AZEN-SGG/Kavita
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

PR Flush (#3446)

Browse source 
Co-authored-by: Hippari <iamtimscampi@gmail.com>
Co-authored-by: Gavin Mogan <github@gavinmogan.com>
This commit is contained in:
Joe Milazzo 2024-12-09 13:06:28 -06:00 committed by GitHub
parent 0407d75d91
commit bfbcb4b741
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
46 changed files with 551 additions and 364 deletions
Download patch file Download diff file Expand all files Collapse all files

20
API/Controllers/AccountController.cs
View file

@ -509,6 +509,21 @@ public class AccountController : BaseApiController
_unitOfWork.UserRepository.Update(user);
}
// Check if email is changing for a non-admin user
var isUpdatingAnotherAccount = user.Id != adminUser.Id;
if (isUpdatingAnotherAccount && !string.IsNullOrEmpty(dto.Email) && user.Email != dto.Email)
{
// Validate username change
var errors = await _accountService.ValidateEmail(dto.Email);
if (errors.Any()) return BadRequest(await _localizationService.Translate(User.GetUserId(), "email-taken"));
user.Email = dto.Email;
user.EmailConfirmed = true; // When an admin performs the flow, we assume the email address is able to receive data
await _userManager.UpdateNormalizedEmailAsync(user);
_unitOfWork.UserRepository.Update(user);
}
// Update roles
var existingRoles = await _userManager.GetRolesAsync(user);
var hasAdminRole = dto.Roles.Contains(PolicyConstants.AdminRole);
@ -612,8 +627,7 @@ public class AccountController : BaseApiController
if (adminUser == null) return Unauthorized(await _localizationService.Translate(userId, "permission-denied"));
dto.Email = dto.Email.Trim();
if (string.IsNullOrEmpty(dto.Email))
return BadRequest(await _localizationService.Translate(userId, "invalid-payload"));
if (string.IsNullOrEmpty(dto.Email)) return BadRequest(await _localizationService.Translate(userId, "invalid-payload"));
_logger.LogInformation("{User} is inviting {Email} to the server", adminUser.UserName, dto.Email);
@ -623,7 +637,7 @@ public class AccountController : BaseApiController
{
var invitedUser = await _unitOfWork.UserRepository.GetUserByEmailAsync(dto.Email);
if (await _userManager.IsEmailConfirmedAsync(invitedUser!))
return BadRequest(await _localizationService.Translate(User.GetUserId(), "user-already-registered", invitedUser.UserName));
return BadRequest(await _localizationService.Translate(User.GetUserId(), "user-already-registered", invitedUser!.UserName));
return BadRequest(await _localizationService.Translate(User.GetUserId(), "user-already-invited"));
}