task<ActionResult<bool>> UpdateMemberAsync(MemberSave contentItem)
|
|
{
|
|
contentItem.PersistedContent.WriterId = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Id;
|
|
|
|
// If the user doesn't have access to sensitive values, then we need to check if any of the built in member property types
|
|
// have been marked as sensitive. If that is the case we cannot change these persisted values no matter what value has been posted.
|
|
// There's only 3 special ones we need to deal with that are part of the MemberSave instance: Comments, IsApproved, IsLockedOut
|
|
// but we will take care of this in a generic way below so that it works for all props.
|
|
if (!_backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser.HasAccessToSensitiveData())
|
|
{
|
|
IMemberType memberType = _memberTypeService.Get(contentItem.PersistedContent.ContentTypeId);
|
|
var sensitiveProperties = memberType
|
|
.PropertyTypes.Where(x => memberType.IsSensitiveProperty(x.Alias))
|
|
.ToList();
|
|
|
|
foreach (IPropertyType sensitiveProperty in sensitiveProperties)
|
|
{
|
|
ContentPropertyBasic destProp = contentItem.Properties.FirstOrDefault(x => x.Alias == sensitiveProperty.Alias);
|
|
if (destProp != null)
|
|
{
|
|
// if found, change the value of the contentItem model to the persisted value so it remains unchanged
|
|
object origValue = contentItem.PersistedContent.GetValue(sensitiveProperty.Alias);
|
|
destProp.Value = origValue;
|
|
}
|
|
}
|
|
}
|
|
|
|
bool isLockedOut = contentItem.IsLockedOut;
|
|
|
|
// if they were locked but now they are trying to be unlocked
|
|
if (contentItem.PersistedContent.IsLockedOut && isLockedOut == false)
|
|
{
|
|
contentItem.PersistedContent.IsLockedOut = false;
|
|
contentItem.PersistedContent.FailedPasswordAttempts = 0;
|
|
}
|
|
else if (!contentItem.PersistedContent.IsLockedOut && isLockedOut)
|
|
{
|
|
// NOTE: This should not ever happen unless someone is mucking around with the request data.
|
|
// An admin cannot simply lock a user, they get locked out by password attempts, but an admin can un-approve them
|
|
ModelState.AddModelError("custom", "An admin cannot lock a user");
|
|
}
|
|
|
|
MembersIdentityUser identityMember = await _memberManager.FindByIdAsync(contentItem.Id.ToString());
|
|
if (identityMember == null)
|
|
{
|
|
return new ValidationErrorResult("Identity member was not found");
|
|
}
|
|
|
|
if (contentItem.Password != null)
|
|
{
|
|
IdentityResult validatePassword = await _memberManager.ValidatePasswordAsync(contentItem.Password.NewPassword);
|
|
if (validatePassword.Succeeded == false)
|
|
{
|
|
return new ValidationErrorResult(validatePassword.Errors.ToErrorMessage());
|
|
}
|
|
|
|
Attempt<int> intId = identityMember.Id.TryConvertTo<int>();
|
|
if (intId.Success == false)
|
|
{
|
|
return new ValidationErrorResult("Member ID was not valid");
|
|
}
|
|
|
|
IMember foundMember = _memberService.GetById(intId.Result);
|
|
if (foundMember == null)
|
|
{
|
|
return new ValidationErrorResult("Member was not found");
|
|
}
|
|
|
|
IUser currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser;
|
|
// if the current user has access to reset/manually change the password
|
|
if (currentUser.HasSectionAccess(Constants.Applications.Members) == false)
|
|
{
|
|
return new ValidationErrorResult("The current user is not authorized");
|
|
}
|
|
var changingPasswordModel = new ChangingPasswordModel
|
|
{
|
|
Id = intId.Result,
|
|
OldPassword = contentItem.Password.OldPassword,
|
|
NewPassword = contentItem.Password.NewPassword,
|
|
};
|
|
|
|
Attempt<PasswordChangedModel> passwordChangeResult = await _passwordChanger.ChangePasswordWithIdentityAsync(changingPasswordModel, _memberManager);
|
|
|
|
if (passwordChangeResult.Result.ChangeError?.MemberNames != null)
|
|
{
|
|
foreach (string memberName in passwordChangeResult.Result.ChangeError?.MemberNames)
|
|
{
|
|
ModelState.AddModelError(memberName, passwordChangeResult.Result.ChangeError?.ErrorMessage ?? string.Empty);
|
|
}
|
|
return new ValidationErrorResult(new SimpleValidationModel(ModelState.ToErrorDictionary()));
|
|
}
|
|
|
|
if (passwordChangeResult.Success)
|
|
{
|
|
// get the identity member now the password and dates have changed
|
|
identityMember = await _memberManager.FindByIdAsync(contentItem.Id.ToString());
|
|
|
|
//TODO: confirm this is correct
|
|
contentItem.PersistedContent.RawPasswordValue = identityMember.PasswordHash;
|
|
|
|
if (identityMember.LastPasswordChangeDateUtc != null)
|
|
{
|
|
contentItem.PersistedContent.LastPasswordChangeDate = (DateTime)identityMember.LastPasswordChangeDateUtc;
|
|
}
|
|
}
|
|
}
|
|
|
|
IdentityResult updatedResult = await _memberManager.UpdateAsync(identityMember);
|
|
|
|
if (updatedResult.Succeeded == false)
|
|
{
|
|
return new ValidationErrorResult(updatedResult.Errors.ToErrorMessage());
|
|
}
|
|
|
|
_memberService.Save(contentItem.PersistedContent);
|
|
|
|
await AddOrUpdateRoles(contentItem, identityMember);
|
|
return true;
|
|
}
|
|
|
|
private async Task<bool> ValidateMemberDataAsync(MemberSave contentItem)
