public async Task <User> ChangeRole(DataForChangingRoleDto dataForChangingRoleDto) { var user = await _context.Users.FindAsync(dataForChangingRoleDto.Id); user.Role = dataForChangingRoleDto.Role; if (await _context.SaveChangesAsync() > 0) { return(user); } throw new Exception("Problem in saving changes"); }
public async Task <ActionResult <User> > ChangeRole(DataForChangingRoleDto dataForChangingRoleDto) { var newroles = dataForChangingRoleDto.Role.Split(",").Select(x => x.Trim()).ToList(); var oldRole = await _profileRepository.GetRole(dataForChangingRoleDto.Id); var oldRoles = oldRole.Split(",").Select(x => x.Trim()).ToList(); if (CheckPermission(newroles) && CheckPermission(oldRoles)) { return(Ok(await _profileRepository.ChangeRole(dataForChangingRoleDto))); } throw new UnauthorizedAccessException("You don't have the permission to do that"); }