user and role management improvements

Oqtane.Client/Modules/Admin/Roles/Users.razor

@@ -63,7 +63,7 @@ else
             <Row>
                 <td>@context.User.DisplayName</td>
                 <td>
-                    <button type="button" class="btn btn-danger" @onclick=@(async () => await DeleteUserRole(context.UserRoleId))>@Localizer["Delete"]</button>
+                    <ActionDialog Header="Remove User" Message="@Localizer["Are You Sure You Wish To Remove {0} From This Role?", context.User.DisplayName]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" ResourceKey="DeleteUserRole" />
                 </td>
             </Row>
         </Pager>
@@ -140,9 +140,10 @@ else
                     await UserRoleService.AddUserRoleAsync(userrole);
                 }
 
-                await GetUserRoles();
                 await logger.LogInformation("User Assigned To Role {UserRole}", userrole);
                 AddModuleMessage(Localizer["User Assigned To Role"], MessageType.Success);
+                await GetUserRoles();
+                StateHasChanged();
             }
             else
             {
@@ -161,9 +162,10 @@ else
         try
         {
             await UserRoleService.DeleteUserRoleAsync(UserRoleId);
-            await GetUserRoles();
             await logger.LogInformation("User Removed From Role {UserRoleId}", UserRoleId);
             AddModuleMessage(Localizer["User Removed From Role"], MessageType.Success);
+            await GetUserRoles();
+            StateHasChanged();
         }
         catch (Exception ex)
         {

Oqtane.Client/Modules/Admin/Users/Add.razor

@@ -131,26 +131,34 @@
             {
                 if (password == confirm)
                 {
-                    var user = new User();
+                    var user = await UserService.GetUserAsync(username, PageState.Site.SiteId);
-                    user.SiteId = PageState.Site.SiteId;
+                    if (user == null)
-                    user.Username = username;
-                    user.Password = password;
-                    user.Email = email;
-                    user.DisplayName = string.IsNullOrWhiteSpace(displayname) ? username : displayname;
-                    user.PhotoFileId = null;
-
-                    user = await UserService.AddUserAsync(user);
-
-                    if (user != null)
                     {
-                        await SettingService.UpdateUserSettingsAsync(settings, user.UserId);
+                        user = new User();
-                        await logger.LogInformation("User Created {User}", user);
+                        user.SiteId = PageState.Site.SiteId;
-                        NavigationManager.NavigateTo(NavigateUrl());
+                        user.Username = username;
+                        user.Password = password;
+                        user.Email = email;
+                        user.DisplayName = string.IsNullOrWhiteSpace(displayname) ? username : displayname;
+                        user.PhotoFileId = null;
+
+                        user = await UserService.AddUserAsync(user);
+
+                        if (user != null)
+                        {
+                            await SettingService.UpdateUserSettingsAsync(settings, user.UserId);
+                            await logger.LogInformation("User Created {User}", user);
+                            NavigationManager.NavigateTo(NavigateUrl());
+                        }
+                        else
+                        {
+                            await logger.LogError("Error Adding User {Username} {Email}", username, email);
+                            AddModuleMessage(Localizer["Error Adding User. Please Ensure Password Meets Complexity Requirements And Username And Email Are Not Already In Use."], MessageType.Error);
+                        }
                     }
                     else
                     {
-                        await logger.LogError("Error Adding User {Username} {Email}", username, email);
+                        AddModuleMessage(Localizer["Username Already Exists"], MessageType.Warning);
-                        AddModuleMessage(Localizer["Error Adding User. Please Ensure Password Meets Complexity Requirements And Username Is Not Already In Use."], MessageType.Error);
                     }
                 }
                 else

Oqtane.Client/Modules/Admin/Users/Index.razor

@@ -13,10 +13,15 @@
 }
 else
 {
-    <ActionLink Action="Add" Text="Add User" ResourceKey="AddUser" />
+    <div class="form-row">
-
+        <div class="col">
-    <div class="d-flex p-1">
+            <ActionLink Action="Add" Text="Add User" ResourceKey="AddUser" />
-        <input class="form-control mr-4" @bind="@_search" /><button class="btn btn-outline-primary ml-1" @onclick="OnSearch">@Localizer["Search"]</button>
+        </div>
+        <div class="col">
+            <div class="input-group flex-nowrap">
+                <input class="form-control" @bind="@_search" />&nbsp;<button class="btn btn-secondary" @onclick="OnSearch">@Localizer["Search"]</button>
+            </div>
+        </div>
     </div>
 
