public async Task <IActionResult> UserUpdateRoles(string id, [FromBody] UserRoleUpdateModel model)
{
if (!ModelState.IsValid)
{
return(BadModelResponse());
}
return(Ok(await _userManager.UpdateRoles(id, model)));
}
public async Task <ServiceResult> UpdateRole(Guid id, [FromBody] UserRoleUpdateModel apiEntity)
{
var result = await _userService.UpdateRoleAsync(id, apiEntity.NewRole);
if (result.TryCastModel(out AppUser user))
{
result.ViewModel = UserViewModel.Map(user);
}
return(result);
}
public IActionResult PutUserRole(int id, [FromBody] UserRoleUpdateModel model)
{
try
{
// Map model to entity and set id
var user = _mapper.Map <User>(model);
user.Id = id;
// Update
_userService.Update(user, null);
return(Ok());
}
catch (Exception ex)
{
// Return error message if there was an exception
return(BadRequest(new { message = ex.Message }));
}
}
public async Task <ApiOkResult> UpdateRoles(string id, UserRoleUpdateModel model)
{
if (!_userRoles.Contains(UserRoles.ADMIN))
{
throw new AccessDeniedException(id, typeof(AppUser));
}
if (id == _userId && !model.Roles.Contains(UserRoles.ADMIN))
{
throw new AccessDeniedException(id, typeof(AppUser), "Can not remove admin role");
}
var targetUser = await _appUserManager.FindByIdAsync(id);
if (targetUser == null)
{
throw new EntityNotFoundException(id, typeof(AppUser));
}
var existsRoles = await _appUserManager.GetRolesAsync(targetUser);
var toAdd = model.Roles.Where(x => !existsRoles.Contains(x)).ToList();
var toDelete = existsRoles.Where(x => !model.Roles.Contains(x)).ToList();
if (toAdd.Any())
{
await _appUserManager.AddToRolesAsync(targetUser, toAdd);
}
if (toDelete.Any())
{
await _appUserManager.RemoveFromRolesAsync(targetUser, toDelete);
}
return(new ApiOkResult());
}
