private async Task <IdentityResult> DisableRoleClaim(string userId, string roleId, int claimId, ApplicationUser user)
{
try
{
ApplicationUser registration = await _userManager.FindByIdAsync(userId);
if (registration != null)
{
foreach (AspNetUserRoleClaim roleClaim in registration.RoleClaims)
{
if (roleClaim.RoleId == roleId && roleClaim.RoleClaimId == claimId)
{
roleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory();
history.ActionOn = DateTime.Now;
history.ActionBy = user;
history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
history.UserRoleClaim = roleClaim;
roleClaim.History.Add(history);
}
}
IdentityResult identityResult = await _userManager.UpdateAsync(registration);
if (!identityResult.Succeeded)
{
throw new Exception(identityResult.Errors.First().Description);
}
}
return(IdentityResult.Success);
}
catch (Exception exception)
{
_logger.Exception(exception);
return(IdentityResult.Failed(
new IdentityError
{
Code = exception.Source,
Description = exception.Message
}
));
}
}
public async Task <IActionResult> RevokeClaim(ViewModel model)
{
if (ModelState.IsValid)
{
string subject = User.Claims.Where(x => x.Type == JwtClaimTypes.Subject).Select(x => x.Value).FirstOrDefault();
if (string.IsNullOrEmpty(subject))
{
return(Unauthorized());
}
var user = await _userManager.FindByIdAsync(subject);
if (user == null)
{
return(Unauthorized());
}
var registration = await _userManager.FindByIdAsync(model.RevokeId);
if (registration != null)
{
foreach (AspNetUserRoleClaim roleClaim in registration.RoleClaims)
{
if (roleClaim.RoleClaimId == model.ClaimId)
{
roleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory();
history.ActionOn = DateTime.Now;
history.ActionById = user.Id;
history.ActionBy = user;
history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
history.UserRoleClaimId = roleClaim.Id;
history.UserRoleClaim = roleClaim;
roleClaim.History.Add(history);
}
}
IdentityResult identityResult = await _userManager.UpdateAsync(registration);
if (!identityResult.Succeeded)
{
throw new Exception(identityResult.Errors.First().Description);
}
}
model.Users = await _roleManager.GetApprovedUsersAsync(model.RoleId, model.ClaimId);
var applicationRole = await _roleManager.FindByIdAsync(model.RoleId);
model.RoleDescription = applicationRole.Name.Trim();
model.RoleId = applicationRole.Id;
model.ClaimDescription = applicationRole.RoleClaims
.Where(x => x.Id == model.ClaimId)
.Select(x => x.ClaimType)
.FirstOrDefault()
.Trim();
model.ClaimId = applicationRole.RoleClaims
.Where(x => x.Id == model.ClaimId)
.Select(x => x.Id)
.FirstOrDefault();
return(View("Users", model));
}
return(BadRequest(ModelState));
}
private async Task <AdministrationModel> Reject(AdministrationModel model, ApplicationUser user)
{
var registration = await _userManager.FindByIdAsync(model.Id);
if (registration == null)
{
throw new Exception($"Invalid Registration.Id: {model.Id}");
}
registration.ApprovedById = null;
registration.ApprovedBy = null;
registration.ApprovedDate = DateTime.MinValue;
registration.RevokedById = user.Id;
registration.RevokedBy = user;
registration.RevokedDate = DateTime.Now;
ApplicationRole role = await _roleManager.FindByNameAsync("User");
foreach (ApplicationRoleClaim roleClaim in role.RoleClaims)
{
AspNetUserRoleClaim userRoleClaim = registration.RoleClaims
.Where(x => x.UserId == registration.Id &&
x.RoleId == roleClaim.RoleId &&
x.RoleClaim.ClaimType == roleClaim.ClaimType
)
.FirstOrDefault();
if (userRoleClaim != null)
{
userRoleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory();
history.ActionOn = DateTime.Now;
history.ActionById = user.Id;
history.ActionBy = user;
history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
history.UserRoleClaimId = userRoleClaim.Id;
history.UserRoleClaim = userRoleClaim;
userRoleClaim.History.Add(history);
}
else
{
userRoleClaim = new AspNetUserRoleClaim();
userRoleClaim.UserId = registration.Id;
userRoleClaim.User = registration;
userRoleClaim.RoleId = role.Id;
userRoleClaim.Role = role;
userRoleClaim.RoleClaimId = roleClaim.Id;
userRoleClaim.RoleClaim = roleClaim;
userRoleClaim.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
AspNetUserRoleClaimHistory history = new AspNetUserRoleClaimHistory();
history.ActionOn = DateTime.Now;
history.ActionById = user.Id;
history.ActionBy = user;
history.Status = AspNetUserRoleClaim.RoleClaimStatus.Rejected;
history.UserRoleClaimId = userRoleClaim.Id;
history.UserRoleClaim = userRoleClaim;
userRoleClaim.History.Add(history);
registration.RoleClaims.Add(userRoleClaim);
}
}
IdentityResult identityResult = await _userManager.UpdateAsync(registration);
if (!identityResult.Succeeded)
{
throw new Exception(identityResult.Errors.First().Description);
}
return(model);
}
