public async Task UpdateMemberRoleAsync(Guid adminUserId, MemberRoleUpdate memberRoleUpdate, byte[] rowVersion, CancellationToken cancellationToken)
{
if (Guid.Empty == adminUserId)
{
throw new ArgumentOutOfRangeException(nameof(adminUserId));
}
var userCanPerformAction = await _permissionsService.UserCanPerformActionAsync(adminUserId, EditMembersRole, cancellationToken);
if (!userCanPerformAction)
{
_logger.LogError($"Error: UpdateMemberRoleAsync - User:{0} does not have access to edit a users role", adminUserId);
throw new SecurityException($"Error: User does not have access");
}
var memberRole = await _userCommand.GetMembershipUsersInRoleAsync(memberRoleUpdate.MembershipUserId, cancellationToken);
if (!memberRole.RowVersion.SequenceEqual(rowVersion))
{
_logger.LogError($"Precondition Failed: UpdateMemberRoleAsync - User:{0} role has changed prior to submission ", memberRoleUpdate.MembershipUserId);
throw new PreconditionFailedExeption("Precondition Failed: User role has changed prior to submission");
}
if (memberRole.RoleId != memberRoleUpdate.CurrentRoleId)
{
_logger.LogError($"Validation Failed: UpdateMemberRoleAsync - User:{0} role id submitted does not match the users current role", memberRoleUpdate.MembershipUserId);
throw new ValidationException(nameof(memberRoleUpdate.CurrentRoleId), "Role id submitted does not match the users current role");
}
await _userCommand.UpdateUserRoleAsync(memberRoleUpdate, rowVersion, cancellationToken);
}
public async Task <IActionResult> UpdateMemberRoleAsync(Guid adminUserId, Guid userId, [FromBody] MemberRoleUpdate memberRoleUpdate, CancellationToken cancellationToken)
{
var rowVersion = _etagService.GetIfMatch();
memberRoleUpdate.MembershipUserId = userId;
await _adminUserService.UpdateMemberRoleAsync(adminUserId, memberRoleUpdate, rowVersion, cancellationToken);
return(Ok());
}
