source: PostgreSqlDotnetCore/Controllers/CityController.cs@ e9bb9d1

main
Last change on this file since e9bb9d1 was 118e414, checked in by ElenaMoskova <elena.moskova99@…>, 3 months ago

fix access

implement multiple access pages with different roles
optimize present three structure of BlogPost and Answer

  • Property mode set to 100644
File size: 6.3 KB
RevLine 
[2aea0fd]1using Microsoft.AspNetCore.Identity;
2using Microsoft.AspNetCore.Mvc;
3using Microsoft.EntityFrameworkCore;
4using PostgreSqlDotnetCore.Controllers;
5using PostgreSqlDotnetCore.Models;
6using System.Net;
7
8namespace PostgreSqlDotnetCore.Controllers
9{
10 public class CityController : BaseController
11 {
12 public CityController(UserManager<IdentityUser> userManager) : base(userManager)
13 {
14 }
15
16 // GET: Customer
17 public async Task<ActionResult> IndexAsync()
[118e414]18 {
19 // check for permission
20 UsersClass customerClass = await checkAuthorizationAsync();
21 ViewBag.isAuthenticated = User.Identity.IsAuthenticated;
[57fc402]22
[118e414]23 if (customerClass == null)
24 {
25 return RedirectToAction("AccessDenied", "Error");
26 }
[57fc402]27
28 var citiess = await db.CitiesObj.ToListAsync();
[118e414]29 // проба на 23.08
30 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
[57fc402]31
32 return View(citiess);
33 }
[118e414]34
[57fc402]35
36
37
38 /* public async Task<ActionResult> IndexAsync()
[d6040ef]39 {
40 // check for permission
41 UsersClass customerClass = await checkAuthorizationAsync();
42 if (customerClass == null)
43 {
44 return RedirectToAction("AccessDenied", "Error");
45 }
46 //return View(Enumerable.Empty<UsersClass>());
47 return View(db.CitiesObj.ToList());
48 }
[57fc402]49 */
50
[d6040ef]51
[2aea0fd]52
53 // GET: Customer/Details/5
[118e414]54 //public ActionResult Details(int? id)
55 public async Task<ActionResult> Details(int? id)
[2aea0fd]56 {
57 if (id == null)
58 {
59 return RedirectToAction("NotExist", "Error");
60 }
61 CitiesClass cityClass = db.CitiesObj.Find(id);
[118e414]62 UsersClass customerClass = await getCrrentUser();
63 ViewBag.isAuthenticated = customerClass;
[2aea0fd]64 if (cityClass == null)
65 {
66 return RedirectToAction("NotExist", "Error");
67 }
[118e414]68 // no access for standard user
69 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
70
[2aea0fd]71 return View(cityClass);
72 }
73
74 // GET: Customer/Create
75 //public ActionResult Create()
76 //{
77 // return View();
78 //}
79
[118e414]80 //public ActionResult Create()
81 public async Task<ActionResult> CreateAsync()
[2aea0fd]82 {
[118e414]83 UsersClass customerClass = await getCrrentUser();
84 // set if is authenticated
85 ViewBag.isAuthenticated = customerClass;
86 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
[2aea0fd]87 return View();
88 }
89
90 // POST: Customer/Create
91 // To protect from overposting attacks, enable the specific properties you want to bind to, for
92 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
93 [HttpPost]
94 [ValidateAntiForgeryToken]
95 public ActionResult Create([Bind(include: "id,name")] CitiesClass cityClass)
96 {
[118e414]97
[2aea0fd]98 if (ModelState.IsValid)
99 {
100 db.CitiesObj.Add(cityClass);
101 db.SaveChanges();
102 return RedirectToAction("Index");
103 }
104
105 return View(cityClass);
106 }
107
108 // GET: Customer/Edit/5
[118e414]109 // public ActionResult Edit(int? id)
110 public async Task<ActionResult> Edit(int? id)
[2aea0fd]111 {
112 if (id == null)
113 {
114 return RedirectToAction("NotExist", "Error");
115 }
116 CitiesClass cityClass = db.CitiesObj.Find(id);
[118e414]117 //22.08
118 ViewBag.isAuthenticated = await getCrrentUser();
[2aea0fd]119 if (cityClass == null)
120 {
121 return RedirectToAction("NotExist", "Error");
122 }
[118e414]123 // no access for standard user
124 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
125
[2aea0fd]126 return View(cityClass);
127 }
128
129 // POST: Customer/Edit/5
130 // To protect from overposting attacks, enable the specific properties you want to bind to, for
131 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
132 [HttpPost]
133 [ValidateAntiForgeryToken]
134 public ActionResult Edit([Bind(include: "id,name")] CitiesClass cityClass)
135 {
136 if (ModelState.IsValid)
137 {
138 db.Entry(cityClass).State = EntityState.Modified;
139 db.SaveChanges();
140 return RedirectToAction("Index");
141 }
142 return View(cityClass);
143 }
144
145 // GET: Customer/Delete/5
[118e414]146 // public ActionResult Delete(int? id)
147 public async Task<ActionResult> Delete(int? id)
[2aea0fd]148 {
[118e414]149
150 UsersClass customerClass = await checkAuthorizationAsync();
151
152 ViewBag.isAuthenticated = await getCrrentUser();
[2aea0fd]153 if (id == null)
154 {
155 return RedirectToAction("NotExist", "Error");
156 }
157 CitiesClass cityClass = db.CitiesObj.Find(id);
158 if (cityClass == null)
159 {
160 return RedirectToAction("NotExist", "Error");
161 }
[118e414]162 // no access for standard user
163 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
164
[2aea0fd]165 return View(cityClass);
166 }
167
168 // POST: Customer/Delete/5
169 [HttpPost, ActionName("Delete")]
170 [ValidateAntiForgeryToken]
171 public ActionResult DeleteConfirmed(int id)
172 {
173 CitiesClass cityClass = db.CitiesObj.Find(id);
174 db.CitiesObj.Remove(cityClass);
175 db.SaveChanges();
176 return RedirectToAction("Index");
177 }
178
179 protected override void Dispose(bool disposing)
180 {
181 if (disposing)
182 {
183 db.Dispose();
184 }
185 base.Dispose(disposing);
186 }
[57fc402]187
188
189
[118e414]190
[2aea0fd]191 }
192}
Note: See TracBrowser for help on using the repository browser.