public async Task <IActionResult> GetUsersInSchool(int id) { var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); string[] roles = { "Admin", "SchoolAdmin" }; var schoolRepo = new SchoolRepository(); if (!schoolRepo.GetAll().Select(x => x.Id).Contains(id)) { return(BadRequest("Not such id")); } if (RoleService.CheckRoles(token, roles, _userManager)) { if (RoleService.CheckRole(token, "Admin", _userManager)) { if (id == 0) { var detailsRepo = new UserDetailsRepository(); var result = detailsRepo.GetAll().Select(x => UserSummaryFactory .CreateSummary(x, _userManager.FindByIdAsync(x.UserId).Result)).ToList(); return(Ok(result)); } else { try { var school = schoolRepo.GetAll().First(x => x.Id == id); var result = school.Users.Select(x => UserSummaryFactory .CreateSummary(x, _userManager.FindByIdAsync(x.UserId).Result)).ToList(); return(Ok(result)); } catch (Exception e) { NotFound(e.Message); } } } else { try { var school = schoolRepo.GetAll().First(x => x.Id == id); var result = school.Users.Select(x => UserSummaryFactory .CreateSummary(x, _userManager.FindByIdAsync(x.UserId).Result)).ToList(); return(Ok(result)); } catch (Exception e) { NotFound(e.Message); } } } return(Unauthorized("Only Admin, SchoolAdmin have access to this controller.")); }
public async Task<IActionResult> Create(UserInput input) { var user = new User {UserName = input.Username, Email = input.Email}; var result = await _userManager.CreateAsync(user, input.Password); if (result.Succeeded) { await _userManager.AddToRoleAsync(_userManager.FindByEmailAsync(input.Email).Result, "User"); //Adds UserDetails for newly added user var repo = new UserDetailsRepository(); var userDetails = new UserDetails(); userDetails.UserId = _userManager.FindByEmailAsync(input.Email).Result.Id; repo.Add(userDetails); var detailsId = repo.GetAll() .First(x => x.UserId == _userManager.FindByEmailAsync(input.Email).Result.Id).Id; user.DetailsId = detailsId; await _userManager.UpdateAsync(user); _logger.LogInformation("Account Created",user); return Ok(); } return BadRequest(result.Errors); }
public async Task <IActionResult> Add(UserSchoolInput input) { string[] roles = { "Admin", "SchoolAdmin" }; var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); if (RoleService.CheckRoles(token, roles, _userManager)) { var userDetailsRepo = new UserDetailsRepository(); var userDetails = userDetailsRepo.GetAll().First(x => x.UserId == input.UserId); userDetails.SchoolId = input.SchoolId; userDetailsRepo.Edit(userDetails); return(Ok()); } return(Unauthorized("Only Admin, SchoolAdmin have access to this controller.")); }
public async Task <IActionResult> Get() { var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); string[] roles = { "User", "Admin", "SchoolAdmin" }; var repo = new CandidacyRepository(); var detailsRepo = new UserDetailsRepository(); //Gets UserId(sub) fro token; var handler = new JwtSecurityTokenHandler(); var sub = handler.ReadJwtToken(token).Payload.Sub; var schoolId = detailsRepo.GetAll().First(x => x.UserId == sub).SchoolId; if (RoleService.CheckRoles(token, roles, _userManager)) { var result = repo.GetAll().Where(x => detailsRepo.GetById(x.OwnerId.GetValueOrDefault()).SchoolId == schoolId).ToList(); return(Ok(result)); } return(Unauthorized()); }