public ActionResult ManageRoles(ManageRolesViewModel formData)
{
try
{
if (!ModelState.IsValid)
{
return(View(GenerateManageRolesViewModel(formData.UserId)));
}
ApplicationUser foundUser = UserRepository.GetUserById(formData.UserId);
if (foundUser == null)
{
return(RedirectToAction(nameof(Index)));
}
bool isAddingUsers = formData?.SelectedRolesToAdd != null;
bool isRemovingUsers = formData?.SelectedRolesToRemove != null;
string userId = User.Identity.GetUserId();
//! other admins can revoke other admins role
//! but they can't revoke their own admin role
if (isRemovingUsers && formData.UserId == userId && formData.SelectedRolesToRemove.Contains(nameof(UserRolesEnum.Admin)))
{
return(RedirectToAction(nameof(Index), new { error = "You can't revoke your admin role (discarded all changes)" }));
}
#region Adding and Removing Users
if (isAddingUsers)
{
foreach (string roleName in formData.SelectedRolesToAdd)
{
bool isUserAlreadyAssignedToRole = UserRoleRepository.IsUserInRole(formData.UserId, roleName);
if (!isUserAlreadyAssignedToRole)
{
bool didUserGetAssignedToRole = UserRoleRepository.AddUserToRole(formData.UserId, roleName);
if (!didUserGetAssignedToRole)
{
return(RedirectToAction(nameof(Index)));
}
}
}
}
if (isRemovingUsers)
{
foreach (string roleName in formData.SelectedRolesToRemove)
{
bool isUserAlreadyAssignedToRole = UserRoleRepository.IsUserInRole(formData.UserId, roleName);
if (isUserAlreadyAssignedToRole)
{
//ApplicationUser foundUser = UserRepository.GetUserById(userId);
bool didUserGetRoleRevoked = UserRoleRepository.RemoveUserFromRole(formData.UserId, roleName);
if (!didUserGetRoleRevoked)
{
return(RedirectToAction(nameof(Index)));
}
}
}
}
#endregion
DbContext.SaveChanges();
return(RedirectToAction(nameof(Index)));
}
catch (ArgumentException e)
{
ModelState.AddModelError("", e.Message);
return(View(GenerateManageRolesViewModel(formData.UserId)));
}
catch (Exception e)
{
ModelState.AddModelError("", e.Message);
return(View(GenerateManageRolesViewModel(formData.UserId)));
}
}