public async Task <IReadOnlyCollection <UserRoleModel> > GetUserRoles(string userId, CancellationToken cancellationToken) { var user = await FindUser(userId); var roles = await userManager.GetRolesAsync(user); var adminRoleIsReadOnly = roles.Contains(SecurityConstants.AdministratorRole) && (await GetAdminUsers()).Count == 1; return(roles.Select(role => new UserRoleModel { RoleName = role, ReadOnly = SecurityConstants.IsAdministratorRole(role) && adminRoleIsReadOnly, }) .ToList()); }
private static bool RoleIsReadOnly(TRole role) { return(SecurityConstants.IsAdministratorRole(role.Name)); }