public async Task <ActionResult> GetByRole(string roleId)
        {
            //If User is not an Admin, and passed the Admin RoleId, return Forbidden
            if (!User.IsInRole(AdministratorRoleName) && roleId == AdministratorRoleId)
            {
                return(Forbid());
            }

            //Check if the role is valid before going on
            if (!ValidateRole(roleId))
            {
                return(BadRequest("The provided roleId is not valid"));
            }

            //Get users in DB and filter by roleId
            var users = await userManager.GetUsersInRoleAsync(RoleHelper.GetRoleName(roleId));

            //Order by Username, then convert to Dto
            var dtos = users
                       .Select(u => UserDto.ConvertBack(u, roleId))
                       .OrderBy(u => u.UserName)
                       .ToArray();

            return(Ok(dtos));
        }
        public async Task <IActionResult> GetAll()
        {
            bool isAdmin = User.IsInRole(AdministratorRoleName);

            //Start by getting a list of User IDs with Role IDs
            var userWithRoles = await dbContext.UserRoles
                                .ToDictionaryAsync
                                (
                ur => ur.UserId,
                ur => ur.RoleId
                                );

            //Initialize query by getting all users
            var users = await dbContext.Users.ToListAsync();

            //Convert Models into Dtos
            var dtos = users
                       .Select(u => UserDto.ConvertBack(u, userWithRoles.ContainsKey(u.Id) ? userWithRoles[u.Id] : null))
                       .ToArray();

            //Order by RoleId and then by Username
            dtos = dtos
                   .Where(u => u.Role != null && (isAdmin || u.Role.Id != AdministratorRoleId)) //If not an Administrator, filter non-Administrator Users
                   .OrderBy(u => u.Role.Id)
                   .ThenBy(u => u.UserName)
                   .ToArray();

            return(Ok(dtos));
        }
        public async Task <ActionResult> Get(string username)
        {
            var userInDb = await userManager.FindByNameAsync(username);

            if (userInDb == null)
            {
                return(NotFound());
            }

            string roleName = await GetUserRoleName(userInDb);

            if (User.IsInRole(UserManagerRoleName) && roleName == AdministratorRoleName)
            {
                return(Forbid());
            }

            return(Ok(UserDto.ConvertBack(userInDb, RoleHelper.GetRoleId(roleName))));
        }