/// <summary>
/// only super user and admin can rolled change role , contaccess via access policy set in controller
/// </summary>
/// <param name="user"></param>
/// <param name="loggedInUserRoleId"></param>
/// <param name="userId"></param>
/// <returns></returns>
public UserModel UpdateUser(UserModel user, string loggedInUserRoleId, string userId)
{
if (Convert.ToInt32(loggedInUserRoleId) != 0)
{
if (Convert.ToInt32(loggedInUserRoleId) >= user.RoleId)
{
user.UserId = -2;
return(user);
}
}
return(dal.UpdateUser(user));
}
