From bf4547fc5836b7bba927419965696b6168b12a1e Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Fri, 12 Feb 2021 15:32:55 +0000 Subject: [PATCH] --- server/AyaNova/biz/UserBiz.cs | 21 ++++++++++++--------- server/AyaNova/models/User.cs | 34 ++++++++++++++++------------------ 2 files changed, 28 insertions(+), 27 deletions(-) diff --git a/server/AyaNova/biz/UserBiz.cs b/server/AyaNova/biz/UserBiz.cs index 8d99dd5a..8feb9972 100644 --- a/server/AyaNova/biz/UserBiz.cs +++ b/server/AyaNova/biz/UserBiz.cs @@ -385,13 +385,16 @@ namespace AyaNova.Biz putObject.Tags = TagBiz.NormalizeTags(putObject.Tags); putObject.CustomFields = JsonUtil.CompactJson(putObject.CustomFields); - //the salt is not sent with the put object, it's only location is in the db and since this putObject is replacing the dbObject - //we need to set it again here + //Fields not sent with the put object + //(it's only location is in the db and since this putObject is replacing the dbObject we need to set it again here) putObject.Salt = dbObject.Salt; - - var OriginalPW = dbObject.Password; - var OriginalLogin = dbObject.Login; - ct.Replace(dbObject, putObject); + putObject.CurrentAuthToken=dbObject.CurrentAuthToken; + putObject.DlKey=dbObject.DlKey; + putObject.DlKeyExpire=dbObject.DlKeyExpire; + putObject.PasswordResetCode=dbObject.PasswordResetCode; + putObject.PasswordResetCodeExpire=dbObject.PasswordResetCodeExpire; + + //NOTE: It's valid to call this without intending to change login or password (null values) //Is the user updating the password? if (!string.IsNullOrWhiteSpace(putObject.Password)) @@ -402,18 +405,18 @@ namespace AyaNova.Biz else { //No, use the snapshot password value - putObject.Password = OriginalPW; + putObject.Password = dbObject.Password; } //Updating login? if (string.IsNullOrWhiteSpace(putObject.Login)) { //No, use the original value - putObject.Login = OriginalLogin; + putObject.Login = dbObject.Login; } await ValidateAsync(putObject, dbObject); if (HasErrors) return null; - + ct.Replace(dbObject, putObject); try { await ct.SaveChangesAsync(); diff --git a/server/AyaNova/models/User.cs b/server/AyaNova/models/User.cs index 88586a2f..1945286d 100644 --- a/server/AyaNova/models/User.cs +++ b/server/AyaNova/models/User.cs @@ -56,26 +56,9 @@ namespace AyaNova.Models public bool Active { get; set; } [Required, MaxLength(255)] public string Name { get; set; } - public DateTime? LastLogin { get; set; } - public string Login { get; set; } public string Password { get; set; } - - [JsonIgnore] - public string Salt { get; set; } - [JsonIgnore] - public string CurrentAuthToken { get; set; } - [JsonIgnore] - public string DlKey { get; set; } - [JsonIgnore] - public DateTime? DlKeyExpire { get; set; } - - [JsonIgnore] - public string PasswordResetCode { get; set; } - [JsonIgnore] - public DateTime? PasswordResetCodeExpire { get; set; } - [Required] public AuthorizationRoles Roles { get; set; } [Required] @@ -88,9 +71,24 @@ namespace AyaNova.Models public long? VendorId { get; set; } public string Wiki { get; set; } public string CustomFields { get; set; } - public List Tags { get; set; } + //====================== + //NOT IN DTUSER CLASS + [JsonIgnore] + public string Salt { get; set; }//--- + [JsonIgnore] + public string CurrentAuthToken { get; set; }//--- + [JsonIgnore] + public string DlKey { get; set; }//--- + [JsonIgnore] + public DateTime? DlKeyExpire { get; set; }//--- + [JsonIgnore] + public string PasswordResetCode { get; set; }//--- + [JsonIgnore] + public DateTime? PasswordResetCodeExpire { get; set; }//--- + //========================== + //relations //https://docs.microsoft.com/en-us/ef/core/modeling/relationships#other-relationship-patterns [JsonIgnore]//hide from being returned (as null anyway) with User object in routes