From ec83cf1912cd5657fc0d3c89d062d1b80472a18a Mon Sep 17 00:00:00 2001 From: Hubert Date: Sat, 11 Nov 2023 10:03:22 +0100 Subject: [PATCH 1/8] add a patch endpoint to update a user group of an account --- .../Services/v2/AccountService.cs | 26 +++++++++++++++++++ .../Services/v2/IAccountService.cs | 9 ++++++- .../Controllers/v2/AccountController.cs | 20 +++++++++++++- 3 files changed, 53 insertions(+), 2 deletions(-) diff --git a/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs b/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs index 7bfdbd41..2fbd0e41 100644 --- a/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs +++ b/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs @@ -8,6 +8,7 @@ using CoffeeCard.Models.DataTransferObjects.v2.User; using CoffeeCard.Models.Entities; using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Serilog; @@ -200,6 +201,31 @@ private async Task GetAccountByEmailAsync(string email) return user; } + public async Task UpdateUserGroup(UserGroup userGroup, int id) + { + User user = await GetUserByIdAsync(id); + + user.UserGroup = userGroup; + + await _context.SaveChangesAsync(); + } + + private async Task GetUserByIdAsync(int id) + { + var user = await _context.Users + .Where(u => u.Id == id) + .FirstOrDefaultAsync(); + + if (user == null) + { + Log.Error("No user was found by user id: {id}", id); + throw new EntityNotFoundException($"No user was found by user id: {id}"); + } + + return user; + } + + private static string EscapeName(string name) { return name.Trim('<', '>', '{', '}'); diff --git a/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs b/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs index 0c38a49a..ec5dcc3d 100644 --- a/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs +++ b/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs @@ -4,6 +4,7 @@ using CoffeeCard.Common.Errors; using CoffeeCard.Models.DataTransferObjects.v2.User; using CoffeeCard.Models.Entities; +using Microsoft.AspNetCore.Mvc; namespace CoffeeCard.Library.Services.v2 { @@ -53,8 +54,14 @@ public interface IAccountService /// Resend invite e-mail if user account is not already verified /// /// Email request - /// User account is already verified /// Email account not found Task ResendAccountVerificationEmail(ResendAccountVerificationEmailRequest request); + + /// + /// Update a userGroup of a user with a provided id + /// + /// The user group that will be updated + /// id of the user + Task UpdateUserGroup(UserGroup userGroup, int id); } } \ No newline at end of file diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index 5713ebc4..0b85d4af 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -9,7 +9,6 @@ using Microsoft.AspNetCore.Mvc; using CoffeeCard.Library.Services.v2; using CoffeeCard.Models.Entities; -using Serilog; namespace CoffeeCard.WebApi.Controllers.v2 { @@ -135,6 +134,25 @@ public async Task> EmailExists([FromBody] Emai EmailExists = emailInUse }); } + + /// + /// Updates the user group of a user + /// + /// id of the user whose userGroup will be updated + /// UserGroup object that will update the current userGroup attribute + /// Account information + /// The update was processed + /// Invalid credentials + [HttpPatch] + [ProducesResponseType(typeof(void), StatusCodes.Status204NoContent)] + [ProducesResponseType(typeof(void), StatusCodes.Status401Unauthorized)] + [Route("{id:int}/user-group")] + public async Task UpdateAccountUserGroup(int id, UserGroup userGroup) + { + await _accountService.UpdateUserGroup(userGroup, id); + + return new NoContentResult(); + } /// /// Resend account verification email if account is not already verified From db517061947fb80774e796bbf7c3f37f05ebb4b6 Mon Sep 17 00:00:00 2001 From: Hubert Date: Sat, 11 Nov 2023 10:07:22 +0100 Subject: [PATCH 2/8] a fix in xml comments --- .../CoffeeCard.WebApi/Controllers/v2/AccountController.