84 lines
2.6 KiB
C#
84 lines
2.6 KiB
C#
using AutoMapper;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Http.HttpResults;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using OnlyPrompt.Backend.Database;
|
|
using OnlyPrompt.Backend.Database.Models;
|
|
|
|
namespace OnlyPrompt.Backend.Controllers
|
|
{
|
|
[ApiController]
|
|
[Route("api/v1/admin")]
|
|
[Authorize(Roles = ModelConstants.AdminRole)]
|
|
public class AdminController : BaseController
|
|
{
|
|
public AdminController(OnlyPromptContext db, IMapper mapper) : base(db, mapper)
|
|
{
|
|
}
|
|
|
|
private Task<UserModel?> GetNonAdminUserAsync(Guid id, bool isSysAdmin = false)
|
|
{
|
|
return _db.Users.FirstOrDefaultAsync(
|
|
u => u.Id == id
|
|
&& (isSysAdmin || u.Roles.Contains(ModelConstants.AdminRole) == false)
|
|
&& u.Roles.Contains(ModelConstants.SysAdminRole) == false
|
|
);
|
|
}
|
|
|
|
[HttpPost("users/{userId}/disable")]
|
|
public async Task<Results<Ok, NotFound<string>>> DisableUserAsync(Guid userId)
|
|
{
|
|
var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
|
|
if (user is null)
|
|
return TypedResults.NotFound("User not found.");
|
|
|
|
user.IsLockoutEnabled = true;
|
|
await _db.SaveChangesAsync();
|
|
return TypedResults.Ok();
|
|
}
|
|
|
|
[HttpPost("users/{userId}/enable")]
|
|
public async Task<Results<Ok, NotFound<string>>> EnableUserAsync(Guid userId)
|
|
{
|
|
var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
|
|
if (user is null)
|
|
return TypedResults.NotFound("User not found.");
|
|
|
|
user.IsLockoutEnabled = false;
|
|
await _db.SaveChangesAsync();
|
|
return TypedResults.Ok();
|
|
}
|
|
|
|
[HttpPut("users/{userId}/roles/{role}")]
|
|
public async Task<Results<Ok, NotFound<string>>> UpdateUserRolesAsync(Guid userId, string role)
|
|
{
|
|
if (ModelConstants.AllRoles.Contains(role) == false)
|
|
return TypedResults.NotFound($"No such role '{role}'");
|
|
|
|
var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
|
|
if (user is null)
|
|
return TypedResults.NotFound("User not found.");
|
|
|
|
user.Roles.Add(role);
|
|
await _db.SaveChangesAsync();
|
|
return TypedResults.Ok();
|
|
}
|
|
|
|
[HttpDelete("users/{userId}/roles/{role}")]
|
|
public async Task<Results<Ok, NotFound<string>>> RemoveUserRoleAsync(Guid userId, string role)
|
|
{
|
|
if (ModelConstants.AllRoles.Contains(role) == false)
|
|
return TypedResults.NotFound($"No such role '{role}'");
|
|
|
|
var user = await GetNonAdminUserAsync(userId, User.IsInRole(ModelConstants.SysAdminRole));
|
|
if (user is null)
|
|
return TypedResults.NotFound("User not found.");
|
|
|
|
user.Roles.Remove(role);
|
|
await _db.SaveChangesAsync();
|
|
return TypedResults.Ok();
|
|
}
|
|
}
|
|
}
|