diff --git a/src/RoleEditor/MainWindow.xaml.cs b/src/RoleEditor/MainWindow.xaml.cs index d2c511a..78a73b9 100644 --- a/src/RoleEditor/MainWindow.xaml.cs +++ b/src/RoleEditor/MainWindow.xaml.cs @@ -17,6 +17,9 @@ using System.Windows.Shapes; using System.Collections.ObjectModel; using brecal.model; using brecal.mysql; +using System.Security.Cryptography; +using System.Security.Policy; +using System.Windows.Markup; namespace RoleEditor { @@ -84,7 +87,27 @@ namespace RoleEditor private void buttonUserSave_Click(object sender, RoutedEventArgs e) { - + User? u = this.listBoxUser.SelectedItem as User; + if(u != null) + { + u.Firstname = this.textBoxUserFirstName.Text.Trim(); + u.Lastname = this.textBoxUserLastName.Text.Trim(); + u.Username = this.textBoxUserUserName.Text.Trim(); + if(this.textBoxUserPassword.Text.Trim().Length > 0 ) + { + var data = Encoding.UTF8.GetBytes(this.textBoxUserPassword.Text.Trim()); + using SHA512 sha = SHA512.Create(); + byte[] hashedInputBytes = sha.ComputeHash(data); + var hashedInputStringBuilder = new StringBuilder(128); + foreach (var b in hashedInputBytes) + hashedInputStringBuilder.Append(b.ToString("X2")); + u.PasswordHash = hashedInputStringBuilder.ToString(); + } + u.APIKey = this.textBoxUserAPIKey.Text.Trim(); + u.Save(_dbManager); + this.listBoxUser.ItemsSource = null; + this.listBoxUser.ItemsSource = _users; + } } private void buttonAddRole_Click(object sender, RoutedEventArgs e) @@ -153,7 +176,7 @@ namespace RoleEditor this.textBoxUserAPIKey.Text = (u != null) ? u.APIKey : string.Empty; this.textBoxUserCreated.Text = (u != null) ? u.Created.ToString() : string.Empty; this.textBoxUserModified.Text = (u != null) ? u.Modified.ToString() : string.Empty; - + this.textBoxUserPassword.Text = string.Empty; } private void listBoxSecurables_SelectionChanged(object sender, SelectionChangedEventArgs e) diff --git a/src/brecal.model/DbEntity.cs b/src/brecal.model/DbEntity.cs index 1b9b57a..dd0b778 100644 --- a/src/brecal.model/DbEntity.cs +++ b/src/brecal.model/DbEntity.cs @@ -48,9 +48,13 @@ namespace brecal.model public async void Save(IDBManager manager) { if (this.Created.HasValue) + { await manager.ExecuteNonQuery(this.SetUpdate); + } else - await manager.ExecuteNonQuery(this.SetCreate); + { + this.Id = (uint)await manager.ExecuteNonQuery(this.SetCreate); + } } /// diff --git a/src/brecal.model/User.cs b/src/brecal.model/User.cs index 38759c8..7386457 100644 --- a/src/brecal.model/User.cs +++ b/src/brecal.model/User.cs @@ -66,17 +66,27 @@ namespace brecal.model public override void SetUpdate(IDbCommand cmd) { - throw new NotImplementedException(); + if(!string.IsNullOrEmpty(this.PasswordHash)) + cmd.CommandText = "UPDATE user SET first_name = @FIRSTNAME, last_name = @LASTNAME, user_name = @USERNAME, password_hash = @PWHASH, api_key = @APIKEY WHERE id = @ID"; + else + cmd.CommandText = "UPDATE user SET first_name = @FIRSTNAME, last_name = @LASTNAME, user_name = @USERNAME, api_key = @APIKEY WHERE id = @ID"; + this.SetParameters(cmd); } public override void SetCreate(IDbCommand cmd) - { - throw new NotImplementedException(); + { + cmd.CommandText = "INSERT INTO user (participant_id, first_name, last_name, user_name, password_hash, api_key) VALUES ( @PID, @FIRSTNAME, @LASTNAME, @USERNAME, @PWHASH, @APIKEY)"; + this.SetParameters(cmd); } public override void SetDelete(IDbCommand cmd) { - throw new NotImplementedException(); + cmd.CommandText = "DELETE FROM user WHERE id = @ID"; + + IDataParameter idParam = cmd.CreateParameter(); + idParam.ParameterName = "ID"; + idParam.Value = this.Id; + cmd.Parameters.Add(idParam); } public override string ToString() @@ -84,7 +94,47 @@ namespace brecal.model return this.Username ?? $"{base.Id} - {this.GetType().Name}"; } - + #endregion + + #region private methods + + private void SetParameters(IDbCommand cmd) + { + IDbDataParameter id = cmd.CreateParameter(); + id.ParameterName = "ID"; + id.Value = this.Id; + cmd.Parameters.Add(id); + + IDbDataParameter pid = cmd.CreateParameter(); + pid.ParameterName = "PID"; + pid.Value = this.Participant_Id; + cmd.Parameters.Add(pid); + + IDbDataParameter firstname = cmd.CreateParameter(); + firstname.ParameterName = "FIRSTNAME"; + firstname.Value = this.Firstname; + cmd.Parameters.Add(firstname); + + IDbDataParameter lastname = cmd.CreateParameter(); + lastname.ParameterName = "LASTNAME"; + lastname.Value = this.Lastname; + cmd.Parameters.Add(lastname); + + IDbDataParameter username = cmd.CreateParameter(); + username.ParameterName = "USERNAME"; + username.Value = this.Username; + cmd.Parameters.Add(username); + + IDbDataParameter pwhash = cmd.CreateParameter(); + pwhash.ParameterName = "PWHASH"; + pwhash.Value = this.PasswordHash; + cmd.Parameters.Add(pwhash); + + IDbDataParameter apikey = cmd.CreateParameter(); + apikey.ParameterName = "APIKEY"; + apikey.Value = this.APIKey; + cmd.Parameters.Add(apikey); + } #endregion diff --git a/src/brecal.mysql/DBManager.cs b/src/brecal.mysql/DBManager.cs index b26c1c2..0e6972d 100644 --- a/src/brecal.mysql/DBManager.cs +++ b/src/brecal.mysql/DBManager.cs @@ -44,7 +44,8 @@ namespace brecal.mysql using MySqlCommand cmd = new(); cmd.Connection = connection; prepareAction(cmd); - int result = await cmd.ExecuteNonQueryAsync(); + await cmd.ExecuteNonQueryAsync(); + int result = (int)cmd.LastInsertedId; return result; }