Esempio n. 1
0
        public async Task <ActionResult <PersonViewModel> > UpdateUserAsync([FromBody] PersonViewModel personViewModel)
        {
            if (personViewModel == null || personViewModel.Id == Guid.Empty)
            {
                return(BadRequest("Invalid User"));
            }
            try
            {
                string oid = IdentityHelper.GetOid(HttpContext.User.Identity as ClaimsIdentity);
                if (oid == null)
                {
                    return(BadRequest("Invalid User"));
                }

                //only the owner of a profile or a boardmember or a committeemember can update user data
                if (personViewModel.Id.ToString() != oid &&
                    !UserHasRole(UserRole.Boardmember, (ClaimsIdentity)HttpContext.User.Identity) &&
                    !UserHasRole(UserRole.Committeemember, (ClaimsIdentity)HttpContext.User.Identity))
                {
                    return(BadRequest("Invalid User"));
                }

                User user = PersonViewModel.CreateUser(personViewModel,
                                                       Extensions.GetInstance(b2CExtentionApplicationId));
                TaskResult <User> result = await personService.UpdatePersonAsync(user);

                if (!result.Succeeded)
                {
                    return(Unauthorized());
                }
                return(Ok(PersonViewModel.CreateVmFromUser(result.Data,
                                                           Extensions.GetInstance(b2CExtentionApplicationId))));
            }
            catch (Exception ex)
            {
                string message = GetType().Name + "Error in " + nameof(UpdateUserAsync);
                logger.LogError(ex, message);
                return(UnprocessableEntity(new ErrorViewModel {
                    Type = Type.Error, Message = message
                }));
            }
        }