public async Task <ActionResult> ChangeUserRole(long groupId, long userId, GroupUser groupUser)
{
GroupUser currentUser = await repository.GetGroupUser(groupId, CurrentUserId);
GroupUser adjustedUser = await repository.GetGroupUser(groupId, userId);
Role role = currentUser.Role;
if (role == Role.user || role == Role.creator)
{
return(Unauthorized("Must be a group admin or owner to adjust other user's roles."));
}
if (role == Role.admin && (adjustedUser.Role == Role.admin || adjustedUser.Role == Role.owner))
{
return(Unauthorized("Admins cannot change the role of other admins."));
}
bool didDelete = await groupRepo.RemoveUserAsync(currentUser, adjustedUser);
if (!didDelete)
{
return(Unauthorized("That user does not currently exist in this group. Something must have gone wrong. We're working on it."));
}
await groupRepo.AddUserAsync(groupId, adjustedUser.User.UserName, groupUser.Role);
return(Ok());
}
public async Task <ActionResult> AddUser(long groupId, string userName)
{
GroupUser currentUser = await guRepo.GetGroupUser(groupId, UserId);
GroupDto currentGroup = await GetGroup(groupId);
if (currentUser.Role == Role.owner || currentUser.Role == Role.admin)
{
Console.WriteLine($"{currentGroup.GroupUsers.Count}, {currentGroup.MaxUsers}");
if (currentGroup.GroupUsers.Count < currentGroup.MaxUsers || currentGroup.MaxUsers == -1)
{
await repository.AddUserAsync(groupId, userName);
long userId = await repository.FindUserIdByUserName(userName);
return(CreatedAtAction(nameof(AddUser), new { groupId, userName }, null));
}
else
{
return(BadRequest("Cannot add users to this group. This group is currently full. Please upgrade to add more users."));
}
}
else
{
return(Unauthorized("Only admins and owners can add users to this group. If you find this to be a mistake, please talk with your group admins."));
}
}