public async Task <IHttpActionResult> UpdateUser(int userId, [FromBody] UserDto user) { if (user == null) { throw new BadRequestException(ErrorMessages.UserModelIsEmpty, ErrorCodes.BadRequest); } await _privilegesManager.Demand(Session.UserId, InstanceAdminPrivileges.ManageUsers); var existingUser = await _userRepository.GetUserAsync(userId); if (existingUser == null) { throw new ResourceNotFoundException(ErrorMessages.UserNotExist, ErrorCodes.ResourceNotFound); } if (existingUser.InstanceAdminRoleId != user.InstanceAdminRoleId) { await _privilegesManager.Demand(Session.UserId, InstanceAdminPrivileges.AssignAdminRoles); } var databaseUser = await UsersHelper.CreateDbUserFromDtoAsync(user, OperationMode.Edit, _settingsRepository, userId); Func <IDbTransaction, long, Task> action = async(transaction, transactionId) => { await _userRepository.UpdateUserAsync(databaseUser, transaction); var topRevisionId = await _itemInfoRepository.GetTopRevisionId(transaction); var userIds = new[] { userId }; var message = new UsersGroupsChangedMessage(userIds, new int[0]) { TransactionId = transactionId, RevisionId = topRevisionId, ChangeType = UsersGroupsChangedType.Update }; await _sendMessageExecutor.Execute(_applicationSettingsRepository, _log, message, transaction); }; await RunInTransactionAsync(action); return(Ok()); }
public async Task <HttpResponseMessage> CreateUser([FromBody] UserDto user) { if (user == null) { throw new BadRequestException(ErrorMessages.UserModelIsEmpty, ErrorCodes.BadRequest); } var privileges = user.InstanceAdminRoleId.HasValue ? InstanceAdminPrivileges.AssignAdminRoles : InstanceAdminPrivileges.ManageUsers; await _privilegesManager.Demand(Session.UserId, privileges); var isAdminCanCreateUsers = await _userRepository.CheckIfAdminCanCreateUsers(); if (!isAdminCanCreateUsers) { throw new ConflictException(ErrorMessages.MaxUsersPerInstanceLimitReached, ErrorCodes.ExceedsLimit); } var databaseUser = await UsersHelper.CreateDbUserFromDtoAsync(user, OperationMode.Create, _settingsRepository); int userId = 0; Func <IDbTransaction, long, Task> action = async(transaction, transactionId) => { userId = await _userRepository.AddUserAsync(databaseUser, transaction); var topRevisionId = await _itemInfoRepository.GetTopRevisionId(transaction); var userIds = new[] { userId }; var message = new UsersGroupsChangedMessage(userIds, new int[0]) { TransactionId = transactionId, RevisionId = topRevisionId, ChangeType = UsersGroupsChangedType.Create }; await _sendMessageExecutor.Execute(_applicationSettingsRepository, _log, message, transaction); }; await RunInTransactionAsync(action); return(Request.CreateResponse(HttpStatusCode.Created, userId)); }