public ActionResult UserRoles(string id)
{
var Db = DatabaseFactory.Get();
var user = Db.Users.First(u => u.Id == id);
var model = new SelectUserRolesViewModel(user, DatabaseFactory);
return View(model);
}
public async Task<ActionResult> UserRoles(SelectUserRolesViewModel model)
{
if (ModelState.IsValid)
{
IdentityResult result;
foreach (SelectRoleEditorViewModel role in model.Roles)
{
// Only administrators can provide administrator access
bool isAdminRestricted = !User.IsInRole("Administrator") && role.RoleName == "Administrator" ? true : false;
bool isUserInRole = await UserManager.IsInRoleAsync(model.UserId, role.RoleName);
// If role is deselected & user is assigned to this role - remove role from user
if (isAdminRestricted)
{
// TODO: provide error reporting - must be an administrator to modify administrator accounts
}
else if (!role.Selected && isUserInRole)
{
result = await UserManager.RemoveFromRoleAsync(model.UserId, role.RoleName);
if (!result.Succeeded)
{
// TODO: provide error reporting
}
}
else if (role.Selected && !isUserInRole)
{
result = await UserManager.AddToRoleAsync(model.UserId, role.RoleName);
if (!result.Succeeded)
{
// TODO: provide error reporting
}
}
else
{
// TODO: provide error reporting
}
}
// Display user account index view
return RedirectToAction("index");
}
// Re-display current user roles view
return View();
}
public async Task<ActionResult> UserRoles(SelectUserRolesViewModel model)
{
if (ModelState.IsValid)
{
var user = await UserManager.FindByIdAsync(model.UserId);
foreach (var role in model.Roles)
{
bool iNoEdit = User.IsInRole("Manager") && role.RoleName == "Administrator" ? true : false;
bool iEdit = await UserManager.IsInRoleAsync(user.Id, role.RoleName);
if (!role.Selected && !iNoEdit)
{
if (iEdit) await UserManager.RemoveFromRoleAsync(user.Id, role.RoleName);
}
else
{
if (!iEdit && !iNoEdit) await UserManager.AddToRoleAsync(user.Id, role.RoleName);
}
}
return RedirectToAction("index");
}
return View();
}