     <Pager Items="@userroles">
@@ -31,7 +36,10 @@ else
                 <ActionLink Action="Edit" Parameters="@($"id=" + context.UserId.ToString())" ResourceKey="EditUser" />
             </td>
             <td>
-                <ActionDialog Header="Delete User" Message="@Localizer["Are You Sure You Wish To Delete {0}?", context.User.DisplayName]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUser(context))" ResourceKey="DeleteUser" />
+                @if (context.Role.Name != RoleNames.Host)
+                {
+                    <ActionDialog Header="Delete User" Message="@Localizer["Are You Sure You Wish To Delete {0}?", context.User.DisplayName]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUser(context))" ResourceKey="DeleteUser" />
+                }
             </td>
             <td>
                 <ActionLink Action="Roles" Parameters="@($"id=" + context.UserId.ToString())" ResourceKey="Roles" />
@@ -57,19 +65,19 @@ else
 
     private List<UserRole> Search(string search)
     {
+        var results = allroles.Where(item => item.Role.Name == RoleNames.Registered || (item.Role.Name == RoleNames.Host && UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)));
+
         if (string.IsNullOrEmpty(_search))
         {
-            return allroles.Where(item => item.Role.Name == RoleNames.Registered).ToList();
+            results = results.Where(item => 
+                (
+                    item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) ||
+                    item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) ||
+                    item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase)
+                )
+            );
         }
-        return allroles
+        return results.ToList();
-            .Where(item => item.Role.Name == RoleNames.Registered &&
-                           (
-                               item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) ||
-                               item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) ||
-                               item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase)
-                               )
-            )
-            .ToList();
     }
 
     private async Task OnSearch()

Oqtane.Client/Modules/Admin/Users/Roles.razor

@@ -64,10 +64,10 @@ else
             <Row>
                 <td>@context.Role.Name</td>
                 <td>
-                    @if (context.Role.Name != RoleNames.Registered)
+                    @if (context.Role.Name != RoleNames.Registered && (context.Role.Name != RoleNames.Host || userid != PageState.User.UserId))
-                     {
+                    {
-                        <button type="button" class="btn btn-danger" @onclick=@(async () => await DeleteUserRole(context.UserRoleId))>@Localizer["Delete"]</button>
+                        <ActionDialog Header="Remove Role" Message="@Localizer["Are You Sure You Wish To Remove This User From The {0} Role?", context.Role.Name]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" ResourceKey="DeleteUserRole" />
-                     }
+                    }
                 </td>
             </Row>
         </Pager>
@@ -92,7 +92,14 @@ else
             userid = Int32.Parse(PageState.QueryString["id"]);
             User user = await UserService.GetUserAsync(userid, PageState.Site.SiteId);
             name = user.DisplayName;
-            roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
+            if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
+            {
+                roles = await RoleService.GetRolesAsync(PageState.Site.SiteId, true);
+            }
+            else
+            {
+                roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
+            }
             await GetUserRoles();
         }
         catch (Exception ex)
@@ -171,9 +178,10 @@ else
                     await UserRoleService.AddUserRoleAsync(userrole);
                 }
 
-                await GetUserRoles();
                 await logger.LogInformation("User Assigned To Role {UserRole}", userrole);
                 AddModuleMessage(Localizer["User Assigned To Role"], MessageType.Success);
+                await GetUserRoles();
+                StateHasChanged();
             }
             else
             {
@@ -192,9 +200,10 @@ else
         try
         {
             await UserRoleService.DeleteUserRoleAsync(UserRoleId);
-            await GetUserRoles();
             await logger.LogInformation("User Removed From Role {UserRoleId}", UserRoleId);
             AddModuleMessage(Localizer["User Removed From Role"], MessageType.Success);
+            await GetUserRoles();
+            StateHasChanged();
         }
         catch (Exception ex)
         {

Oqtane.Client/Services/Interfaces/IRoleService.cs

@@ -1,4 +1,4 @@
-using Oqtane.Models;
+using Oqtane.Models;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 
@@ -8,6 +8,8 @@ namespace Oqtane.Services
     {
         Task<List<Role>> GetRolesAsync(int siteId);
 
+        Task<List<Role>> GetRolesAsync(int siteId, bool includeGlobalRoles);
+
         Task<Role> GetRoleAsync(int roleId);
 
         Task<Role> AddRoleAsync(Role role);

Oqtane.Client/Services/RoleService.cs

@@ -1,4 +1,4 @@
-using Oqtane.Models;
+using Oqtane.Models;
 using System.Threading.Tasks;
 using System.Net.Http;
 using System.Linq;
@@ -22,7 +22,12 @@ namespace Oqtane.Services
 
         public async Task<List<Role>> GetRolesAsync(int siteId)
         {
-            List<Role> roles = await GetJsonAsync<List<Role>>($"{Apiurl}?siteid={siteId}");
+            return await GetRolesAsync(siteId, false);
+        }
+
+        public async Task<List<Role>> GetRolesAsync(int siteId, bool includeGlobalRoles)
+        {
+            List<Role> roles = await GetJsonAsync<List<Role>>($"{Apiurl}?siteid={siteId}&global={includeGlobalRoles}");
             return roles.OrderBy(item => item.Name).ToList();
         }
 

Oqtane.Server/Controllers/RoleController.cs

@@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
 using Oqtane.Enums;
@@ -21,12 +21,16 @@ namespace Oqtane.Controllers
             _logger = logger;
         }
 
