public IActionResult Edit(string id)
{
UserAccount selfUser = ProfileBuilder.FromPrincipal(User);
UserAccount inspectedUser = ProfileBuilder.FromId(id);
if (inspectedUser == null)
{
return(NotFound());
}
if (!selfUser.Permissions.HasFlag(GlobalPermissions.ManageUsers) && selfUser.ID != inspectedUser.ID)
{
return(Forbid());
}
return(View(inspectedUser));
}
/// <summary> /// Returns the currently authenticated user. Returns a guest user if the no one is logged in. /// </summary> public UserAccount GetCurrentUser() => ProfileBuilder.FromPrincipal(User);
