public async Task <IActionResult> GetUsersInSchool(int id)
{
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
string[] roles = { "Admin", "SchoolAdmin" };
var schoolRepo = new SchoolRepository();
if (!schoolRepo.GetAll().Select(x => x.Id).Contains(id))
{
return(BadRequest("Not such id"));
}
if (RoleService.CheckRoles(token, roles, _userManager))
{
if (RoleService.CheckRole(token, "Admin", _userManager))
{
if (id == 0)
{
var detailsRepo = new UserDetailsRepository();
var result = detailsRepo.GetAll().Select(x => UserSummaryFactory
.CreateSummary(x, _userManager.FindByIdAsync(x.UserId).Result)).ToList();
return(Ok(result));
}
else
{
try
{
var school = schoolRepo.GetAll().First(x => x.Id == id);
var result = school.Users.Select(x => UserSummaryFactory
.CreateSummary(x, _userManager.FindByIdAsync(x.UserId).Result)).ToList();
return(Ok(result));
}
catch (Exception e)
{
NotFound(e.Message);
}
}
}
else
{
try
{
var school = schoolRepo.GetAll().First(x => x.Id == id);
var result = school.Users.Select(x => UserSummaryFactory
.CreateSummary(x, _userManager.FindByIdAsync(x.UserId).Result)).ToList();
return(Ok(result));
}
catch (Exception e)
{
NotFound(e.Message);
}
}
}
return(Unauthorized("Only Admin, SchoolAdmin have access to this controller."));
}
public async Task<IActionResult> Create(UserInput input)
{
var user = new User {UserName = input.Username, Email = input.Email};
var result = await _userManager.CreateAsync(user, input.Password);
if (result.Succeeded)
{
await _userManager.AddToRoleAsync(_userManager.FindByEmailAsync(input.Email).Result, "User");
//Adds UserDetails for newly added user
var repo = new UserDetailsRepository();
var userDetails = new UserDetails();
userDetails.UserId = _userManager.FindByEmailAsync(input.Email).Result.Id;
repo.Add(userDetails);
var detailsId = repo.GetAll()
.First(x => x.UserId == _userManager.FindByEmailAsync(input.Email).Result.Id).Id;
user.DetailsId = detailsId;
await _userManager.UpdateAsync(user);
_logger.LogInformation("Account Created",user);
return Ok();
}
return BadRequest(result.Errors);
}
public async Task <IActionResult> Add(UserSchoolInput input)
{
string[] roles = { "Admin", "SchoolAdmin" };
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
if (RoleService.CheckRoles(token, roles, _userManager))
{
var userDetailsRepo = new UserDetailsRepository();
var userDetails = userDetailsRepo.GetAll().First(x => x.UserId == input.UserId);
userDetails.SchoolId = input.SchoolId;
userDetailsRepo.Edit(userDetails);
return(Ok());
}
return(Unauthorized("Only Admin, SchoolAdmin have access to this controller."));
}
public async Task <IActionResult> Get()
{
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
string[] roles = { "User", "Admin", "SchoolAdmin" };
var repo = new CandidacyRepository();
var detailsRepo = new UserDetailsRepository();
//Gets UserId(sub) fro token;
var handler = new JwtSecurityTokenHandler();
var sub = handler.ReadJwtToken(token).Payload.Sub;
var schoolId = detailsRepo.GetAll().First(x => x.UserId == sub).SchoolId;
if (RoleService.CheckRoles(token, roles, _userManager))
{
var result = repo.GetAll().Where(x => detailsRepo.GetById(x.OwnerId.GetValueOrDefault()).SchoolId == schoolId).ToList();
return(Ok(result));
}
return(Unauthorized());
}
