If an app admin creates a new tenant user or update an existing tenant user it won't show the correct Roles when use the user admin method called GetRoleNamesForUsersAsync. The GetRoleNamesForUsersAsync method takes in the user's userId. This has two problems:
When creating a user you won't get the correct tenant users because the tenant isn't set.
If you change the tenant that a user is linked to, then the Roles might not be correct because the tenant Roles in the new tenant can be different to the user's original tenant Roles. That also includes going from no tenant to a tenant - see issue #13.
Suggested solution
Change create to check that the Roles are correct for the applied tenant. Check if any of the Roles provided aren't correct for the tenant then sent back an error for each Role.
For Update, do the same as create - return errors if Roles aren't correct for the the tenant.
JonPSmith
commented
2 years ago
If an app admin creates a new tenant user or update an existing tenant user it won't show the correct Roles when use the user admin method called
GetRoleNamesForUsersAsync. TheGetRoleNamesForUsersAsyncmethod takes in the user's userId. This has two problems:Suggested solution