public ActionResult AddUserToRole(UserToRoleModel model)
{
var user = UserManager.FindByEmail(model.Email);
UserManager.AddToRole(user.Id, model.Role);
return(RedirectToAction("Index", "Home"));
}
public async Task Roles_Add_Remove_User_to_Role()
{
UserToRoleModel model = new UserToRoleModel()
{
Role = "Test",
User = "******"
};
LoginTokenModel token = await getAdminToken();
_client.DefaultRequestHeaders.Add("Authorization", String.Format("Bearer {0}", token.access_token));
//check if belongs to the role (it should not)
HttpResponseMessage response = await _client.GetAsync("api/Account/GetUserRoles" + String.Format("?email={0}", Uri.EscapeUriString(model.User)));
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
string responseBody = await response.Content.ReadAsStringAsync();
List<string> tweb = ServiceStack.Text.JsonSerializer.DeserializeFromString<List<string>>(responseBody);
Assert.AreEqual(false, tweb.Contains(model.Role), String.Format("User {0} belongs to role {1}, can not test. Please remove {0} from {1} first.", model.User, model.Role));
//Add it to the role:
string str = String.Format("Role={0}&User={1}", Uri.EscapeUriString(model.Role), Uri.EscapeUriString(model.User));
StringContent theContent = new StringContent(str, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
response = await _client.PostAsync("api/Account/AddUserToRole", theContent);
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
//check that belong to role:
response = await _client.GetAsync("api/Account/GetUserRoles" + String.Format("?email={0}", Uri.EscapeUriString(model.User)));
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
responseBody = await response.Content.ReadAsStringAsync();
tweb = ServiceStack.Text.JsonSerializer.DeserializeFromString<List<string>>(responseBody);
Assert.AreEqual(true, tweb.Contains(model.Role));
//remove from the role:
str = String.Format("Role={0}&User={1}", Uri.EscapeUriString(model.Role), Uri.EscapeUriString(model.User));
theContent = new StringContent(str, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
response = await _client.PostAsync("api/Account/RemoveUserRole", theContent);
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
//check that doesnt belong to role
response = await _client.GetAsync("api/Account/GetUserRoles" + String.Format("?email={0}", Uri.EscapeUriString(model.User)));
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
responseBody = await response.Content.ReadAsStringAsync();
tweb = ServiceStack.Text.JsonSerializer.DeserializeFromString<List<string>>(responseBody);
Assert.AreEqual(false, tweb.Contains(model.Role));
clearToken();
}
public async Task Roles_Create_Delete_Add_Remove_Unauthorized()
{
CreateRoleModel modelCreate = new CreateRoleModel()
{
NewRole = "Admin"
};
string str = String.Format("NewRole={0}", Uri.EscapeUriString(modelCreate.NewRole));
StringContent theContent = new StringContent(str, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
HttpResponseMessage response = await _client.PostAsync("api/Account/AddRole", theContent);
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
DeleteRoleModel modelDelete = new DeleteRoleModel()
{
DeleteRole = "TestRole"
};
str = String.Format("DeleteRole={0}", Uri.EscapeUriString(modelDelete.DeleteRole));
theContent = new StringContent(str, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
response = await _client.PostAsync("api/Account/DeleteRole", theContent);
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
UserToRoleModel model = new UserToRoleModel()
{
Role = "Test",
User = "******"
};
str = String.Format("Role={0}&User={1}", Uri.EscapeUriString(model.Role), Uri.EscapeUriString(model.User));
theContent = new StringContent(str, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
response = await _client.PostAsync("api/Account/AddUserToRole", theContent);
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
str = String.Format("Role={0}&User={1}", Uri.EscapeUriString(model.Role), Uri.EscapeUriString(model.User));
theContent = new StringContent(str, System.Text.Encoding.UTF8, "application/x-www-form-urlencoded");
response = await _client.PostAsync("api/Account/RemoveUserRole", theContent);
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
response = await _client.GetAsync("api/Account/GetUserRoles" + String.Format("?email={0}", Uri.EscapeUriString(model.User)));
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
}
public async Task<IHttpActionResult> RemoveUserRole(UserToRoleModel model)
{
ApplicationUser user = UserManager.FindByEmail(model.User);
IdentityResult result = await UserManager.RemoveFromRoleAsync(user.Id, model.Role);
if (!result.Succeeded)
{
return GetErrorResult(result);
}
return Ok();
}
public ActionResult AddUserToRole()
{
UserToRoleModel model = new UserToRoleModel();
return(View(model));
}