using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.Rendering; using Microsoft.EntityFrameworkCore; using Data; using Data.Entities; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; namespace WebApp.Controllers { public class UserWithRoles { public string UserName { get; set; } public string FirstName { get; set; } public string LastName { get; set; } public string Email { get; set; } public string PersonalNumber { get; set; } public string PhoneNumber { get; set; } public string Role { get; set; } } public class UsersController : Controller { private readonly RentACarDbContext _context; public UsersController(RentACarDbContext context) { _context = context; } // GET: Users [Authorize(Roles = "Admin")] public async Task Index() { ICollection users = await _context.Users.ToListAsync(); ICollection usersWithRole = new List(); //foreach (var item in users) //{ // var userRole = await _context.UserRoles.FirstOrDefaultAsync(userRoles => userRoles.UserId == item.Id); // var role = await _context.Roles.FirstOrDefaultAsync(role => role.Id == userRole.RoleId); // usersWithRole.Add( // new UserWithRoles() // { // UserName = item.UserName, // FirstName = item.FirstName, // LastName = item.LastName, // Email = item.Email, // PersonalNumber = item.PersonalNumber, // PhoneNumber = item.PhoneNumber, // Role = role.Name // } // ); //} return View(users); } // GET: Users/Edit/5 [Authorize(Roles = "Admin")] public async Task Edit(string id) { if (id == null) { return NotFound(); } var user = await _context.Users.FindAsync(id); if (user == null) { return NotFound(); } return View(user); } // GET: Rents/Create [Authorize(Roles = "Admin")] public IActionResult Create(int id) { return View(); } // POST: Rents/Create // To protect from overposting attacks, enable the specific properties you want to bind to. // For more details, see http://go.microsoft.com/fwlink/?LinkId=317598. [HttpPost] [ValidateAntiForgeryToken] [Authorize(Roles = "Admin")] public async Task Create([Bind("FirstName,LastName,PersonalNumber,Id,UserName,NormalizedUserName,Email,NormalizedEmail,EmailConfirmed,PasswordHash,SecurityStamp,ConcurrencyStamp,PhoneNumber,PhoneNumberConfirmed,TwoFactorEnabled,LockoutEnd,LockoutEnabled,AccessFailedCount")] User user) { user.Id = Guid.NewGuid().ToString(); PasswordHasher passwordHasher = new PasswordHasher(); user.PasswordHash = passwordHasher.HashPassword(user.Id, user.PasswordHash); if (ModelState.IsValid) { _context.Add(user); await _context.SaveChangesAsync(); return RedirectToAction(nameof(Index)); } return View(user); } // POST: Users/Edit/5 // To protect from overposting attacks, enable the specific properties you want to bind to. // For more details, see http://go.microsoft.com/fwlink/?LinkId=317598. [HttpPost] [ValidateAntiForgeryToken] [Authorize(Roles = "Admin")] public async Task Edit(string id, [Bind("FirstName,LastName,PersonalNumber,Id,UserName,NormalizedUserName,Email,NormalizedEmail,EmailConfirmed,PasswordHash,SecurityStamp,ConcurrencyStamp,PhoneNumber,PhoneNumberConfirmed,TwoFactorEnabled,LockoutEnd,LockoutEnabled,AccessFailedCount")] User user) { if (id != user.Id) { return NotFound(); } if (ModelState.IsValid) { try { _context.Update(user); await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!UserExists(user.Id)) { return NotFound(); } else { throw; } } return RedirectToAction(nameof(Index)); } return View(user); } // GET: Users/Delete/5 [Authorize(Roles = "Admin")] public async Task Delete(string id) { if (id == null) { return NotFound(); } var user = await _context.Users .FirstOrDefaultAsync(m => m.Id == id); if (user == null) { return NotFound(); } return View(user); } // POST: Users/Delete/5 [HttpPost, ActionName("Delete")] [ValidateAntiForgeryToken] [Authorize(Roles = "Admin")] public async Task DeleteConfirmed(string id) { var user = await _context.Users.FindAsync(id); _context.Users.Remove(user); await _context.SaveChangesAsync(); return RedirectToAction(nameof(Index)); } // GET: Users/Details/5 [Authorize(Roles = "Admin")] public async Task Details(string id) { if (id == null) { return NotFound(); } var user = await _context.Users .FirstOrDefaultAsync(m => m.Id == id); if (user == null) { return NotFound(); } return View(user); } private bool UserExists(string id) { return _context.Users.Any(e => e.Id == id); } } }