Merge pull request #17526 from abpframework/Disable-LockoutEnabled-For-Currentuser

Prevent to disable account authenticated user self.
3 years ago · 6b5ab21c41
5 changed files with 19 additions and 8 deletions
--- a/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/IdentityUserAppService.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Application/Volo/Abp/Identity/IdentityUserAppService.cs
@ -173,7 +173,10 @@ public class IdentityUserAppService : IdentityAppServiceBase, IIdentityUserAppSe
            (await UserManager.SetPhoneNumberAsync(user, input.PhoneNumber)).CheckErrors();
        }

-        (await UserManager.SetLockoutEnabledAsync(user, input.LockoutEnabled)).CheckErrors();
+        if (user.Id != CurrentUser.Id)
+        {
+            (await UserManager.SetLockoutEnabledAsync(user, input.LockoutEnabled)).CheckErrors();
+        }

        user.Name = input.Name;
        user.Surname = input.Surname;
--- a/modules/identity/src/Volo.Abp.Identity.Blazor/Pages/Identity/UserManagement.razor
+++ b/modules/identity/src/Volo.Abp.Identity.Blazor/Pages/Identity/UserManagement.razor
@ -129,9 +129,12 @@
                                    <Field>
                                        <Check TValue="bool" @bind-Checked="@NewEntity.IsActive">@L["DisplayName:IsActive"]</Check>
                                    </Field>
-                                    <Field>
-                                        <Check TValue="bool" @bind-Checked="@NewEntity.LockoutEnabled">@L["DisplayName:LockoutEnabled"]</Check>
-                                    </Field>
+                                    @if (!IsEditCurrentUser)
+                                    {
+                                        <Field>
+                                            <Check TValue="bool" @bind-Checked="@NewEntity.LockoutEnabled">@L["DisplayName:LockoutEnabled"]</Check>
+                                        </Field>
+                                    }
                                    <ExtensionProperties TEntityType="IdentityUserCreateDto" TResourceType="IdentityResource" Entity="@NewEntity" LH="@LH" />
                                </TabPanel>
                                <TabPanel Name="Roles">
--- a/modules/identity/src/Volo.Abp.Identity.Blazor/Pages/Identity/UserManagement.razor.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Blazor/Pages/Identity/UserManagement.razor.cs
@ -41,6 +41,7 @@ public partial class UserManagement

    private List<TableColumn> UserManagementTableColumns => TableColumns.Get<UserManagement>();
    private TextRole _passwordTextRole = TextRole.Password;
+    public bool IsEditCurrentUser { get; set; }

    public UserManagement()
    {
@ -119,7 +120,7 @@ public partial class UserManagement
        try
        {
            EditModalSelectedTab = DefaultSelectedTab;
-
+            IsEditCurrentUser = entity.Id == CurrentUser.Id;
            var userRoleNames = (await AppService.GetRolesAsync(entity.Id)).Items.Select(r => r.Name).ToList();

            EditUserRoles = Roles.Select(x => new AssignedRoleViewModel
--- a/modules/identity/src/Volo.Abp.Identity.Web/Pages/Identity/Users/EditModal.cshtml
+++ b/modules/identity/src/Volo.Abp.Identity.Web/Pages/Identity/Users/EditModal.cshtml
@ -39,8 +39,10 @@
                        <abp-input asp-for="UserInfo.Email" />
                        <abp-input asp-for="UserInfo.PhoneNumber" />
                        <abp-input asp-for="UserInfo.IsActive" />
-                        <abp-input asp-for="UserInfo.LockoutEnabled" />
-
+                        @if (!Model.IsEditCurrentUser)
+                        {
+                            <abp-input asp-for="UserInfo.LockoutEnabled" />
+                        }
                        @foreach (var propertyInfo in ObjectExtensionManager.Instance.GetProperties<EditModalModel.UserInfoViewModel>())
                        {
                            if (!propertyInfo.Name.EndsWith("_Text"))
--- a/modules/identity/src/Volo.Abp.Identity.Web/Pages/Identity/Users/EditModal.cshtml.cs
+++ b/modules/identity/src/Volo.Abp.Identity.Web/Pages/Identity/Users/EditModal.cshtml.cs
@ -22,6 +22,8 @@ public class EditModalModel : IdentityPageModel

    protected IIdentityUserAppService IdentityUserAppService { get; }

+    public bool IsEditCurrentUser { get; set; }
+
    public EditModalModel(IIdentityUserAppService identityUserAppService)
    {
        IdentityUserAppService = identityUserAppService;
@ -30,7 +32,7 @@ public class EditModalModel : IdentityPageModel
    public virtual async Task<IActionResult> OnGetAsync(Guid id)
    {
        UserInfo = ObjectMapper.Map<IdentityUserDto, UserInfoViewModel>(await IdentityUserAppService.GetAsync(id));
-
+        IsEditCurrentUser = CurrentUser.Id == id;
        Roles = ObjectMapper.Map<IReadOnlyList<IdentityRoleDto>, AssignedRoleViewModel[]>((await IdentityUserAppService.GetAssignableRolesAsync()).Items);

        var userRoleNames = (await IdentityUserAppService.GetRolesAsync(UserInfo.Id)).Items.Select(r => r.Name).ToList();