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index 0b85d4af..1ac55958 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -140,7 +140,7 @@ public async Task> EmailExists([FromBody] Emai /// /// id of the user whose userGroup will be updated /// UserGroup object that will update the current userGroup attribute - /// Account information + /// no content result /// The update was processed /// Invalid credentials [HttpPatch] From 1215be8cfd823b35c078ea34913c14d30a146cbd Mon Sep 17 00:00:00 2001 From: Hubert Date: Sat, 11 Nov 2023 10:09:06 +0100 Subject: [PATCH 3/8] format code --- coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs | 6 +++--- .../CoffeeCard.Library/Services/v2/IAccountService.cs | 2 +- .../CoffeeCard.WebApi/Controllers/v2/AccountController.cs | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs b/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs index 2fbd0e41..fea0d595 100644 --- a/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs +++ b/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs @@ -204,7 +204,7 @@ private async Task GetAccountByEmailAsync(string email) public async Task UpdateUserGroup(UserGroup userGroup, int id) { User user = await GetUserByIdAsync(id); - + user.UserGroup = userGroup; await _context.SaveChangesAsync(); @@ -215,7 +215,7 @@ private async Task GetUserByIdAsync(int id) var user = await _context.Users .Where(u => u.Id == id) .FirstOrDefaultAsync(); - + if (user == null) { Log.Error("No user was found by user id: {id}", id); @@ -224,7 +224,7 @@ private async Task GetUserByIdAsync(int id) return user; } - + private static string EscapeName(string name) { diff --git a/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs b/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs index ec5dcc3d..9a35b4f2 100644 --- a/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs +++ b/coffeecard/CoffeeCard.Library/Services/v2/IAccountService.cs @@ -56,7 +56,7 @@ public interface IAccountService /// Email request /// Email account not found Task ResendAccountVerificationEmail(ResendAccountVerificationEmailRequest request); - + /// /// Update a userGroup of a user with a provided id /// diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index 1ac55958..a8894837 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -134,7 +134,7 @@ public async Task> EmailExists([FromBody] Emai EmailExists = emailInUse }); } - + /// /// Updates the user group of a user /// From cdf7bc1692372d4cfb871f1c722905cb65a50d67 Mon Sep 17 00:00:00 2001 From: Hubert Date: Thu, 16 Nov 2023 17:47:55 +0100 Subject: [PATCH 4/8] fix Jonas comments --- .../Services/v2/AccountService.cs | 4 ++-- .../v2/User/UpdateUserGroupRequest.cs | 24 +++++++++++++++++++ .../Controllers/v2/AccountController.cs | 13 ++++++---- 3 files changed, 35 insertions(+), 6 deletions(-) create mode 100644 coffeecard/CoffeeCard.Models/DataTransferObjects/v2/User/UpdateUserGroupRequest.cs diff --git a/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs b/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs index fea0d595..0b72d071 100644 --- a/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs +++ b/coffeecard/CoffeeCard.Library/Services/v2/AccountService.cs @@ -201,9 +201,9 @@ private async Task GetAccountByEmailAsync(string email) return user; } - public async Task UpdateUserGroup(UserGroup userGroup, int id) + public async Task UpdateUserGroup(UserGroup userGroup, int userId) { - User user = await GetUserByIdAsync(id); + User user = await GetUserByIdAsync(userId); user.UserGroup = userGroup; diff --git a/coffeecard/CoffeeCard.Models/DataTransferObjects/v2/User/UpdateUserGroupRequest.cs b/coffeecard/CoffeeCard.Models/DataTransferObjects/v2/User/UpdateUserGroupRequest.cs new file mode 100644 index 00000000..49fb5c48 --- /dev/null +++ b/coffeecard/CoffeeCard.Models/DataTransferObjects/v2/User/UpdateUserGroupRequest.cs @@ -0,0 +1,24 @@ +using System.ComponentModel.DataAnnotations; +using CoffeeCard.Models.Entities; + +namespace CoffeeCard.Models.DataTransferObjects.v2.User +{ + /// + /// Update the UserGroup property of a user + /// + /// + /// { + /// "UserGroup": "Barista" + /// } + /// + public class UpdateUserGroupRequest + { + /// + /// The UserGroup of a user + /// + /// UserGroup object + /// UserGroup.Barista + [Required] + public UserGroup UserGroup { get; set; } + } +} \ No newline at end of file diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index a8894837..fc8cc71c 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Mvc; using CoffeeCard.Library.Services.v2; using CoffeeCard.Models.Entities; +using CoffeeCard.WebApi.Helpers; namespace CoffeeCard.WebApi.Controllers.v2 { @@ -139,17 +140,21 @@ public async Task> EmailExists([FromBody] Emai /// Updates the user group of a user /// /// id of the user whose userGroup will be updated - /// UserGroup object that will update the current userGroup attribute + /// Update User Group information request /// no content result /// The update was processed /// Invalid