public async Task <User> UpdateUserInfo(User user, UserAdminEditDto info)
{
user.Username = info.Username ?? user.Username;
user.IsAdmin = info.IsAdmin ?? user.IsAdmin;
if (!string.IsNullOrWhiteSpace(info.Password))
{
AuthRepository.CreatePasswordHash(info.Password, out var passwordHash, out var passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
}
await _context.SaveChangesAsync();
return(user);
}
public async Task <ActionResult <UserDetailDto> > AdminUpdateUser(int userId, UserAdminEditDto editInfo)
{
int reqUserId = this.GetRequestUserId();
if (await _userRepo.IsAdmin(reqUserId) == false)
{
return(Unauthorized());
}
// Check if User exists
var user = await _userRepo.GetUserById(userId);
if (user == null)
{
return(NotFound());
}
// Check if username is unique if one is passed
// ONLY if its not the same as we already had
if (!string.IsNullOrWhiteSpace(editInfo.Username) && !user.Username.Equals(editInfo.Username, StringComparison.OrdinalIgnoreCase))
{
if (await _authRepo.UserExistsByUsername(editInfo.Username))
{
return(BadRequest("Username already exists"));
}
}
// Update user info
var userToRet = await _userRepo.UpdateUserInfo(user, editInfo);
var ret = _mapper.Map <UserDetailDto>(userToRet);
return(Ok(ret));
}
