public async Task <IActionResult> Login(ApplicationUserViewModels model, string returnUrl)
{
var userRecord = await this.applicationUserService.LoginAsync(model.UserId, model.Password);
if (userRecord == null)
{
this.ViewBag.LoginError = Messages.LoginFailed;
return(this.View());
}
var claimIdentity = new ClaimsIdentity(Constants.ApplicationAdminCookies, ClaimTypes.Name, ClaimTypes.Role);
claimIdentity.AddClaim(new Claim(ClaimTypes.Sid, userRecord.Id.ToString()));
claimIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userRecord.UserId));
claimIdentity.AddClaim(new Claim(ClaimTypes.Role, Constants.AdminRole));
claimIdentity.AddClaim(new Claim(ClaimTypes.Name, userRecord.Name));
await this.HttpContext.SignInAsync(Constants.ApplicationAdminCookies, new ClaimsPrincipal(claimIdentity));
if (!string.IsNullOrEmpty(returnUrl) && returnUrl != "/admin/account/logout?index=login")
{
return(this.LocalRedirect(returnUrl));
}
return(this.RedirectToRoute(Constants.RouteArea, new { controller = "dashboard", action = "index", area = Constants.AreaAdmin }));
}
public async Task<ActionResult> Edit(ApplicationUserViewModels.EditViewModel editModel, ControllableViewModelParams modelParams)
{
if (ModelState.IsValid)
{
do
{
var currentUser = await UserManager.FindByIdAsync(editModel.UserId);
if (currentUser == null)
{
return HttpNotFound();
}
var adminRole = await RoleManager.FindByNameAsync(AppConstants.UserRole.Administrator);
var currentUserRolesIds = currentUser.Roles.Select(x => x.RoleId).ToList();
// if user is currently stored having the Administrator role
var isThisUserAnAdmin = currentUserRolesIds.Contains(adminRole.Id);
// and the user did not have Administrator role checked
var isThisUserAdminDeselected = editModel.SelectedRoles.All(roleId => roleId != adminRole.Id);
// and the current stored count of users with Administrator role == 1
var isOnlyOneUserAnAdmin = adminRole.Users.Count == 1;
// then prevent the removal of the Administrator role.
if (isThisUserAnAdmin && isThisUserAdminDeselected && isOnlyOneUserAnAdmin)
{
ModelState.AddModelError("", "At least one user must retain the 'administrator' role.");
break;
}
if (currentUser.LockoutEnabled != editModel.LockoutEnabled)
{
currentUser.LockoutEnabled = editModel.LockoutEnabled;
var result = await UserManager.UpdateAsync(currentUser);
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
break;
}
}
var allRoles = await RoleManager.Roles.ToListAsync();
var deletedRolesIds = currentUserRolesIds.Except(editModel.SelectedRoles).ToList();
if (deletedRolesIds.Any())
{
var rolesToRemove = allRoles
.Where(x => deletedRolesIds.Contains(x.Id)).Select(x => x.Name)
.ToArray();
var result = await UserManager.RemoveFromRolesAsync(currentUser.Id, rolesToRemove);
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
break;
}
}
var newRolesIds = editModel.SelectedRoles.Except(currentUserRolesIds).ToArray();
if (newRolesIds.Any())
{
var rolesToAdd = allRoles
.Where(x => newRolesIds.Contains(x.Id)).Select(x => x.Name)
.ToArray();
var result = await UserManager.AddToRolesAsync(currentUser.Id, rolesToAdd);
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
break;
}
}
return RedirectToAction("Index", modelParams);
#pragma warning disable 162
} while (false);
#pragma warning restore 162
}
editModel.RoleList = await RoleManager.Roles
.Select(x => new SelectListItem
{
Text = x.Name,
Value = x.Id
}).ToListAsync();
return View(editModel);
}
