コード例 #1
0
        public async Task <ActionResult <UserDTO> > DeleteUser(string username)
        {
            var user = await userManager.FindByNameAsync(username);

            if (user == null)
            {
                return(NotFound());
            }

            User authenticatedUser = await userManager.FindByNameAsync(User.Identity.Name);

            if (!(await userManager.IsInRoleAsync(authenticatedUser, UserRoles.Admin)) && !(authenticatedUser.UserName == username))
            {
                return(Unauthorized("Cannot delete another user unless admin"));
            }

            // TODO: Revoke security token

            await userManager.DeleteAsync(user);

            return(AuthController.UserToDTO(user));
        }
コード例 #2
0
        public async Task <ActionResult <IEnumerable <UserDTO> > > GetUsers()
        {
            var users = await _context.Users.ToListAsync();

            return(users.Select(user => AuthController.UserToDTO(user)).ToList());
        }
コード例 #3
0
        public async Task <ActionResult <ResumeDetailDTO> > GetResume(long id)
        {
            User user = await userManager.FindByNameAsync(User.Identity.Name);

            IList <string> roles = await userManager.GetRolesAsync(user);

            // Definitely not the fastest way of doing it, but after spending many hours trying to figure out group joins
            // in EF 3.0 and having it only result sadness, this will have to do for now
            ResumeDetailDTO resumeDetail = await(from resume in _context.Resumes
                                                 join candidate in _context.Users on resume.CandidateId equals candidate.Id
                                                 where resume.ResumeId == id
                                                 select new ResumeDetailDTO()
            {
                ResumeId  = resume.ResumeId,
                Name      = resume.Name,
                Candidate = AuthController.UserToDTO(candidate)
            }).FirstOrDefaultAsync();

            if (resumeDetail == null)
            {
                return(NotFound());
            }

            bool authorized = false;

            if (roles.Contains(UserRoles.Admin))
            {
                authorized = true;
            }
            else if (roles.Contains(UserRoles.Recruiter))
            {
                var query = from resume in _context.Resumes
                            join application in _context.Applications on resume.ResumeId equals application.ResumeId
                            join jobpost in _context.JobPosts on application.JobId equals jobpost.JobPostId
                            join recruiter in _context.Recruiters on jobpost.CompanyId equals recruiter.CompanyId
                            where recruiter.UserId == user.Id && resume.ResumeId == id
                            select resume;
                if (query.Any())
                {
                    authorized = true;
                }
            }
            else if (resumeDetail.Candidate.UserName == user.UserName)
            {
                authorized = true;
            }

            if (!authorized)
            {
                return(Unauthorized("Cannot view that resume"));
            }

            // Find and join all weak entities separately
            resumeDetail.Awards = await(from award in _context.Awards where award.ResumeId == id orderby award.Order select award)
                                  .Select(x => AwardsController.AwardToDTO(x)).ToListAsync();

            resumeDetail.Certifications = await(from cert in _context.Certifications where cert.ResumeId == id orderby cert.Order select cert)
                                          .Select(x => CertificationsController.CertificationToDTO(x)).ToListAsync();

            resumeDetail.Education = await(from edu in _context.Education where edu.ResumeId == id orderby edu.Order select edu)
                                     .Select(x => EducationController.EducationToDTO(x)).ToListAsync();

            resumeDetail.Experience = await(from exp in _context.Experiences where exp.ResumeId == id orderby exp.Order select exp)
                                      .Select(x => ExperienceController.ExperienceToDTO(x)).ToListAsync();

            resumeDetail.Projects = await(from proj in _context.Projects where proj.ResumeId == id orderby proj.Order select proj)
                                    .Select(x => ProjectsController.ProjectToDTO(x)).ToListAsync();

            resumeDetail.Skills = await(from skill in _context.Skills where skill.ResumeId == id orderby skill.Order select skill)
                                  .Select(x => SkillsController.SkillToDTO(x)).ToListAsync();

            return(resumeDetail);
        }