public async Task <IActionResult> EditTenantUser(string id) { if (string.IsNullOrEmpty(id)) { return(NotFound()); } //Validate user exists in system ApplicationUser user = await _userManager.FindByIdAsync(id); if (user == null) { return(NotFound()); } var userClaims = await _userManager.GetClaimsAsync(user); //Make sure requested user belongs to tenant via claim check. if (userClaims.First(c => c.Type == Constants.TenantClaim).Value.ToLower() != this.TenantId.ToString().ToLower()) { return(NotFound()); } EditTenantUserViewModel editUserVM = new EditTenantUserViewModel { UserId = user.Id, Name = user.Name, Email = user.Email }; if (userClaims.FirstOrDefault(c => c.Type == Constants.TenantAdminClaim) != null && userClaims.First(c => c.Type == Constants.TenantAdminClaim).Value.ToLower() == "true") { editUserVM.IsTenantAdmin = true; } else { editUserVM.IsTenantAdmin = false; } return(View(editUserVM)); }
public async Task <IActionResult> EditTenantUser(string id, [Bind("UserId,Name,Email,IsTenantAdmin,Password,ConfirmPassword")] EditTenantUserViewModel editTenantUserVM) { if (id != editTenantUserVM.UserId) { return(NotFound()); } ApplicationUser user = await _userManager.FindByIdAsync(id); if (user == null) { return(NotFound()); } var userClaims = await _userManager.GetClaimsAsync(user); //Make sure requested user belongs to tenant via claim check. if (userClaims.First(c => c.Type == Constants.TenantClaim).Value.ToLower() != this.TenantId.ToString().ToLower()) { return(NotFound()); } if (ModelState.IsValid) { user.Name = editTenantUserVM.Name; user.Email = editTenantUserVM.Email; user.UserName = editTenantUserVM.Email; IdentityResult idResult = await _userManager.UpdateAsync(user); if (idResult != IdentityResult.Success) { AddErrors(idResult); } if (!string.IsNullOrWhiteSpace(editTenantUserVM.Password)) { bool isSamePassword = await _userManager.CheckPasswordAsync(user, editTenantUserVM.Password); if (!isSamePassword) { idResult = await _userManager.RemovePasswordAsync(user); idResult = await _userManager.AddPasswordAsync(user, editTenantUserVM.Password); } } Claim claim = new Claim(Constants.TenantAdminClaim, "True"); if (editTenantUserVM.IsTenantAdmin) { idResult = await _userManager.AddClaimAsync(user, claim); } else { idResult = await _userManager.RemoveClaimAsync(user, claim); } return(RedirectToAction("TenantUserList")); } return(View(editTenantUserVM)); }