/// <summary> /// Create new entity /// </summary> public User Post(User user) { using (var scope = Scope("Post")) { // authorize AuthProvider.Authorize(Permission.User_Management); // throws UnauthenticatedException or we have CurrentUser after this // prepare Helper.Expect(user); user.UserName = user.Email; // only Admin can set roles other than User if (!AuthProvider.HasPermission(Permission.User_Management_SetRole) && user.Role != RoleType.User) { throw new ValidationException("Role cannot be set.", false); } // validate Helper.ValidateModel(user, true); // process var entity = user.ToEntity(); UserManager.Add(entity); return(scope.Complete( () => new User(entity), t => $"User has been created with Id={t.UserId}." )); } }
/// <summary> /// Since our Login page is an Angular template we are in an AJAX/REST call /// Instead of ActionResult (Redirect/View) we will return WebApiSimpleResult and process on client side /// </summary> public void Post(RegisterData model) { // but we don't need transaction scope here, since we have an atomic operation only (CreateAsync) using (var scope = Scope("Post")) { // prepare Helper.Expect(model); // validate Helper.ValidateModel(model, true); // process var user = new BusinessEntities.Users.User( null, model.FirstName, model.LastName, model.Email, model.Email, model.Password, BikeRentals.Security.Principals.RoleType.User, false ); UserManager.Add(user); //await SignInManager.Value.SignInAsync(user, isPersistent: false, rememberBrowser: false); - do not login scope.Complete(() => $"User created with Id={user.UserId}."); } }