source: PostgreSqlDotnetCore/Controllers/PetCaresController.cs@ d6040ef

main
Last change on this file since d6040ef was 6782104, checked in by ElenaMoskova <elena.moskova99@…>, 3 months ago

fix authorization

implement hiding menu items
  • Property mode set to 100644
File size: 7.9 KB
Line 
1using Microsoft.AspNetCore.Identity;
2using Microsoft.AspNetCore.Mvc;
3using Microsoft.EntityFrameworkCore;
4using Microsoft.AspNetCore.Mvc.Rendering;
5using PostgreSqlDotnetCore.Models;
6using System;
7using System.Net;
8
9namespace PostgreSqlDotnetCore.Controllers
10{
11 public class PetCaresController : BaseController
12 {
13 public PetCaresController(UserManager<IdentityUser> userManager) : base(userManager)
14 {
15 }
16
17
18 [HttpGet]
19 public async Task<ActionResult> Create()
20 {
21
22 var vetCenters = await db.VetCentersObj.ToListAsync();
23
24 ViewBag.VetCenters = new SelectList(vetCenters, "id", "name");
25
26 return View();
27 }
28
29 // GET: Customer
30 public async Task<ActionResult> IndexAsync()
31 {
32 // check for permission
33 UsersClass customerClass = await getCrrentUser();
34 // set if is authenticated
35 ViewBag.isAuthenticated = customerClass;
36 if (customerClass == null)
37 {
38 return RedirectToAction("AccessDenied", "Error");
39 }
40 if (customerClass.role_id == RoleConstants.Standard)
41 {
42 // query
43 var query = from st in db.PetCaresObj
44 where st.usersid == customerClass.id
45 select st;
46
47 var userPets =
48 //db.PetCaresObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
49 await query.ToListAsync<Pet_CaresClass>();
50
51 return View(userPets);
52
53 PetCareAllData petCareAllData = new PetCareAllData();
54 petCareAllData.PetCares = userPets;
55
56
57 // query
58 var queryVetCenters = from kk in db.VetCentersObj
59 select kk;
60
61 // query
62 var queryUsers = from st in db.CustomerObj
63 select st;
64
65 var users = await queryUsers.ToListAsync<UsersClass>();
66 petCareAllData.Users = users;
67
68 //var vetCenters = await queryVetCenters.ToListAsync<VetCenter>();
69 //petCareAllData.VetCenters = vetCenters;
70
71 return View(petCareAllData);
72 } else
73 {
74 return View(db.PetCaresObj.ToList());
75 }
76
77 }
78
79 // GET: Customer/Details/5
80 public ActionResult Details(int? id)
81 {
82 if (id == null)
83 {
84 return RedirectToAction("NotExist", "Error");
85 }
86 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
87 if (peClass == null)
88 {
89 return RedirectToAction("NotExist", "Error");
90 }
91 return View(peClass);
92 }
93
94 // GET: Customer/Create
95 //public ActionResult Create()
96 //{
97 // return View();
98 //}
99
100 /*public ActionResult Create()
101 {
102
103 return View();
104 }*/
105
106 // POST: Customer/Create
107 // To protect from overposting attacks, enable the specific properties you want to bind to, for
108 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
109 [HttpPost]
110 [ValidateAntiForgeryToken]
111 public async Task<ActionResult> CreateAsync([Bind(include: "id,title,description,dateending, start_date, usersid, vetcentersid")] Pet_CaresClass peClass)
112 {
113 bool isAuthenticated = User.Identity.IsAuthenticated;
114 if (!isAuthenticated)
115 {
116 return RedirectToAction("AccessDenied", "Error");
117 }
118 if (ModelState.IsValid)
119 {
120 peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc);
121 peClass.start_date = DateTime.SpecifyKind(peClass.start_date, DateTimeKind.Utc);
122 var user = await _userManager.GetUserAsync(User);
123 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
124 peClass.usersid = customerClass.id;
125 db.PetCaresObj.Add(peClass);
126 db.SaveChanges();
127 return RedirectToAction("Index");
128 }
129
130 return View(peClass);
131 }
132
133 // GET: Customer/Edit/5
134 /* public ActionResult Edit(int? id)
135 {
136 if (id == null)
137 {
138 return RedirectToAction("NotExist", "Error");
139 }
140 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
141 if (peClass == null)
142 {
143 return RedirectToAction("NotExist", "Error");
144 }
145
146
147 return View(peClass);
148 }*/
149 // GET: Customer/Edit/5
150 /* public ActionResult Edit(int? id)
151 {
152 if (id == null)
153 {
154 return RedirectToAction("NotExist", "Error");
155 }
156 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
157 if (peClass == null)
158 {
159 return RedirectToAction("NotExist", "Error");
160 }
161
162
163 return View(peClass);
164 }*/
165 public async Task<ActionResult> Edit(int? id)
166 {
167 if (id == null)
168 {
169 return RedirectToAction("NotExist", "Error");
170 }
171
172 Pet_CaresClass peClass = await db.PetCaresObj.FindAsync(id);
173 if (peClass == null)
174 {
175 return RedirectToAction("NotExist", "Error");
176 }
177
178 var vetCenters = await db.VetCentersObj.ToListAsync();
179 ViewBag.VetCenters = new SelectList(vetCenters, "id", "name", peClass.vetcentersid);
180
181 return View(peClass);
182 }
183
184
185
186 // POST: Customer/Edit/5
187 // To protect from overposting attacks, enable the specific properties you want to bind to, for
188 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
189 [HttpPost]
190 [ValidateAntiForgeryToken]
191 public async Task<ActionResult> EditAsync([Bind(include: "id,title,description,dateending, vetcentersid")] Pet_CaresClass peClass)
192 {
193 bool isAuthenticated = User.Identity.IsAuthenticated;
194 if (!isAuthenticated)
195 {
196 return RedirectToAction("AccessDenied", "Error");
197 }
198
199 if (ModelState.IsValid)
200 {
201 peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc);
202 var user = await _userManager.GetUserAsync(User);
203 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
204 peClass.usersid = customerClass.id;
205 db.Entry(peClass).State = EntityState.Modified;
206 db.SaveChanges();
207 return RedirectToAction("Index");
208 }
209 return View(peClass);
210 }
211
212
213
214
215 // GET: Customer/Delete/5
216 public ActionResult Delete(int? id)
217 {
218 if (id == null)
219 {
220 return RedirectToAction("NotExist", "Error");
221 }
222 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
223 if (peClass == null)
224 {
225 return RedirectToAction("NotExist", "Error");
226 }
227 return View(peClass);
228 }
229
230 // POST: Customer/Delete/5
231 [HttpPost, ActionName("Delete")]
232 [ValidateAntiForgeryToken]
233 public ActionResult DeleteConfirmed(int id)
234 {
235 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
236 db.PetCaresObj.Remove(peClass);
237 db.SaveChanges();
238 return RedirectToAction("Index");
239 }
240
241 protected override void Dispose(bool disposing)
242 {
243 if (disposing)
244 {
245 db.Dispose();
246 }
247 base.Dispose(disposing);
248 }
249 }
250}
Note: See TracBrowser for help on using the repository browser.