public async Task <IHttpActionResult> PutUserPrivilage(string id, UserPrivilage userPrivilage)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Change User Privilage"));
}
// Check if User exist
if (!UserExists(id))
{
BadRequest("User id is not valid");
}
// Save edited Privilage
UserPrivilage aUserPrivilage = await db.UserPrivilages.Where(x => x.UserId == id).SingleOrDefaultAsync();
aUserPrivilage.CanAddDocument = userPrivilage.CanAddDocument;
aUserPrivilage.CanDeleteDocument = userPrivilage.CanDeleteDocument;
aUserPrivilage.CanTagDocument = userPrivilage.CanTagDocument;
await db.SaveChangesAsync();
return(Ok(aUserPrivilage));
}
public async Task <IHttpActionResult> GetUserPrivilage(string id)
{
// Check if User exist
if (!UserExists(id))
{
BadRequest("User id is not valid");
}
UserPrivilage aUserPrivilage = await db.UserPrivilages.Where(x => x.UserId == id).SingleOrDefaultAsync();
return(Ok(aUserPrivilage));
}
public async Task <IHttpActionResult> Register(RegisterBindingModel model)
{
UserACL aUserAcl = new UserACL();
UserProfile aUserProfile = new UserProfile();
UserPrivilage aUserPrivilage = new UserPrivilage();
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (model.UserAclType == Normal || model.UserAclType == Manager) // (a) company must be valid for Manager and Normal user
{
if (!db.Companies.Any(x => x.Id == model.CompanyId))
{
return(BadRequest("This CompanyId is not valid"));
}
}
else
{
if (model.CompanyId != 0)
{
return(BadRequest("CompanyId Must be 0 for Admin User"));
}
}
var user = new ApplicationUser()
{
UserName = model.UserName, Email = model.Email, CompanyId = model.CompanyId
};
IdentityResult result = await UserManager.CreateAsync(user, model.Password);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
ApplicationUser aUser = await db.Users.Where(x => x.Email == user.Email).SingleOrDefaultAsync(); //get the UserId
// Save UserACL
aUserAcl.UserType = model.UserAclType;
aUserAcl.UserId = aUser.Id;
db.UserAcls.Add(aUserAcl);
await db.SaveChangesAsync();
// save UserProfile
aUserProfile.FirstName = model.FirstName;
aUserProfile.LastName = model.LastName;
aUserProfile.UserId = aUser.Id;
db.UserProfiles.Add(aUserProfile);
await db.SaveChangesAsync();
//Save UserPrivilage
aUserPrivilage.CanAddDocument = model.CanAddDocument;
aUserPrivilage.CanDeleteDocument = model.CanDeleteDocument;
aUserPrivilage.CanTagDocument = model.CanTagDocument;
aUserPrivilage.UserId = aUser.Id;
db.UserPrivilages.Add(aUserPrivilage);
await db.SaveChangesAsync();
return(Ok());
}
