public void Execute(ChangeUserUseCasesDto request)
{
if (_actor.RoleType != RoleType.Administrator && _actor.RoleType != RoleType.Moderator)
{
throw new NotAllowedException(UseCase.getUseCase(this.Id), _actor, "Only administrator or moderator can change permissions for users.");
}
var user = _context.Users.Include(u => u.Role).Include(u => u.UseCases).FirstOrDefault(r => r.Id == request.UserId);
if (user == null)
{
throw new EntityNotFoundException(request.UserId, typeof(User));
}
// can only perform action on role that lower than own
if (_actor.RoleType != RoleType.Administrator && user.Role.RoleType <= _actor.RoleType)
{
throw new DependencyException(UseCase.getUseCase(this.Id), _actor, "You can only perform this action on users with role types with lower priviledges than yours.");
}
_validator.ValidateAndThrow(request);
_mapper.Map <ChangeUserUseCasesDto, User>(request, user);
_context.SaveChanges(_actor.Id);
}
public IActionResult ChangePermissions(int id, [FromBody] ChangeUserUseCasesDto request, [FromServices] IChangeUserUseCasesCommand command)
{
request.UserId = id;
_executor.ExecuteCommand(command, request);
return(NoContent());
}
