diff --git a/API/Controllers/AdminController.cs b/API/Controllers/AdminController.cs index 17f3aa12c..6d427de89 100644 --- a/API/Controllers/AdminController.cs +++ b/API/Controllers/AdminController.cs @@ -26,10 +26,18 @@ namespace API.Controllers } [Authorize(Policy = "RequireAdminRole")] - [HttpDelete] + [HttpDelete("delete-user")] public async Task DeleteUser(string username) { - return BadRequest("Not Implemented"); + var user = await _userRepository.GetUserByUsernameAsync(username); + _userRepository.Delete(user); + + if (await _userRepository.SaveAllAsync()) + { + return Ok(); + } + + return BadRequest("Could not delete the user."); } diff --git a/API/Controllers/LibraryController.cs b/API/Controllers/LibraryController.cs index 93e3cdf06..0c6e45d99 100644 --- a/API/Controllers/LibraryController.cs +++ b/API/Controllers/LibraryController.cs @@ -77,14 +77,13 @@ namespace API.Controllers // return Ok(await _libraryRepository.GetLibrariesForUserAsync(user)); // } + [Authorize(Policy = "RequireAdminRole")] [HttpPut("update-for")] public async Task> UpdateLibrary(UpdateLibraryDto updateLibraryDto) { - // TODO: Only admins can do this var user = await _userRepository.GetUserByUsernameAsync(updateLibraryDto.Username); if (user == null) return BadRequest("Could not validate user"); - if (!user.IsAdmin) return Unauthorized("Only admins are permitted"); user.Libraries = new List(); diff --git a/API/DTOs/MemberDto.cs b/API/DTOs/MemberDto.cs index 7d881d53e..6f09f1fc3 100644 --- a/API/DTOs/MemberDto.cs +++ b/API/DTOs/MemberDto.cs @@ -15,5 +15,6 @@ namespace API.DTOs public DateTime Created { get; set; } public DateTime LastActive { get; set; } public IEnumerable Libraries { get; set; } + public IEnumerable Roles { get; set; } } } \ No newline at end of file diff --git a/API/Data/UserRepository.cs b/API/Data/UserRepository.cs index 681cdd85c..55a382654 100644 --- a/API/Data/UserRepository.cs +++ b/API/Data/UserRepository.cs @@ -6,6 +6,7 @@ using API.Entities; using API.Interfaces; using AutoMapper; using AutoMapper.QueryableExtensions; +using Microsoft.AspNetCore.Identity; using Microsoft.EntityFrameworkCore; namespace API.Data @@ -14,11 +15,13 @@ namespace API.Data { private readonly DataContext _context; private readonly IMapper _mapper; + private readonly UserManager _userManager; - public UserRepository(DataContext context, IMapper mapper) + public UserRepository(DataContext context, IMapper mapper, UserManager userManager) { _context = context; _mapper = mapper; + _userManager = userManager; } public void Update(AppUser user) @@ -26,6 +29,11 @@ namespace API.Data _context.Entry(user).State = EntityState.Modified; } + public void Delete(AppUser user) + { + _context.Users.Remove(user); + } + public async Task SaveAllAsync() { return await _context.SaveChangesAsync() > 0; @@ -49,6 +57,23 @@ namespace API.Data public async Task> GetMembersAsync() { + return await _userManager.Users + .Include(x => x.Libraries) + .Include(r => r.UserRoles) + .ThenInclude(r => r.Role) + .OrderBy(u => u.UserName) + .Select(u => new MemberDto + { + Id = u.Id, + Username = u.UserName, + Created = u.Created, + LastActive = u.LastActive, + Roles = u.UserRoles.Select(r => r.Role.Name).ToList() + }) + .ToListAsync(); + + //return await _context.Users.Include(x => x.Libraries) + return await _context.Users.Include(x => x.Libraries) .Include(x => x.Libraries) .ProjectTo(_mapper.ConfigurationProvider) diff --git a/API/Extensions/IdentityServiceExtensions.cs b/API/Extensions/IdentityServiceExtensions.cs index 9669c6822..9138ffbb8 100644 --- a/API/Extensions/IdentityServiceExtensions.cs +++ b/API/Extensions/IdentityServiceExtensions.cs @@ -35,6 +35,11 @@ namespace API.Extensions ValidateAudience = false }; }); + services.AddAuthorization(opt => + { + opt.AddPolicy("RequireAdminRole", policy => policy.RequireRole("Admin")); + }); + return services; } } diff --git a/API/Interfaces/IUserRepository.cs b/API/Interfaces/IUserRepository.cs index 69b872821..601913c89 100644 --- a/API/Interfaces/IUserRepository.cs +++ b/API/Interfaces/IUserRepository.cs @@ -15,5 +15,6 @@ namespace API.Interfaces Task GetUserByUsernameAsync(string username); Task> GetMembersAsync(); Task GetMemberAsync(string username); + public void Delete(AppUser user); } } \ No newline at end of file