public async Task <IActionResult> Create([Bind(nameof(ApplicationRole.Name))] ApplicationRole m)
{
if (ModelState.IsValid)
{
Rdb.Add(ApplicationRole.Create(m.Name));
await Rdb.SaveChangesAsync();
SetToast(AspHelpers.ToastMessages.Saved);
return(RedirectToIndex());
}
return(View(m));
}
private ApplicationRole[] GetDefaulteRoles()
{
var admin = ApplicationRole.Create(
Constants.Roles.Administrator,
"Administrator account gives the user full rights and access over the application.");
var user = ApplicationRole.Create(
Constants.Roles.User,
"Standard user account gives access to the common application futures - Recommended.");
var accounter = ApplicationRole.Create(
Constants.Roles.Accouter,
"Accouter account have all the rights like the User account but also have access to the Accounting module.");
return(new ApplicationRole[] { admin, user, accounter });
}
public async Task Create_User_And_Grant_Roles_Test()
{
// Create principal
var principal = new System.Security.Claims.ClaimsPrincipal();
var claimsIdentity = new System.Security.Claims.ClaimsIdentity(new List <System.Security.Claims.Claim>
{
new System.Security.Claims.Claim("email", "*****@*****.**"),
new System.Security.Claims.Claim("aud", "Authorization"),
new System.Security.Claims.Claim("iss", "http://*****:*****@mail.com", user.Email);
// No roles added yet
Assert.AreEqual(0, user.Roles.Count());
var roleId = await ApplicationRole.Create("admin");
// Associate the user with the role
await appUser.GrantRole(user.UserId, roleId);
user = await appUser.GetOrCreate(principal);
Assert.AreEqual(1, user.UserId);
Assert.AreEqual("*****@*****.**", user.Email);
// No roles added yet
Assert.AreEqual(1, user.Roles.Count());
var role = user.Roles.First();
Assert.AreEqual("admin", role.Name);
}
public async Task Create_User_Retrieve_By_Email_Add_Another_User_Login_And_Grant_Roles_Test()
{
// Create principal
var principal = new System.Security.Claims.ClaimsPrincipal();
var claimsIdentity = new System.Security.Claims.ClaimsIdentity(new List <System.Security.Claims.Claim>
{
new System.Security.Claims.Claim("email", "*****@*****.**"),
new System.Security.Claims.Claim("aud", "Authorization"),
new System.Security.Claims.Claim("iss", "http://*****:*****@mail.com", user.Email);
// No roles added yet
Assert.AreEqual(0, user.Roles.Count());
var roleId = await ApplicationRole.Create("admin");
// Associate the user with the role
await appUser.GrantRole(user.UserId, roleId);
user = await appUser.GetOrCreate(principal);
Assert.AreEqual(2, user.UserId);
Assert.AreEqual("*****@*****.**", user.Email);
Assert.AreEqual(1, user.Roles.Count());
var role = user.Roles.First();
Assert.AreEqual("admin", role.Name);
// Verify the user has the user login set
Assert.AreEqual(1, user.UserLogins.Count());
var userLogin = user.UserLogins.Single();
Assert.AreEqual("http://*****:*****@mail.com"), // Same email
new System.Security.Claims.Claim("aud", "Authorization"),
new System.Security.Claims.Claim("iss", "http://*****:*****@mail.com", user.Email);
Assert.AreEqual(1, user.Roles.Count());
role = user.Roles.First();
Assert.AreEqual("admin", role.Name);
// Verify the user kept the first user login added
Assert.AreEqual(2, user.UserLogins.Count());
userLogin = user.UserLogins.First();
Assert.AreEqual("http://*****:*****@mail.com", user.Email);
Assert.AreEqual(3, user.Roles.Count());
role = user.Roles.ElementAt(0);
Assert.AreEqual("admin", role.Name);
role = user.Roles.ElementAt(1);
Assert.AreEqual("role1", role.Name);
role = user.Roles.ElementAt(2);
Assert.AreEqual("role2", role.Name);
// Verify the user kept the first user login added
Assert.AreEqual(2, user.UserLogins.Count());
userLogin = user.UserLogins.First();
Assert.AreEqual("http://localhost:5000", userLogin.Provider);
Assert.AreEqual("ABC86359-073C-434B-AD2D-A3931111AAAA", userLogin.UserKey);
// Verify the user had the second user login added
userLogin = user.UserLogins.Last();
Assert.AreEqual("http://localhost:5001", userLogin.Provider);
Assert.AreEqual("ABC86359-073C-434B-AD2D-A39311110000", userLogin.UserKey);
}