The updating of a user's tenant in a multi-tenant application needs work, as the Roles might change. #15
Description
If an app admin creates a new tenant user or update an existing tenant user it won't show the correct Roles when use the user admin method called GetRoleNamesForUsersAsync. The GetRoleNamesForUsersAsync method takes in the user's userId. This has two problems:
- When creating a user you won't get the correct tenant users because the tenant isn't set.
- If you change the tenant that a user is linked to, then the Roles might not be correct because the tenant Roles in the new tenant can be different to the user's original tenant Roles. That also includes going from no tenant to a tenant - see issue Multi-tenant Roles: Problem when changing a Roles RoleType or when deleting #13.
Suggested solution
- Change create to check that the Roles are correct for the applied tenant. Check if any of the Roles provided aren't correct for the tenant then sent back an error for each Role.
- For Update, do the same as create - return errors if Roles aren't correct for the the tenant.