clarification about admin role

fullstackhero / dotnet-starter-kit

Production Grade Cloud-Ready .NET 8 Starter Kit (Web API + Blazor Client) with Multitenancy Support, and Clean/Modular Architecture that saves roughly 200+ Development Hours! All Batteries Included.

https://fullstackhero.net/dotnet-webapi-boilerplate/

MIT License

5.22k stars 1.56k forks source link

clarification about admin role #436

Closed xlogex closed 2 years ago

xlogex commented 2 years ago

https://github.com/fullstackhero/dotnet-webapi-boilerplate/blob/1c67559e315b517bc87c7284dc686cbb9f73ff10/src/Infrastructure/Identity/UserService.cs#L106 Why you cannot remove admin role? ..... (should be not able only on root user)

xlogex commented 2 years ago

public async Task<bool> IsRootTenantAsync(string userId, CancellationToken cancellationToken)
    {
        var user = await _userManager.Users.Where(u => u.Id == userId).FirstOrDefaultAsync(cancellationToken);

        _ = user ?? throw new NotFoundException(_localizer["User Not Found."]);

        bool isRoot = user.Email == MultitenancyConstants.Root.EmailAddress;
        return isRoot;
    }