public void Post(UpdateUserPolicy request)
{
var user = _userManager.GetUserById(request.Id);
// If removing admin access
if (!request.IsAdministrator && user.Policy.IsAdministrator)
{
if (_userManager.Users.Count(i => i.Policy.IsAdministrator) == 1)
{
throw new ArgumentException("There must be at least one user in the system with administrative access.");
}
}
// If disabling
if (request.IsDisabled && user.Policy.IsAdministrator)
{
throw new ArgumentException("Administrators cannot be disabled.");
}
// If disabling
if (request.IsDisabled && !user.Policy.IsDisabled)
{
if (_userManager.Users.Count(i => !i.Policy.IsDisabled) == 1)
{
throw new ArgumentException("There must be at least one enabled user in the system.");
}
var currentToken = _authContext.GetAuthorizationInfo(Request).Token;
_sessionMananger.RevokeUserTokens(user.Id, currentToken);
}
_userManager.UpdateUserPolicy(request.Id, request);
}
private async Task UpdateUserPolicy(UpdateUserPolicy request)
{
var user = _userManager.GetUserById(request.Id);
// If removing admin access
if (!request.IsAdministrator && user.Policy.IsAdministrator)
{
if (_userManager.Users.Count(i => i.Policy.IsAdministrator) == 1)
{
throw new ArgumentException("There must be at least one user in the system with administrative access.");
}
}
// If disabling
if (request.IsDisabled && user.Policy.IsAdministrator)
{
throw new ArgumentException("Administrators cannot be disabled.");
}
// If disabling
if (request.IsDisabled && !user.Policy.IsDisabled)
{
if (_userManager.Users.Count(i => !i.Policy.IsDisabled) == 1)
{
throw new ArgumentException("There must be at least one enabled user in the system.");
}
await _sessionMananger.RevokeUserTokens(user.Id.ToString("N")).ConfigureAwait(false);
}
await _userManager.UpdateUserPolicy(request.Id, request).ConfigureAwait(false);
}
public void Post(UpdateUserPolicy request)
{
var task = UpdateUserPolicy(request);
Task.WaitAll(task);
}
