public ActionResult Block(UserEditModel model)
{
if (!_permissionService.Authorize(PermissionProvider.ManageUsers))
return AccessDeniedView();
// get the user
var user = _userService.GetUserById(model.User.Id);
// check we have a user and they are not deleted
if (user == null)
{
ErrorNotification("The user couldn't be found or has been deleted.");
return RedirectToAction("index");
}
try
{
user.Active = !user.Active;
_userService.UpdateUser(user);
SuccessNotification("The user has been " + (user.Active ? "unblocked" : "blocked") + " successfully.");
return RedirectToAction("edit", user.Id);
}
catch (Exception)
{
ErrorNotification("An error occurred blocking the user, please try again.");
}
PrepareBreadcrumbs();
AddBreadcrumb("Edit User", null);
model = PrepareUserEditModel(user);
return View(model);
}
private UserEditModel PrepareUserEditModel(User user)
{
var model = new UserEditModel
{
CanEditRoles = _permissionService.Authorize(PermissionProvider.PromoteUsers),
IsSiteOwner = _workContext.CurrentUser.UserRoles.Any(x => x.SystemName == SystemUserRoleNames.SiteOwner),
User = PrepareUserModel(user)
};
return model;
}
public ActionResult Edit(UserEditModel model, FormCollection form)
{
if (!_permissionService.Authorize(PermissionProvider.ManageUsers))
return AccessDeniedView();
// get the user
var user = _userService.GetUserById(model.User.Id);
// check we have a user and they are not deleted
if (user == null)
{
ErrorNotification("The user couldn't be found or has been deleted.");
return RedirectToAction("index");
}
if (ModelState.IsValid)
{
try
{
user.ContactUsBio = model.User.ContactUsBio;
user.DisplayName = model.User.DisplayName;
user.Email = model.User.Email;
user.EmailDisclosureId = model.User.EmailDisclosureId;
user.ShowOnContactUs = model.User.ShowOnContactUs;
user.Telephone = model.User.Telephone;
user.TelephoneDisclosureId = model.User.TelephoneDisclosureId;
user.UserName = model.User.UserName;
user.Website = model.User.Website;
user.WebsiteDisclosureId = model.User.WebsiteDisclosureId;
if (_permissionService.Authorize(PermissionProvider.PromoteUsers))
{
var assignedUserRoles = form["roles"] != null ? form["roles"].Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries).ToList() : new List<string>();
var availableUserRoles = _userService.GetAllUserRoles(true).ToList();
bool isSiteOwner = user.UserRoles.Any(x => x.SystemName == SystemUserRoleNames.SiteOwner);
var siteOwnerRole = _userService.GetUserRoleBySystemName(SystemUserRoleNames.SiteOwner);
if (!isSiteOwner && assignedUserRoles.Contains(siteOwnerRole.Id.ToString()))
{
var siteOwners = _userService.GetAllUsersInRole(SystemUserRoleNames.SiteOwner);
foreach(var siteOwner in siteOwners)
{
siteOwner.UserRoles.Remove(siteOwnerRole);
_userService.UpdateUser(siteOwner);
}
}
user.UserRoles.Clear();
foreach (var userRoleId in assignedUserRoles.Select(int.Parse))
user.UserRoles.Add(availableUserRoles.First(x => x.Id == userRoleId));
if(isSiteOwner)
user.UserRoles.Add(availableUserRoles.First(x => x.SystemName == SystemUserRoleNames.SiteOwner));
}
_userService.UpdateUser(user);
SuccessNotification("The user details have been updated successfully.");
return RedirectToAction("edit", user.Id);
}
catch (Exception)
{
ErrorNotification("An error occurred saving the user details, please try again.");
}
}
else
{
ErrorNotification("We were unable to make the change, please review the form and correct the errors.");
}
PrepareBreadcrumbs();
AddBreadcrumb("Edit User", null);
model = PrepareUserEditModel(user);
return View(model);
}
