public async Task <IActionResult> Get([FromQuery] UsersQuery query)
{
// only admin users can request inactive users, or information about admin users
// TODO restrict the returns object array to not include active/admin booleans
if (query?.IsActive != true || query?.IsAdmin != null)
{
var isAdmin = await _auth.AuthorizeAsync(User, "AppAdmin").ConfigureAwait(false);
if (!isAdmin.Succeeded)
{
return(Unauthorized());
}
}
return(Ok(GetUsers(query)));
}
public IEnumerable <UserViewModel> GetUsers(UsersQuery query = null)
{
var isActive = query?.IsActive;
var isAdmin = query?.IsAdmin;
var adminUserIds = _userManager.Users.Where(u =>
u.UserRoles.Any(ur => ur.Role.NormalizedName == "ADMIN"))
.Select(u => u.Id)
.ToArray();
var users = _mapper.ProjectTo <UserViewModel>(_userManager.Users);
if (isActive is bool active)
{
users = users.Where(u => u.IsActive == active);
}
foreach (var user in users)
{
// setting admin on this user
if (adminUserIds.Any(auid => auid == user.Id))
{
user.IsAdmin = true;
}
// we are only pulling non-admin users, and this user is not an admin
if (isAdmin == false && !user.IsAdmin)
{
yield return(user);
}
// we are only pulling admin users, and this user is an admin
else if (isAdmin == true && user.IsAdmin)
{
yield return(user);
}
// isAdmin is null, so we are returning all users, whether or not they are an admin
else if (isAdmin == null)
{
yield return(user);
}
}
}
