- Timestamp:
- 08/23/24 15:40:14 (5 weeks ago)
- Branches:
- main
- Children:
- e9bb9d1
- Parents:
- 72b1da2
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
PostgreSqlDotnetCore/Controllers/PetCaresController.cs
r72b1da2 r118e414 26 26 return View(); 27 27 }*/ 28 29 30 31 28 public async Task<ActionResult> Create() 29 { 30 31 32 32 UsersClass customerClass = await getCrrentUser(); 33 33 34 34 ViewBag.isAuthenticated = customerClass; 35 35 var vetCenters = await db.VetCentersObj.ToListAsync(); 36 37 38 39 40 41 36 ViewBag.VetCenters = new SelectList(vetCenters, "id", "name"); 37 38 return View(); 39 } 40 41 42 42 43 43 … … 53 53 return RedirectToAction("AccessDenied", "Error"); 54 54 } 55 // no access for standard user 56 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager); 57 55 58 if (customerClass.role_id == RoleConstants.Standard) 56 59 { 57 60 // query 58 61 var query = from st in db.PetCaresObj 59 62 where st.usersid == customerClass.id 60 63 select st; … … 72 75 // query 73 76 var queryVetCenters = from kk in db.VetCentersObj 74 select kk;77 select kk; 75 78 76 79 // query … … 85 88 86 89 return View(petCareAllData); 87 } else 90 } 91 else 88 92 { 89 93 return View(db.PetCaresObj.ToList()); … … 99 103 return RedirectToAction("NotExist", "Error"); 100 104 } 101 UsersClass customerClass = await getCrrentUser(); 105 UsersClass customerClass = await getCrrentUser(); 102 106 ViewBag.isAuthenticated = customerClass; 103 107 Pet_CaresClass peClass = db.PetCaresObj.Find(id); … … 106 110 return RedirectToAction("NotExist", "Error"); 107 111 } 112 // no access for standard user 113 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager); 114 108 115 return View(peClass); 109 116 } … … 126 133 [HttpPost] 127 134 [ValidateAntiForgeryToken] 128 129 130 131 132 133 134 135 public async Task<ActionResult> CreateAsync([Bind(include: "id,title,description,dateending, start_date, usersid, vetcentersid")] Pet_CaresClass peClass) 136 { 137 bool isAuthenticated = User.Identity.IsAuthenticated; 138 if (!isAuthenticated) 139 { 140 return RedirectToAction("AccessDenied", "Error"); 141 } 135 142 ViewBag.isAuthenticated = new UsersClass(); 143 // no access for standard user 144 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager); 136 145 137 146 if (ModelState.IsValid) 138 147 { 139 148 ViewBag.isAuthenticated = new UsersClass(); 140 149 peClass.dateending = DateTime.SpecifyKind(peClass.dateending, DateTimeKind.Utc); 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 150 peClass.start_date = DateTime.SpecifyKind(peClass.start_date, DateTimeKind.Utc); 151 var user = await _userManager.GetUserAsync(User); 152 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email); 153 peClass.usersid = customerClass.id; 154 db.PetCaresObj.Add(peClass); 155 db.SaveChanges(); 156 return RedirectToAction("Index"); 157 } 158 var vetCenters = await db.VetCentersObj.ToListAsync(); 159 ViewBag.VetCenters = new SelectList(vetCenters, "id", "name"); 160 161 return View(peClass); 162 } 163 164 165 166 167 159 168 160 169 … … 229 238 } 230 239 ViewBag.isAuthenticated = await getCrrentUser(); 240 // no access for standard user 241 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager); 231 242 232 243 if (ModelState.IsValid) … … 260 271 return RedirectToAction("NotExist", "Error"); 261 272 } 273 // no access for standard user 274 ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager); 275 262 276 return View(peClass); 263 277 }
Note:
See TracChangeset
for help on using the changeset viewer.
