namespace PostgreSqlDotnetCore.Controllers { using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using PostgreSqlDotnetCore.Data; using PostgreSqlDotnetCore.Models; public class BaseController : Controller { public ApplicationDbContext db = new ApplicationDbContext(); public UserManager _userManager; public BaseController(UserManager userManager) { _userManager = userManager; } public async Task getCrrentUser() { bool isAuthenticated = User.Identity.IsAuthenticated; UsersClass customerClass = null; if (isAuthenticated) { var user = await _userManager.GetUserAsync(User); customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email); if (customerClass == null) // if is not admin or manager NO PERMISSION { return null; } return customerClass; } else { return null; } } public async Task checkAuthorizationAsync() { bool isAuthenticated = User.Identity.IsAuthenticated; UsersClass customerClass = null; if (isAuthenticated) { var user = await _userManager.GetUserAsync(User); customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email); if (customerClass == null || (customerClass.role_id != RoleConstants.Admin && customerClass.role_id != RoleConstants.Manager)) // if is not admin or manager NO PERMISSION { return null; } return customerClass; } else { return null; } } public async Task checkAuthorizationSpecificRoleAsync(int roleId) { bool isAuthenticated = User.Identity.IsAuthenticated; UsersClass customerClass = null; if (isAuthenticated) { var user = await _userManager.GetUserAsync(User); customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email); if (customerClass == null || (customerClass.role_id != roleId)) // if is a specific role { return null; } return customerClass; } else { return null; } } } }