|
|
{
|
|
if (contentItem.Name.IsNullOrWhiteSpace())
|
|
{
|
|
ModelState.AddPropertyError(
|
|
new ValidationResult("Invalid user name", new[] { "value" }),
|
|
$"{Constants.PropertyEditors.InternalGenericPropertiesPrefix}login");
|
|
return false;
|
|
}
|
|
|
|
if (contentItem.Password != null && !contentItem.Password.NewPassword.IsNullOrWhiteSpace())
|
|
{
|
|
IdentityResult validPassword = await _memberManager.ValidatePasswordAsync(contentItem.Password.NewPassword);
|
|
if (!validPassword.Succeeded)
|
|
{
|
|
ModelState.AddPropertyError(
|
|
new ValidationResult("Invalid password: " + MapErrors(validPassword.Errors), new[] { "value" }),
|
|
$"{Constants.PropertyEditors.InternalGenericPropertiesPrefix}password");
|
|
return false;
|
|
}
|
|
}
|
|
|
|
IMember byUsername = _memberService.GetByUsername(contentItem.Username);
|
|
if (byUsername != null && byUsername.Key != contentItem.Key)
|
|
{
|
|
ModelState.AddPropertyError(
|
|
new ValidationResult("Username is already in use", new[] { "value" }),
|
|
$"{Constants.PropertyEditors.InternalGenericPropertiesPrefix}login");
|
|
return false;
|
|
}
|
|
|
|
IMember byEmail = _memberService.GetByEmail(contentItem.Email);
|
|
if (byEmail != null && byEmail.Key != contentItem.Key)
|
|
{
|
|
ModelState.AddPropertyError(
|
|
new ValidationResult("Email address is already in use", new[] { "value" }),
|
|
$"{Constants.PropertyEditors.InternalGenericPropertiesPrefix}email");
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
private string MapErrors(IEnumerable<IdentityError> result)
|
|
{
|
|
var sb = new StringBuilder();
|
|
IEnumerable<IdentityError> identityErrors = result.ToList();
|
|
foreach (IdentityError error in identityErrors)
|
|
{
|
|
string errorString = $"{error.Description}";
|
|
sb.AppendLine(errorString);
|
|
}
|
|
|
|
return sb.ToString();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Add or update the identity roles
|
|
/// </summary>
|
|
/// <param name="contentItem">The member content item</param>
|
|
/// <param name="identityMember">The member as an identity user</param>
|
|
private async Task AddOrUpdateRoles(MemberSave contentItem, MembersIdentityUser identityMember)
|
|
{
|
|
// We're gonna look up the current roles now because the below code can cause
|
|
// events to be raised and developers could be manually adding roles to members in
|
|
// their handlers. If we don't look this up now there's a chance we'll just end up
|
|
// removing the roles they've assigned.
|
|
IEnumerable<string> currentRoles = await _memberManager.GetRolesAsync(identityMember);
|
|
|
|
// find the ones to remove and remove them
|
|
IEnumerable<string> roles = currentRoles.ToList();
|
|
string[] rolesToRemove = roles.Except(contentItem.Groups).ToArray();
|
|
|
|
// Now let's do the role provider stuff - now that we've saved the content item (that is important since
|
|
// if we are changing the username, it must be persisted before looking up the member roles).
|
|
if (rolesToRemove.Any())
|
|
{
|
|
IdentityResult rolesIdentityResult = await _memberManager.RemoveFromRolesAsync(identityMember, rolesToRemove);
|
|
}
|
|
|
|
// find the ones to add and add them
|
|
string[] toAdd = contentItem.Groups.Except(roles).ToArray();
|
|
if (toAdd.Any())
|
|
{
|
|
// add the ones submitted
|
|
IdentityResult identityResult = await _memberManager.AddToRolesAsync(identityMember, toAdd);
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Permanently deletes a member
|
|
/// </summary>
|
|
/// <param name="key">Guid of the member to delete</param>
|
|
/// <returns>The result of the deletion</returns>
|
|
///
|
|
[HttpPost]
|
|
public IActionResult DeleteByKey(Guid key)
|
|
{
|
|
//TODO: move to MembersUserStore
|
|
IMember foundMember = _memberService.GetByKey(key);
|
|
if (foundMember == null)
|
|
{
|
|
return HandleContentNotFound(key);
|
|
}
|
|
|
|
_memberService.Delete(foundMember);
|
|
|
|
return Ok();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Exports member data based on their unique Id
|
|
/// </summary>
|
|
/// <param name="key">The unique <see cref="Guid">member identifier</see></param>
|
|
/// <returns><see cref="HttpResponseMessage"/></returns>
|
|
[HttpGet]
|
|
public IActionResult ExportMemberData(Guid key)
|
|
{
|
|
IUser currentUser = _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser;
|
|
|
|
if (currentUser.HasAccessToSensitiveData() == false)
|
|
{
|
|
return Forbid();
|
|
}
|
|
|
|
MemberExportModel member = ((MemberService)_memberService).ExportMember(key);
|
|
if (member is null)
|
|
{
|
|
throw new NullReferenceException("No member found with key " + key);
|
|
}
|
|
|
|
var json = _jsonSerializer.Serialize(member);
|
|
|
|
var fileName = $"{member.Name}_{member.Email}.txt";
|
|
|
|
// Set custom header so umbRequestHelper.downloadFile can save the correct filename
|
|
HttpContext.Response.Headers.Add("x-filename", fileName);
|
|
|
|
return File(Encoding.UTF8.GetBytes(json), MediaTypeNames.Application.Octet, fileName);
|
|
}
|
|
}
|
|
}
|