From bb276a5984c32d197e4699e6d9d2b345d03a955d Mon Sep 17 00:00:00 2001
From: Joseph Milazzo <joseph.v.milazzo@gmail.com>
Date: Tue, 22 Dec 2020 17:28:38 -0600
Subject: [PATCH] Some changes to get register/login flow working smoothly with
 Admin role.

---
 API/Controllers/AccountController.cs | 14 +++++++-------
 API/Controllers/AdminController.cs   | 19 ++++++++++++++++---
 API/DTOs/MemberDto.cs                |  1 -
 API/DTOs/UserDto.cs                  |  5 ++---
 API/Data/UserRepository.cs           |  7 +------
 API/Interfaces/IUserRepository.cs    |  1 -
 6 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/API/Controllers/AccountController.cs b/API/Controllers/AccountController.cs
index a007bfc6c..6c8c74a5b 100644
--- a/API/Controllers/AccountController.cs
+++ b/API/Controllers/AccountController.cs
@@ -37,7 +37,6 @@ namespace API.Controllers
         [HttpPost("register")]
         public async Task<ActionResult<UserDto>> Register(RegisterDto registerDto)
         {
-            _logger.LogInformation("Username: " + registerDto.Password);
             if (await UserExists(registerDto.Username))
             {
                 return BadRequest("Username is taken.");
@@ -48,16 +47,18 @@ namespace API.Controllers
             var result = await _userManager.CreateAsync(user, registerDto.Password);
 
             if (!result.Succeeded) return BadRequest(result.Errors);
+            
 
-            var roleResult = await _userManager.AddToRoleAsync(user, "Pleb");
+            // TODO: Need a way to store Roles in enum and configure from there
+            var role = registerDto.IsAdmin ? "Admin" : "Pleb";
+            var roleResult = await _userManager.AddToRoleAsync(user, role);
 
             if (!roleResult.Succeeded) return BadRequest(result.Errors);
             
-            return new UserDto()
+            return new UserDto
             {
                 Username = user.UserName,
                 Token = await _tokenService.CreateToken(user),
-                IsAdmin = user.IsAdmin
             };
         }
 
@@ -79,11 +80,10 @@ namespace API.Controllers
             _userRepository.Update(user);
             await _userRepository.SaveAllAsync();
 
-            return new UserDto()
+            return new UserDto
             {
                 Username = user.UserName,
-                Token = await _tokenService.CreateToken(user),
-                IsAdmin = user.IsAdmin
+                Token = await _tokenService.CreateToken(user)
             };
         }
         
diff --git a/API/Controllers/AdminController.cs b/API/Controllers/AdminController.cs
index 155a53bfa..17f3aa12c 100644
--- a/API/Controllers/AdminController.cs
+++ b/API/Controllers/AdminController.cs
@@ -1,5 +1,8 @@
 using System.Threading.Tasks;
+using API.Entities;
 using API.Interfaces;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 
 namespace API.Controllers
@@ -7,16 +10,26 @@ namespace API.Controllers
     public class AdminController : BaseApiController
     {
         private readonly IUserRepository _userRepository;
+        private readonly UserManager<AppUser> _userManager;
 
-        public AdminController(IUserRepository userRepository)
+        public AdminController(IUserRepository userRepository, UserManager<AppUser> userManager)
         {
             _userRepository = userRepository;
+            _userManager = userManager;
         }
 
-        [HttpGet]
+        [HttpGet("exists")]
         public async Task<ActionResult<bool>> AdminExists()
         {
-            return await _userRepository.AdminExists();
+            var users = await _userManager.GetUsersInRoleAsync("Admin");
+            return users.Count > 0;
+        }
+
+        [Authorize(Policy = "RequireAdminRole")]
+        [HttpDelete]
+        public async Task<ActionResult> DeleteUser(string username)
+        {
+            return BadRequest("Not Implemented");
         }
         
         
diff --git a/API/DTOs/MemberDto.cs b/API/DTOs/MemberDto.cs
index 38ecbfcc3..7d881d53e 100644
--- a/API/DTOs/MemberDto.cs
+++ b/API/DTOs/MemberDto.cs
@@ -14,7 +14,6 @@ namespace API.DTOs
         public string Username { get; set; }
         public DateTime Created { get; set; }
         public DateTime LastActive { get; set; }
-        public bool IsAdmin { get; set; }
         public IEnumerable<LibraryDto> Libraries { get; set; }
     }
 }
\ No newline at end of file
diff --git a/API/DTOs/UserDto.cs b/API/DTOs/UserDto.cs
index c8b97abb6..eb0bf6bf2 100644
--- a/API/DTOs/UserDto.cs
+++ b/API/DTOs/UserDto.cs
@@ -2,8 +2,7 @@
 {
     public class UserDto
     {
-        public string Username { get; set; }
-        public string Token { get; set; }
-        public bool IsAdmin { get; set; }
+        public string Username { get; init; }
+        public string Token { get; init; }
     }
 }
\ No newline at end of file
diff --git a/API/Data/UserRepository.cs b/API/Data/UserRepository.cs
index 3ecf5578e..681cdd85c 100644
--- a/API/Data/UserRepository.cs
+++ b/API/Data/UserRepository.cs
@@ -62,11 +62,6 @@ namespace API.Data
                 .ProjectTo<MemberDto>(_mapper.ConfigurationProvider)
                 .SingleOrDefaultAsync();
         }
-
-        public async Task<bool> AdminExists()
-        {
-            return await _context.Users.AnyAsync(x => x.IsAdmin);
-            
-        }
+        
     }
 }
\ No newline at end of file
diff --git a/API/Interfaces/IUserRepository.cs b/API/Interfaces/IUserRepository.cs
index 4ed10236f..69b872821 100644
--- a/API/Interfaces/IUserRepository.cs
+++ b/API/Interfaces/IUserRepository.cs
@@ -15,6 +15,5 @@ namespace API.Interfaces
         Task<AppUser> GetUserByUsernameAsync(string username);
         Task<IEnumerable<MemberDto>>  GetMembersAsync();
         Task<MemberDto> GetMemberAsync(string username);
-        Task<bool> AdminExists();
     }
 }
\ No newline at end of file