fix: account delegation & login

modules/account/src/Passingwind.Abp.Account.Application.Contracts/AccountUserDelegationCreateDto.cs

@@ -1,10 +1,25 @@
 using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
 
 namespace Passingwind.Abp.Account;
 
-public class AccountUserDelegationCreateDto
+public class AccountUserDelegationCreateDto : IValidatableObject
 {
     public Guid UserId { get; set; }
+
+    [Required]
     public DateTime StartTime { get; set; }
+    [Required]
     public DateTime EndTime { get; set; }
+
+    public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
+    {
+        if (StartTime > EndTime)
+        {
+            yield return new ValidationResult(
+                "The start time cannot be greater than the end time",
+                new[] { nameof(StartTime), nameof(EndTime) });
+        }
+    }
 }

modules/account/src/Passingwind.Abp.Account.Application.Contracts/IAccountImpersonationAppService.cs

@@ -24,8 +24,8 @@ public interface IAccountImpersonationAppService : IApplicationService
     Task LinkLoginAsync(Guid userId);
 
     /// <summary>
-    ///  delegation login
+    ///  Delegation login
     /// </summary>
-    /// <param name="userId"></param>
-    Task DelegationLoginAsync(Guid userId);
+    /// <param name="id"></param>
+    Task DelegationLoginAsync(Guid id);
 }

modules/account/src/Passingwind.Abp.Account.Application.Contracts/IAccountUserDelegationAppService.cs

@@ -7,13 +7,31 @@ namespace Passingwind.Abp.Account;
 
 public interface IAccountUserDelegationAppService : IApplicationService
 {
-    Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegationListAsync();
+    /// <summary>
+    ///  Get delegated users
+    /// </summary>
+    Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegatedListAsync();
 
+    /// <summary>
+    ///  Get my delegated users
+    /// </summary>
     Task<ListResultDto<AccountUserDelegationDto>> GetDelegatedListAsync();
 
+    /// <summary>
+    ///  Create new delegation
+    /// </summary>
+    /// <param name="input"></param>
     Task CreateAsync(AccountUserDelegationCreateDto input);
 
+    /// <summary>
+    ///  Delete delegation by id
+    /// </summary>
+    /// <param name="id"></param>
     Task DeleteAsync(Guid id);
 
+    /// <summary>
+    ///  Search user
+    /// </summary>
+    /// <param name="filter"></param>
     Task<ListResultDto<UserBasicDto>> UserLookupAsync(string? filter = null);
 }

modules/account/src/Passingwind.Abp.Account.Application.Contracts/UserBasicDto.cs

@@ -9,4 +9,5 @@ public class UserBasicDto : EntityDto<Guid>
     public string? Name { get; set; }
     public string? SurName { get; set; }
     public string? Email { get; set; }
+    public bool IsActive { get; set; }
 }

modules/account/src/Passingwind.Abp.Account.Application/AccountImpersonationAppService.cs

@@ -1,6 +1,5 @@
 using System;
 using System.Collections.Generic;
-using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
@@ -65,9 +64,9 @@ public virtual async Task LogoutAsync()
 
         await IdentityOptions.SetAsync();
 
-        var user = await UserManager.FindByIdAsync(userId.Value.ToString());
+        var user = await UserManager.FindByIdAsync(userId.Value.ToString()) ?? throw new UserNotFoundException();
 
-        await SignInManager.SignInAsync(user!, false);
+        await SignInManager.SignInAsync(user, false);
     }
 
     [Authorize(IdentityPermissionNamesV2.Users.Impersonation)]
@@ -101,10 +100,10 @@ public virtual async Task LinkLoginAsync(Guid userId)
 
         if (await LinkUserManager.IsLinkedAsync(source, target, true))
         {
-            await ImpersonateLoginAsync(user);
-
             Logger.LogInformation("User with id '{0}' has been link login by user id '{1}'", user.Id, source.UserId);
 
+            await ImpersonateLoginAsync(user);
+
             await SecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
             {
                 Identity = IdentitySecurityLogIdentityConsts.Identity,
@@ -119,21 +118,23 @@ await SecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
         }
     }
 
-    public virtual async Task DelegationLoginAsync(Guid userId)
+    public virtual async Task DelegationLoginAsync(Guid id)
     {
-        var delegations = await UserDelegationManager.GetActiveDelegationsAsync(CurrentUser.GetId());
+        var delegation = await UserDelegationManager.FindActiveDelegationByIdAsync(id);
 
-        if (!delegations.Any(x => x.SourceUserId == userId))
+        // check the delegated is for me.
+        if (delegation == null || delegation.TargetUserId != CurrentUser.GetId())
         {
             throw new BusinessException(AccountErrorCodes.UserNotDelegated);
         }
 
-        var user = await UserManager.GetByIdAsync(userId);
-
-        await ImpersonateLoginAsync(user);
+        // Get the delegation source user 
+        var user = await UserManager.GetByIdAsync(delegation.SourceUserId);
 
         Logger.LogInformation("User with id '{0}' has been delegation login by user id '{1}'", user.Id, CurrentUser.GetId());
 
