public async Task<ActionResult> EditRole(UserAdminEditRoleViewModel viewmodel, string[] checkboxSelectedRoleNames) { // Prevent SuperAdmin to remove his own Role var currentUserIsSuperAdmin = User.IsInRole("SuperAdmin"); if (currentUserIsSuperAdmin) { return RedirectToAction("Index"); } var userId = viewmodel.Id; AppUser user = await UserManager.FindByIdAsync(userId); var allRoleNames = RoleManager.Roles.Select(r => r.Name).ToList(); var assignedRoleNames = RoleManager.Roles.Where(r => r.Users.Any(u => u.UserId == user.Id)).Select(r => r.Name).ToList(); var selectedRoleNames = checkboxSelectedRoleNames; foreach (var roleName in allRoleNames) { IdentityResult result; // Add Role Assignment to User if (selectedRoleNames.Contains(roleName) && !assignedRoleNames.Contains(roleName)) { result = await UserManager.AddToRoleAsync(userId, roleName); if (!result.Succeeded) { return RedirectToAction("Index"); } } // Remove Role Assignment from User if (!selectedRoleNames.Contains(roleName) && assignedRoleNames.Contains(roleName)) { result = await UserManager.RemoveFromRoleAsync(userId, roleName); if (!result.Succeeded) { return RedirectToAction("Index"); } } } return RedirectToAction("Index"); }
// GET: Edit Role public async Task<ActionResult> EditRole(string id) { AppUser user = await UserManager.FindByIdAsync(id); var currentUserId = User.Identity.GetUserId(); if (user == null || user.Id == currentUserId) { return RedirectToAction("Index"); } var viewmodel = new UserAdminEditRoleViewModel { Id = user.Id, Email = user.Email, AllRoleNames = RoleManager.Roles.Select(r => r.Name).ToList(), AssignedRoleNames = RoleManager.Roles.Where(r => r.Users.Any(u => u.UserId == user.Id)).Select(r => r.Name).ToList() }; return View(viewmodel); }