Exemplo n.º 1
0
        public async Task <ActionResult <User> > Create([FromBody] CreateUserRequest request)
        {
            if (request.IsPasswordNotValid())
            {
                return(BadRequest());
            }
            var isNotAdministrator = !HttpContext.User.Identity.IsAuthenticated ||
                                     !HttpContext.User.IsInRole("Administrator");

            if (isNotAdministrator && request.IsRoleNotDefault())
            {
                return(Forbid());
            }

            var user = new User
            {
                Email    = request.Email,
                Password = request.Password,
                Role     = request.Role
            };

            await _userRepository.Create(user);

            return(await _userRepository.FindByEmail(user.Email));
        }