public async Task <IActionResult> Register([FromBody] UserEditDto newUserDto)
{
if (newUserDto == null)
{
return(BadRequest($"{nameof(newUserDto)} cannot be null"));
}
if (newUserDto.NewPassword == null)
{
return(BadRequest("NewPassword may not be null"));
}
Guid[] newUserRolesGuids = null;
try
{
newUserRolesGuids = newUserDto.Roles.Select(r => Guid.Parse(r.Id)).ToArray();
}
catch
{
return(BadRequest("Cannot parse GUIDs of the new user's roles"));
}
var success = (await _authorizationService.AuthorizeAsync(
User,
new UserRoleChange {
NewRoles = newUserRolesGuids, CurrentRoles = new Guid[] { }
},
Policies.AssignAllowedRolesPolicy)).Succeeded;
if (!success)
{
return(Forbid());
}
ApplicationUser appUser = _mapper.Map <ApplicationUser>(newUserDto);
var result = await _accountManager.CreateUserAsync(appUser, newUserDto.Roles.Select(r => Guid.Parse(r.Id)), newUserDto.NewPassword);
if (result.success)
{
UserDto userVM = await GetUserViewModelHelper(appUser.Id);
return(CreatedAtAction(GetUserByIdActionName, new { id = userVM.Id }, userVM));
}
AddErrors(result.errors);
return(BadRequest(ModelState));
}
