Exemplo n.º 1
0
            public async Task CheckValidityAsync(CallContext callContext)
            {
                if (LoggedUserId != UserToDeleteId)
                {
                    await QueryValidationHelper.CheckUserExistsAndIsAdminAsync(callContext.DbContext, LoggedUserId, callContext.RoleChecker);
                }

                await QueryValidationHelper.CheckUserExistsAsync(callContext.DbContext, UserToDeleteId);

                var userToDelete = await callContext.DbContext.Users.AsNoTracking().SingleAsync(user => user.Id == UserToDeleteId);

                if (await callContext.RoleChecker.UserIsAdminAsync(userToDelete))
                {
                    //Additional security: forbid deleting an admin account
                    throw new InvalidOperationException("User to delete is admin");
                }
            }
 public async Task CheckValidityAsync(CallContext callContext)
 {
     await QueryValidationHelper.CheckUserExistsAndIsAdminAsync(callContext.DbContext, UserId, callContext.RoleChecker);
 }