Merge pull request #218 from Gid733/master

Added feature to create new admins and role changing

Author: renemadsen

eFormAPI/eFormAPI.Web/Resources/SharedResource.da.resx

@@ -573,4 +573,13 @@
   <data name="PluginNotFound" xml:space="preserve">
     <value>Plugin ikke fundet</value>
   </data>
+  <data name="CantEditPrimaryAdminUser" xml:space="preserve">
+    <value>Du kan ikke se, ændre eller slette primæradministrator</value>
+  </data>
+  <data name="CantUpdateRoleForPrimaryAdminUser" xml:space="preserve">
+    <value>Det er ikke muligt at skifte rolle for primæradministrator</value>
+  </data>
+  <data name="RoleNotFound" xml:space="preserve">
+    <value>Rolle ikke fundet</value>
+  </data>
 </root>

eFormAPI/eFormAPI.Web/Resources/SharedResource.de.resx

@@ -555,4 +555,13 @@
   <data name="PluginNotFound" xml:space="preserve">
     <value>Plugin nicht gefunden</value>
   </data>
+  <data name="CantEditPrimaryAdminUser" xml:space="preserve">
+    <value>U kunt primaire beheerder niet bekijken, wijzigen of verwijderen</value>
+  </data>
+  <data name="CantUpdateRoleForPrimaryAdminUser" xml:space="preserve">
+    <value>Het is niet mogelijk om de rol voor primaire beheerder te wijzigen</value>
+  </data>
+  <data name="RoleNotFound" xml:space="preserve">
+    <value>Rol niet gevonden</value>
+  </data>
 </root>

eFormAPI/eFormAPI.Web/Resources/SharedResource.resx

@@ -573,4 +573,13 @@
   <data name="PluginNotFound" xml:space="preserve">
     <value>Plugin not found</value>
   </data>
+  <data name="CantEditPrimaryAdminUser" xml:space="preserve">
+    <value>You can't view, change or delete primary admin</value>
+  </data>
+  <data name="CantUpdateRoleForPrimaryAdminUser" xml:space="preserve">
+    <value>It's not possible to change role for primary admin</value>
+  </data>
+  <data name="RoleNotFound" xml:space="preserve">
+    <value>Role not fond</value>
+  </data>
 </root>

eFormAPI/eFormAPI.Web/Services/AdminService.cs

@@ -127,25 +127,37 @@ public async Task<OperationResult> UpdateUser(UserRegisterModel userRegisterMode
         {
             try
             {
+                if (userRegisterModel.Id == 1 && _userService.UserId != 1)
+                {
+                    return new OperationResult(false, _localizationService.GetString("CantEditPrimaryAdminUser"));
+                }
+
+                if (userRegisterModel.Role != EformRole.Admin && userRegisterModel.Role != EformRole.User)
+                {
+                    return new OperationResult(false,
+                        _localizationService.GetString("RoleNotFound"));
+                }
+
                 var user = await _userService.GetByIdAsync(userRegisterModel.Id);
                 if (user == null)
                 {
                     return new OperationResult(false,
                         _localizationService.GetStringWithFormat("UserNotFoundUserName", userRegisterModel.UserName));
                 }
 
+
+                if (_userService.UserId == 1 && !await _userManager.IsInRoleAsync(user, userRegisterModel.Role))
+                {
+                    return new OperationResult(false, _localizationService.GetString("CantUpdateRoleForPrimaryAdminUser"));
+                }
+
                 var isAdmin = await _userManager.IsInRoleAsync(user, EformRole.Admin);
                 if (!_dbContext.SecurityGroups.Any(x => x.Id == userRegisterModel.GroupId) && !isAdmin)
                 {
                     return new OperationResult(false,
                         _localizationService.GetString("SecurityGroupNotFound"));
                 }
 
-                if (userRegisterModel.Role == null)
-                {
-                    return new OperationResult(false, _localizationService.GetString("RoleIsRequired"));
-                }
-
                 if (isAdmin && _userService.Role != EformRole.Admin)
                 {
                     return new OperationResult(false, _localizationService.GetString("YouCantViewChangeOrDeleteAdmin"));
@@ -156,6 +168,7 @@ public async Task<OperationResult> UpdateUser(UserRegisterModel userRegisterMode
                 user.UserName = userRegisterModel.Email;
                 user.FirstName = userRegisterModel.FirstName;
                 user.LastName = userRegisterModel.LastName;
+
                 var result = await _userManager.UpdateAsync(user);
                 if (!result.Succeeded)
                 {
@@ -169,6 +182,15 @@ public async Task<OperationResult> UpdateUser(UserRegisterModel userRegisterMode
                     await _userManager.AddPasswordAsync(user, userRegisterModel.Password);
                 }
 
+                // change role
+                if (!await _userManager.IsInRoleAsync(user, userRegisterModel.Role))
+                {
+                    var currentUserRole = await _userManager.GetRolesAsync(user);
+                    await _userManager.RemoveFromRolesAsync(user, currentUserRole);
+
+                    await _userManager.AddToRoleAsync(user, userRegisterModel.Role);
+                }
+
                 // Change group
                 if (userRegisterModel.GroupId > 0 && user.Id > 0)
                 {
@@ -191,6 +213,19 @@ public async Task<OperationResult> UpdateUser(UserRegisterModel userRegisterMode
                     await _dbContext.SaveChangesAsync();
                 }
 
