source: PostgreSqlDotnetCore/Controllers/PetCaresController.cs@ 57fc402

main
Last change on this file since 57fc402 was 57fc402, checked in by ElenaMoskova <elena.moskova99@…>, 5 weeks ago

Аsync, access permission, and other fixes.

Regulation of access permissions. Which fields can be accessed by different users.
  • Property mode set to 100644
File size: 8.4 KB
Line 
1using Microsoft.AspNetCore.Identity;
2using Microsoft.AspNetCore.Mvc;
3using Microsoft.EntityFrameworkCore;
4using Microsoft.AspNetCore.Mvc.Rendering;
5using PostgreSqlDotnetCore.Models;
6using System;
7using System.Net;
8
9namespace PostgreSqlDotnetCore.Controllers
10{
11 public class PetCaresController : BaseController
12 {
13 public PetCaresController(UserManager<IdentityUser> userManager) : base(userManager)
14 {
15 }
16
17
18 [HttpGet]
19 public async Task<ActionResult> Create()
20 {
21
22 var vetCenters = await db.VetCentersObj.ToListAsync();
23
24 ViewBag.VetCenters = new SelectList(vetCenters, "id", "name");
25
26 return View();
27 }
28
29 // GET: Customer
30 public async Task<ActionResult> IndexAsync()
31 {
32 // check for permission
33 UsersClass customerClass = await getCrrentUser();
34 // set if is authenticated
35 ViewBag.isAuthenticated = customerClass;
36 if (customerClass == null)
37 {
38 return RedirectToAction("AccessDenied", "Error");
39 }
40 if (customerClass.role_id == RoleConstants.Standard)
41 {
42 // query
43 var query = from st in db.PetCaresObj
44 where st.usersid == customerClass.id
45 select st;
46
47 var userPets =
48 //db.PetCaresObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
49 await query.ToListAsync<Pet_CaresClass>();
50
51 return View(userPets);
52
53 PetCareAllData petCareAllData = new PetCareAllData();
54 petCareAllData.PetCares = userPets;
55
56
57 // query
58 var queryVetCenters = from kk in db.VetCentersObj
59 select kk;
60
61 // query
62 var queryUsers = from st in db.CustomerObj
63 select st;
64
65 var users = await queryUsers.ToListAsync<UsersClass>();
66 petCareAllData.Users = users;
67
68 //var vetCenters = await queryVetCenters.ToListAsync<VetCenter>();
69 //petCareAllData.VetCenters = vetCenters;
70
71 return View(petCareAllData);
72 } else
73 {
74 return View(db.PetCaresObj.ToList());
75 }
76
77 }
78
79 // GET: Customer/Details/5
80 public async Task<ActionResult> Details(int? id)
81 {
82 if (id == null)
83 {
84 return RedirectToAction("NotExist", "Error");
85 }
86 UsersClass customerClass = await getCrrentUser();
87 ViewBag.isAuthenticated = customerClass;
88 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
89 if (peClass == null)
90 {
91 return RedirectToAction("NotExist", "Error");
92 }
93 return View(peClass);
94 }
95
96 // GET: Customer/Create
97 //public ActionResult Create()
98 //{
99 // return View();
100 //}
101
102 /*public ActionResult Create()
103 {
104
105 return View();
106 }*/
107
108 // POST: Customer/Create
109 // To protect from overposting attacks, enable the specific properties you want to bind to, for
110 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
111 [HttpPost]
112 [ValidateAntiForgeryToken]
113 public async Task<ActionResult> CreateAsync([Bind(include: "id,title,description,dateending, start_date, usersid, vetcentersid")] Pet_CaresClass peClass)
114 {
115 bool isAuthenticated = User.Identity.IsAuthenticated;
116 if (!isAuthenticated)
117 {
118 return RedirectToAction("AccessDenied", "Error");
119 }
120 if (ModelState.IsValid)
121 {
122 peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc);
123 peClass.start_date = DateTime.SpecifyKind(peClass.start_date, DateTimeKind.Utc);
