public async Task <IHttpActionResult> PutUserPrivilage(string id, UserPrivilage userPrivilage) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Change User Privilage")); } // Check if User exist if (!UserExists(id)) { BadRequest("User id is not valid"); } // Save edited Privilage UserPrivilage aUserPrivilage = await db.UserPrivilages.Where(x => x.UserId == id).SingleOrDefaultAsync(); aUserPrivilage.CanAddDocument = userPrivilage.CanAddDocument; aUserPrivilage.CanDeleteDocument = userPrivilage.CanDeleteDocument; aUserPrivilage.CanTagDocument = userPrivilage.CanTagDocument; await db.SaveChangesAsync(); return(Ok(aUserPrivilage)); }
public async Task <IHttpActionResult> GetUserPrivilage(string id) { // Check if User exist if (!UserExists(id)) { BadRequest("User id is not valid"); } UserPrivilage aUserPrivilage = await db.UserPrivilages.Where(x => x.UserId == id).SingleOrDefaultAsync(); return(Ok(aUserPrivilage)); }
public async Task <IHttpActionResult> Register(RegisterBindingModel model) { UserACL aUserAcl = new UserACL(); UserProfile aUserProfile = new UserProfile(); UserPrivilage aUserPrivilage = new UserPrivilage(); if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (model.UserAclType == Normal || model.UserAclType == Manager) // (a) company must be valid for Manager and Normal user { if (!db.Companies.Any(x => x.Id == model.CompanyId)) { return(BadRequest("This CompanyId is not valid")); } } else { if (model.CompanyId != 0) { return(BadRequest("CompanyId Must be 0 for Admin User")); } } var user = new ApplicationUser() { UserName = model.UserName, Email = model.Email, CompanyId = model.CompanyId }; IdentityResult result = await UserManager.CreateAsync(user, model.Password); if (!result.Succeeded) { return(GetErrorResult(result)); } ApplicationUser aUser = await db.Users.Where(x => x.Email == user.Email).SingleOrDefaultAsync(); //get the UserId // Save UserACL aUserAcl.UserType = model.UserAclType; aUserAcl.UserId = aUser.Id; db.UserAcls.Add(aUserAcl); await db.SaveChangesAsync(); // save UserProfile aUserProfile.FirstName = model.FirstName; aUserProfile.LastName = model.LastName; aUserProfile.UserId = aUser.Id; db.UserProfiles.Add(aUserProfile); await db.SaveChangesAsync(); //Save UserPrivilage aUserPrivilage.CanAddDocument = model.CanAddDocument; aUserPrivilage.CanDeleteDocument = model.CanDeleteDocument; aUserPrivilage.CanTagDocument = model.CanTagDocument; aUserPrivilage.UserId = aUser.Id; db.UserPrivilages.Add(aUserPrivilage); await db.SaveChangesAsync(); return(Ok()); }