public async Task <IActionResult> Promote([FromBody] UserPromoteRequest promote)
{
// This method can be executed by any registered user if there is NO admin account.
// This should only be used during setup.
// Otherwise, only admins can promote other users to admin
if (!User.IsInRole(UserRoles.Admin))
{
var admins = await userManager.GetUsersInRoleAsync(UserRoles.Admin);
if (admins.Count != 0)
{
return(Unauthorized(responseFactory.Error("Only admins can promote users")));
}
}
var user = await userManager.FindByNameAsync(promote.Username);
if (user == null)
{
return(BadRequest(responseFactory.Error("User does not exist!")));
}
if (!await roleManager.RoleExistsAsync(UserRoles.Admin))
{
await roleManager.CreateAsync(new IdentityRole(UserRoles.Admin));
}
var result = await userManager.AddToRoleAsync(user, UserRoles.Admin);
if (!result.Succeeded)
{
return(StatusCode(StatusCodes.Status500InternalServerError, responseFactory.Error("Failed to assign admin role!", result.ToString())));
}
// Generate new token with updated credentials
JwtSecurityToken token = await GenerateAuthToken(user);
return(Ok(responseFactory.Success(new AuthResponse()
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
ValidTo = token.ValidTo
})));
}
public async Task <(ApiResponse <AuthResponse>, HttpResponseMessage)> Promote(UserPromoteRequest promote)
{
using var scope = serviceProvider.CreateScope();
var backend = scope.ServiceProvider.GetRequiredService <BackendService>();
var(result, httpResponse) = await backend.AuthPromote(promote);
await UpdateToken(scope, result, httpResponse);
return(result, httpResponse);
}
