public async Task <IActionResult> AddRoleToUser([FromQuery(Name = "role")] string role, [FromQuery(Name = "userId")] string userId) { _requestLogService.SaveRequest(User.Identity.GetUserId(), "POST", "api/v1/accounts/addRoleToUser", "AddRoleToUser"); if (role == null || userId == null) { return(BadRequest()); } var user = await _userManager.FindByIdAsync(userId); if (user != null && await _roleManager.RoleExistsAsync(role)) { if (User.IsInRole(role)) { return(StatusCode(400, "User is already in this role.")); } if (user.Id == User.Identity.GetUserId() && role != "admin" || User.IsInRole("admin")) { await _userManager.AddToRoleAsync(user, role); } else { return(StatusCode(403, "Users can only be amended by themselves or by admins.")); } } else { return(BadRequest("No such user and/or role exists. Please double check parameters.")); } return(CreatedAtAction(nameof(GetUser), new { id = user.Id }, UserDTO.CreateFromDomain(user))); }
public IActionResult GetUsersByRole([FromQuery(Name = "role")] string role) { _requestLogService.SaveRequest(User.Identity.GetUserId(), "POST", "api/v1/accounts/getAllUsersInRole", "GetUsersByRole"); var users = _userManager.GetUsersInRoleAsync(role).Result; List <UserDTO> userDtos = new List <UserDTO>(); if (users != null) { foreach (User user in users) { userDtos.Add(UserDTO.CreateFromDomain(user)); } return(Ok(userDtos)); } return(NotFound()); }
public UserDTO Create(User user) { return(UserDTO.CreateFromDomain(user)); }