Added User Status Change

Author: mckaragoz

samples/blazor-server/CodeBeam.UltimateAuth.Sample.BlazorServer/Components/Pages/Home.razor.cs

@@ -86,12 +86,12 @@ private async Task HandleGetMe()
 
         private async Task ChangeUserInactive()
         {
-            ChangeUserStatusRequest request = new ChangeUserStatusRequest
+            ChangeUserStatusAdminRequest request = new ChangeUserStatusAdminRequest
             {
                 UserKey = UserKey.FromString("user"),
                 NewStatus = UserStatus.Disabled
             };
-            var result = await UAuth.Users.ChangeStatusAsync(request);
+            var result = await UAuth.Users.ChangeStatusAdminAsync(request);
             if (result.Ok)
             {
                 Snackbar.Add($"User is disabled.", Severity.Info);

src/CodeBeam.UltimateAuth.Client/Services/DefaultUserClient.cs

@@ -39,9 +39,16 @@ public async Task<UAuthResult<UserCreateResult>> CreateAsync(CreateUserRequest r
             return UAuthResultMapper.FromJson<UserCreateResult>(raw);
         }
 
-        public async Task<UAuthResult<UserStatusChangeResult>> ChangeStatusAsync(ChangeUserStatusRequest request)
+        public async Task<UAuthResult<UserStatusChangeResult>> ChangeStatusSelfAsync(ChangeUserStatusSelfRequest request)
         {
-            var url = UAuthUrlBuilder.Combine(_options.Endpoints.Authority, "/users/status");
+            var url = UAuthUrlBuilder.Combine(_options.Endpoints.Authority, $"/users/status");
+            var raw = await _request.SendJsonAsync(url, request);
+            return UAuthResultMapper.FromJson<UserStatusChangeResult>(raw);
+        }
+
+        public async Task<UAuthResult<UserStatusChangeResult>> ChangeStatusAdminAsync(ChangeUserStatusAdminRequest request)
+        {
+            var url = UAuthUrlBuilder.Combine(_options.Endpoints.Authority, $"/admin/users/{request.UserKey.Value}/status");
             var raw = await _request.SendJsonAsync(url, request);
             return UAuthResultMapper.FromJson<UserStatusChangeResult>(raw);
         }

src/CodeBeam.UltimateAuth.Client/Services/IUserClient.cs

@@ -7,7 +7,8 @@ namespace CodeBeam.UltimateAuth.Client.Services
     public interface IUserClient
     {
         Task<UAuthResult<UserCreateResult>> CreateAsync(CreateUserRequest request);
-        Task<UAuthResult<UserStatusChangeResult>> ChangeStatusAsync(ChangeUserStatusRequest request);
+        Task<UAuthResult<UserStatusChangeResult>> ChangeStatusSelfAsync(ChangeUserStatusSelfRequest request);
+        Task<UAuthResult<UserStatusChangeResult>> ChangeStatusAdminAsync(ChangeUserStatusAdminRequest request);
         Task<UAuthResult<UserDeleteResult>> DeleteAsync(DeleteUserRequest request);
 
         Task<UAuthResult<UserViewDto>> GetMeAsync();

src/CodeBeam.UltimateAuth.Server/Defaults/UAuthActions.cs

@@ -6,7 +6,7 @@ public static class Users
         {
             public const string Create = "users.create";
             public const string Delete = "users.delete";
-            public const string ChangeStatus = "users.status.change";
+            public const string ChangeStatusSelf = "users.status.change.self";
             public const string ChangeStatusAdmin = "users.status.change.admin";
         }
 

src/CodeBeam.UltimateAuth.Server/Endpoints/Abstractions/IUserEndpointHandler.cs

@@ -6,7 +6,8 @@ namespace CodeBeam.UltimateAuth.Server.Endpoints;
 public interface IUserEndpointHandler
 {
     Task<IResult> CreateAsync(HttpContext ctx);
-    Task<IResult> ChangeStatusAsync(HttpContext ctx);
+    Task<IResult> ChangeStatusSelfAsync(HttpContext ctx);
+    Task<IResult> ChangeStatusAdminAsync(UserKey userKey, HttpContext ctx);
     Task<IResult> DeleteAsync(HttpContext ctx);
 
