|
|
|
@ -221,6 +221,10 @@ namespace Ombi.Controllers
|
|
|
|
{
|
|
|
|
{
|
|
|
|
return Error($"The email address {user.EmailAddress} is not a valid format");
|
|
|
|
return Error($"The email address {user.EmailAddress} is not a valid format");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!CanModifyUser(user.Claims.Select(x => x.Value)))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
return Error("You do not have the correct permissions to create this user");
|
|
|
|
|
|
|
|
}
|
|
|
|
var ombiUser = new OmbiUser
|
|
|
|
var ombiUser = new OmbiUser
|
|
|
|
{
|
|
|
|
{
|
|
|
|
Alias = user.Alias,
|
|
|
|
Alias = user.Alias,
|
|
|
|
@ -261,6 +265,19 @@ namespace Ombi.Controllers
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private bool CanModifyUser(IEnumerable<string> roles)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
if (roles.Any(x => x.Equals("admin", StringComparison.CurrentCultureIgnoreCase)))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
// Only Admins can create admins
|
|
|
|
|
|
|
|
if (!User.IsInRole(OmbiRoles.Admin))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
/// <summary>
|
|
|
|
/// This is for the local user to change their details.
|
|
|
|
/// This is for the local user to change their details.
|
|
|
|
/// </summary>
|
|
|
|
/// </summary>
|
|
|
|
@ -346,6 +363,10 @@ namespace Ombi.Controllers
|
|
|
|
{
|
|
|
|
{
|
|
|
|
return Error($"The email address {ui.EmailAddress} is not a valid format");
|
|
|
|
return Error($"The email address {ui.EmailAddress} is not a valid format");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!CanModifyUser(ui.Claims.Select(x => x.Value)))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
return Error("You do not have the correct permissions to create this user");
|
|
|
|
|
|
|
|
}
|
|
|
|
// Get the user
|
|
|
|
// Get the user
|
|
|
|
var user = await UserManager.Users.FirstOrDefaultAsync(x => x.Id == ui.Id);
|
|
|
|
var user = await UserManager.Users.FirstOrDefaultAsync(x => x.Id == ui.Id);
|
|
|
|
user.Alias = ui.Alias;
|
|
|
|
user.Alias = ui.Alias;
|
|
|
|
@ -398,10 +419,16 @@ namespace Ombi.Controllers
|
|
|
|
[PowerUser]
|
|
|
|
[PowerUser]
|
|
|
|
public async Task<OmbiIdentityResult> DeleteUser(string userId)
|
|
|
|
public async Task<OmbiIdentityResult> DeleteUser(string userId)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
var userToDelete = await UserManager.Users.FirstOrDefaultAsync(x => x.Id == userId);
|
|
|
|
var userToDelete = await UserManager.Users.FirstOrDefaultAsync(x => x.Id == userId);
|
|
|
|
if (userToDelete != null)
|
|
|
|
if (userToDelete != null)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Can we delete this user?
|
|
|
|
|
|
|
|
var userRoles = await UserManager.GetRolesAsync(userToDelete);
|
|
|
|
|
|
|
|
if (!CanModifyUser(userRoles))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
return Error("You do not have the correct permissions to delete this user");
|
|
|
|
|
|
|
|
}
|
|
|
|
var result = await UserManager.DeleteAsync(userToDelete);
|
|
|
|
var result = await UserManager.DeleteAsync(userToDelete);
|
|
|
|
if (result.Succeeded)
|
|
|
|
if (result.Succeeded)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
|
tidusjar
7 years ago