public async Task <IHttpActionResult> RevokeRole(AdminGroupUserParameters req, [FromUri] string role) { if (req == null || String.IsNullOrEmpty(req.UserAppId) || String.IsNullOrEmpty(role) || req.GroupId < 1) { return(BadRequest()); } using (var db = new ZapContext()) { // Check if requestor is authorized var userAppId = User.Identity.GetUserId(); var isAdmin = await db.Groups .Where(g => g.GroupId == req.GroupId) .Where(g => g.Administrators.Select(ga => ga.AppId).Contains(userAppId)) .AnyAsync().ConfigureAwait(true); if (!isAdmin) { return(Unauthorized()); } var userToGrant = await db.Users .Where(u => u.AppId == req.UserAppId) .FirstOrDefaultAsync().ConfigureAwait(true); var group = await db.Groups .Where(g => g.GroupId == req.GroupId) .FirstOrDefaultAsync().ConfigureAwait(true); //Grant if (role == "mod") { group.Moderators.Remove(userToGrant); } else if (role == "admin") { if (group.Administrators.Count() == 1) { return(Ok(new ZapReadResponse() { success = false, message = "Group must have at least one administrator." })); } else { group.Administrators.Remove(userToGrant); } } else if (role == "banish") { var ban = group.Banished .Where(b => b.User.AppId == req.UserAppId) .FirstOrDefault(); if (ban != null) { group.Banished.Remove(ban); } } else if (role == "membership") { group.Members.Remove(userToGrant); } await db.SaveChangesAsync().ConfigureAwait(true); return(Ok(new ZapReadResponse() { success = true })); } }
public async Task <IHttpActionResult> GrantRole(AdminGroupUserParameters req, [FromUri] string role) { if (req == null || String.IsNullOrEmpty(req.UserAppId) || String.IsNullOrEmpty(role) || req.GroupId < 1) { return(BadRequest()); } using (var db = new ZapContext()) { // Check if requestor is authorized var userAppId = User.Identity.GetUserId(); var isAdmin = await db.Groups .Where(g => g.GroupId == req.GroupId) .Where(g => g.Administrators.Select(ga => ga.AppId).Contains(userAppId)) .AnyAsync().ConfigureAwait(true); // This funciton is checked for moderator only when role is a moderator role. // This is to reduce the number of calls to the DB. if (!isAdmin) { // sub-select moderator roles to pass if (role == "banish") { var isMod = await db.Groups .Where(g => g.GroupId == req.GroupId) .Where(g => g.Moderators.Select(ga => ga.AppId).Contains(userAppId)) .AnyAsync().ConfigureAwait(true); if (!isMod) { return(Unauthorized()); } } else { return(Unauthorized()); } } var userToGrant = await db.Users .Where(u => u.AppId == req.UserAppId) .FirstOrDefaultAsync().ConfigureAwait(true); var group = await db.Groups .Where(g => g.GroupId == req.GroupId) .FirstOrDefaultAsync().ConfigureAwait(true); //Grant if (role == "mod") { if (!group.Moderators.Contains(userToGrant)) { group.Moderators.Add(userToGrant); await eventService.OnNewGroupModGrantedAsync( groupId : req.GroupId, userId : userToGrant.Id); } } else if (role == "admin") { if (!group.Administrators.Contains(userToGrant)) { group.Administrators.Add(userToGrant); await eventService.OnNewGroupAdminGrantedAsync( groupId : req.GroupId, userId : userToGrant.Id); } } else if (role == "banish") { if (!group.Banished.Select(b => b.User).Contains(userToGrant)) { var ban = new GroupBanished() { BanishmentType = 0, // Group Admin Group = group, User = userToGrant, TimeStampStarted = DateTime.UtcNow, TimeStampExpired = DateTime.UtcNow + TimeSpan.FromDays(30), Reason = "Banished by administrator: " + await db.Users.Where(u => u.AppId == userAppId).Select(u => u.Name).FirstOrDefaultAsync().ConfigureAwait(true) }; group.Banished.Add(ban); } } else if (role == "membership") { if (!group.Members.Contains(userToGrant)) { group.Members.Add(userToGrant); } } await db.SaveChangesAsync().ConfigureAwait(true); return(Ok(new ZapReadResponse() { success = true })); } }