public ActionResult ManageRoles(ManageRolesViewModel formData) { try { if (!ModelState.IsValid) { return(View(GenerateManageRolesViewModel(formData.UserId))); } ApplicationUser foundUser = UserRepository.GetUserById(formData.UserId); if (foundUser == null) { return(RedirectToAction(nameof(Index))); } bool isAddingUsers = formData?.SelectedRolesToAdd != null; bool isRemovingUsers = formData?.SelectedRolesToRemove != null; string userId = User.Identity.GetUserId(); //! other admins can revoke other admins role //! but they can't revoke their own admin role if (isRemovingUsers && formData.UserId == userId && formData.SelectedRolesToRemove.Contains(nameof(UserRolesEnum.Admin))) { return(RedirectToAction(nameof(Index), new { error = "You can't revoke your admin role (discarded all changes)" })); } #region Adding and Removing Users if (isAddingUsers) { foreach (string roleName in formData.SelectedRolesToAdd) { bool isUserAlreadyAssignedToRole = UserRoleRepository.IsUserInRole(formData.UserId, roleName); if (!isUserAlreadyAssignedToRole) { bool didUserGetAssignedToRole = UserRoleRepository.AddUserToRole(formData.UserId, roleName); if (!didUserGetAssignedToRole) { return(RedirectToAction(nameof(Index))); } } } } if (isRemovingUsers) { foreach (string roleName in formData.SelectedRolesToRemove) { bool isUserAlreadyAssignedToRole = UserRoleRepository.IsUserInRole(formData.UserId, roleName); if (isUserAlreadyAssignedToRole) { //ApplicationUser foundUser = UserRepository.GetUserById(userId); bool didUserGetRoleRevoked = UserRoleRepository.RemoveUserFromRole(formData.UserId, roleName); if (!didUserGetRoleRevoked) { return(RedirectToAction(nameof(Index))); } } } } #endregion DbContext.SaveChanges(); return(RedirectToAction(nameof(Index))); } catch (ArgumentException e) { ModelState.AddModelError("", e.Message); return(View(GenerateManageRolesViewModel(formData.UserId))); } catch (Exception e) { ModelState.AddModelError("", e.Message); return(View(GenerateManageRolesViewModel(formData.UserId))); } }