public async Task <IActionResult> DeleteRole(string id)
{
if (!await accountManager.TestCanDeleteRoleAsync(id))
{
return(BadRequest("Role cannot be deleted. Remove all users from this role and try again"));
}
RoleViewModel roleViewModel = null;
IApplicationRole applicationRole = await accountManager.GetRoleByIdAsync(id);
if (applicationRole != null)
{
roleViewModel = await FetchRoleViewModel(applicationRole.Name);
}
if (roleViewModel == null)
{
return(NotFound(id));
}
Tuple <bool, string[]> result = await accountManager.DeleteRoleAsync(applicationRole);
if (!result.Item1)
{
throw new Exception("The following errors occurred whilst deleting role: " + string.Join(", ", result.Item2));
}
return(Ok(roleViewModel));
}
public async Task <IActionResult> CreateRole([FromBody] RoleViewModel role)
{
if (ModelState.IsValid)
{
if (role == null)
{
return(BadRequest($"{nameof(role)} cannot be null"));
}
IApplicationRole applicationRole = Mapper.Map <ApplicationRole>(role);
Tuple <bool, string[]> result = await accountManager.CreateRoleAsync(applicationRole, role.Permissions?.Select(p => p.Value).ToArray());
if (result.Item1)
{
RoleViewModel roleViewModel = await FetchRoleViewModel(applicationRole.Name);
return(CreatedAtAction(GetRoleByIdActionName, new { id = roleViewModel.Id }, roleViewModel));
}
AddErrors(result.Item2);
}
return(BadRequest(ModelState));
}
public async Task <IActionResult> UpdateRole(string id, [FromBody] RoleViewModel role)
{
if (ModelState.IsValid)
{
if (role == null)
{
return(BadRequest($"{nameof(role)} cannot be null"));
}
if (!string.IsNullOrWhiteSpace(role.Id) && id != role.Id)
{
return(BadRequest("Conflicting role id in parameter and model data"));
}
IApplicationRole applicationRole = await accountManager.GetRoleByIdAsync(id);
if (applicationRole == null)
{
return(NotFound(id));
}
Mapper.Map(role, applicationRole as ApplicationRole);
Tuple <bool, string[]> result = await accountManager.UpdateRoleAsync(applicationRole, role.Permissions?.Select(p => p.Value).ToArray());
if (result.Item1)
{
return(NoContent());
}
AddErrors(result.Item2);
}
return(BadRequest(ModelState));
}
public async Task <Tuple <bool, string[]> > UpdateRoleAsync(IApplicationRole role, IEnumerable <string> claims)
{
if (claims != null)
{
string[] invalidClaims = claims.Where(claim => AuthorizationManager.GetByValue(claim) == null).ToArray();
if (invalidClaims.Any())
{
return(Tuple.Create(false, new[] { "The following claim types are invalid: " + string.Join(", ", invalidClaims) }));
}
}
var result = await roleManager.UpdateAsync(role as ApplicationRole);
if (!result.Succeeded)
{
return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
}
if (claims != null)
{
var roleClaims = (await roleManager.GetClaimsAsync(role as ApplicationRole)).Where(c => c.Type == ApplicationClaimType.Authorization);
var roleClaimValues = roleClaims.Select(c => c.Value).ToArray();
var claimsToRemove = roleClaimValues.Except(claims).ToArray();
var claimsToAdd = claims.Except(roleClaimValues).Distinct().ToArray();
if (claimsToRemove.Any())
{
foreach (string claim in claimsToRemove)
{
result = await roleManager.RemoveClaimAsync(role as ApplicationRole, roleClaims.Where(c => c.Value == claim).FirstOrDefault());
if (!result.Succeeded)
{
return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
}
}
}
if (claimsToAdd.Any())
{
foreach (string claim in claimsToAdd)
{
result = await roleManager.AddClaimAsync(role as ApplicationRole, new Claim(ApplicationClaimType.Authorization, AuthorizationManager.GetByValue(claim)));
if (!result.Succeeded)
{
return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
}
}
}
}
return(Tuple.Create(true, new string[] { }));
}
private async Task <RoleViewModel> FetchRoleViewModel(string roleName)
{
IApplicationRole role = await accountManager.GetRoleLoadRelatedAsync(roleName);
if (role != null)
{
return(Mapper.Map <RoleViewModel>(role));
}
return(null);
}
public async Task <Tuple <bool, string[]> > CreateRoleAsync(IApplicationRole role, IEnumerable <string> claims)
{
if (claims == null)
{
claims = new string[] { };
}
string[] invalidClaims = claims.Where(claim => AuthorizationManager.GetByValue(claim) == null).ToArray();
if (invalidClaims.Any())
{
return(Tuple.Create(false, new[] { "The following claim types are invalid: " + string.Join(", ", invalidClaims) }));
}
var result = await roleManager.CreateAsync(role as ApplicationRole);
if (!result.Succeeded)
{
return(Tuple.Create(false, result.Errors.Select(error => error.Description).ToArray()));
}
role = await roleManager.FindByNameAsync(role.Name);
foreach (string claim in claims.Distinct())
{
result = await roleManager.AddClaimAsync(role as ApplicationRole, new Claim(ApplicationClaimType.Authorization, AuthorizationManager.GetByValue(claim)));
if (!result.Succeeded)
{
await DeleteRoleAsync(role);
return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
}
}
return(Tuple.Create(true, new string[] { }));
}
public async Task <Tuple <bool, string[]> > DeleteRoleAsync(IApplicationRole role)
{
var result = await roleManager.DeleteAsync(role as ApplicationRole);
return(Tuple.Create(result.Succeeded, result.Errors.Select(error => error.Description).ToArray()));
}
