Merge branch 'master' of github.com:ONLYOFFICE/CommunityServer-AspNetCore
This commit is contained in:
commit
ea71ac3f3c
@ -173,6 +173,17 @@ namespace ASC.Security.Cryptography
|
||||
checkKeyResult = ValidateEmailKey(Email + Type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)) + UiD, Key, ValidInterval);
|
||||
break;
|
||||
case ConfirmType.Activation:
|
||||
checkKeyResult = ValidateEmailKey(Email + Type + UiD, Key, ValidInterval);
|
||||
break;
|
||||
case ConfirmType.ProfileRemove:
|
||||
// validate UiD
|
||||
if (P == 1)
|
||||
{
|
||||
var user = CoreContext.UserManager.GetUsers(UiD.GetValueOrDefault());
|
||||
if (user == null || user.Status == EmployeeStatus.Terminated || SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != UiD)
|
||||
return ValidationResult.Invalid;
|
||||
}
|
||||
|
||||
checkKeyResult = ValidateEmailKey(Email + Type + UiD, Key, ValidInterval);
|
||||
break;
|
||||
default:
|
||||
|
@ -575,6 +575,50 @@ namespace ASC.Employee.Core.Controllers
|
||||
return new EmployeeWraperFull(user, ApiContext);
|
||||
}
|
||||
|
||||
[Delete("@self")]
|
||||
[Authorize(AuthenticationSchemes = "confirm", Roles = "ProfileRemove")]
|
||||
public EmployeeWraperFull DeleteProfile()
|
||||
{
|
||||
ApiContext.AuthByClaim();
|
||||
|
||||
if (CoreContext.UserManager.IsSystemUser(SecurityContext.CurrentAccount.ID))
|
||||
throw new SecurityException();
|
||||
|
||||
var user = GetUserInfo(SecurityContext.CurrentAccount.ID.ToString());
|
||||
|
||||
if (!CoreContext.UserManager.UserExists(user))
|
||||
throw new Exception(Resource.ErrorUserNotFound);
|
||||
|
||||
if(user.IsLDAP())
|
||||
throw new SecurityException();
|
||||
|
||||
_ = SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
|
||||
|
||||
user.Status = EmployeeStatus.Terminated;
|
||||
|
||||
CoreContext.UserManager.SaveUserInfo(Tenant, user);
|
||||
|
||||
var userName = user.DisplayUserName(false);
|
||||
MessageService.Send(MessageAction.UsersUpdatedStatus, MessageTarget.Create(user.ID), userName);
|
||||
|
||||
HttpContext.ResetUserCookie(Tenant.TenantId, user.ID);
|
||||
MessageService.Send(MessageAction.CookieSettingsUpdated);
|
||||
|
||||
if (CoreContext.Configuration.Personal)
|
||||
{
|
||||
UserPhotoManager.RemovePhoto(Tenant, user.ID);
|
||||
CoreContext.UserManager.DeleteUser(Tenant, user.ID);
|
||||
MessageService.Send(MessageAction.UserDeleted, MessageTarget.Create(user.ID), userName);
|
||||
}
|
||||
else
|
||||
{
|
||||
//StudioNotifyService.Instance.SendMsgProfileHasDeletedItself(user);
|
||||
//StudioNotifyService.SendMsgProfileDeletion(Tenant.TenantId, user);
|
||||
}
|
||||
|
||||
return new EmployeeWraperFull(user, ApiContext);
|
||||
}
|
||||
|
||||
[Update("{userid}/contacts")]
|
||||
public EmployeeWraperFull UpdateMemberContacts(string userid, UpdateMemberModel memberModel)
|
||||
{
|
||||
|
@ -5,8 +5,8 @@ import styled from 'styled-components';
|
||||
import { welcomePageTitle } from './../../../../helpers/customNames';
|
||||
import PropTypes from 'prop-types';
|
||||
import { withTranslation } from 'react-i18next';
|
||||
import { deleteUser, updateUserStatus } from './../../../../store/services/api'
|
||||
import { EmployeeStatus } from './../../../../helpers/constants';
|
||||
import { deleteSelf } from './../../../../store/services/api';
|
||||
import setAuthorizationToken from './../../../../store/services/setAuthorizationToken';
|
||||
|
||||
const ProfileRemoveContainer = styled.div`
|
||||
display: flex;
|
||||
@ -40,17 +40,13 @@ class ProfileRemove extends React.PureComponent {
|
||||
onDeleteProfile = (e) => {
|
||||
this.setState({ isLoading: true }, function () {
|
||||
const { linkData } = this.props;
|
||||
|
||||
updateUserStatus(EmployeeStatus.Disabled, [linkData.uid], linkData.confirmHeader)
|
||||
.then((res) => {
|
||||
console.log('success update status', res)
|
||||
return deleteUser(linkData.uid);
|
||||
})
|
||||
deleteSelf(linkData.confirmHeader)
|
||||
.then((res) => {
|
||||
this.setState({
|
||||
isLoading: false,
|
||||
isProfileDeleted: true
|
||||
});
|
||||
setAuthorizationToken();
|
||||
console.log('success delete', res)
|
||||
})
|
||||
.catch((e) => {
|
||||
|
@ -85,20 +85,13 @@ export function checkConfirmLink(data) {
|
||||
: axios.post(`${API_URL}/authentication/confirm.json`, data);
|
||||
}
|
||||
|
||||
export function deleteUser(userId) {
|
||||
export function deleteSelf(key) {
|
||||
return IS_FAKE
|
||||
? fakeApi.deleteUser(userId)
|
||||
: axios.delete(`${API_URL}/people/${userId}.json`);
|
||||
}
|
||||
|
||||
export function updateUserStatus(status, userIds, key) {
|
||||
return IS_FAKE
|
||||
? fakeApi.updateUserStatus(status, userIds)
|
||||
: axios.put(`${API_URL}/people/status/${status}`, { userIds }, {
|
||||
? fakeApi.deleteUser(key)
|
||||
: axios.delete(`${API_URL}/people/@self`, {
|
||||
headers: { confirm: key }
|
||||
});
|
||||
}
|
||||
|
||||
export function sendInstructionsToChangePassword(email) {
|
||||
return IS_FAKE
|
||||
? fakeApi.sendInstructionsToChangePassword()
|
||||
|
@ -447,7 +447,7 @@ namespace ASC.Web.Studio.Core.Notify
|
||||
|
||||
public void SendMsgProfileDeletion(int tenantId, UserInfo user)
|
||||
{
|
||||
var confirmationUrl = CommonLinkUtility.GetConfirmationUrl(tenantId, user.Email, ConfirmType.ProfileRemove, null, SecurityContext.CurrentAccount.ID);
|
||||
var confirmationUrl = CommonLinkUtility.GetConfirmationUrl(tenantId, user.Email, ConfirmType.ProfileRemove, SecurityContext.CurrentAccount.ID, SecurityContext.CurrentAccount.ID);
|
||||
|
||||
static string greenButtonText() => CoreContext.Configuration.Personal ? WebstudioNotifyPatternResource.ButtonConfirmTermination : WebstudioNotifyPatternResource.ButtonRemoveProfile;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user