Вытащил солюшен на уровень выше, чтобы прощё было дотнетить

ApplicationLayer/Services/Users/Exceptions/WrongRoleException.cs

@@ -0,0 +1,6 @@
+using ApplicationLayer.GeneralExceptions;
+using Domains.Users;
+
+namespace ApplicationLayer.Services.Users.Exceptions;
+
+public class WrongRoleException(Guid userId) : EntityNotFoundByIdException<User>(userId);

ApplicationLayer/Services/Users/IUsersService.cs

@@ -0,0 +1,27 @@
+using ApplicationLayer.Services.Applicants.Models;
+using ApplicationLayer.Services.Users.Models;
+using ApplicationLayer.Services.Users.Requests;
+
+namespace ApplicationLayer.Services.Users;
+
+/// user accounts service
+public interface IUsersService
+{
+    /// Returns all user accounts with role of approving authority
+    /// <param name="cancellationToken">Cancellation token</param>
+    Task<List<UserModel>> GetAuthoritiesAccountsAsync(CancellationToken cancellationToken);
+
+    /// Changes authentication data for an authority account
+    /// <param name="request"> Request object with identifier of user and new authentication data</param>
+    /// <param name="cancellationToken">Cancellation token</param>
+    Task ChangeAuthorityAuthDataAsync(ChangeUserAuthDataRequest request, CancellationToken cancellationToken);
+
+    /// Removes account of authority
+    /// <param name="userId">Identifier of account</param>
+    /// <param name="cancellationToken">Cancellation token</param>
+    Task RemoveAuthorityAccount(Guid userId, CancellationToken cancellationToken);
+
+    /// Get applicant that made request
+    /// <param name="cancellationToken">cancellation token</param>
+    Task<ApplicantModel> GetAuthenticatedApplicant(CancellationToken cancellationToken);
+}

ApplicationLayer/Services/Users/Models/ChangeAuthData.cs

@@ -0,0 +1,15 @@
+using System.ComponentModel.DataAnnotations;
+using Domains;
+
+namespace ApplicationLayer.Services.Users.Models;
+
+/// Auth data with nullable password for making change auth data requests
+public class ChangeAuthData
+{
+    [Required]
+    [MaxLength(ConfigurationConstraints.EmailLength)]
+    public string Email { get; set; } = null!;
+
+    [MaxLength(ConfigurationConstraints.PasswordLength)]
+    public string? Password { get; set; }
+}

ApplicationLayer/Services/Users/Models/UserModel.cs

@@ -0,0 +1,15 @@
+using System.ComponentModel.DataAnnotations;
+using Domains;
+
+namespace ApplicationLayer.Services.Users.Models;
+
+public class UserModel
+{
+    /// Unique Identifier of user
+    [Required]
+    public Guid Id { get; private set; } = Guid.NewGuid();
+
+    [Required]
+    [MaxLength(ConfigurationConstraints.EmailLength)]
+    public string Email { get; set; } = null!;
+}

ApplicationLayer/Services/Users/Requests/ChangeUserAuthDataRequest.cs

@@ -0,0 +1,11 @@
+using System.ComponentModel.DataAnnotations;
+using ApplicationLayer.Services.Users.Models;
+
+namespace ApplicationLayer.Services.Users.Requests;
+
+public class ChangeUserAuthDataRequest(Guid userId, ChangeAuthData newAuthData)
+{
+    [Required] public Guid UserId { get; set; } = userId;
+
+    [Required] public ChangeAuthData NewAuthData { get; set; } = newAuthData;
+}

ApplicationLayer/Services/Users/Requests/Validation/ChangeUserAuthDataRequestValidator.cs

