public IQueryable <User> Filter(IQueryable <User> users)
{
var principalAdminRole = AsyncHelper.RunTaskSync(_roleManager.FindByNameAsync(PreDefRoles.PrincipalAdministrator));
var adminRole = AsyncHelper.RunTaskSync(_roleManager.FindByNameAsync(PreDefRoles.Administrator));
return
(_supervisorUserStrategy.Filter(users)
.Where(x => x.Roles.All(r => r.RoleId != principalAdminRole.Id))
.Where(x => x.Roles.All(r => r.RoleId != adminRole.Id)));
}
private async Task <IEnumerable <Claim> > addExistingUserClaimsAsync(IIdentity identity)
{
var claims = new List <Claim>();
var user = await _userManager.Users.Include(u => u.Claims)
.FirstOrDefaultAsync(u => u.UserName == identity.Name)
;
if (user == null)
{
_logger.LogError($"Couldn't find {identity.Name}.");
return(claims);
}
var Options = new ClaimsIdentityOptions();
claims.Add(new Claim(Options.UserIdClaimType, user.Id.ToString()));
claims.Add(new Claim(Options.UserNameClaimType, user.UserName));
claims.Add(new Claim("WebsiteId", "1")); //TODO :
if (_userManager.SupportsUserSecurityStamp)
{
claims.Add(new Claim(Options.SecurityStampClaimType,
await _userManager.GetSecurityStampAsync(user)));
}
if (_userManager.SupportsUserClaim)
{
claims.AddRange(await _userManager.GetClaimsAsync(user));
}
if (_userManager.SupportsUserRole)
{
var roles = await _userManager.GetRolesAsync(user);
foreach (var roleName in roles)
{
claims.Add(new Claim(Options.RoleClaimType, roleName));
if (isNTLM(identity))
{
claims.Add(new Claim(ClaimTypes.GroupSid, roleName));
}
if (_roleManager.SupportsRoleClaims)
{
var role = await _roleManager.FindByNameAsync(roleName);
if (role != null)
{
claims.AddRange(await _roleManager.GetClaimsAsync(role));
}
}
}
}
return(claims);
}
public async Task<PagenatedList<UserDto>> Handle(GetEditorsListQuery request, CancellationToken cancellationToken)
{
var role = await _appRoleManager.FindByNameAsync("Editor");
var userIds = _userRoleRepository.GetQueryable().Where(x => x.RoleId == role.Id).Select(x => x.UserId);
var users = _appUserManager.Users.Where(x => userIds.Contains(x.Id));
if (!string.IsNullOrEmpty(request.Search))
{
users = users.Where(x => x.UserName.Contains(request.Search) || x.FullName.Contains(request.Search));
}
return new PagenatedList<UserDto>
{
AllCount = users.Count(),
Items = _mapper.Map<List<UserDto>>(users.OrderBy(x=>x.Id).Pagenate(request).ToList())
};
}
public IQueryable <User> Filter(IQueryable <User> users)
{
var supervisorRole = AsyncHelper.RunTaskSync(_roleManager.FindByNameAsync(PreDefRoles.Supervisor));
return(users.Where(x => x.Roles.All(r => r.RoleId != supervisorRole.Id)));
}
public async Task <(User, IdentityResult)> CreateAdminUserAsync()
{
var adminUser = await _userManager.FindByNameAsync(AdminUserSeedInfo.Username);
if (adminUser != null)
{
_logger.LogInformation($"{AdminUserSeedInfo.Username} already existed.");
return(adminUser,
IdentityResult.Success
);
}
var adminRole = await _roleManager.FindByNameAsync(AdminUserSeedInfo.RoleName);
if (adminRole != null)
{
_logger.LogInformation($"{AdminUserSeedInfo.RoleName} role already existed.");
}
else
{
adminRole = new Role(AdminUserSeedInfo.RoleName);
var roleResult = await _roleManager.CreateAsync(adminRole);
if (roleResult == IdentityResult.Failed())
{
_logger.LogError($"'{adminRole.Name}' role creating has failed. {roleResult.DumpErrors()}");
return(null,
IdentityResult.Failed()
);
}
}
adminUser = new User {
UserName = AdminUserSeedInfo.Username,
Email = AdminUserSeedInfo.Email,
EmailConfirmed = true,
RegisterDate = _dateSvc.UtcNow(),
Title = AdminUserSeedInfo.Title,
LockoutEnabled = true,
Status = UserStatus.Enabled
};
var result = await _userManager.CreateAsync(adminUser, AdminUserSeedInfo.Password);
if (result == IdentityResult.Failed())
{
_logger.LogError($"'{AdminUserSeedInfo.Username}; user creation has failed. {result.DumpErrors()}");
return(null,
IdentityResult.Failed()
);
}
var setLockoutResult = await _userManager.SetLockoutEnabledAsync(adminUser, enabled : false);
if (setLockoutResult == IdentityResult.Failed())
{
_logger.LogError($"'{AdminUserSeedInfo.Username}' setLockout on user has failed. {setLockoutResult.DumpErrors()}");
return(null,
IdentityResult.Failed()
);
}
var addRoleResult = await _userManager.AddToRoleAsync(adminUser, AdminUserSeedInfo.RoleName);
if (addRoleResult == IdentityResult.Failed())
{
_logger.LogError($"Adding user:'******' to role:'{AdminUserSeedInfo.RoleName}' has failed. {addRoleResult.DumpErrors()}");
return(null,
IdentityResult.Failed()
);
}
return(
adminUser,
IdentityResult.Success
);
}