source: PostgreSqlDotnetCore/Controllers/PetsController.cs@ d6040ef

main
Last change on this file since d6040ef was 6782104, checked in by ElenaMoskova <elena.moskova99@…>, 3 months ago

fix authorization

implement hiding menu items

  • Property mode set to 100644
File size: 6.5 KB
Line 
1using Microsoft.AspNetCore.Identity;
2using Microsoft.AspNetCore.Mvc;
3using Microsoft.EntityFrameworkCore;
4using PostgreSqlDotnetCore.Models;
5using System;
6using System.Net;
7
8namespace PostgreSqlDotnetCore.Controllers
9{
10 public class PetsController : BaseController
11 {
12 public PetsController(UserManager<IdentityUser> userManager) : base(userManager)
13 {
14 }
15
16 // GET: Customer
17 public async Task<ActionResult> IndexAsync()
18 {
19 // check for permission
20 UsersClass customerClass = await getCrrentUser();
21
22 // set if is authenticated
23 ViewBag.isAuthenticated = customerClass;
24 if (customerClass == null)
25 {
26 return RedirectToAction("AccessDenied", "Error");
27 }
28 if (customerClass.role_id == RoleConstants.Standard)
29 {
30 // kco
31 var query = from st in db.PetsObj
32 where st.usersid == customerClass.id
33 select st;
34
35 var userPets =
36 //db.PetsObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
37 await query.ToListAsync<PetsClass>();
38 return View(userPets);
39 } else
40 {
41 return View(db.PetsObj.ToList());
42 }
43
44 }
45
46 // GET: Customer/Details/5
47 public ActionResult Details(int? id)
48 {
49 if (id == null)
50 {
51 return RedirectToAction("NotExist", "Error");
52 }
53 PetsClass peClass = db.PetsObj.Find(id);
54 if (peClass == null)
55 {
56 return RedirectToAction("NotExist", "Error");
57 }
58 return View(peClass);
59 }
60
61 // GET: Customer/Create
62 //public ActionResult Create()
63 //{
64 // return View();
65 //}
66
67 public async Task<ActionResult> CreateAsync()
68 {
69
70 // check for permission
71 UsersClass customerClass = await getCrrentUser();
72 // set if is authenticated
73 ViewBag.isAuthenticated = customerClass;
74 return View();
75 }
76
77 // POST: Customer/Create
78 // To protect from overposting attacks, enable the specific properties you want to bind to, for
79 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
80 [HttpPost]
81 [ValidateAntiForgeryToken]
82 public async Task<ActionResult> CreateAsync([Bind(include: "id,name,color,description,dateofbirthday, usersid,typeofpetsid")] PetsClass peClass)
83 {
84 bool isAuthenticated = User.Identity.IsAuthenticated;
85 if (!isAuthenticated)
86 {
87 // set if is authenticated
88 ViewBag.isAuthenticated = null;
89 return RedirectToAction("AccessDenied", "Error");
90 }
91 ViewBag.isAuthenticated = new UsersClass();
92
93 if (ModelState.IsValid)
94 {
95 // set if is authenticated
96 ViewBag.isAuthenticated = new UsersClass();
97 // peClass.dateofbirthday = DateTime.SpecifyKind(peClass.dateofbirthday, DateTimeKind.Utc);
98 var user = await _userManager.GetUserAsync(User);
99 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
100 peClass.usersid = customerClass.id;
101 // voa go pisav tuka na 18.02
102 // PetsClass.dateofbirthday = DateOnly.FromDateTime(DateTime.UtcNow);
103 db.PetsObj.Add(peClass);
104 db.SaveChanges();
105 return RedirectToAction("Index");
106 }
107
108 return View(peClass);
109 }
110
111 // GET: Customer/Edit/5
112 public ActionResult Edit(int? id)
113 {
114 if (id == null)
115 {
116 return RedirectToAction("NotExist", "Error");
117 }
118 PetsClass peClass = db.PetsObj.Find(id);
119 if (peClass == null)
120 {
121 return RedirectToAction("NotExist", "Error");
122 }
123 return View(peClass);
124 }
125
126 // POST: Customer/Edit/5
127 // To protect from overposting attacks, enable the specific properties you want to bind to, for
128 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
129 [HttpPost]
130 [ValidateAntiForgeryToken]
131 public async Task<ActionResult> EditAsync([Bind(include: "id,name, color,description,dateofbirthday, usersid,typeofpetsid")] PetsClass peClass)
132 {
133 bool isAuthenticated = User.Identity.IsAuthenticated;
134 if (!isAuthenticated)
135 {
136 // set if is authenticated
137 ViewBag.isAuthenticated = null;
138 return RedirectToAction("AccessDenied", "Error");
139 }
140
141 // set if is authenticated
142 ViewBag.isAuthenticated = new UsersClass();
143
144
145 if (ModelState.IsValid)
146 {
147 //peClass.dateofbirthday = DateTime.SpecifyKind(peClass.dateofbirthday, DateTimeKind.Utc);
148
149 var user = await _userManager.GetUserAsync(User);
150 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
151 peClass.usersid = customerClass.id;
152 db.Entry(peClass).State = EntityState.Modified;
153 db.SaveChanges();
154 return RedirectToAction("Index");
155 }
156 return View(peClass);
157 }
158
159 // GET: Customer/Delete/5
160 public ActionResult Delete(int? id)
161 {
162 if (id == null)
163 {
164 return RedirectToAction("NotExist", "Error");
165 }
166 PetsClass peClass = db.PetsObj.Find(id);
167 if (peClass == null)
168 {
169 return RedirectToAction("NotExist", "Error");
170 }
171 return View(peClass);
172 }
173
174 // POST: Customer/Delete/5
175 [HttpPost, ActionName("Delete")]
176 [ValidateAntiForgeryToken]
177 public ActionResult DeleteConfirmed(int id)
178 {
179 PetsClass peClass = db.PetsObj.Find(id);
180 db.PetsObj.Remove(peClass);
181 db.SaveChanges();
182 return RedirectToAction("Index");
183 }
184
185 protected override void Dispose(bool disposing)
186 {
187 if (disposing)
188 {
189 db.Dispose();
190 }
191 base.Dispose(disposing);
192 }
193 }
194}
Note: See TracBrowser for help on using the repository browser.