public ActionResult Edit(string id)
{
var user = db.Users.Include(x => x.Roles).Single(x => x.Id == id);
if (!(user.UserName != User.Identity.Name && HttpContext.UserHasClaimPermission(PermissionClaims.EditOtherUsers)) &&
!(user.UserName == User.Identity.Name && HttpContext.UserHasClaimPermission(PermissionClaims.EditOwnUser)))
{
return(Forbid());
}
AdminUserSave viewModel = new AdminUserSave(user);
viewModel.AllRoles = db.Roles.Where(x => x.Name != AnonymousRole).ToList();
return(View(viewModel));
}
private bool CheckEditRolesPermission(AdminUserSave userData, ApplicationUser user)
{
var currentRoles = user.Roles.Select(x => x.RoleId);
var newRoles = userData.SelectedRoles ?? Enumerable.Empty <string>();
//If changed some role
if (currentRoles.Except(newRoles).Count() != 0 || newRoles.Except(currentRoles).Count() != 0)
{
if (!(user.UserName != User.Identity.Name && HttpContext.UserHasClaimPermission(PermissionClaims.EditOtherUsersRoles)) &&
!(user.UserName == User.Identity.Name && HttpContext.UserHasClaimPermission(PermissionClaims.EditOwnRoles)))
{
return(false);
}
}
return(true);
}
public async Task <ActionResult> Edit(AdminUserSave userData)
{
var user = db.Users.Include(x => x.Roles).Single(x => x.Id == userData.Id);
if (!(user.UserName != User.Identity.Name && HttpContext.UserHasClaimPermission(PermissionClaims.EditOtherUsers)) &&
!(user.UserName == User.Identity.Name && HttpContext.UserHasClaimPermission(PermissionClaims.EditOwnUser)))
{
return(Forbid());
}
if (CheckEditRolesPermission(userData, user) == false)
{
return(Forbid());
}
if (ModelState.IsValid)
{
user.UserName = userData.Username;
user.Email = userData.Email;
user.DisplayName = userData.DisplayName;
user.FullName = userData.FullName;
user.BirthDate = userData.BirthDate;
user.Location = userData.Location;
user.About = userData.About;
user.Enabled = true;
var rolesRemoved = new List <string>();
foreach (var removedRole in user.Roles.Where(x => userData.SelectedRoles.Contains(x.RoleId) == false))
{
var role = await roleManager.FindByIdAsync(removedRole.RoleId);
rolesRemoved.Add(role.Name);
}
var result = await userManager.RemoveFromRolesAsync(user, rolesRemoved);
if (result.Succeeded)
{
var rolesAdded = new List <string>();
foreach (var addedRole in userData.SelectedRoles.Where(x => user.Roles.Any(y => y.RoleId == x) == false))
{
var role = await roleManager.FindByIdAsync(addedRole);
rolesAdded.Add(role.Name);
}
result = await userManager.AddToRolesAsync(user, rolesAdded);
if (result.Succeeded)
{
db.SaveChanges();
return(RedirectToAction("Index"));
}
AddErrors(result);
}
}
userData.AllRoles = db.Roles.Where(x => x.Name != AnonymousRole).ToList();
return(View(userData));
}