Context Navigation

source: PostgreSqlDotnetCore/Controllers/CustomerController.cs@ 784b3ad

main

Last change on this file since 784b3ad was 784b3ad, checked in by ElenaMoskova <elena.moskova99@…>, 4 months ago

Update CustomerController.cs

ADD comment

Property mode set to 100644

File size: 6.4 KB

Rev	Line
[2aea0fd]	1	using PostgreSqlDotnetCore.Data;
	2	using Microsoft.AspNetCore.Mvc;
	3	using System.Net;
	4	using PostgreSqlDotnetCore.Models;
	5	using Microsoft.EntityFrameworkCore;
	6	using System.Security.Cryptography;
	7	using Microsoft.AspNetCore.Cryptography.KeyDerivation;
	8	using Microsoft.AspNetCore.Identity;
	9
	10	namespace PostgreSqlDotnetCore.Controllers
	11	{
	12	public class CustomerController : BaseController
	13	{
	14	public CustomerController(UserManager<IdentityUser> userManager) : base(userManager)
	15	{
	16	}
	17
	18	// GET: Customer
	19	public async Task<ActionResult> IndexAsync()
	20	{
	21	UsersClass customerClass = await getCrrentUser();
	22	if (customerClass == null)
	23	{
	24	return RedirectToAction("AccessDenied", "Error");
	25	}
	26	if (customerClass.role_id == RoleConstants.Standard)
	27	{
[784b3ad]	28	// searching from DB
[2aea0fd]	29
	30	var query = from st in db.CustomerObj
	31	where st.id == customerClass.id
	32	select st;
	33
	34	var userPets =
	35	//db.PetsObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
	36	await query.ToListAsync<UsersClass>();
	37	return View(userPets);
	38	}
	39	else
	40	{
	41	return View(db.CustomerObj.ToList());
	42	}
	43
	44	}
	45
	46	// GET: Customer/Details/5
	47	public async Task<ActionResult> DetailsAsync(int? id)
	48	{
	49
	50	if (id == null)
	51	{
	52
	53	return RedirectToAction("NotExist", "Error");
	54	//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
	55	}
	56
	57	// check for permission
	58	UsersClass customerClass = await getCrrentUser();
	59	if (customerClass == null)
	60	{
	61	return RedirectToAction("AccessDenied", "Error");
	62	}
	63
	64	customerClass = db.CustomerObj.Find(id);
	65	if (customerClass == null)
	66	{
	67	return RedirectToAction("NotExist", "Error");
	68	}
	69	return View(customerClass);
	70	}
	71
	72	// GET: Customer/Create
	73	public async Task<ActionResult> CreateAsync()
	74	{
	75	// check for permission
	76	UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
	77	if (customerClass == null)
	78	{
	79	return RedirectToAction("AccessDenied", "Error");
	80	}
	81
	82	return View();
	83	}
	84
	85	// POST: Customer/Create
	86	// To protect from overposting attacks, enable the specific properties you want to bind to, for
	87	// more details see https://go.microsoft.com/fwlink/?LinkId=317598.
	88	[HttpPost]
	89	[ValidateAntiForgeryToken]
	90	public ActionResult Create([Bind(include: "id,name,lastname,email,password,number,role_id,jobs_id")] UsersClass customerClass)
	91	{
	92	if (ModelState.IsValid)
	93	{
	94	byte[] salt = RandomNumberGenerator.GetBytes(128 / 8); // divide by 8 to convert bits to bytes
	95	// derive a 256-bit subkey (use HMACSHA256 with 100,000 iterations)
	96	string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
	97	password: customerClass.password!,
	98	salt: salt,
	99	prf: KeyDerivationPrf.HMACSHA256,
	100	iterationCount: 100000,
	101	numBytesRequested: 256 / 8));
	102	customerClass.password = hashed; // Hash passwords
	103	db.CustomerObj.Add(customerClass);
	104	db.SaveChanges();
	105	return RedirectToAction("Index");
	106	}
	107
	108	return View(customerClass);
	109	}
	110
	111	// GET: Customer/Edit/5
	112	public async Task<ActionResult> EditAsync(int? id)
	113	{
	114	if (id == null)
	115	{
	116	return RedirectToAction("NotExist", "Error");
	117	//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
	118	}
	119	// check for permission
	120	UsersClass customerClass = await getCrrentUser();
	121	if (customerClass == null)
	122	{
	123	return RedirectToAction("AccessDenied", "Error");
	124	}
	125
	126	customerClass = db.CustomerObj.Find(id);
	127	if (customerClass == null)
	128	{
	129	return View(null);
	130	//return HttpNotFound();
	131	}
	132	return View(customerClass);
	133	}
	134
	135	// POST: Customer/Edit/5
	136	// To protect from overposting attacks, enable the specific properties you want to bind to, for
	137	// more details see https://go.microsoft.com/fwlink/?LinkId=317598.
	138	[HttpPost]
	139	[ValidateAntiForgeryToken]
	140	public async Task<ActionResult> EditAsync([Bind(include: "id,name,lastname,email,number,role_id,jobs_id")] UsersClass users)
	141	{
	142	if (ModelState.IsValid)
	143	{
	144	db.Entry(users).State = EntityState.Modified;
	145	await db.SaveChangesAsync();
	146	return RedirectToAction("Index");
	147	}
	148
	149	return View(users);
	150	}
	151
	152	// GET: Customer/Delete/5
	153	public async Task<ActionResult> DeleteAsync(int? id)
	154	{
	155	if (id == null)
	156	{
	157	return RedirectToAction("NotExist", "Error");
	158	//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
	159	}
	160	UsersClass customerClass = await getCrrentUser();
	161	if (customerClass == null)
	162	{
	163	return RedirectToAction("AccessDenied", "Error");
	164	}
	165	return View(customerClass);
	166	}
	167
	168	// POST: Customer/Delete/5
	169	[HttpPost, ActionName("Delete")]
	170	[ValidateAntiForgeryToken]
	171	public ActionResult DeleteConfirmed(int id)
	172	{
	173	UsersClass customerClass = db.CustomerObj.Find(id);
	174	db.CustomerObj.Remove(customerClass);
	175	db.SaveChanges();
	176	return RedirectToAction("Index");
	177	}
	178
	179	protected override void Dispose(bool disposing)
	180	{
	181	if (disposing)
	182	{
	183	db.Dispose();
	184	}
	185	base.Dispose(disposing);
	186	}
	187
	188
	189	}
	190	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: