public async Task <UserWithRolesDto> GetUserWithRolesAsync(string userId, bool isCurrentUserAdmin) { UserWithRolesDto result = null; var userDb = await _userManager.FindByIdAsync(userId); await ValidateAdminAccessAsync(isCurrentUserAdmin, userDb); if (userDb != null) { result = _mapper.Map <UserDb, UserWithRolesDto>(userDb); result.Roles = await _userManager.GetRolesAsync(userDb); } return(result); }
public async Task <IActionResult> GetUsersWithRoles() { if (User.Identity.Name.ToUpper() == "SYSTEMADMIN") { var users = await _context.Users.Where(x => x.NormalizedUserName != "SYSTEMADMIN" && x.Masked == false).ToListAsync(); var userList = new List <UserWithRolesDto>(); foreach (var user in users) { var userWithRole = new UserWithRolesDto(); userWithRole.Username = user.UserName; userWithRole.FullName = user.FullName; userWithRole.Initials = user.Initials; userWithRole.Id = user.Id; userWithRole.Roles = await _context.Roles.FromSql("SELECT * FROM AspNetRoles WHERE AspNetRoles.Id IN (SELECT AspNetUserRoles.RoleId FROM AspNetUserRoles WHERE AspNetUserRoles.UserId = {0})", user.Id).ToListAsync(); userList.Add(userWithRole); } return(Ok(userList)); } else { var orgId = int.Parse(User.FindFirst("Organization").Value); var users = await _context.Users.FromSql("SELECT * FROM AspNetUsers WHERE AspNetUsers.Masked = false AND AspNetUsers.Id IN (SELECT OrganizationUser.UserId FROM OrganizationUser WHERE OrganizationUser.OrganizationId = {0})", orgId).ToListAsync(); var userList = new List <UserWithRolesDto>(); foreach (var user in users) { var userWithRole = new UserWithRolesDto(); userWithRole.Username = user.UserName; userWithRole.Id = user.Id; userWithRole.FullName = user.FullName; userWithRole.Initials = user.Initials; userWithRole.Roles = await _context.Roles.FromSql("SELECT * FROM AspNetRoles WHERE AspNetRoles.Id IN (SELECT AspNetUserRoles.RoleId FROM AspNetUserRoles WHERE AspNetUserRoles.UserId = {0}) AND AspNetRoles.OrganizationId = {1}", user.Id, orgId).ToListAsync(); userList.Add(userWithRole); } return(Ok(userList)); } }
public async Task <IActionResult> EditUserRoles(UserWithRolesDto userWithRoles) { var user = await _userManager.FindByNameAsync(userWithRoles.User.UserName); if (user == null) { return(BadRequest($"No user with UserName {userWithRoles.User.UserName} found.")); } var backupUserRoles = await _userManager.GetRolesAsync(user); var roles = userWithRoles.Roles.ToList().Select(r => r.Name); var resultRemove = await _userManager.RemoveFromRolesAsync(user, await _userManager.GetRolesAsync(user)); if (roles.Count() == 0) { if (!resultRemove.Succeeded) { return(BadRequest(resultRemove.Errors)); } return(Ok($"User {user.UserName} from now on belongs to none of roles.")); } try { var resultAdd = await _userManager.AddToRolesAsync(user, roles); } catch (InvalidOperationException ex) { // Backup previous roles of the user await _userManager.RemoveFromRolesAsync(user, await _userManager.GetRolesAsync(user)); var result = await _userManager.AddToRolesAsync(user, backupUserRoles); // return(BadRequest(new { Error = ex.Message, User = await GetUserWithRoles(_mapper.Map <UsernameDto>(user)) })); } return(await GetUserWithRoles(_mapper.Map <UsernameDto>(user))); }