//[HasPermission(typeof(AttributeRequirement<CanAdminUsergroupsRequirement>))]
public Task <ActionResult <UserGroupListItem> > PatchMembers([FromForm] int key, [FromForm] string values)
{
var request = new UserGroupUpdateMembershipRequest();
JsonConvert.PopulateObject(values, request);
return(this._userGroupService.UpdateMembers(key, request).Convert <UserGroupListItem>(this));
}
public async Task <IWrappedResponse <UserGroupListItem> > UpdateMembers(int groupId, UserGroupUpdateMembershipRequest request)
{
var userGroup = _userGroupRepo.FindAll()
.IgnoreQueryFilters()
.AsNoTracking()
.Include(i => i.Users)
.SingleOrDefault(g => g.Id == groupId && !g.IsDeleted);
if (userGroup == null)
{
return new WrappedResponse <UserGroupListItem>()
{
ResultType = ResultType.NotFound,
Data = null,
Errors = new[] { $"There was no Group with the id: {groupId}" }
}
}
;
userGroup.Users ??= new List <Olma.UserUserGroupRelation>();
// Remove Members witch are not in the List anymore
var existingMembers = userGroup.Users;
foreach (var existingMember in existingMembers.ToList().Where(existingMember => !request.Users.Select(u => u.Id).Contains(existingMember.UserId)))
{
userGroup.Users.Remove(existingMember);
var relationToDelete = _userGroupRelationRepo.GetByKey(existingMember.Id);
_userGroupRelationRepo.Delete(relationToDelete);
//Lock user if no other group
var user = _userRepo.FindAll().IgnoreQueryFilters().Include(u => u.UserGroups)
.SingleOrDefault(u => u.Id == existingMember.UserId);
if (user != null && !user.Locked && (user.UserGroups.All(g => g.UserGroupId == existingMember.UserGroupId) || user.UserGroups.Count == 0))
{
user.Locked = true;
var lockResult = await _userService.UpdateLocked(new UsersLockRequest()
{
Id = user.Id, Locked = true
});
if (lockResult.ResultType != ResultType.Ok)
{
return(new WrappedResponse <UserGroupListItem>()
{
ResultType = ResultType.Failed,
Errors = new[] { $"Error disabling User {user.Upn} on Azure Active Directory." },
Data = Mapper.Map <Olma.UserGroup, UserGroupListItem>(userGroup)
});
}
}
}
// Add new Members
foreach (var user in request.Users.ToList())
{
if (!existingMembers.Select(e => e.UserId).Contains(user.Id))
{
var newUser = _userRepo.FindAll().IgnoreQueryFilters()
.SingleOrDefault(g => g.Id == user.Id && !g.IsDeleted);
// Unlock if locked
if (newUser.Locked)
{
newUser.Locked = false;
var unlockResult = await _userService.UpdateLocked(new UsersLockRequest()
{
Id = newUser.Id, Locked = false
});
if (unlockResult.ResultType != ResultType.Ok)
{
return(new WrappedResponse <UserGroupListItem>()
{
ResultType = ResultType.Failed,
Errors = new[] { $"Error unlocking User {newUser.Upn} on Azure Active Directory.." },
Data = Mapper.Map <Olma.UserGroup, UserGroupListItem>(userGroup)
});
}
}
userGroup.Users.Add(new Olma.UserUserGroupRelation()
{
UserGroup = userGroup, User = newUser
});
_userGroupRelationRepo.Create(new Olma.UserUserGroupRelation()
{
UserGroupId = userGroup.Id, UserId = user.Id
});
}
}
_userGroupRelationRepo.Save();
// Ändern der "Members" macht den Permission Cache ungültig
await _permissionsService.UpdateCache();
return(new WrappedResponse <UserGroupListItem>()
{
ResultType = ResultType.Updated,
Data = Mapper.Map <Olma.UserGroup, UserGroupListItem>(userGroup)
});
}
