source: PostgreSqlDotnetCore/Controllers/CityController.cs@ 118e414

main
Last change on this file since 118e414 was 118e414, checked in by ElenaMoskova <elena.moskova99@…>, 5 weeks ago

fix access

implement multiple access pages with different roles
optimize present three structure of BlogPost and Answer
  • Property mode set to 100644
File size: 6.3 KB
Line 
1using Microsoft.AspNetCore.Identity;
2using Microsoft.AspNetCore.Mvc;
3using Microsoft.EntityFrameworkCore;
4using PostgreSqlDotnetCore.Controllers;
5using PostgreSqlDotnetCore.Models;
6using System.Net;
7
8namespace PostgreSqlDotnetCore.Controllers
9{
10 public class CityController : BaseController
11 {
12 public CityController(UserManager<IdentityUser> userManager) : base(userManager)
13 {
14 }
15
16 // GET: Customer
17 public async Task<ActionResult> IndexAsync()
18 {
19 // check for permission
20 UsersClass customerClass = await checkAuthorizationAsync();
21 ViewBag.isAuthenticated = User.Identity.IsAuthenticated;
22
23 if (customerClass == null)
24 {
25 return RedirectToAction("AccessDenied", "Error");
26 }
27
28 var citiess = await db.CitiesObj.ToListAsync();
29 // проба на 23.08
30 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
31
32 return View(citiess);
33 }
34
35
36
37
38 /* public async Task<ActionResult> IndexAsync()
39 {
40 // check for permission
41 UsersClass customerClass = await checkAuthorizationAsync();
42 if (customerClass == null)
43 {
44 return RedirectToAction("AccessDenied", "Error");
45 }
46 //return View(Enumerable.Empty<UsersClass>());
47 return View(db.CitiesObj.ToList());
48 }
49 */
50
51
52
53 // GET: Customer/Details/5
54 //public ActionResult Details(int? id)
55 public async Task<ActionResult> Details(int? id)
56 {
57 if (id == null)
58 {
59 return RedirectToAction("NotExist", "Error");
60 }
61 CitiesClass cityClass = db.CitiesObj.Find(id);
62 UsersClass customerClass = await getCrrentUser();
63 ViewBag.isAuthenticated = customerClass;
64 if (cityClass == null)
65 {
66 return RedirectToAction("NotExist", "Error");
67 }
68 // no access for standard user
69 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
70
71 return View(cityClass);
72 }
73
74 // GET: Customer/Create
75 //public ActionResult Create()
76 //{
77 // return View();
78 //}
79
80 //public ActionResult Create()
81 public async Task<ActionResult> CreateAsync()
82 {
83 UsersClass customerClass = await getCrrentUser();
84 // set if is authenticated
85 ViewBag.isAuthenticated = customerClass;
86 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
87 return View();
88 }
89
90 // POST: Customer/Create
91 // To protect from overposting attacks, enable the specific properties you want to bind to, for
92 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
93 [HttpPost]
94 [ValidateAntiForgeryToken]
95 public ActionResult Create([Bind(include: "id,name")] CitiesClass cityClass)
96 {
97
98 if (ModelState.IsValid)
99 {
100 db.CitiesObj.Add(cityClass);
101 db.SaveChanges();
102 return RedirectToAction("Index");
103 }
104
105 return View(cityClass);
106 }
107
108 // GET: Customer/Edit/5
109 // public ActionResult Edit(int? id)
110 public async Task<ActionResult> Edit(int? id)
111 {
112 if (id == null)
113 {
114 return RedirectToAction("NotExist", "Error");
115 }
116 CitiesClass cityClass = db.CitiesObj.Find(id);
117 //22.08
118 ViewBag.isAuthenticated = await getCrrentUser();
119 if (cityClass == null)
120 {
121 return RedirectToAction("NotExist", "Error");
122 }
123 // no access for standard user
124 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
125
126 return View(cityClass);
127 }
128
129 // POST: Customer/Edit/5
130 // To protect from overposting attacks, enable the specific properties you want to bind to, for
131 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
132 [HttpPost]
133 [ValidateAntiForgeryToken]
134 public ActionResult Edit([Bind(include: "id,name")] CitiesClass cityClass)
135 {
136 if (ModelState.IsValid)
137 {
138 db.Entry(cityClass).State = EntityState.Modified;
139 db.SaveChanges();
140 return RedirectToAction("Index");
141 }
142 return View(cityClass);
143 }
144
145 // GET: Customer/Delete/5
146 // public ActionResult Delete(int? id)
147 public async Task<ActionResult> Delete(int? id)
148 {
149
150 UsersClass customerClass = await checkAuthorizationAsync();
151
152 ViewBag.isAuthenticated = await getCrrentUser();
153 if (id == null)
154 {
155 return RedirectToAction("NotExist", "Error");
156 }
157 CitiesClass cityClass = db.CitiesObj.Find(id);
158 if (cityClass == null)
159 {
160 return RedirectToAction("NotExist", "Error");
161 }
162 // no access for standard user
163 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
164
165 return View(cityClass);
166 }
167
168 // POST: Customer/Delete/5
169 [HttpPost, ActionName("Delete")]
170 [ValidateAntiForgeryToken]
171 public ActionResult DeleteConfirmed(int id)
172 {
173 CitiesClass cityClass = db.CitiesObj.Find(id);
174 db.CitiesObj.Remove(cityClass);
175 db.SaveChanges();
176 return RedirectToAction("Index");
177 }
178
179 protected override void Dispose(bool disposing)
180 {
181 if (disposing)
182 {
183 db.Dispose();
184 }
185 base.Dispose(disposing);
186 }
187
188
189
190
191 }
192}
Note: See TracBrowser for help on using the repository browser.