private IActionResult SaveUserPermission(string permissionId_, Security.Data.Entities.User user_, string scope_ = null) { if (!string.IsNullOrWhiteSpace(permissionId_) && user_ != null) { Security.Data.Entities.UserPermission userPermission = new Security.Data.Entities.UserPermission() { UserId = user_.Id, PermissionId = permissionId_ }; if (!string.IsNullOrWhiteSpace(scope_)) { userPermission.Scope = scope_; } _storage.GetRepository <IUserPermissionRepository>().Create(userPermission); } try { _storage.Save(); _logger.LogInformation($"\"Saving user-permission {permissionId_} ok.\""); return(Ok("Saving user-permission ok.")); } catch (Exception e) { _logger.LogCritical("\"Error saving user-permission (@userPermission): {@message}, \n\rInnerException: {@innerException} \n\rStackTrace: {@stackTrace} \"", permissionId_, e.Message, e.InnerException, e.StackTrace); return(StatusCode(StatusCodes.Status500InternalServerError, $"Cannot save user-permission. Error: {e.Message}")); } }
public async Task <IActionResult> CreateUser() { // Get the list of the role from the enum Role[] roles = (Role[])Enum.GetValues(typeof(Role)); foreach (var r in roles) { // create an identity role object out of the enum value IdentityRole <string> identityRole = new IdentityRole <string> { // Automatic ID Name = r.GetRoleName() }; _createdRoles.Add(identityRole); if (!await _roleManager.RoleExistsAsync(identityRole.Name)) { var result = await _roleManager.CreateAsync(identityRole); //return 500 if fail if (!result.Succeeded) { _logger.LogCritical("\"(CreateAsync) Error creating role: { @Name }\"", identityRole.Name); return(StatusCode(StatusCodes.Status500InternalServerError)); } } } // our default user Security.Data.Entities.User johnUser = new Security.Data.Entities.User { FirstName = "John", LastName = "Doe", Email = "*****@*****.**", UserName = "******", LockoutEnabled = false }; // second user Security.Data.Entities.User janeUser = new Security.Data.Entities.User { FirstName = "Jane", LastName = "Fonda", Email = "*****@*****.**", UserName = "******", LockoutEnabled = false }; // third user Security.Data.Entities.User paulUser = new Security.Data.Entities.User { FirstName = "Paul", LastName = "Keller", Email = "*****@*****.**", UserName = "******", LockoutEnabled = false }; bool firstUser = true; foreach (var user in new[] { johnUser, janeUser, paulUser }) { // add the user to the database if it doesn't already exist if (await _userManager.FindByEmailAsync(user.Email) == null) { // WARNING: Do Not check in credentials of any kind into source control var result = await _userManager.CreateAsync(user, password : "******"); if (!result.Succeeded) //return 500 if it fails { _logger.LogCritical("\"(CreateAsync) Error creating user: { @userEmail }\"", user.Email); return(StatusCode(StatusCodes.Status500InternalServerError)); } // Assign roles to user. John has Admin role, Jane and Paul have User role result = await _userManager.AddToRolesAsync(user, new[] { firstUser ? "Administrator" : "User" }); if (!result.Succeeded) // return 500 if fails { _logger.LogCritical("\"(AddToRolesAsync) Error adding user to role, user: { @userEmail }, role: Administrator\"", user.Email); return(StatusCode(StatusCodes.Status500InternalServerError)); } } firstUser = false; } // Save PERMISSIONS var saveResult = SavePermissions(); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } // Save USER-PERMISSION // John (admin user): Admin (globally) saveResult = SaveUserPermission(Permission.Admin.ToString(), johnUser); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } // Paul : Admin (Chinook) saveResult = SaveUserPermission(Permission.Admin.ToString(), paulUser, "Chinook"); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } // Save ROLE-PERMISSION var adminRoleId = _createdRoles.FirstOrDefault(r => r.Name == Role.Administrator.ToString()).Id; var userRoleId = _createdRoles.FirstOrDefault(r => r.Name == Role.User.ToString()).Id; var anonymousRoleId = _createdRoles.FirstOrDefault(r => r.Name == Role.Anonymous.ToString()).Id; // 1. Admin role: admin (globally) saveResult = SaveRolePermission(adminRoleId, Permission.Admin.ToString()); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } // 2. Admin role: admin (Chinook) saveResult = SaveRolePermission(adminRoleId, Permission.Admin.ToString(), "Chinook"); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } // 3. User role: write (globally) saveResult = SaveRolePermission(userRoleId, Permission.Write.ToString()); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } // 4. Anonymous role: read (globally) saveResult = SaveRolePermission(anonymousRoleId, Permission.Read.ToString()); if (saveResult.GetType() != typeof(OkObjectResult)) // return 500 if fails { return(saveResult); } return(Ok("User Creation Ok.")); }