public async Task <IActionResult> AddRoleToUser([FromQuery(Name = "role")] string role, [FromQuery(Name = "userId")] string userId)
{
_requestLogService.SaveRequest(User.Identity.GetUserId(), "POST", "api/v1/accounts/addRoleToUser", "AddRoleToUser");
if (role == null || userId == null)
{
return(BadRequest());
}
var user = await _userManager.FindByIdAsync(userId);
if (user != null && await _roleManager.RoleExistsAsync(role))
{
if (User.IsInRole(role))
{
return(StatusCode(400, "User is already in this role."));
}
if (user.Id == User.Identity.GetUserId() && role != "admin" || User.IsInRole("admin"))
{
await _userManager.AddToRoleAsync(user, role);
}
else
{
return(StatusCode(403, "Users can only be amended by themselves or by admins."));
}
}
else
{
return(BadRequest("No such user and/or role exists. Please double check parameters."));
}
return(CreatedAtAction(nameof(GetUser), new { id = user.Id }, UserDTO.CreateFromDomain(user)));
}
public IActionResult GetUsersByRole([FromQuery(Name = "role")] string role)
{
_requestLogService.SaveRequest(User.Identity.GetUserId(), "POST", "api/v1/accounts/getAllUsersInRole", "GetUsersByRole");
var users = _userManager.GetUsersInRoleAsync(role).Result;
List <UserDTO> userDtos = new List <UserDTO>();
if (users != null)
{
foreach (User user in users)
{
userDtos.Add(UserDTO.CreateFromDomain(user));
}
return(Ok(userDtos));
}
return(NotFound());
}
public UserDTO Create(User user)
{
return(UserDTO.CreateFromDomain(user));
}
