public void ShouldEditUserRole()
{
var existingUsers = SetupUsers(2, Role.Admin).ToList();
var userToBeSuperAdmin = existingUsers[0];
var userToRemainAdmin = existingUsers[1];
var guidString = Guid.NewGuid().ToString("N");
var updateModel = new EditUserRoleModel
{
UserId = userToBeSuperAdmin.Id,
RoleId = Role.SuperAdmin.Value.ToString()
};
Scoped <AdminAppIdentityDbContext>(identity =>
{
var command = new EditUserRoleCommand(identity);
command.Execute(updateModel);
});
Scoped <AdminAppIdentityDbContext>(identity =>
{
var query = new GetRoleForUserQuery(identity);
var editedUserRole = query.Execute(userToBeSuperAdmin.Id);
editedUserRole.ShouldBe(Role.SuperAdmin);
var notEditedUserRole = query.Execute(userToRemainAdmin.Id);
notEditedUserRole.ShouldBe(Role.Admin);
});
}
public async Task <IActionResult> EditUserRole(EditUserRoleModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
switch (model.EditRoleType)
{
case EditRoleType.Add:
{
var userModel = await _userManager.FindByNameAsync(model.UserName);
var result = await _userManager.AddToRolesAsync(userModel, model.RoleNames);
if (result.Succeeded)
{
return(Ok());
}
foreach (var item in result.Errors)
{
ModelState.AddModelError(item.Code, item.Description);
}
return(BadRequest(ModelState));
}
case EditRoleType.Delete:
{
var userModel = await _userManager.FindByNameAsync(model.UserName);
var result = await _userManager.RemoveFromRolesAsync(userModel, model.RoleNames);
if (result.Succeeded)
{
return(Ok());
}
foreach (var item in result.Errors)
{
ModelState.AddModelError(item.Code, item.Description);
}
return(BadRequest(ModelState));
}
default:
ModelState.AddModelError("err", "请输入正确的用户角色修改模式!");
return(BadRequest(ModelState));
}
//var result = await _userManager.AddToRolesAsync(userModel, model.RoleNames);
//if (result.Succeeded)
//{
// return Ok();
//}
//foreach (var item in result.Errors)
//{
// ModelState.AddModelError(item.Code, item.Description);
//}
//return BadRequest(ModelState);
}
public ActionResult EditUserRole(EditUserRoleModel model)
{
if (!ModelState.IsValid)
{
return(EditUserRole(model));
}
_editUserRoleCommand.Execute(model);
return(RedirectToActionJson <GlobalSettingsController>(x => x.Users(), "Role successfully assigned."));
}
public async Task <IActionResult> EditUserRole(EditUserRoleModel model)
{
if (ModelState.IsValid)
{
var x = await _repo.EditUserRoleAsync(model);
if (x)
{
return(Ok());
}
}
return(BadRequest());
}
public void ShouldNotEditRoleIfRequiredFieldsEmpty()
{
var updateModel = new EditUserRoleModel();
var validator = new EditUserRoleModelValidator(GetMockUserContext());
var validationResults = validator.Validate(updateModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldBe(new List <string>
{
"'User Id' must not be empty.",
"The user you are trying to edit does not exist in the database.",
"'Role Id' must not be empty.",
"The role you are trying to assign does not exist in the database.",
"'Email' must not be empty."
}, false);
}
public void ShouldNotEditRoleIfUserIsCurrentlyLoggedIn()
{
var existingUser = SetupUsers(1).Single();
var updateModel = new EditUserRoleModel
{
UserId = existingUser.Id,
RoleId = Role.Admin.Value.ToString(),
Email = existingUser.Email
};
var validator = new EditUserRoleModelValidator(GetMockUserContext(existingUser, Role.Admin));
var validationResults = validator.Validate(updateModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldContain("The user is not allowed to assign/remove roles as they are logged in as a Super Administrator or have an Administrator role.");
}
public void ShouldNotEditRoleIfRoleDoesNotExist()
{
var existingUser = SetupUsers(1).Single();
var notExistingRoleId = "3";
var updateModel = new EditUserRoleModel
{
UserId = existingUser.Id,
RoleId = notExistingRoleId,
Email = existingUser.Email
};
var validator = new EditUserRoleModelValidator(GetMockUserContext(existingUser));
var validationResults = validator.Validate(updateModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldContain("The role you are trying to assign does not exist in the database.");
}
public void ShouldNotEditRoleIfUserDoesNotExists()
{
var testUserNotInSystem = new AdminAppUser
{
Email = $"testuser{Guid.NewGuid():N}@test.com",
UserName = $"testuser{Guid.NewGuid():N}@test.com"
};
var updateModel = new EditUserRoleModel
{
UserId = testUserNotInSystem.Id,
RoleId = Role.Admin.Value.ToString(),
Email = testUserNotInSystem.Email
};
var validator = new EditUserRoleModelValidator(GetMockUserContext(testUserNotInSystem, Role.Admin));
var validationResults = validator.Validate(updateModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldContain("The user you are trying to edit does not exist in the database.");
}
public async Task <bool> EditUserRoleAsync(EditUserRoleModel model)
{
if (model.roleId == null || model.userId == null)
{
return(false);
}
var user = await _db.Users.FirstOrDefaultAsync(x => x.Id == model.userId);
var role = await _db.Roles.FirstOrDefaultAsync(x => x.Id == model.roleId);
if (user == null || role == null)
{
return(false);
}
var currentRoleId = await _db.UserRoles.Where(x => x.UserId == model.userId).Select(x => x.RoleId).FirstOrDefaultAsync();
var currentRoleName = await _db.Roles.Where(x => x.Id == currentRoleId).Select(x => x.Name).FirstOrDefaultAsync();
var newRoleName = await _db.Roles.Where(x => x.Id == model.roleId).Select(x => x.Name).FirstOrDefaultAsync();
if (await _userManager.IsInRoleAsync(user, currentRoleName))
{
var x = await _userManager.RemoveFromRoleAsync(user, currentRoleName);
if (x.Succeeded)
{
var s = await _userManager.AddToRoleAsync(user, newRoleName);
if (s.Succeeded)
{
return(true);
}
}
}
return(false);
}
