From cb5c5b6b4faf88f47527bc1b34932d9e8dac0289 Mon Sep 17 00:00:00 2001 From: quentin Date: Tue, 29 Oct 2024 19:14:58 -0500 Subject: [PATCH] Ability to set user permissionId for registration --- .../.idea/dataSources.xml | 6 +++ .../.idea/sqldialects.xml | 7 ---- API/Controllers/AuthController.cs | 40 ++++++++++++++++--- API/DTO/Login/UserRegisterDTO.cs | 2 +- API/Services/Interfaces/IUserManager.cs | 3 +- API/Services/UserManager.cs | 9 +++-- API/Services/UserService.cs | 19 +++++++-- sanAntonioSeniorGolf.sln.DotSettings.user | 1 + 8 files changed, 67 insertions(+), 20 deletions(-) delete mode 100644 .idea/.idea.sanAntonioSeniorGolf/.idea/sqldialects.xml diff --git a/.idea/.idea.sanAntonioSeniorGolf/.idea/dataSources.xml b/.idea/.idea.sanAntonioSeniorGolf/.idea/dataSources.xml index d0298f3..ba4873d 100644 --- a/.idea/.idea.sanAntonioSeniorGolf/.idea/dataSources.xml +++ b/.idea/.idea.sanAntonioSeniorGolf/.idea/dataSources.xml @@ -6,6 +6,12 @@ true com.mysql.cj.jdbc.Driver jdbc:mysql://192.168.1.52:5618 + + + + + + $ProjectFileDir$ diff --git a/.idea/.idea.sanAntonioSeniorGolf/.idea/sqldialects.xml b/.idea/.idea.sanAntonioSeniorGolf/.idea/sqldialects.xml deleted file mode 100644 index 245d345..0000000 --- a/.idea/.idea.sanAntonioSeniorGolf/.idea/sqldialects.xml +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - - \ No newline at end of file diff --git a/API/Controllers/AuthController.cs b/API/Controllers/AuthController.cs index 373c3ac..1b8dffa 100644 --- a/API/Controllers/AuthController.cs +++ b/API/Controllers/AuthController.cs @@ -3,6 +3,7 @@ using API.DTO.Login; using API.Errors; using API.Services; using API.Services.Interfaces; +using DAL.Models; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Mvc; @@ -48,16 +49,45 @@ namespace API.Controllers } [HttpPost("register")] - public ActionResult register(UserRegisterDTO registerDTO) + public ActionResult register(UserRegisterDTO registerDTO, ulong? permissionId = null) { - UserDTO? user = _userManager.registerUser(registerDTO); + if (registerDTO.password == null) + registerDTO.password = registerDTO.phoneNumber; - if (user == null) + if (permissionId == null) { - return Conflict(Strings.UserExists); + User? user = getUser(User); + if (user == null) + return Unauthorized(); + + UserDTO? createdUser = _userManager.registerUser(registerDTO, user, permissionId); + if (createdUser == null) + return Conflict(Strings.UserExists); + + return Ok(createdUser); } - return Ok(user); + { + UserDTO? user = _userManager.registerUser(registerDTO); + + if (user == null) + { + return Conflict(Strings.UserExists); + } + + return Ok(user); + } + } + + [NonAction] + public User? getUser(ClaimsPrincipal user) + { + Claim? idClaim = user.FindFirst(ClaimTypes.NameIdentifier); + + if (idClaim == null) + return null; + + return _userService.getNoAuthentication(UInt64.Parse(idClaim.Value)); } } } diff --git a/API/DTO/Login/UserRegisterDTO.cs b/API/DTO/Login/UserRegisterDTO.cs index 7ab051a..676c2e2 100644 --- a/API/DTO/Login/UserRegisterDTO.cs +++ b/API/DTO/Login/UserRegisterDTO.cs @@ -14,6 +14,6 @@ namespace API.DTO.Login public PhoneNumber phoneNumber { get; set; } = null!; [MaxLength(1000)] - public string password { get; set; } = null!; + public string? password { get; set; } } } diff --git a/API/Services/Interfaces/IUserManager.cs b/API/Services/Interfaces/IUserManager.cs index a1496e1..16fdb7e 100644 --- a/API/Services/Interfaces/IUserManager.cs +++ b/API/Services/Interfaces/IUserManager.cs @@ -1,5 +1,6 @@ using API.DTO.Base; using API.DTO.Login; +using DAL.Models; namespace API.Services.Interfaces { @@ -7,6 +8,6 @@ namespace API.Services.Interfaces { UserDTO? authenticateUser(UserLoginDTO loginDTO); - UserDTO? registerUser(UserRegisterDTO registerDTO); + UserDTO? registerUser(UserRegisterDTO registerDTO, User? user = null, ulong? permissionId = null); } } diff --git a/API/Services/UserManager.cs b/API/Services/UserManager.cs index b79b376..2aa89f8 100644 --- a/API/Services/UserManager.cs +++ b/API/Services/UserManager.cs @@ -54,7 +54,7 @@ namespace API.Services return dto; } - public UserDTO? registerUser(UserRegisterDTO registerDTO) + public UserDTO? registerUser(UserRegisterDTO registerDTO, User? user = null, ulong? permissionId = null) { if (_userService.getNoAuthentication(x => x.phoneNumber.Equals(registerDTO.phoneNumber) || @@ -74,10 +74,13 @@ namespace API.Services byte[] salt; string hashedPassword = hashingAlgorithm.hash(registerDTO.password, out salt); - User user = _userService.add(registerDTO, hashedPassword, salt); + User? createdUser = _userService.add(registerDTO, hashedPassword, salt, user, permissionId); + + if (createdUser == null) + return null; UserDTO dto = new UserDTO(); - dto.adaptFromModel(user); + dto.adaptFromModel(createdUser); return dto; } diff --git a/API/Services/UserService.cs b/API/Services/UserService.cs index 012c48d..7a5ede0 100644 --- a/API/Services/UserService.cs +++ b/API/Services/UserService.cs @@ -17,10 +17,9 @@ namespace API.Services _defaultUserPermission = defaultUserPermission; } - public User add(UserRegisterDTO registerDTO, string hashedPassword, byte[] salt) + public User? add(UserRegisterDTO registerDTO, string hashedPassword, byte[] salt, User? user = null, ulong? permissionId = null) { Permission? defaultPermission = _permissionService.getNoAuthentication(_defaultUserPermission); - if (defaultPermission == null) throw new InvalidOperationException("defaultUserPermission doesn't exist."); @@ -33,11 +32,25 @@ namespace API.Services password = hashedPassword, salt = salt, - permissionId = defaultPermission.id, + permissionId = permissionId ?? defaultPermission.id, updated = DateTime.Now }; + if (permissionId != null && user != null) + { + model.permissionId = permissionId.Value; + model.updater = user.id; + UserDTO userDTO = new UserDTO(); + userDTO.adaptFromModel(user); + if (!_auth.canAdd(userDTO, user)) + return null; + Context.Add(model); + Context.SaveChanges(); + + return model; + } + Context.Add(model); Context.SaveChanges(); diff --git a/sanAntonioSeniorGolf.sln.DotSettings.user b/sanAntonioSeniorGolf.sln.DotSettings.user index 13ee6b4..a0e6ca6 100644 --- a/sanAntonioSeniorGolf.sln.DotSettings.user +++ b/sanAntonioSeniorGolf.sln.DotSettings.user @@ -1,4 +1,5 @@  + ForceIncluded <SessionState ContinuousTestingMode="0" IsActive="True" Name="Test1" xmlns="urn:schemas-jetbrains-com:jetbrains-ut-session"> <TestAncestor> <TestId>NUnit3x::089ACCAD-8117-4C24-9429-56A394AC4734::net5.0::unitTests.Tests.Test1</TestId>