public ActionResult UserRoles(string id) { var Db = DatabaseFactory.Get(); var user = Db.Users.First(u => u.Id == id); var model = new SelectUserRolesViewModel(user, DatabaseFactory); return View(model); }
public async Task<ActionResult> UserRoles(SelectUserRolesViewModel model) { if (ModelState.IsValid) { IdentityResult result; foreach (SelectRoleEditorViewModel role in model.Roles) { // Only administrators can provide administrator access bool isAdminRestricted = !User.IsInRole("Administrator") && role.RoleName == "Administrator" ? true : false; bool isUserInRole = await UserManager.IsInRoleAsync(model.UserId, role.RoleName); // If role is deselected & user is assigned to this role - remove role from user if (isAdminRestricted) { // TODO: provide error reporting - must be an administrator to modify administrator accounts } else if (!role.Selected && isUserInRole) { result = await UserManager.RemoveFromRoleAsync(model.UserId, role.RoleName); if (!result.Succeeded) { // TODO: provide error reporting } } else if (role.Selected && !isUserInRole) { result = await UserManager.AddToRoleAsync(model.UserId, role.RoleName); if (!result.Succeeded) { // TODO: provide error reporting } } else { // TODO: provide error reporting } } // Display user account index view return RedirectToAction("index"); } // Re-display current user roles view return View(); }
public async Task<ActionResult> UserRoles(SelectUserRolesViewModel model) { if (ModelState.IsValid) { var user = await UserManager.FindByIdAsync(model.UserId); foreach (var role in model.Roles) { bool iNoEdit = User.IsInRole("Manager") && role.RoleName == "Administrator" ? true : false; bool iEdit = await UserManager.IsInRoleAsync(user.Id, role.RoleName); if (!role.Selected && !iNoEdit) { if (iEdit) await UserManager.RemoveFromRoleAsync(user.Id, role.RoleName); } else { if (!iEdit && !iNoEdit) await UserManager.AddToRoleAsync(user.Id, role.RoleName); } } return RedirectToAction("index"); } return View(); }