Changeset 118e414 for PostgreSqlDotnetCore/Controllers/PetsController.cs

Timestamp:

08/23/24 15:40:14 (2 months ago)

Author:

ElenaMoskova <elena.moskova99@…>

Branches:

main

Children:

e9bb9d1

Parents:

72b1da2

Message:

fix access

implement multiple access pages with different roles
optimize present three structure of BlogPost and Answer

File:

• PostgreSqlDotnetCore/Controllers/PetsController.cs (modified) (8 diffs)

PostgreSqlDotnetCore/Controllers/PetsController.cs

@@ -26 +26 @@
                 return RedirectToAction("AccessDenied", "Error");
             }
+            // no access for standard user
+            ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
+
             if (customerClass.role_id == RoleConstants.Standard)
             {
                 // kco
-                            var query = from st in db.PetsObj
+                var query = from st in db.PetsObj
                             where st.usersid == customerClass.id
                             select st;
@@ -37 +40 @@
                     await query.ToListAsync<PetsClass>();
                 return View(userPets);
-            } else
+            }
+            else
             {
                 return View(db.PetsObj.ToList());
@@ -74 +78 @@
                 return RedirectToAction("NotExist", "Error");
             }
+            // no access for standard user
+            ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
+
 
             return View(peClass);
@@ -109 +116 @@
             }
             ViewBag.isAuthenticated = new UsersClass();
+            // no access for standard user
+            ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
 
             if (ModelState.IsValid)
@@ -119 +128 @@
                 peClass.usersid = customerClass.id;
                 // voa go pisav tuka na 18.02
-               // PetsClass.dateofbirthday = DateOnly.FromDateTime(DateTime.UtcNow);
+                // PetsClass.dateofbirthday = DateOnly.FromDateTime(DateTime.UtcNow);
                 db.PetsObj.Add(peClass);
                 db.SaveChanges();
@@ -143 +152 @@
             // додадено на 21.08
             ViewBag.isAuthenticated = await getCrrentUser();
+            // no access for standard user
+            ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
+
             return View(peClass);
         }
@@ -167 +179 @@
             ViewBag.isAuthenticated = await getCrrentUser();
             //ViewBag.isAuthenticated = new UsersClass();
-            
-             
+            // no access for standard user
+            ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
+
+
             if (ModelState.IsValid)
             {
                 //peClass.dateofbirthday = DateTime.SpecifyKind(peClass.dateofbirthday, DateTimeKind.Utc);
-                
+
                 var user = await _userManager.GetUserAsync(User);
                 var customerClass = db.CustomerObj.SingleOrDefault(x => x.email == user.Email);
@@ -213 +227 @@
                 return RedirectToAction("NotExist", "Error");
             }
+            // no access for standard user
+            ViewBag.OnlyAdminManager = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin) ?? await checkAuthorizationSpecificRoleAsync(RoleConstants.Manager);
+
 
             return View(peClass);