Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Normal
Revision Log

source: PostgreSqlDotnetCore/Controllers/CustomerController.cs@ 2aea0fd

main

Last change on this file since 2aea0fd was 2aea0fd, checked in by ElenaMoskova <elena.moskova99@…>, 4 months ago
init commit Elena
Property mode set to `100644`
File size: 6.3 KB

Rev	Line
[2aea0fd]	1	using PostgreSqlDotnetCore.Data;
	2	using Microsoft.AspNetCore.Mvc;
	3	using System.Net;
	4	using PostgreSqlDotnetCore.Models;
	5	using Microsoft.EntityFrameworkCore;
	6	using System.Security.Cryptography;
	7	using Microsoft.AspNetCore.Cryptography.KeyDerivation;
	8	using Microsoft.AspNetCore.Identity;
	9
	10	namespace PostgreSqlDotnetCore.Controllers
	11	{
	12	public class CustomerController : BaseController
	13	{
	14	public CustomerController(UserManager<IdentityUser> userManager) : base(userManager)
	15	{
	16	}
	17
	18	// GET: Customer
	19	public async Task<ActionResult> IndexAsync()
	20	{
	21	UsersClass customerClass = await getCrrentUser();
	22	if (customerClass == null)
	23	{
	24	return RedirectToAction("AccessDenied", "Error");
	25	}
	26	if (customerClass.role_id == RoleConstants.Standard)
	27	{
	28
	29	var query = from st in db.CustomerObj
	30	where st.id == customerClass.id
	31	select st;
	32
	33	var userPets =
	34	//db.PetsObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
	35	await query.ToListAsync<UsersClass>();
	36	return View(userPets);
	37	}
	38	else
	39	{
	40	return View(db.CustomerObj.ToList());
	41	}
	42
	43	}
	44
	45	// GET: Customer/Details/5
	46	public async Task<ActionResult> DetailsAsync(int? id)
	47	{
	48
	49	if (id == null)
	50	{
	51
	52	return RedirectToAction("NotExist", "Error");
	53	//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
	54	}
	55
	56	// check for permission
	57	UsersClass customerClass = await getCrrentUser();
	58	if (customerClass == null)
	59	{
	60	return RedirectToAction("AccessDenied", "Error");
	61	}
	62
	63	customerClass = db.CustomerObj.Find(id);
	64	if (customerClass == null)
	65	{
	66	return RedirectToAction("NotExist", "Error");
	67	}
	68	return View(customerClass);
	69	}
	70
	71	// GET: Customer/Create
	72	public async Task<ActionResult> CreateAsync()
	73	{
	74	// check for permission
	75	UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
	76	if (customerClass == null)
	77	{
	78	return RedirectToAction("AccessDenied", "Error");
	79	}
	80
	81	return View();
	82	}
	83
	84	// POST: Customer/Create
	85	// To protect from overposting attacks, enable the specific properties you want to bind to, for
	86	// more details see https://go.microsoft.com/fwlink/?LinkId=317598.
	87	[HttpPost]
	88	[ValidateAntiForgeryToken]
	89	public ActionResult Create([Bind(include: "id,name,lastname,email,password,number,role_id,jobs_id")] UsersClass customerClass)
	90	{
	91	if (ModelState.IsValid)
	92	{
	93	byte[] salt = RandomNumberGenerator.GetBytes(128 / 8); // divide by 8 to convert bits to bytes
	94	// derive a 256-bit subkey (use HMACSHA256 with 100,000 iterations)
	95	string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
	96	password: customerClass.password!,
	97	salt: salt,
	98	prf: KeyDerivationPrf.HMACSHA256,
	99	iterationCount: 100000,
	100	numBytesRequested: 256 / 8));
	101	customerClass.password = hashed; // Hash passwords
	102	db.CustomerObj.Add(customerClass);
	103	db.SaveChanges();
	104	return RedirectToAction("Index");
	105	}
	106
	107	return View(customerClass);
	108	}
	109
	110	// GET: Customer/Edit/5
	111	public async Task<ActionResult> EditAsync(int? id)
	112	{
	113	if (id == null)
	114	{
	115	return RedirectToAction("NotExist", "Error");
	116	//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
	117	}
	118	// check for permission
	119	UsersClass customerClass = await getCrrentUser();
	120	if (customerClass == null)
	121	{
	122	return RedirectToAction("AccessDenied", "Error");
	123	}
	124
	125	customerClass = db.CustomerObj.Find(id);
	126	if (customerClass == null)
	127	{
	128	return View(null);
	129	//return HttpNotFound();
	130	}
	131	return View(customerClass);
	132	}
	133
	134	// POST: Customer/Edit/5
	135	// To protect from overposting attacks, enable the specific properties you want to bind to, for
	136	// more details see https://go.microsoft.com/fwlink/?LinkId=317598.
	137	[HttpPost]
	138	[ValidateAntiForgeryToken]
	139	public async Task<ActionResult> EditAsync([Bind(include: "id,name,lastname,email,number,role_id,jobs_id")] UsersClass users)
	140	{
	141	if (ModelState.IsValid)
	142	{
	143	db.Entry(users).State = EntityState.Modified;
	144	await db.SaveChangesAsync();
	145	return RedirectToAction("Index");
	146	}
	147
	148	return View(users);
	149	}
	150
	151	// GET: Customer/Delete/5
	152	public async Task<ActionResult> DeleteAsync(int? id)
	153	{
	154	if (id == null)
	155	{
	156	return RedirectToAction("NotExist", "Error");
	157	//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
	158	}
	159	UsersClass customerClass = await getCrrentUser();
	160	if (customerClass == null)
	161	{
	162	return RedirectToAction("AccessDenied", "Error");
	163	}
	164	return View(customerClass);
	165	}
	166
	167	// POST: Customer/Delete/5
	168	[HttpPost, ActionName("Delete")]
	169	[ValidateAntiForgeryToken]
	170	public ActionResult DeleteConfirmed(int id)
	171	{
	172	UsersClass customerClass = db.CustomerObj.Find(id);
	173	db.CustomerObj.Remove(customerClass);
	174	db.SaveChanges();
	175	return RedirectToAction("Index");
	176	}
	177
	178	protected override void Dispose(bool disposing)
	179	{
	180	if (disposing)
	181	{
	182	db.Dispose();
	183	}
	184	base.Dispose(disposing);
	185	}
	186
	187
	188	}
	189	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: