private async Task <IdentityResult> DisableRoleClaim(string userId, string roleId, int claimId, ApplicationUser user) { try { ApplicationUser registration = await _userManager.FindByIdAsync(userId); if (registration != null) { foreach (AspNetUserRoleClaim roleClaim in registration.RoleClaims) { if (roleClaim.RoleId == roleId && roleClaim.RoleClaimId == claimId) { roleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory(); history.ActionOn = DateTime.Now; history.ActionBy = user; history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; history.UserRoleClaim = roleClaim; roleClaim.History.Add(history); } } IdentityResult identityResult = await _userManager.UpdateAsync(registration); if (!identityResult.Succeeded) { throw new Exception(identityResult.Errors.First().Description); } } return(IdentityResult.Success); } catch (Exception exception) { _logger.Exception(exception); return(IdentityResult.Failed( new IdentityError { Code = exception.Source, Description = exception.Message } )); } }
public async Task <IActionResult> RevokeClaim(ViewModel model) { if (ModelState.IsValid) { string subject = User.Claims.Where(x => x.Type == JwtClaimTypes.Subject).Select(x => x.Value).FirstOrDefault(); if (string.IsNullOrEmpty(subject)) { return(Unauthorized()); } var user = await _userManager.FindByIdAsync(subject); if (user == null) { return(Unauthorized()); } var registration = await _userManager.FindByIdAsync(model.RevokeId); if (registration != null) { foreach (AspNetUserRoleClaim roleClaim in registration.RoleClaims) { if (roleClaim.RoleClaimId == model.ClaimId) { roleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory(); history.ActionOn = DateTime.Now; history.ActionById = user.Id; history.ActionBy = user; history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; history.UserRoleClaimId = roleClaim.Id; history.UserRoleClaim = roleClaim; roleClaim.History.Add(history); } } IdentityResult identityResult = await _userManager.UpdateAsync(registration); if (!identityResult.Succeeded) { throw new Exception(identityResult.Errors.First().Description); } } model.Users = await _roleManager.GetApprovedUsersAsync(model.RoleId, model.ClaimId); var applicationRole = await _roleManager.FindByIdAsync(model.RoleId); model.RoleDescription = applicationRole.Name.Trim(); model.RoleId = applicationRole.Id; model.ClaimDescription = applicationRole.RoleClaims .Where(x => x.Id == model.ClaimId) .Select(x => x.ClaimType) .FirstOrDefault() .Trim(); model.ClaimId = applicationRole.RoleClaims .Where(x => x.Id == model.ClaimId) .Select(x => x.Id) .FirstOrDefault(); return(View("Users", model)); } return(BadRequest(ModelState)); }
private async Task <AdministrationModel> Reject(AdministrationModel model, ApplicationUser user) { var registration = await _userManager.FindByIdAsync(model.Id); if (registration == null) { throw new Exception($"Invalid Registration.Id: {model.Id}"); } registration.ApprovedById = null; registration.ApprovedBy = null; registration.ApprovedDate = DateTime.MinValue; registration.RevokedById = user.Id; registration.RevokedBy = user; registration.RevokedDate = DateTime.Now; ApplicationRole role = await _roleManager.FindByNameAsync("User"); foreach (ApplicationRoleClaim roleClaim in role.RoleClaims) { AspNetUserRoleClaim userRoleClaim = registration.RoleClaims .Where(x => x.UserId == registration.Id && x.RoleId == roleClaim.RoleId && x.RoleClaim.ClaimType == roleClaim.ClaimType ) .FirstOrDefault(); if (userRoleClaim != null) { userRoleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory(); history.ActionOn = DateTime.Now; history.ActionById = user.Id; history.ActionBy = user; history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; history.UserRoleClaimId = userRoleClaim.Id; history.UserRoleClaim = userRoleClaim; userRoleClaim.History.Add(history); } else { userRoleClaim = new AspNetUserRoleClaim(); userRoleClaim.UserId = registration.Id; userRoleClaim.User = registration; userRoleClaim.RoleId = role.Id; userRoleClaim.Role = role; userRoleClaim.RoleClaimId = roleClaim.Id; userRoleClaim.RoleClaim = roleClaim; userRoleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory(); history.ActionOn = DateTime.Now; history.ActionById = user.Id; history.ActionBy = user; history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected; history.UserRoleClaimId = userRoleClaim.Id; history.UserRoleClaim = userRoleClaim; userRoleClaim.History.Add(history); registration.RoleClaims.Add(userRoleClaim); } } IdentityResult identityResult = await _userManager.UpdateAsync(registration); if (!identityResult.Succeeded) { throw new Exception(identityResult.Errors.First().Description); } return(model); }