+                if (userRegisterModel.Role == EformRole.Admin)
+                {
+                    var securityGroupUsers = await _dbContext.SecurityGroupUsers.Where(x => x.EformUserId == user.Id)
+                        .ToListAsync();
+
+                    if (securityGroupUsers.Any())
+                    {
+                        _dbContext.SecurityGroupUsers.RemoveRange(securityGroupUsers);
+
+                        await _dbContext.SaveChangesAsync();
+                    }
+                }
+
                 return new OperationResult(true,
                     _localizationService.GetStringWithFormat("UserUserNameWasUpdated", user.UserName));
             }
@@ -205,14 +240,21 @@ public async Task<OperationResult> CreateUser(UserRegisterModel userRegisterMode
         {
             try
             {
+                if (userRegisterModel.Role != EformRole.Admin && userRegisterModel.Role != EformRole.User)
+                {
+                    return new OperationResult(false,
+                        _localizationService.GetString("RoleNotFound"));
+                }
+
                 var userResult = await _userManager.FindByNameAsync(userRegisterModel.Email);
+
                 if (userResult != null)
                 {
                     return new OperationResult(false,
                         _localizationService.GetStringWithFormat("UserUserNameAlreadyExist", userRegisterModel.Email));
                 }
 
-                if (!_dbContext.SecurityGroups.Any(x => x.Id == userRegisterModel.GroupId))
+                if (userRegisterModel.Role != EformRole.Admin && !_dbContext.SecurityGroups.Any(x => x.Id == userRegisterModel.GroupId))
                 {
                     return new OperationResult(false,
                         _localizationService.GetString("SecurityGroupNotFound"));
@@ -235,10 +277,12 @@ public async Task<OperationResult> CreateUser(UserRegisterModel userRegisterMode
                     return new OperationResult(false, string.Join(" ", result.Errors.Select(x=>x.Description).ToArray()));
                 }
 
+               
+
                 // change role
-                await _userManager.AddToRoleAsync(user, EformRole.User);
+                await _userManager.AddToRoleAsync(user, userRegisterModel.Role);
                 // add to group
-                if (userRegisterModel.GroupId > 0 && user.Id > 0)
+                if (userRegisterModel.GroupId > 0 && user.Id > 0 && userRegisterModel.Role != EformRole.Admin)
                 {
                     var securityGroupUser = new SecurityGroupUser()
                     {

eform-client/src/app/modules/account-management/components/users/new-user-modal/new-user-modal.component.html

@@ -46,7 +46,7 @@ <h3>{{ 'New User' | translate }}</h3>
                   <input mdbInputDirective
                          [mdbValidate]="false"
                          class="form-control"
-                         required #createPassword="ngModel" type="text"
+                         required type="text"
                          [(ngModel)]="newUserModel.password" id="createPassword"
                          name="createPassword">
                   <label for="createPassword">{{'Password' | translate}}*</label>
@@ -55,6 +55,18 @@ <h3>{{ 'New User' | translate }}</h3>
             </div>
             <div class="row">
               <div class="col-md-6 ng-select-wrapper">
+                <ng-select required
+                           bindLabel="name"
+                           bindValue="id"
+                           [clearable]="false"
+                           [(ngModel)]="newUserModel.role" name="createRole"
+                           [placeholder]="'Role' | translate"
+                           [items]="[
+                            {id: 'admin', name: 'Admin' | translate},
+                            {id: 'user', name: 'User' | translate}
+                           ]"></ng-select>
+              </div>
+              <div class="col-md-6 ng-select-wrapper" *ngIf="newUserModel.role !== 'admin'">
                 <ng-select required
                            bindLabel="name"
                            bindValue="id"

eform-client/src/app/modules/account-management/components/users/user-edit/user-edit-modal.component.html

@@ -54,10 +54,24 @@ <h3>{{'Edit User' | translate}}</h3>
               </div>
             </div>
             <div class="row">
+              <div class="col-md-6 ng-select-wrapper">
+                <ng-select required
+                           bindLabel="name"
+                           bindValue="id"
+                           [clearable]="false"
+                           [ngModel]="selectedUserModel.role" name="editRole"
+                           (ngModelChange)="onUserRoleUpdated($event)"
+                           [placeholder]="'Role' | translate"
+                           [items]="[
+                            {id: 'admin', name: 'Admin' | translate},
+                            {id: 'user', name: 'User' | translate}
+                           ]"></ng-select>
+              </div>
               <div class="col-md-6 ng-select-wrapper" *ngIf="selectedUserModel.role != 'admin'">
                 <ng-select required
                            bindLabel="name"
                            bindValue="id"
+                           [clearable]="false"
                            [(ngModel)]="selectedUserModel.groupId"
                            name="editGroup"
                            [placeholder]="'Group' | translate"

eform-client/src/app/modules/account-management/components/users/user-edit/user-edit-modal.component.ts

@@ -13,7 +13,6 @@ export class UserEditModalComponent implements OnInit {
   @Input() availableGroups: SecurityGroupsModel = new SecurityGroupsModel();
   @Output() onUserUpdated: EventEmitter<void> = new EventEmitter<void>();
   selectedUserModel: UserRegisterModel = new UserRegisterModel;
-  newUserModel: UserRegisterModel = new UserRegisterModel;
   spinnerStatus = false;
 
   constructor(private adminService: AdminService) {
@@ -45,4 +44,9 @@ export class UserEditModalComponent implements OnInit {
       } this.spinnerStatus = false;
     });
   }
+
+  onUserRoleUpdated(e: string) {
+    this.selectedUserModel.role = e;
+    this.selectedUserModel.groupId = null;
+  }
 }