source: PostgreSqlDotnetCore/Controllers/PetsController.cs@ 72b1da2

main
Last change on this file since 72b1da2 was 57fc402, checked in by ElenaMoskova <elena.moskova99@…>, 3 months ago

Аsync, access permission, and other fixes.

Regulation of access permissions. Which fields can be accessed by different users.

  • Property mode set to 100644
File size: 8.1 KB
Line 
1using Microsoft.AspNetCore.Identity;
2using Microsoft.AspNetCore.Mvc;
3using Microsoft.EntityFrameworkCore;
4using PostgreSqlDotnetCore.Models;
5using System;
6using System.Net;
7
8namespace PostgreSqlDotnetCore.Controllers
9{
10 public class PetsController : BaseController
11 {
12 public PetsController(UserManager<IdentityUser> userManager) : base(userManager)
13 {
14 }
15
16 // GET: Customer
17 public async Task<ActionResult> IndexAsync()
18 {
19 // check for permission
20 UsersClass customerClass = await getCrrentUser();
21
22 // set if is authenticated
23 ViewBag.isAuthenticated = customerClass;
24 if (customerClass == null)
25 {
26 return RedirectToAction("AccessDenied", "Error");
27 }
28 if (customerClass.role_id == RoleConstants.Standard)
29 {
30 // kco
31 var query = from st in db.PetsObj
32 where st.usersid == customerClass.id
33 select st;
34
35 var userPets =
36 //db.PetsObj.FromSql($"SELECT * FROM pets where usersid={customerClass.id}").ToListAsync();
37 await query.ToListAsync<PetsClass>();
38 return View(userPets);
39 } else
40 {
41 return View(db.PetsObj.ToList());
42 }
43
44 }
45
46 // GET: Customer/Details/5
47 /* public ActionResult Details(int? id)
48 {
49 if (id == null)
50 {
51 return RedirectToAction("NotExist", "Error");
52 }
53 PetsClass peClass = db.PetsObj.Find(id);
54 if (peClass == null)
55 {
56 return RedirectToAction("NotExist", "Error");
57 }
58 return View(peClass);
59 }*/
60
61 public async Task<ActionResult> Details(int? id)
62 {
63 if (id == null)
64 {
65 return RedirectToAction("NotExist", "Error");
66 }
67
68 UsersClass customerClass = await getCrrentUser(); // Добијте ја тековната улога на корисникот
69 ViewBag.isAuthenticated = customerClass;
70
71 PetsClass peClass = await db.PetsObj.FindAsync(id);
72 if (peClass == null)
73 {
74 return RedirectToAction("NotExist", "Error");
75 }
76
77 return View(peClass);
78 }
79
80 // GET: Customer/Create
81 //public ActionResult Create()
82 //{
83 // return View();
84 //}
85
86 public async Task<ActionResult> CreateAsync()
87 {
88
89 // check for permission
90 UsersClass customerClass = await getCrrentUser();
91 // set if is authenticated
92 ViewBag.isAuthenticated = customerClass;
93 return View();
94 }
95
96 // POST: Customer/Create
97 // To protect from overposting attacks, enable the specific properties you want to bind to, for
98 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
99 [HttpPost]
100 [ValidateAntiForgeryToken]
101 public async Task<ActionResult> CreateAsync([Bind(include: "id,name,color,description,dateofbirthday, usersid,typeofpetsid")] PetsClass peClass)
102 {
103 bool isAuthenticated = User.Identity.IsAuthenticated;
104 if (!isAuthenticated)
105 {
106 // set if is authenticated
107 ViewBag.isAuthenticated = null;
108 return RedirectToAction("AccessDenied", "Error");
109 }
110 ViewBag.isAuthenticated = new UsersClass();
111
112 if (ModelState.IsValid)
113 {
114 // set if is authenticated
115 ViewBag.isAuthenticated = new UsersClass();
116 // peClass.dateofbirthday = DateTime.SpecifyKind(peClass.dateofbirthday, DateTimeKind.Utc);
