private void EditRoles(User user, IEnumerable <int> PostedRoles, UserRoleModel viewModel, EducationSecurityPrincipal requestor) { var rolesToEdit = user.UserRoles.Select(u => u.RoleId).Intersect(PostedRoles).ToList(); foreach (int roleId in rolesToEdit) { var role = RoleRepository.Items.Where(r => r.Id == roleId).SingleOrDefault(); if (role != null) { var schools = GetSelectedSchools(viewModel.allSchoolsSelected, role, viewModel.SelectedSchoolIds).ToList(); var providers = GetSelectedProviders(role, viewModel.SelectedProviderIds).ToList(); var updatedUserRole = user.UserRoles.Where(u => u.RoleId == roleId).Single(); var schoolsToRemove = updatedUserRole.Schools.Except(schools).ToArray(); foreach (School school in schoolsToRemove) { UserRoleRepository.DeleteLink(updatedUserRole, school); } var schoolsToAdd = schools.Except(updatedUserRole.Schools).ToList(); foreach (School school in schoolsToAdd) { UserRoleRepository.AddLink(updatedUserRole, school); } var providersToRemove = updatedUserRole.Providers.Except(providers).ToArray(); foreach (Provider provider in providersToRemove) { UserRoleRepository.DeleteLink(updatedUserRole, provider); } var providersToAdd = providers.Except(updatedUserRole.Providers).ToList(); foreach (Provider provider in providersToAdd) { UserRoleRepository.AddLink(updatedUserRole, provider); } updatedUserRole.LastModifyingUser = requestor.Identity.User; updatedUserRole.LastModifyTime = DateTime.Now; UserRoleRepository.Update(updatedUserRole); } } }