public async Task <IActionResult> Create([FromBody] RoleViewModel viewModel)
{
Expression <Func <Role, bool> > filter = existingRole => existingRole.NormalizedName == viewModel.NormalizedName;
bool roleExists = await repository.AnyAsync <Role>(filter);
if (roleExists)
{
ModelState.AddModelError("Role", $"Role {viewModel.Name} already exists.");
return(BadRequest(ModelState));
}
var role = mapper.Map <Role>(viewModel);
role.NormalizedName = viewModel.NormalizedName;
if (viewModel.Claims != null)
{
foreach (var claim in viewModel.Claims)
{
if (!PermissionClaims.GetAll().Contains(claim))
{
ModelState.AddModelError("Claims", $"Claim {claim} does not exist.");
return(BadRequest(ModelState));
}
role.Claims.Add(new IdentityRoleClaim <string>()
{
RoleId = role.Id,
ClaimType = CustomClaimTypes.Permission,
ClaimValue = claim
});
}
}
repository.Create(role);
await repository.SaveAsync();
return(Created($"/api/v1/roles/{role.Id}", new { message = "Role was created successfully!" }));
}
public async Task <IActionResult> Update([FromRoute] string id, [FromBody] RoleViewModel viewModel)
{
Role role = await repository.GetByIdAsync <Role>(id, _includeProperties);
if (role == null)
{
return(NotFound(new { message = "Role does not exist!" }));
}
if (role.NormalizedName == "ADMIN")
{
return(Forbid());
}
if (viewModel.NormalizedName != role.NormalizedName)
{
Expression <Func <Role, bool> > filter = existingRole => existingRole.NormalizedName == viewModel.NormalizedName;
bool roleExists = await repository.AnyAsync <Role>(filter);
if (roleExists)
{
ModelState.AddModelError("Role", $"Role {viewModel.Name} already exists.");
return(BadRequest(ModelState));
}
}
if (!String.IsNullOrEmpty(role.Name))
{
role.Name = viewModel.Name;
role.NormalizedName = viewModel.NormalizedName;
}
if (!String.IsNullOrEmpty(viewModel.Description))
{
role.Description = viewModel.Description;
}
if (viewModel.Claims != null)
{
role.Claims.Clear();
var distinctClaims = viewModel.Claims.Distinct().ToList();
foreach (var claim in distinctClaims)
{
if (!PermissionClaims.GetAll().Contains(claim))
{
ModelState.AddModelError("Claims", $"Claim {claim} does not exist.");
return(BadRequest(ModelState));
}
role.Claims.Add(new IdentityRoleClaim <string>()
{
RoleId = role.Id,
ClaimType = CustomClaimTypes.Permission,
ClaimValue = claim
});
}
repository.Delete <IdentityRoleClaim <string> >(claim => claim.RoleId == role.Id);
}
repository.Update(role);
await repository.SaveAsync();
return(NoContent());
}