public async Task<ActionResult> EditRole(UserAdminEditRoleViewModel viewmodel, string[] checkboxSelectedRoleNames)
{
// Prevent SuperAdmin to remove his own Role
var currentUserIsSuperAdmin = User.IsInRole("SuperAdmin");
if (currentUserIsSuperAdmin)
{
return RedirectToAction("Index");
}
var userId = viewmodel.Id;
AppUser user = await UserManager.FindByIdAsync(userId);
var allRoleNames = RoleManager.Roles.Select(r => r.Name).ToList();
var assignedRoleNames = RoleManager.Roles.Where(r => r.Users.Any(u => u.UserId == user.Id)).Select(r => r.Name).ToList();
var selectedRoleNames = checkboxSelectedRoleNames;
foreach (var roleName in allRoleNames)
{
IdentityResult result;
// Add Role Assignment to User
if (selectedRoleNames.Contains(roleName) && !assignedRoleNames.Contains(roleName))
{
result = await UserManager.AddToRoleAsync(userId, roleName);
if (!result.Succeeded)
{
return RedirectToAction("Index");
}
}
// Remove Role Assignment from User
if (!selectedRoleNames.Contains(roleName) && assignedRoleNames.Contains(roleName))
{
result = await UserManager.RemoveFromRoleAsync(userId, roleName);
if (!result.Succeeded)
{
return RedirectToAction("Index");
}
}
}
return RedirectToAction("Index");
}
// GET: Edit Role
public async Task<ActionResult> EditRole(string id)
{
AppUser user = await UserManager.FindByIdAsync(id);
var currentUserId = User.Identity.GetUserId();
if (user == null || user.Id == currentUserId)
{
return RedirectToAction("Index");
}
var viewmodel = new UserAdminEditRoleViewModel
{
Id = user.Id,
Email = user.Email,
AllRoleNames = RoleManager.Roles.Select(r => r.Name).ToList(),
AssignedRoleNames =
RoleManager.Roles.Where(r => r.Users.Any(u => u.UserId == user.Id)).Select(r => r.Name).ToList()
};
return View(viewmodel);
}
