Select Git revision
SplineTest.cpp
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
UserController.cs 2.67 KiB
using Coscine.Api.User.Models;
using Coscine.Api.User.ReturnObjects;
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Authorization;
namespace Coscine.Api.User.Controllers
{
[Authorize]
public class UserController : Controller
{
private readonly Authenticator _authenticator;
private readonly UserModel _userModel;
public UserController()
{
_authenticator = new Authenticator(this, Program.Configuration);
_userModel = new UserModel();
}
[HttpPost("[controller]/email")]
public IActionResult ChangeContactMail()
{
var user = _authenticator.GetUser();
UserObject userObject = ObjectFactory<UserObject>.DeserializeFromStream(Request.Body);
if (new EmailAddressAttribute().IsValid(userObject.EmailAddress))
{
user.EmailAddress = userObject.EmailAddress;
return Ok(_userModel.Update(user));
}
else
{
throw new FormatException("Incorrect E-Mail format!");
}
}
[HttpGet("[controller]/user")]
public IActionResult GetUser()
{
var user = _authenticator.GetUser();
return Ok(new UserObject(user.Id, user.DisplayName, user.EmailAddress));
}
[HttpGet("[controller]/query/{queryString}/project/{projectId}")]
public IActionResult Query(string queryString, string projectId)
{
var user = _authenticator.GetUser();
string lowerQueryString = queryString.ToLower();
Guid.TryParse(projectId, out Guid projectIdGuid);
ProjectModel projectModel = new ProjectModel();
if (projectModel.HasAccess(user, projectModel.GetById(projectIdGuid)))
{
return Ok(_userModel.GetAllWhere((dbUser) =>
(dbUser.DisplayName.ToLower().Contains(lowerQueryString)
|| dbUser.EmailAddress.ToLower().Contains(lowerQueryString))
&& !((from projectRole in dbUser.ProjectRolesUserIdIds
where projectRole.ProjectId == projectIdGuid
select projectRole).Any()))
.Take(10)
.Select((dbUser) => new UserObject(dbUser.Id, dbUser.DisplayName, null)));
}
else
{
throw new UnauthorizedAccessException("User is not allowed to query users with respect to given project!");
}
}
}
}