Roles fixed

9 years ago · d9a569d7d0
5 changed files with 16 additions and 6 deletions
--- a/src/Squidex.Core/Identity/SquidexRoles.cs
+++ b/src/Squidex.Core/Identity/SquidexRoles.cs
@ -10,12 +10,12 @@ namespace Squidex.Core.Identity
 {
    public static class SquidexRoles
    {
-        public const string Administrator = "administrator";
+        public const string Administrator = "ADMINISTRATOR";

-        public const string AppOwner = "app-owner";
+        public const string AppOwner = "APP-OWNER";

-        public const string AppEditor = "app-editor";
+        public const string AppEditor = "APP-EDITOR";

-        public const string AppDeveloper = "app-developer";
+        public const string AppDeveloper = "APP-DEVELOPER";
    }
 }
--- a/src/Squidex/Config/Identity/IdentityUsage.cs
+++ b/src/Squidex/Config/Identity/IdentityUsage.cs
@ -85,6 +85,15 @@ namespace Squidex.Config.Identity
            return app;
        }

+        public static IApplicationBuilder UseAdminRole(this IApplicationBuilder app)
+        {
+            var roleManager = app.ApplicationServices.GetRequiredService<RoleManager<IdentityRole>>();
+
+            roleManager.CreateAsync(new IdentityRole { Name = SquidexRoles.Administrator, NormalizedName = SquidexRoles.Administrator }).Wait();
+
+            return app;
+        }
+
        public static IApplicationBuilder UseMyApiProtection(this IApplicationBuilder app)
        {
            const string apiScope = Constants.ApiScope;
--- a/src/Squidex/Controllers/UI/Account/AccountController.cs
+++ b/src/Squidex/Controllers/UI/Account/AccountController.cs
@ -208,7 +208,7 @@ namespace Squidex.Controllers.UI.Account

        private Task<bool> MakeAdminAsync(IdentityUser user, bool isFirst)
        {
-            if (isFirst)
+            if (!isFirst)
            {
                return Task.FromResult(true);
            }
--- a/src/Squidex/Startup.cs
+++ b/src/Squidex/Startup.cs
@ -121,6 +121,7 @@ namespace Squidex

                identityApp.UseMyIdentity();
                identityApp.UseMyIdentityServer();
+                identityApp.UseAdminRole();
                identityApp.UseMyApiProtection();
                identityApp.UseMyGoogleAuthentication();
                identityApp.UseStaticFiles();
--- a/src/Squidex/app/shared/services/auth.service.ts
+++ b/src/Squidex/app/shared/services/auth.service.ts
@ -32,7 +32,7 @@ export class Profile {
    }

    public get isAdmin(): boolean {
-        return this.user.profile['role'] === 'administrator';
+        return this.user.profile['role'].toLowerCase() === 'administrator';
    }

    public get token(): string {