+        await ImpersonateLoginAsync(user);
+
         await SecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
         {
             Identity = IdentitySecurityLogIdentityConsts.Identity,

modules/account/src/Passingwind.Abp.Account.Application/AccountUserDelegationAppService.cs

@@ -22,28 +22,8 @@ public AccountUserDelegationAppService(IIdentityUserRepository userRepository, I
         UserDelegationManager = userDelegationManager;
     }
 
-    public virtual async Task CreateAsync(AccountUserDelegationCreateDto input)
-    {
-        if (CurrentUser.FindImpersonatorUserId().HasValue)
-        {
-            throw new BusinessException(AccountErrorCodes.UserActionDisabledInDelegatedMode);
-        }
-
-        var user = await UserRepository.FindAsync(input.UserId);
-
-        if (user == null)
-        {
-            throw new BusinessException(AccountErrorCodes.UserNotFound);
-        }
-
-        await UserDelegationManager.DelegateNewUserAsync(
-            sourceUserId: CurrentUser.GetId(),
-            targetUserId: input.UserId,
-            startTime: input.StartTime,
-            endTime: input.EndTime);
-    }
-
-    public virtual async Task<ListResultDto<AccountUserDelegationDto>> GetDelegatedListAsync()
+    /// <inheritdoc/>
+    public virtual async Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegatedListAsync()
     {
         var list = await UserDelegationManager.GetListAsync(targetUserId: CurrentUser.GetId());
 
@@ -60,7 +40,8 @@ public virtual async Task<ListResultDto<AccountUserDelegationDto>> GetDelegatedL
         }));
     }
 
-    public virtual async Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegationListAsync()
+    /// <inheritdoc/>
+    public virtual async Task<ListResultDto<AccountUserDelegationDto>> GetDelegatedListAsync()
     {
         var list = await UserDelegationManager.GetListAsync(sourceUserId: CurrentUser.GetId());
 
@@ -77,6 +58,34 @@ public virtual async Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegati
         }));
     }
 
+    /// <inheritdoc/>
+    public virtual async Task CreateAsync(AccountUserDelegationCreateDto input)
+    {
+        if (CurrentUser.FindImpersonatorUserId().HasValue)
+        {
+            throw new BusinessException(AccountErrorCodes.UserActionDisabledInDelegatedMode);
+        }
+
+        if (CurrentUser.Id == input.UserId)
+        {
+            throw new BusinessException(AccountErrorCodes.UserNotFound);
+        }
+
+        var user = await UserRepository.FindAsync(input.UserId);
+
+        if (user == null)
+        {
+            throw new BusinessException(AccountErrorCodes.UserNotFound);
+        }
+
+        await UserDelegationManager.DelegateNewUserAsync(
+            sourceUserId: CurrentUser.GetId(),
+            targetUserId: input.UserId,
+            startTime: input.StartTime,
+            endTime: input.EndTime);
+    }
+
+    /// <inheritdoc/>
     public virtual async Task DeleteAsync(Guid id)
     {
         if (CurrentUser.FindImpersonatorUserId().HasValue)
@@ -87,6 +96,7 @@ public virtual async Task DeleteAsync(Guid id)
         await UserDelegationManager.DeleteDelegationAsync(id, CurrentUser.GetId());
     }
 
+    /// <inheritdoc/>
     public virtual async Task<ListResultDto<UserBasicDto>> UserLookupAsync(string? filter = null)
     {
         var list = await UserRepository.GetListAsync(sorting: nameof(IdentityUser.UserName), maxResultCount: 10, filter: filter);

modules/account/src/Passingwind.Abp.Account.HttpApi/AccountImpersonationController.cs

@@ -25,7 +25,7 @@ public virtual Task LoginAsync(Guid userId)
     }
 
     /// <inheritdoc/>
-    [HttpPost("{userId}/link-login")]
+    [HttpPost("link/users/{userId}/login")]
     public virtual Task LinkLoginAsync(Guid userId)
     {
         return _service.LinkLoginAsync(userId);
@@ -39,9 +39,9 @@ public virtual Task LogoutAsync()
     }
 
     /// <inheritdoc/>
-    [HttpPost("{userId}/delegation-login")]
-    public virtual Task DelegationLoginAsync(Guid userId)
+    [HttpPost("delegations/{id}/login")]
+    public virtual Task DelegationLoginAsync(Guid id)
     {
-        return _service.DelegationLoginAsync(userId);
+        return _service.DelegationLoginAsync(id);
     }
 }

modules/account/src/Passingwind.Abp.Account.HttpApi/AccountUserDelegationController.cs

@@ -19,10 +19,10 @@ public AccountUserDelegationController(IAccountUserDelegationAppService service)
     }
 
     /// <inheritdoc/>
-    [HttpGet("my-delegations")]
-    public virtual Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegationListAsync()
+    [HttpGet("my-delegateds")]
+    public virtual Task<ListResultDto<AccountUserDelegationDto>> GetMyDelegatedListAsync()
     {
-        return _service.GetMyDelegationListAsync();
+        return _service.GetMyDelegatedListAsync();
     }
 
     /// <inheritdoc/>