protected virtual async Task <ApplicationUser> PrepareUserForDelete(string userId, System.Security.Claims.ClaimsPrincipal adminUser)
{
ApplicationUser user = await _db.Users
.Include(u => u.Content)
.Include(u => u.Properties)
.Include(u => u.Addresses)
.SingleOrDefaultAsync(u => u.Id == userId);
if (user.Email == Engine.Configuration.SuperAdminEmail)
{
throw new Exception("You cannot delete the site owner account, the owner is set via an environment variable and cannot be changed from the admin area.");
}
ApplicationUser siteOwner = await _db.Users.AsNoTracking().SingleOrDefaultAsync(u => u.Email == Engine.Configuration.SuperAdminEmail);
if (siteOwner == null)
{
throw new Exception("Could not load the owner account, check your settings, the owner is set via an environment variable and cannot be changed from the admin area.");
}
if (!adminUser.IsAdminOrBetter() && adminUser.GetLocalUserId() != user.Id)
{
throw new Exception("You do not have permission to delete this user.");
}
// Set any site content as owned by the site owner, instead of the user.
user.Content.ForEach(c => c.AuthorId = siteOwner.Id);
user.Properties.ForEach(p => p.AgentId = siteOwner.Id);
_db.Logs.Where(l => l.UserId == userId).ForEach(f => f.UserId = siteOwner.Id);
await _db.SaveChangesAsync();
return(user);
}
