public ActionResult Block(UserEditModel model) { if (!_permissionService.Authorize(PermissionProvider.ManageUsers)) return AccessDeniedView(); // get the user var user = _userService.GetUserById(model.User.Id); // check we have a user and they are not deleted if (user == null) { ErrorNotification("The user couldn't be found or has been deleted."); return RedirectToAction("index"); } try { user.Active = !user.Active; _userService.UpdateUser(user); SuccessNotification("The user has been " + (user.Active ? "unblocked" : "blocked") + " successfully."); return RedirectToAction("edit", user.Id); } catch (Exception) { ErrorNotification("An error occurred blocking the user, please try again."); } PrepareBreadcrumbs(); AddBreadcrumb("Edit User", null); model = PrepareUserEditModel(user); return View(model); }
private UserEditModel PrepareUserEditModel(User user) { var model = new UserEditModel { CanEditRoles = _permissionService.Authorize(PermissionProvider.PromoteUsers), IsSiteOwner = _workContext.CurrentUser.UserRoles.Any(x => x.SystemName == SystemUserRoleNames.SiteOwner), User = PrepareUserModel(user) }; return model; }
public ActionResult Edit(UserEditModel model, FormCollection form) { if (!_permissionService.Authorize(PermissionProvider.ManageUsers)) return AccessDeniedView(); // get the user var user = _userService.GetUserById(model.User.Id); // check we have a user and they are not deleted if (user == null) { ErrorNotification("The user couldn't be found or has been deleted."); return RedirectToAction("index"); } if (ModelState.IsValid) { try { user.ContactUsBio = model.User.ContactUsBio; user.DisplayName = model.User.DisplayName; user.Email = model.User.Email; user.EmailDisclosureId = model.User.EmailDisclosureId; user.ShowOnContactUs = model.User.ShowOnContactUs; user.Telephone = model.User.Telephone; user.TelephoneDisclosureId = model.User.TelephoneDisclosureId; user.UserName = model.User.UserName; user.Website = model.User.Website; user.WebsiteDisclosureId = model.User.WebsiteDisclosureId; if (_permissionService.Authorize(PermissionProvider.PromoteUsers)) { var assignedUserRoles = form["roles"] != null ? form["roles"].Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries).ToList() : new List<string>(); var availableUserRoles = _userService.GetAllUserRoles(true).ToList(); bool isSiteOwner = user.UserRoles.Any(x => x.SystemName == SystemUserRoleNames.SiteOwner); var siteOwnerRole = _userService.GetUserRoleBySystemName(SystemUserRoleNames.SiteOwner); if (!isSiteOwner && assignedUserRoles.Contains(siteOwnerRole.Id.ToString())) { var siteOwners = _userService.GetAllUsersInRole(SystemUserRoleNames.SiteOwner); foreach(var siteOwner in siteOwners) { siteOwner.UserRoles.Remove(siteOwnerRole); _userService.UpdateUser(siteOwner); } } user.UserRoles.Clear(); foreach (var userRoleId in assignedUserRoles.Select(int.Parse)) user.UserRoles.Add(availableUserRoles.First(x => x.Id == userRoleId)); if(isSiteOwner) user.UserRoles.Add(availableUserRoles.First(x => x.SystemName == SystemUserRoleNames.SiteOwner)); } _userService.UpdateUser(user); SuccessNotification("The user details have been updated successfully."); return RedirectToAction("edit", user.Id); } catch (Exception) { ErrorNotification("An error occurred saving the user details, please try again."); } } else { ErrorNotification("We were unable to make the change, please review the form and correct the errors."); } PrepareBreadcrumbs(); AddBreadcrumb("Edit User", null); model = PrepareUserEditModel(user); return View(model); }