     Task<IResult> GetMeAsync(HttpContext ctx);

src/CodeBeam.UltimateAuth.Server/Endpoints/UAuthEndpointRegistrar.cs

@@ -5,6 +5,7 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Routing;
+using static CodeBeam.UltimateAuth.Server.Defaults.UAuthActions;
 
 namespace CodeBeam.UltimateAuth.Server.Endpoints
 {
@@ -114,7 +115,7 @@ public void MapEndpoints(RouteGroupBuilder rootGroup, UAuthServerOptions options
                     => await h.CreateAsync(ctx)).WithMetadata(new AuthFlowMetadata(AuthFlowType.UserManagement));
 
                 users.MapPost("/status", async ([FromServices] IUserEndpointHandler h, HttpContext ctx)
-                    => await h.ChangeStatusAsync(ctx)).WithMetadata(new AuthFlowMetadata(AuthFlowType.UserManagement));
+                    => await h.ChangeStatusSelfAsync(ctx)).WithMetadata(new AuthFlowMetadata(AuthFlowType.UserManagement));
 
                 // Post is intended for Auth
                 users.MapPost("/delete", async ([FromServices] IUserEndpointHandler h, HttpContext ctx)
@@ -136,6 +137,9 @@ public void MapEndpoints(RouteGroupBuilder rootGroup, UAuthServerOptions options
             {
                 var admin = group.MapGroup("/admin/users");
 
+                admin.MapPost("/{userKey}/status", async ([FromServices] IUserEndpointHandler h, UserKey userKey, HttpContext ctx)
+                    => await h.ChangeStatusAdminAsync(userKey, ctx)).WithMetadata(new AuthFlowMetadata(AuthFlowType.UserManagement));
+
                 admin.MapPost("/{userKey}/profile/get", async ([FromServices] IUserEndpointHandler h, UserKey userKey, HttpContext ctx)
                     => await h.GetUserAsync(userKey, ctx)).WithMetadata(new AuthFlowMetadata(AuthFlowType.UserManagement));
 

src/CodeBeam.UltimateAuth.Server/Options/UAuthServerOptions.cs

@@ -110,7 +110,7 @@ public void ReplaceSessionCookieManager<T>() where T : class, IUAuthCookieManage
 
         public bool EnableUserLifecycleEndpoints { get; set; } = true;
         public bool EnableUserProfileEndpoints { get; set; } = true;
-        public bool EnableAdminChangeUserProfileEndpoints { get; set; } = false;
+        public bool EnableAdminChangeUserProfileEndpoints { get; set; } = true;
         public bool EnableCredentialsEndpoints { get; set; } = true;
         public bool EnableAuthorizationEndpoints { get; set; } = true;
 

src/users/CodeBeam.UltimateAuth.Users.Contracts/Dtos/UserStatus.cs

@@ -2,28 +2,20 @@
 {
     public enum UserStatus
     {
-        // Normal state
+
         Active = 0,
 
-        // User initiated
         SelfSuspended = 10,
 
-        // Administrative actions
         Disabled = 20,
         Suspended = 30,
 
-        // Security / risk based
         Locked = 40,
         RiskHold = 50,
 
-        // Lifecycle
         PendingActivation = 60,
         PendingVerification = 70,
 
-        // Terminal (soft-delete)
         Deactivated = 80,
-
-        // Soft // TODO: User domain already have IsDeleted, this may remove
-        Deleted = 90
     }
 }

…acts/Requests/ChangeUserStatusRequest.cs …Requests/ChangeUserStatusAdminRequest.cssrc/users/CodeBeam.UltimateAuth.Users.Contracts/Requests/ChangeUserStatusRequest.cs renamed to src/users/CodeBeam.UltimateAuth.Users.Contracts/Requests/ChangeUserStatusAdminRequest.cs src/users/CodeBeam.UltimateAuth.Users.Contracts/Requests/ChangeUserStatusRequest.cs renamed to src/users/CodeBeam.UltimateAuth.Users.Contracts/Requests/ChangeUserStatusAdminRequest.cs

@@ -2,7 +2,7 @@
 
 namespace CodeBeam.UltimateAuth.Users.Contracts
 {
-    public sealed class ChangeUserStatusRequest
+    public sealed class ChangeUserStatusAdminRequest
     {
         public required UserKey UserKey { get; init; }
         public required UserStatus NewStatus { get; init; }

src/users/CodeBeam.UltimateAuth.Users.Contracts/Requests/ChangeUserStatusSelfRequest.cs

@@ -0,0 +1,7 @@
+namespace CodeBeam.UltimateAuth.Users.Contracts
+{
+    public class ChangeUserStatusSelfRequest
+    {
+        public required UserStatus NewStatus { get; init; }
+    }
+}