public async Task <IActionResult> Login(ApplicationUserViewModels model, string returnUrl) { var userRecord = await this.applicationUserService.LoginAsync(model.UserId, model.Password); if (userRecord == null) { this.ViewBag.LoginError = Messages.LoginFailed; return(this.View()); } var claimIdentity = new ClaimsIdentity(Constants.ApplicationAdminCookies, ClaimTypes.Name, ClaimTypes.Role); claimIdentity.AddClaim(new Claim(ClaimTypes.Sid, userRecord.Id.ToString())); claimIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userRecord.UserId)); claimIdentity.AddClaim(new Claim(ClaimTypes.Role, Constants.AdminRole)); claimIdentity.AddClaim(new Claim(ClaimTypes.Name, userRecord.Name)); await this.HttpContext.SignInAsync(Constants.ApplicationAdminCookies, new ClaimsPrincipal(claimIdentity)); if (!string.IsNullOrEmpty(returnUrl) && returnUrl != "/admin/account/logout?index=login") { return(this.LocalRedirect(returnUrl)); } return(this.RedirectToRoute(Constants.RouteArea, new { controller = "dashboard", action = "index", area = Constants.AreaAdmin })); }
public async Task<ActionResult> Edit(ApplicationUserViewModels.EditViewModel editModel, ControllableViewModelParams modelParams) { if (ModelState.IsValid) { do { var currentUser = await UserManager.FindByIdAsync(editModel.UserId); if (currentUser == null) { return HttpNotFound(); } var adminRole = await RoleManager.FindByNameAsync(AppConstants.UserRole.Administrator); var currentUserRolesIds = currentUser.Roles.Select(x => x.RoleId).ToList(); // if user is currently stored having the Administrator role var isThisUserAnAdmin = currentUserRolesIds.Contains(adminRole.Id); // and the user did not have Administrator role checked var isThisUserAdminDeselected = editModel.SelectedRoles.All(roleId => roleId != adminRole.Id); // and the current stored count of users with Administrator role == 1 var isOnlyOneUserAnAdmin = adminRole.Users.Count == 1; // then prevent the removal of the Administrator role. if (isThisUserAnAdmin && isThisUserAdminDeselected && isOnlyOneUserAnAdmin) { ModelState.AddModelError("", "At least one user must retain the 'administrator' role."); break; } if (currentUser.LockoutEnabled != editModel.LockoutEnabled) { currentUser.LockoutEnabled = editModel.LockoutEnabled; var result = await UserManager.UpdateAsync(currentUser); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); break; } } var allRoles = await RoleManager.Roles.ToListAsync(); var deletedRolesIds = currentUserRolesIds.Except(editModel.SelectedRoles).ToList(); if (deletedRolesIds.Any()) { var rolesToRemove = allRoles .Where(x => deletedRolesIds.Contains(x.Id)).Select(x => x.Name) .ToArray(); var result = await UserManager.RemoveFromRolesAsync(currentUser.Id, rolesToRemove); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); break; } } var newRolesIds = editModel.SelectedRoles.Except(currentUserRolesIds).ToArray(); if (newRolesIds.Any()) { var rolesToAdd = allRoles .Where(x => newRolesIds.Contains(x.Id)).Select(x => x.Name) .ToArray(); var result = await UserManager.AddToRolesAsync(currentUser.Id, rolesToAdd); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); break; } } return RedirectToAction("Index", modelParams); #pragma warning disable 162 } while (false); #pragma warning restore 162 } editModel.RoleList = await RoleManager.Roles .Select(x => new SelectListItem { Text = x.Name, Value = x.Id }).ToListAsync(); return View(editModel); }