public async Task <List <ApplicationUser> > ListUsers( UserFilter filter, UserRetrievalOptions options, CancellationToken cancellationToken) { filter ??= new UserFilter(); options ??= new UserRetrievalOptions(); var query = _context.Users .AsNoTracking() .UseOptions(options); if (filter.AccessibleOnly) { var user = _httpContextAccessor.HttpContext.User; if (!user.IsInRole(Roles.Admin) && !user.IsInRole(Roles.SuperAdmin)) { return(new List <ApplicationUser>()); } if (!user.IsInRole(Roles.SuperAdmin)) { var organization = await _currentOrganizationAccessorService.RequireCurrentOrganizationAsync(cancellationToken : cancellationToken); if (!organization.IsRoot) { query = query.HavingOrganization(organization); } } } return(await query.ToListAsync(cancellationToken)); }
public async Task <Paging <ApplicationUser> > ListUsers( UserListRequest request, UserRetrievalOptions options, CancellationToken cancellationToken) { options ??= UserRetrievalOptions.Default; var query = _context.Users .AsNoTracking() .UseOptions(options) .AddFilter(request.Filter) .AddOrder(request.OrderBy, request.Descending); if (request.Filter.AccessibleOnly) { var user = _httpContextAccessor.HttpContext.User; if (!user.IsAdmin()) { return(Paging <ApplicationUser> .Empty <ApplicationUser>()); } if (!user.IsSuperAdmin()) { var organization = await _currentOrganizationAccessorService.RequireCurrentOrganizationAsync(cancellationToken : cancellationToken); if (!organization.IsRoot) { query = query.HavingOrganization(organization); } } } return(await Paging <ApplicationUser> .CreateAsync(query, request, cancellationToken)); }
public async Task <List <ApplicationUser> > ListAccessibleUsers(UserRetrievalOptions options) { options ??= new UserRetrievalOptions(); var user = _httpContextAccessor.HttpContext.User; if (!user.IsInRole(Roles.Admin) && !user.IsInRole(Roles.SuperAdmin)) { throw new AccessViolationException($"Should have {Roles.Admin} role to access other users."); } var query = _context.Users.AsNoTracking() .UseOptions(options); if (!user.IsInRole(Roles.SuperAdmin)) { if (!user.IsInRole(Roles.Admin)) { // Not an admin of the current org => can't see org member list. return(new List <ApplicationUser>()); } var organization = await _currentOrganizationAccessorService.RequireCurrentOrganizationAsync(); if (!organization.IsRoot) { query = query.HavingOrganization(organization); } } return(await query.ToListAsync()); }
public async Task <ApplicationUser> GetUserByEmailAsync( string email, UserRetrievalOptions options, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(email)) { throw new ArgumentException("User email argument must not be empty", nameof(email)); } var user = await _context.ApplicationUsers .AsNoTracking() .UseOptions(options ?? UserRetrievalOptions.Default) .SingleOrDefaultAsync(u => u.NormalizedEmail == email.ToUpper(), cancellationToken: cancellationToken); if (user == null) { throw new NotFoundException($"User with email {email} not found."); } return(user); }
public async Task <ApplicationUser> GetUserByIdAsync( string userId, UserRetrievalOptions options, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(userId)) { throw new ArgumentException("User id argument must not be empty", nameof(userId)); } var user = await _context.ApplicationUsers .AsNoTracking() .UseOptions(options ?? UserRetrievalOptions.Default) .SingleOrDefaultAsync(u => u.Id == userId, cancellationToken: cancellationToken); if (user == null) { throw new NotFoundException($"User {userId} not found."); } return(user); }
public static IQueryable <ApplicationUser> UseOptions(this IQueryable <ApplicationUser> query, UserRetrievalOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } if (options.IncludeOrgMembership) { query = query.Include(o => o.OrganizationMembership); } return(query); }