credentials + /// User not found [HttpPatch] + [AllowAnonymous] + //[AuthorizeRoles(UserGroup.Board)] [ProducesResponseType(typeof(void), StatusCodes.Status204NoContent)] - [ProducesResponseType(typeof(void), StatusCodes.Status401Unauthorized)] + [ProducesResponseType(typeof(ApiError), StatusCodes.Status401Unauthorized)] + [ProducesResponseType(typeof(ApiError), StatusCodes.Status404NotFound)] [Route("{id:int}/user-group")] - public async Task UpdateAccountUserGroup(int id, UserGroup userGroup) + public async Task UpdateAccountUserGroup(int id, [FromBody] UpdateUserGroupRequest updateUserGroupRequest) { - await _accountService.UpdateUserGroup(userGroup, id); + await _accountService.UpdateUserGroup(updateUserGroupRequest.UserGroup, id); return new NoContentResult(); } From 66c9b98c7bfbb9b8cd2451d9689d11db88836a5b Mon Sep 17 00:00:00 2001 From: Hubert Date: Thu, 16 Nov 2023 18:19:49 +0100 Subject: [PATCH 5/8] authorize only board for the patch endpoint --- .../CoffeeCard.WebApi/Controllers/v2/AccountController.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index fc8cc71c..0bc73a82 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -167,7 +167,7 @@ public async Task UpdateAccountUserGroup(int id, [FromBody] Update /// Email not found /// Account already verified [HttpPost] - [AllowAnonymous] + [AuthorizeRoles(UserGroup.Board)] [ProducesResponseType(typeof(void), StatusCodes.Status200OK)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status404NotFound)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status409Conflict)] From da5215a5b26710b8d65bc893b17a1bb600078fb0 Mon Sep 17 00:00:00 2001 From: Hubert Date: Thu, 16 Nov 2023 18:28:04 +0100 Subject: [PATCH 6/8] uncomment the board authorization line --- .../CoffeeCard.WebApi/Controllers/v2/AccountController.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index 0bc73a82..d8fd0e80 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -146,8 +146,7 @@ public async Task> EmailExists([FromBody] Emai /// Invalid credentials /// User not found [HttpPatch] - [AllowAnonymous] - //[AuthorizeRoles(UserGroup.Board)] + [AuthorizeRoles(UserGroup.Board)] [ProducesResponseType(typeof(void), StatusCodes.Status204NoContent)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status401Unauthorized)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status404NotFound)] @@ -158,6 +157,7 @@ public async Task UpdateAccountUserGroup(int id, [FromBody] Update return new NoContentResult(); } + /// /// Resend account verification email if account is not already verified From 45b4c450b7297e81eedce26c3f1ed71ce543a2d5 Mon Sep 17 00:00:00 2001 From: Hubert Date: Thu, 16 Nov 2023 18:33:24 +0100 Subject: [PATCH 7/8] format code --- coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index d8fd0e80..f5971dbe 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -157,7 +157,6 @@ public async Task UpdateAccountUserGroup(int id, [FromBody] Update return new NoContentResult(); } - /// /// Resend account verification email if account is not already verified From 613b776f347ad54cced62fb8bcc857cdfaab3c88 Mon Sep 17 00:00:00 2001 From: Hubert Date: Thu, 23 Nov 2023 19:14:49 +0100 Subject: [PATCH 8/8] change access to endpoint --- .../CoffeeCard.WebApi/Controllers/v2/AccountController.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs index f5971dbe..3751d641 100644 --- a/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs +++ b/coffeecard/CoffeeCard.WebApi/Controllers/v2/AccountController.cs @@ -151,7 +151,7 @@ public async Task> EmailExists([FromBody] Emai [ProducesResponseType(typeof(ApiError), StatusCodes.Status401Unauthorized)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status404NotFound)] [Route("{id:int}/user-group")] - public async Task UpdateAccountUserGroup(int id, [FromBody] UpdateUserGroupRequest updateUserGroupRequest) + public async Task UpdateAccountUserGroup([FromRoute] int id, [FromBody] UpdateUserGroupRequest updateUserGroupRequest) { await _accountService.UpdateUserGroup(updateUserGroupRequest.UserGroup, id); @@ -166,7 +166,7 @@ public async Task UpdateAccountUserGroup(int id, [FromBody] Update /// Email not found /// Account already verified [HttpPost] - [AuthorizeRoles(UserGroup.Board)] + [AllowAnonymous] [ProducesResponseType(typeof(void), StatusCodes.Status200OK)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status404NotFound)] [ProducesResponseType(typeof(ApiError), StatusCodes.Status409Conflict)]