124 var user = await _userManager.GetUserAsync(User);
125 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
126 peClass.usersid = customerClass.id;
127 db.PetCaresObj.Add(peClass);
128 db.SaveChanges();
129 return RedirectToAction("Index");
130 }
131
132 return View(peClass);
133 }
134
135 // GET: Customer/Edit/5
136 /* public ActionResult Edit(int? id)
137 {
138 if (id == null)
139 {
140 return RedirectToAction("NotExist", "Error");
141 }
142 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
143 if (peClass == null)
144 {
145 return RedirectToAction("NotExist", "Error");
146 }
147
148
149 return View(peClass);
150 }*/
151 // GET: Customer/Edit/5
152 /* public ActionResult Edit(int? id)
153 {
154 if (id == null)
155 {
156 return RedirectToAction("NotExist", "Error");
157 }
158 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
159 if (peClass == null)
160 {
161 return RedirectToAction("NotExist", "Error");
162 }
163
164
165 return View(peClass);
166 }*/
167 public async Task<ActionResult> Edit(int? id)
168 {
169 if (id == null)
170 {
171 return RedirectToAction("NotExist", "Error");
172 }
173
174 Pet_CaresClass peClass = await db.PetCaresObj.FindAsync(id);
175 if (peClass == null)
176 {
177 return RedirectToAction("NotExist", "Error");
178 }
179
180 var vetCenters = await db.VetCentersObj.ToListAsync();
181 ViewBag.VetCenters = new SelectList(vetCenters, "id", "name", peClass.vetcentersid);
182 // dodadeno na 22.08
183 ViewBag.isAuthenticated = await getCrrentUser();
184 return View(peClass);
185 }
186
187
188
189 // POST: Customer/Edit/5
190 // To protect from overposting attacks, enable the specific properties you want to bind to, for
191 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
192 [HttpPost]
193 [ValidateAntiForgeryToken]
194 public async Task<ActionResult> EditAsync([Bind(include: "id,title,description,dateending, vetcentersid")] Pet_CaresClass peClass)
195 {
196 bool isAuthenticated = User.Identity.IsAuthenticated;
197 if (!isAuthenticated)
198 {
199 return RedirectToAction("AccessDenied", "Error");
200 }
201 ViewBag.isAuthenticated = await getCrrentUser();
202
203 if (ModelState.IsValid)
204 {
205 peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc);
206 var user = await _userManager.GetUserAsync(User);
207 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
208 peClass.usersid = customerClass.id;
209 db.Entry(peClass).State = EntityState.Modified;
210 db.SaveChanges();
211 return RedirectToAction("Index");
212 }
213 return View(peClass);
214 }
215
216
217
218
219 // GET: Customer/Delete/5
220 public async Task<ActionResult> Delete(int? id)
221 {
222 if (id == null)
223 {
224 return RedirectToAction("NotExist", "Error");
225 }
226 UsersClass customerClass = await getCrrentUser(); // Добијте ја тековната улога на корисникот
227 ViewBag.isAuthenticated = customerClass;
228 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
229 if (peClass == null)
230 {
231 return RedirectToAction("NotExist", "Error");
232 }
233 return View(peClass);
234 }
235
236 // POST: Customer/Delete/5
237 [HttpPost, ActionName("Delete")]
238 [ValidateAntiForgeryToken]
239 public ActionResult DeleteConfirmed(int id)
240 {
241 Pet_CaresClass peClass = db.PetCaresObj.Find(id);
242 db.PetCaresObj.Remove(peClass);
243 db.SaveChanges();
244 return RedirectToAction("Index");
245 }
246
247 protected override void Dispose(bool disposing)
248 {
249 if (disposing)
250 {
251 db.Dispose();
252 }
253 base.Dispose(disposing);
254 }
255 }
256}
Note: See TracBrowser for help on using the repository browser.