Context Navigation

PetCaresController.cs@ 118e414

main

Last change on this file since 118e414 was 118e414, checked in by ElenaMoskova <elena.moskova99@…>, 3 months ago

fix access

implement multiple access pages with different roles
optimize present three structure of BlogPost and Answer

Property mode set to 100644

File size: 10.1 KB

Rev	Line
[2aea0fd]	1	using Microsoft.AspNetCore.Identity;
	2	using Microsoft.AspNetCore.Mvc;
	3	using Microsoft.EntityFrameworkCore;
[ae6c071]	4	using Microsoft.AspNetCore.Mvc.Rendering;
[2aea0fd]	5	using PostgreSqlDotnetCore.Models;
	6	using System;
	7	using System.Net;
	8
	9	namespace PostgreSqlDotnetCore.Controllers
	10	{
	11	public class PetCaresController : BaseController
	12	{
	13	public PetCaresController(UserManager<IdentityUser> userManager) : base(userManager)
	14	{
	15	}
	16
[ae6c071]	17
	18	[HttpGet]
[72b1da2]	19	/* public async Task<ActionResult> Create()
	20	{
	21
	22	var vetCenters = await db.VetCentersObj.ToListAsync();
	23
	24	ViewBag.VetCenters = new SelectList(vetCenters, "id", "name");
	25
	26	return View();
	27	}*/
[118e414]	28	public async Task<ActionResult> Create()
	29	{
	30
	31
[72b1da2]	32	UsersClass customerClass = await getCrrentUser();
[118e414]	33
[72b1da2]	34	ViewBag.isAuthenticated = customerClass;
[ae6c071]	35	var vetCenters = await db.VetCentersObj.ToListAsync();
[118e414]	36	ViewBag.VetCenters = new SelectList(vetCenters, "id", "name");
	37
	38	return View();
	39	}
[ae6c071]	40
[72b1da2]	41
[ae6c071]	42
	43
[2aea0fd]	44	// GET: Customer
	45	public async Task<ActionResult> IndexAsync()
	46	{
	47	// check for permission
	48	UsersClass customerClass = await getCrrentUser();
[6782104]	49	// set if is authenticated
	50	ViewBag.isAuthenticated = customerClass;
[2aea0fd]	51	if (customerClass == null)
	52	{
	53	return RedirectToAction("AccessDenied", "Error");
	54	}
[118e414]	55	// no access for standard user
	56	ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
	57
[2aea0fd]	58	if (customerClass.role_id == RoleConstants.Standard)
	59	{
	60	// query
[118e414]	61	var query = from st in db.PetCaresObj
[2aea0fd]	62	where st.usersid == customerClass.id
	63	select st;
	64
	65	var userPets =
	66	//db.PetCaresObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
	67	await query.ToListAsync<Pet_CaresClass>();
	68
	69	return View(userPets);
	70
	71	PetCareAllData petCareAllData = new PetCareAllData();
	72	petCareAllData.PetCares = userPets;
	73
	74
	75	// query
	76	var queryVetCenters = from kk in db.VetCentersObj
[118e414]	77	select kk;
[2aea0fd]	78
	79	// query
	80	var queryUsers = from st in db.CustomerObj
	81	select st;
	82
	83	var users = await queryUsers.ToListAsync<UsersClass>();
	84	petCareAllData.Users = users;
	85
	86	//var vetCenters = await queryVetCenters.ToListAsync<VetCenter>();
	87	//petCareAllData.VetCenters = vetCenters;
	88
	89	return View(petCareAllData);
[118e414]	90	}
	91	else
[2aea0fd]	92	{
	93	return View(db.PetCaresObj.ToList());
	94	}
	95
	96	}
	97
	98	// GET: Customer/Details/5
[57fc402]	99	public async Task<ActionResult> Details(int? id)
[2aea0fd]	100	{
	101	if (id == null)
	102	{
	103	return RedirectToAction("NotExist", "Error");
	104	}
[118e414]	105	UsersClass customerClass = await getCrrentUser();
[57fc402]	106	ViewBag.isAuthenticated = customerClass;
[2aea0fd]	107	Pet_CaresClass peClass = db.PetCaresObj.Find(id);
	108	if (peClass == null)
	109	{
	110	return RedirectToAction("NotExist", "Error");
	111	}
[118e414]	112	// no access for standard user
	113	ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
	114
[2aea0fd]	115	return View(peClass);
	116	}
	117
	118	// GET: Customer/Create
	119	//public ActionResult Create()
	120	//{
	121	// return View();
	122	//}
	123
[ae6c071]	124	/*public ActionResult Create()
[2aea0fd]	125	{
	126
	127	return View();
[ae6c071]	128	}*/
[2aea0fd]	129
	130	// POST: Customer/Create
	131	// To protect from overposting attacks, enable the specific properties you want to bind to, for
	132	// more details see https://go.microsoft.com/fwlink/?LinkId=317598.
	133	[HttpPost]
	134	[ValidateAntiForgeryToken]
[118e414]	135	public async Task<ActionResult> CreateAsync([Bind(include: "id,title,description,dateending, start_date, usersid, vetcentersid")] Pet_CaresClass peClass)
	136	{
	137	bool isAuthenticated = User.Identity.IsAuthenticated;
	138	if (!isAuthenticated)
	139	{
	140	return RedirectToAction("AccessDenied", "Error");
	141	}
[72b1da2]	142	ViewBag.isAuthenticated = new UsersClass();
[118e414]	143	// no access for standard user
	144	ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
[72b1da2]	145
[2aea0fd]	146	if (ModelState.IsValid)
