public async Task <ActionResult <UserModel> > SetPermissions([FromRoute] string uid, [FromBody] Permission[] permissions)
{
var userDto = _userBLL.GetByUserUid(uid);
if (userDto == null)
{
return(NotFound());
}
// Update permissions
userDto.Permissions = permissions;
var hasUpdated = _userBLL.UpdateUser(userDto);
if (!hasUpdated)
{
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
// Reload HttpContext by signing out then in again to reset Permissions in Claim
var claimantsName = User.FindFirst(ClaimTypes.Name)?.Value;
if (claimantsName != null && claimantsName == userDto.Username)
{
// Remove previous permission claim
var permissionClaim = User.FindFirst(Constants.PermissionClaimType);
User.Identities.FirstOrDefault(i => i.AuthenticationType == Constants.PaymentIdentity)?.RemoveClaim(permissionClaim);
// Add new permission claim
var jsonPermissions = JsonSerializer.Serialize(userDto.Permissions);
var newPermissionClaim = new Claim(Constants.PermissionClaimType, jsonPermissions ?? string.Empty);
User.Identities.FirstOrDefault(i => i.AuthenticationType == Constants.PaymentIdentity)?.AddClaim(newPermissionClaim);
// Destroy any existing authentication and then re-login
await HttpContext.SignOutAsync();
await HttpContext.SignInAsync(User);
}
return(userDto.ToModel());
}