-        // GET: api/<controller>?siteid=x
+        // GET: api/<controller>?siteid=x&global=true/false
         [HttpGet]
         [Authorize(Roles = RoleNames.Registered)]
-        public IEnumerable<Role> Get(string siteid)
+        public IEnumerable<Role> Get(string siteid, string global)
         {
-            return _roles.GetRoles(int.Parse(siteid));
+            if (string.IsNullOrEmpty(global))
+            {
+                global = "false";
+            }
+            return _roles.GetRoles(int.Parse(siteid), bool.Parse(global));
         }
 
         // GET api/<controller>/5

Oqtane.Server/Controllers/UserRoleController.cs

@@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
 using Oqtane.Enums;
@@ -6,6 +6,7 @@ using Oqtane.Models;
 using Oqtane.Shared;
 using Oqtane.Infrastructure;
 using Oqtane.Repository;
+using System.Linq;
 
 namespace Oqtane.Controllers
 {
@@ -13,13 +14,15 @@ namespace Oqtane.Controllers
     public class UserRoleController : Controller
     {
         private readonly IUserRoleRepository _userRoles;
+        private readonly IRoleRepository _roles;
         private readonly ITenantResolver _tenants;
         private readonly ISyncManager _syncManager;
         private readonly ILogManager _logger;
 
-        public UserRoleController(IUserRoleRepository userRoles, ITenantResolver tenants, ISyncManager syncManager, ILogManager logger)
+        public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, ITenantResolver tenants, ISyncManager syncManager, ILogManager logger)
         {
             _userRoles = userRoles;
+            _roles = roles;
             _syncManager = syncManager;
             _tenants = tenants;
             _logger = logger;
@@ -46,8 +49,13 @@ namespace Oqtane.Controllers
         [Authorize(Roles = RoleNames.Admin)]
         public UserRole Post([FromBody] UserRole userRole)
         {
-            if (ModelState.IsValid)
+            var role = _roles.GetRole(userRole.RoleId);
+            if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
             {
+                if (role.Name == RoleNames.Host)
+                {
+                    _userRoles.DeleteUserRoles(userRole.UserId);
+                }
                 userRole = _userRoles.AddUserRole(userRole);
                 _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
                 _logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
@@ -60,7 +68,8 @@ namespace Oqtane.Controllers
         [Authorize(Roles = RoleNames.Admin)]
         public UserRole Put(int id, [FromBody] UserRole userRole)
         {
-            if (ModelState.IsValid)
+            var role = _roles.GetRole(userRole.RoleId);
+            if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
             {
                 userRole = _userRoles.UpdateUserRole(userRole);
                 _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
@@ -75,9 +84,17 @@ namespace Oqtane.Controllers
         public void Delete(int id)
         {
             UserRole userRole = _userRoles.GetUserRole(id);
-            _userRoles.DeleteUserRole(id);
+            if (User.IsInRole(RoleNames.Host) || userRole.Role.Name != RoleNames.Host)
-            _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
+            {
-            _logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
+                _userRoles.DeleteUserRole(id);
+                if (userRole.Role.Name == RoleNames.Host)
+                {
+                    var role = _roles.GetRoles(_tenants.GetAlias().SiteId).FirstOrDefault(item => item.Name == RoleNames.Registered);
+                    _userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
+                }
+                _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
+                _logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
+            }
         }
     }
 }

Oqtane.Server/Repository/Interfaces/IUserRoleRepository.cs

@@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Oqtane.Models;
 
 namespace Oqtane.Repository
@@ -11,5 +11,6 @@ namespace Oqtane.Repository
         UserRole UpdateUserRole(UserRole userRole);
         UserRole GetUserRole(int userRoleId);
         void DeleteUserRole(int userRoleId);
+        void DeleteUserRoles(int userId);
     }
 }

Oqtane.Server/Repository/SiteRepository.cs

@@ -649,9 +649,9 @@ namespace Oqtane.Repository
             _roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Admin, Description = "Site Administrators", IsAutoAssigned = false, IsSystem = true});
 
             _profileRepository.AddProfile(new Profile
-                {SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = true, IsPrivate = false});
+                {SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
             _profileRepository.AddProfile(new Profile
-                {SiteId = site.SiteId, Name = "LastName", Title = "Last Name", Description = "Your Last Or Family Name", Category = "Name", ViewOrder = 2, MaxLength = 50, DefaultValue = "", IsRequired = true, IsPrivate = false});
+                {SiteId = site.SiteId, Name = "LastName", Title = "Last Name", Description = "Your Last Or Family Name", Category = "Name", ViewOrder = 2, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
             _profileRepository.AddProfile(new Profile
                 {SiteId = site.SiteId, Name = "Street", Title = "Street", Description = "Street Or Building Address", Category = "Address", ViewOrder = 3, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
             _profileRepository.AddProfile(

Oqtane.Server/Repository/UserRoleRepository.cs

@@ -58,5 +58,14 @@ namespace Oqtane.Repository
             _db.UserRole.Remove(userRole);
             _db.SaveChanges();
         }
+
+        public void DeleteUserRoles(int userId)
+        {
+            foreach (UserRole userRole in _db.UserRole.Where(item => item.Role.SiteId != null))
+            {
+                _db.UserRole.Remove(userRole);
+            }
+            _db.SaveChanges();
+        }
     }
 }