public UserRole Post([FromBody] UserRole userRole) { var role = _roles.GetRole(userRole.RoleId); if (ModelState.IsValid && role != null && role.SiteId == _alias.SiteId && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host)) { if (role.Name == RoleNames.Host) { // host roles can only exist at global level - remove all site specific user roles _userRoles.DeleteUserRoles(userRole.UserId); _logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Roles Deleted For UserId {UserId}", userRole.UserId); } userRole = _userRoles.AddUserRole(userRole); _logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole); _syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userRole.UserId); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized UserRole Post Attempt {UserRole}", userRole); HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; userRole = null; } return(userRole); }
public UserRole Post([FromBody] UserRole userRole) { var role = _roles.GetRole(userRole.RoleId); if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host)) { if (role.Name == RoleNames.Host) { // host roles can only exist at global level - remove all site specific user roles _userRoles.DeleteUserRoles(userRole.UserId); _logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Roles Deleted For UserId {UserId}", userRole.UserId); } userRole = _userRoles.AddUserRole(userRole); _logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole); _syncManager.AddSyncEvent(_alias.TenantId, EntityNames.User, userRole.UserId); } return(userRole); }