public async Task <IActionResult> AddUserToProject([FromBody] AddUserToProjectForm form)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var email = User.Identity.Name;
var isSuccess = await _db.AddUserToProjectAsync(email, form);
if (!isSuccess)
{
return(BadRequest(_db.Projects.GetError()));
}
return(Ok("Success!"));
}
public static async Task <bool> AddUserToProjectAsync(this ProjectContext db, string fromEmail, AddUserToProjectForm form)
{
var fromUser = await db.Users.FirstOrDefaultAsync(x => x.Email.Equals(fromEmail, StringComparison.OrdinalIgnoreCase));
var toUser = await db.Users.FirstOrDefaultAsync(x => x.Email.Equals(form.UserEmail, StringComparison.OrdinalIgnoreCase));
if (fromUser == null || toUser == null)
{
_code = ControllerErrorCode.UserNotFound;
return(false);
}
var project = await db.Projects.FirstOrDefaultAsync(x => x.Id == form.ProjectId);
if (project == null)
{
_code = ControllerErrorCode.ProjectNotFound;
return(false);
}
var fromUserRole = db.Roles.AsNoTracking().FirstOrDefault(x => x.User.Id == fromUser.Id && x.Project.Id == project.Id);
var toUserRole = db.Roles.FirstOrDefault(x => x.Project.Id == form.ProjectId && x.User.Id == toUser.Id);
if (fromUserRole == null || fromUserRole.Type != ProjectUserRole.ProjectManager)
{
_code = ControllerErrorCode.PermissionsDenied;
return(false);
}
if (toUserRole != null)
{
db.Remove(toUserRole);
}
var newRole = new Role()
{
Project = project,
User = toUser,
Type = form.Role
};
await db.Roles.AddAsync(newRole);
await db.SaveChangesAsync();
return(true);
}