117 var user = await _userManager.GetUserAsync(User);
118 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
119 peClass.usersid = customerClass.id;
120 // voa go pisav tuka na 18.02
121 // PetsClass.dateofbirthday = DateOnly.FromDateTime(DateTime.UtcNow);
122 db.PetsObj.Add(peClass);
123 db.SaveChanges();
124 return RedirectToAction("Index");
125 }
126
127 return View(peClass);
128 }
129
130 // GET: Customer/Edit/5
131 // public ActionResult Edit(int? id)
132 public async Task<ActionResult> Edit(int? id)
133 {
134 if (id == null)
135 {
136 return RedirectToAction("NotExist", "Error");
137 }
138 PetsClass peClass = db.PetsObj.Find(id);
139 if (peClass == null)
140 {
141 return RedirectToAction("NotExist", "Error");
142 }
143 // додадено на 21.08
144 ViewBag.isAuthenticated = await getCrrentUser();
145 return View(peClass);
146 }
147
148 // POST: Customer/Edit/5
149 // To protect from overposting attacks, enable the specific properties you want to bind to, for
150 // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
151 [HttpPost]
152 [ValidateAntiForgeryToken]
153 public async Task<ActionResult> EditAsync([Bind(include: "id,name, color,description,dateofbirthday, usersid,typeofpetsid")] PetsClass peClass)
154 {
155 bool isAuthenticated = User.Identity.IsAuthenticated;
156 ViewBag.isAuthenticated = await getCrrentUser();
157
158 if (!isAuthenticated)
159 {
160 // set if is authenticated
161 ViewBag.isAuthenticated = null;
162 return RedirectToAction("AccessDenied", "Error");
163 }
164
165 // set if is authenticated
166 // додадено и избришено
167 ViewBag.isAuthenticated = await getCrrentUser();
168 //ViewBag.isAuthenticated = new UsersClass();
169
170
171 if (ModelState.IsValid)
172 {
173 //peClass.dateofbirthday = DateTime.SpecifyKind(peClass.dateofbirthday, DateTimeKind.Utc);
174
175 var user = await _userManager.GetUserAsync(User);
176 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
177 peClass.usersid = customerClass.id;
178 db.Entry(peClass).State = EntityState.Modified;
179 db.SaveChanges();
180 return RedirectToAction("Index");
181 }
182 return View(peClass);
183 }
184
185 // GET: Customer/Delete/5
186 /* public ActionResult Delete(int? id)
187 {
188 if (id == null)
189 {
190 return RedirectToAction("NotExist", "Error");
191 }
192 PetsClass peClass = db.PetsObj.Find(id);
193 if (peClass == null)
194 {
195 return RedirectToAction("NotExist", "Error");
196 }
197 return View(peClass);
198 }*/
199
200 public async Task<ActionResult> Delete(int? id)
201 {
202 if (id == null)
203 {
204 return RedirectToAction("NotExist", "Error");
205 }
206
207 UsersClass customerClass = await getCrrentUser(); // Добијте ја тековната улога на корисникот
208 ViewBag.isAuthenticated = customerClass;
209
210 PetsClass peClass = await db.PetsObj.FindAsync(id);
211 if (peClass == null)
212 {
213 return RedirectToAction("NotExist", "Error");
214 }
215
216 return View(peClass);
217 }
218
219 // POST: Customer/Delete/5
220 [HttpPost, ActionName("Delete")]
221 [ValidateAntiForgeryToken]
222 public ActionResult DeleteConfirmed(int id)
223 {
224 PetsClass peClass = db.PetsObj.Find(id);
225 db.PetsObj.Remove(peClass);
226 db.SaveChanges();
227 return RedirectToAction("Index");
228 }
229
230 protected override void Dispose(bool disposing)
231 {
232 if (disposing)
233 {
234 db.Dispose();
235 }
236 base.Dispose(disposing);
237 }
238 }
239}
Note: See TracBrowser for help on using the repository browser.