public static async Task UpdateUserAsync(SGContext context, LoginToken token, User user)
{
var role = new UserRole(token.User.RawRole);
if (role.IsAdmin || user.Id == token.UserId)
{
var existingRecord = await QuickGetUserNoAuthCheckAsync(context, null, user.Id);
if (existingRecord != null)
{
if (user.RawRole != existingRecord.RawRole && !role.IsAdmin)
{
throw new Exception("Only administrators may change the user's role");
}
if (!UserRole.RoleIsValid(user.RawRole))
{
throw new Exception("The new user role is invalid.");
}
if (user.Active != existingRecord.Active && !role.IsAdmin)
{
throw new Exception("Only administrators may change the user's active status");
}
if (user.Id != existingRecord.Id)
{
throw new Exception("User ID updates are not allowed");
}
existingRecord.Email = user.Email;
existingRecord.DisplayName = user.DisplayName;
existingRecord.RawRole = user.RawRole;
context.users.Update(existingRecord);
await context.SaveChangesAsync();
}
}
}
public static bool IsAnonymous(this LoginToken token)
{
return(token.Id == LoginToken.AnonymousLoginId);
}
