/// <summary>
/// Erzeugen aller standart rollen (Admin und Datenschutzbeauftragter mit den jeweiligen rechten)
/// </summary>
/// <param name="roleService">rollen service</param>
public static void SeedRoles(IRoleService roleService)
{
foreach (string roleToCreate in RoleClaims.DEFAULT_GROUPS)
{
Role role = roleService.FindRoleByNameAsync(roleToCreate).Result;
if (role == null)
{
roleService.CreateAsync(new Role()
{
Name = roleToCreate
}).Wait();
}
role = roleService.FindRoleByNameAsync(roleToCreate).Result;
if (role != null)
{
IList <Claim> existingClaims = roleService.GetClaimsAsync(role).Result;
List <Claim> claimsToCheck = new List <Claim>();
if (role.Name.Equals(RoleClaims.ADMIN_GROUP))
{
claimsToCheck = RoleClaims.GetAllAdminClaims();
}
else if (role.Name.Equals(RoleClaims.DATA_SECURITY_ENGINEER_GROUP))
{
claimsToCheck = RoleClaims.GetAllDsgvoClaims();
}
foreach (Claim claim in claimsToCheck)
{
if (existingClaims.FirstOrDefault(x => x.Type.Equals(claim.Type) && x.Value.Equals(claim.Value)) == null)
{
roleService.AddClaimAsync(role, claim).Wait();
}
}
}
}
}
public async Task <IdentityResult> RemoveClaimAsync(Role role, Claim claim)
{
if ((role.Id == 1 && RoleClaims.GetAllAdminClaims().FirstOrDefault(x => x.Type.Equals(claim.Type)) != null &&
RoleClaims.GetAllAdminClaims().FirstOrDefault(x => x.Value.Equals(claim.Value)) != null) ||
role.Id == 2 && RoleClaims.GetAllDsgvoClaims().FirstOrDefault(x => x.Type.Equals(claim.Type)) != null &&
RoleClaims.GetAllDsgvoClaims().FirstOrDefault(x => x.Value.Equals(claim.Value)) != null)
{
return(IdentityResult.Success);
}
return(await manager.RemoveClaimAsync(role, claim));
}
