public async Task <ActionResult <HttpUser> > Patch([FromBody] HttpUserPatchRequest body, [FromRoute][Username] string username)
{
if (UserHasUserManagementPermission)
{
var id = await _userService.GetUserIdByUsernameAsync(username);
var user = await _userService.ModifyUserAsync(id, _mapper.AutoMapperMap <ModifyUserParams>(body));
return(await _mapper.MapAsync <HttpUser>(user, Url, User));
}
else
{
if (GetUsername() != username)
{
return(ForbidWithCommonResponse(Resource.MessageForbidNotAdministratorOrOwner));
}
if (body.Username is not null)
{
return(ForbidWithCommonResponse(Resource.MessageForbidNotAdministrator));
}
if (body.Password is not null)
{
return(ForbidWithCommonResponse(Resource.MessageForbidNotAdministrator));
}
var user = await _userService.ModifyUserAsync(GetUserId(), _mapper.AutoMapperMap <ModifyUserParams>(body));
return(await _mapper.MapAsync <HttpUser>(user, Url, User));
}
}
public async Task Patch_InvalidModel_Body(HttpUserPatchRequest body)
{
using var client = await CreateClientAsAdministrator();
await client.TestPatchAssertInvalidModelAsync("users/user1", body);
}