@@ -0,0 +1,23 @@
+using Domains;
+using FluentValidation;
+
+namespace ApplicationLayer.Services.Users.Requests.Validation;
+
+public class ChangeUserAuthDataRequestValidator : AbstractValidator<ChangeUserAuthDataRequest>
+{
+    public ChangeUserAuthDataRequestValidator()
+    {
+        RuleFor(r => r.UserId)
+            .NotEmpty();
+
+        RuleFor(r => r.NewAuthData)
+            .NotEmpty();
+
+        RuleFor(r => r.NewAuthData.Email)
+            .NotEmpty()
+            .EmailAddress()
+            .WithMessage("Email should be valid")
+            .MaximumLength(ConfigurationConstraints.EmailLength)
+            .WithMessage($"Email address length must be less than {ConfigurationConstraints.EmailLength}");
+    }
+}

ApplicationLayer/Services/Users/UsersService.cs

@@ -0,0 +1,85 @@
+using ApplicationLayer.InfrastructureServicesInterfaces;
+using ApplicationLayer.Services.Applicants.Models;
+using ApplicationLayer.Services.Applicants.NeededServices;
+using ApplicationLayer.Services.AuthServices.NeededServices;
+using ApplicationLayer.Services.Users.Exceptions;
+using ApplicationLayer.Services.Users.Models;
+using ApplicationLayer.Services.Users.Requests;
+using AutoMapper;
+using Domains.Users;
+
+namespace ApplicationLayer.Services.Users;
+
+public class UsersService(
+    IMapper mapper,
+    IUserIdProvider userIdProvider,
+    IUsersRepository users,
+    IApplicantsRepository applicants,
+    IUnitOfWork unitOfWork) : IUsersService
+{
+    async Task<List<UserModel>> IUsersService.GetAuthoritiesAccountsAsync(CancellationToken cancellationToken)
+    {
+        var userList = await users.GetAllOfRoleAsync(Role.ApprovingAuthority, cancellationToken);
+        return mapper.Map<List<UserModel>>(userList);
+    }
+
+    async Task IUsersService.ChangeAuthorityAuthDataAsync(ChangeUserAuthDataRequest request, CancellationToken cancellationToken)
+    {
+        var user = await users.GetByIdAsync(request.UserId, cancellationToken);
+
+        ValidateRole(user, Role.ApprovingAuthority);
+
+        await ChangeAccountAuthDataAsync(user, request.NewAuthData, cancellationToken);
+    }
+
+    async Task IUsersService.RemoveAuthorityAccount(Guid userId, CancellationToken cancellationToken)
+    {
+        var user = await users.GetByIdAsync(userId, cancellationToken);
+
+        ValidateRole(user, Role.ApprovingAuthority);
+
+        await RemoveUserAccount(user, cancellationToken);
+    }
+
+    async Task<ApplicantModel> IUsersService.GetAuthenticatedApplicant(CancellationToken cancellationToken)
+    {
+        var applicant = await applicants.FindByUserIdAsync(userIdProvider.GetUserId(), cancellationToken);
+
+        return mapper.Map<ApplicantModel>(applicant);
+    }
+
+    /// Updates user account auth data
+    /// <param name="user">User to remove</param>
+    /// <param name="authData">New auth data</param>
+    /// <param name="cancellationToken">Cancellation token</param>
+    private async Task ChangeAccountAuthDataAsync(User user, ChangeAuthData authData, CancellationToken cancellationToken)
+    {
+        user.Email = authData.Email;
+        user.Password = authData.Password ?? user.Password;
+        await users.UpdateAsync(user, cancellationToken);
+
+        await unitOfWork.SaveAsync(cancellationToken);
+    }
+
+    /// Removes user account from DB
+    /// <param name="user">User to remove</param>
+    /// <param name="cancellationToken">Cancellation token</param>
+    private async Task RemoveUserAccount(User user, CancellationToken cancellationToken)
+    {
+        users.Remove(user);
+
+        await unitOfWork.SaveAsync(cancellationToken);
+    }
+
+    /// Checks if role of user equals expected
+    /// <param name="user">User to check</param>
+    /// <param name="expectedRole">Expected role</param>
+    /// <exception cref="WrongRoleException">Role is not expected</exception>
+    private static void ValidateRole(User user, Role expectedRole)
+    {
+        if (user.Role != expectedRole)
+        {
+            throw new WrongRoleException(user.Id);
+        }
+    }
+}