[118e414]	147	{
[72b1da2]	148	ViewBag.isAuthenticated = new UsersClass();
[2aea0fd]	149	peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc);
[118e414]	150	peClass.start_date = DateTime.SpecifyKind(peClass.start_date, DateTimeKind.Utc);
	151	var user = await _userManager.GetUserAsync(User);
	152	var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
	153	peClass.usersid = customerClass.id;
	154	db.PetCaresObj.Add(peClass);
	155	db.SaveChanges();
	156	return RedirectToAction("Index");
	157	}
	158	var vetCenters = await db.VetCentersObj.ToListAsync();
	159	ViewBag.VetCenters = new SelectList(vetCenters, "id", "name");
	160
	161	return View(peClass);
	162	}
[72b1da2]	163
	164
	165
	166
	167
	168
	169
	170
[2aea0fd]	171
	172
	173	// GET: Customer/Edit/5
[8f8226c]	174	/* public ActionResult Edit(int? id)
	175	{
	176	if (id == null)
	177	{
	178	return RedirectToAction("NotExist", "Error");
	179	}
	180	Pet_CaresClass peClass = db.PetCaresObj.Find(id);
	181	if (peClass == null)
	182	{
	183	return RedirectToAction("NotExist", "Error");
	184	}
	185
	186
	187	return View(peClass);
	188	}*/
	189	// GET: Customer/Edit/5
	190	/* public ActionResult Edit(int? id)
	191	{
	192	if (id == null)
	193	{
	194	return RedirectToAction("NotExist", "Error");
	195	}
	196	Pet_CaresClass peClass = db.PetCaresObj.Find(id);
	197	if (peClass == null)
	198	{
	199	return RedirectToAction("NotExist", "Error");
	200	}
	201
	202
	203	return View(peClass);
	204	}*/
	205	public async Task<ActionResult> Edit(int? id)
[2aea0fd]	206	{
	207	if (id == null)
	208	{
	209	return RedirectToAction("NotExist", "Error");
	210	}
[8f8226c]	211
	212	Pet_CaresClass peClass = await db.PetCaresObj.FindAsync(id);
[2aea0fd]	213	if (peClass == null)
	214	{
	215	return RedirectToAction("NotExist", "Error");
	216	}
[8f8226c]	217
	218	var vetCenters = await db.VetCentersObj.ToListAsync();
	219	ViewBag.VetCenters = new SelectList(vetCenters, "id", "name", peClass.vetcentersid);
[57fc402]	220	// dodadeno na 22.08
	221	ViewBag.isAuthenticated = await getCrrentUser();
[2aea0fd]	222	return View(peClass);
	223	}
	224
[8f8226c]	225
	226
[2aea0fd]	227	// POST: Customer/Edit/5
	228	// To protect from overposting attacks, enable the specific properties you want to bind to, for
	229	// more details see https://go.microsoft.com/fwlink/?LinkId=317598.
	230	[HttpPost]
	231	[ValidateAntiForgeryToken]
[8f8226c]	232	public async Task<ActionResult> EditAsync([Bind(include: "id,title,description,dateending, vetcentersid")] Pet_CaresClass peClass)
[2aea0fd]	233	{
	234	bool isAuthenticated = User.Identity.IsAuthenticated;
	235	if (!isAuthenticated)
	236	{
	237	return RedirectToAction("AccessDenied", "Error");
	238	}
[57fc402]	239	ViewBag.isAuthenticated = await getCrrentUser();
[118e414]	240	// no access for standard user
	241	ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
[8f8226c]	242
[2aea0fd]	243	if (ModelState.IsValid)
	244	{
	245	peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc);
	246	var user = await _userManager.GetUserAsync(User);
	247	var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
	248	peClass.usersid = customerClass.id;
	249	db.Entry(peClass).State = EntityState.Modified;
	250	db.SaveChanges();
	251	return RedirectToAction("Index");
	252	}
	253	return View(peClass);
	254	}
	255
[8f8226c]	256
	257
	258
[2aea0fd]	259	// GET: Customer/Delete/5
[57fc402]	260	public async Task<ActionResult> Delete(int? id)
[2aea0fd]	261	{
	262	if (id == null)
	263	{
	264	return RedirectToAction("NotExist", "Error");
	265	}
[57fc402]	266	UsersClass customerClass = await getCrrentUser(); // Добијте ја тековната улога на корисникот
	267	ViewBag.isAuthenticated = customerClass;
[2aea0fd]	268	Pet_CaresClass peClass = db.PetCaresObj.Find(id);
	269	if (peClass == null)
	270	{
	271	return RedirectToAction("NotExist", "Error");
	272	}
[118e414]	273	// no access for standard user
	274	ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
	275
[2aea0fd]	276	return View(peClass);
	277	}
	278
	279	// POST: Customer/Delete/5
	280	[HttpPost, ActionName("Delete")]
	281	[ValidateAntiForgeryToken]
	282	public ActionResult DeleteConfirmed(int id)
	283	{
	284	Pet_CaresClass peClass = db.PetCaresObj.Find(id);
	285	db.PetCaresObj.Remove(peClass);
	286	db.SaveChanges();
	287	return RedirectToAction("Index");
	288	}
	289
	290	protected override void Dispose(bool disposing)
	291	{
	292	if (disposing)
	293	{
	294	db.Dispose();
	295	}
	296	base.Dispose(disposing);
	297	}
	298	}
	299	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: PostgreSqlDotnetCore/Controllers/PetCaresController.cs@ 118e414

Download in other formats: