Changeset 57fc402 for PostgreSqlDotnetCore/Controllers/VetCenterController.cs

Timestamp:

08/22/24 01:46:17 (5 weeks ago)

Author:

ElenaMoskova <elena.moskova99@…>

Branches:

main

Children:

72b1da2

Parents:

d6040ef

Message:

Аsync, access permission, and other fixes.

Regulation of access permissions. Which fields can be accessed by different users.

File:

• PostgreSqlDotnetCore/Controllers/VetCenterController.cs (modified) (9 diffs)

PostgreSqlDotnetCore/Controllers/VetCenterController.cs

@@ -4 +4 @@
 using PostgreSqlDotnetCore.Models;
 using Microsoft.AspNetCore.Mvc.Rendering;
-using System.Data;
-using System.Net;
+using System.Threading.Tasks;
 
 namespace PostgreSqlDotnetCore.Controllers
@@ -15 +14 @@
         }
 
-         public async Task<ActionResult> Create()
-         {
-             UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
-             if (customerClass == null)
-             {
-                 return RedirectToAction("AccessDenied", "Error");
-             }
-             var citiess = await db.CitiesObj.ToListAsync();
+        public async Task<ActionResult> Create()
+        {
+            // Set if user is authenticated
+            UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
+            ViewBag.isAuthenticated = await getCrrentUser();
+            if (customerClass == null)
+            {
+                return RedirectToAction("AccessDenied", "Error");
+            }
 
-             ViewBag.Citiess = new SelectList(citiess, "id", "name");
+            // Fetch cities for dropdown
+            var citiess = await db.CitiesObj.ToListAsync();
+            ViewBag.Citiess = new SelectList(citiess, "id", "name");
 
-             return View();
-         }
+            return View();
+        }
 
-        // GET: Customer
-        /* public ActionResult Index()
-         {
-             return View(db.VetCentersObj.ToList());
-         }*/
+        public async Task<ActionResult> Index()
+        {
+            var vetCenters = await db.VetCentersObj.ToListAsync();
+            ViewBag.isAuthenticated = User.Identity.IsAuthenticated;
 
-        public ActionResult Index()
-        {
-            var vetCenters = db.VetCentersObj.ToList();
-
-            // Составување на списокот на ветеринарни центри и проверка на автентикацијата
-            ViewBag.isAuthenticated = User.Identity.IsAuthenticated;
+            // Check if the user is an admin
+            UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
+            ViewBag.hasAccess = customerClass != null;
 
             return View(vetCenters);
         }
 
-
-        // GET: Customer/Details/5
-        public ActionResult Details(int? id)
+        public async Task<ActionResult> Details(int? id)
         {
             if (id == null)
@@ -53 +49 @@
                 return RedirectToAction("NotExist", "Error");
             }
-            VetCenter vetClass = db.VetCentersObj.Find(id);
+
+            VetCenter vetClass = await db.VetCentersObj.FindAsync(id);
             if (vetClass == null)
             {
                 return RedirectToAction("NotExist", "Error");
-            }
-            return View(vetClass);
-        }
-
-        // GET: Customer/Create
-        /*  public async Task<ActionResult> CreateAsync()
-          {
-              // check for permission
-              UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
-              if (customerClass == null)
-              {
-                  return RedirectToAction("AccessDenied", "Error");
-              }
-              return View();
-          }*/
-
-        // POST: Customer/Create
-        // To protect from overposting attacks, enable the specific properties you want to bind to, for 
-        // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
-        [HttpPost]
-        [ValidateAntiForgeryToken]
- 
-
-        public ActionResult Create([Bind(include: "id,name,adress,description,workinghours,phonenumber,latitude,longitude,citiesid")] VetCenter vetClass)
-        {
-            if (ModelState.IsValid)
-            {
-                db.VetCentersObj.Add(vetClass);
-                db.SaveChanges();
-                return RedirectToAction("Index");
             }
 
@@ -92 +59 @@
         }
 
-        // GET: Customer/Edit/5
-        public async Task<ActionResult> EditAsync(int? id)
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<ActionResult> Create([Bind(include: "id,name,adress,description,workinghours,phonenumber,latitude,longitude,citiesid")] VetCenter vetClass)
+        {
+            if (ModelState.IsValid)
+            {
+                db.VetCentersObj.Add(vetClass);
+                await db.SaveChangesAsync();
+                return RedirectToAction("Index");
+            }
+
+            // If model is invalid, repopulate the cities for dropdown
+            var citiess = await db.CitiesObj.ToListAsync();
+            ViewBag.Citiess = new SelectList(citiess, "id", "name", vetClass.citiesid);
+
+            return View(vetClass);
+        }
+
+        public async Task<ActionResult> Edit(int? id)
         {
             if (id == null)
@@ -99 +83 @@
                 return RedirectToAction("NotExist", "Error");
             }
-            VetCenter vetClass = db.VetCentersObj.Find(id);
+
+            VetCenter vetClass = await db.VetCentersObj.FindAsync(id);
             if (vetClass == null)
             {
                 return RedirectToAction("NotExist", "Error");
             }
-            // check for permission
+
+            // Check for permission
             UsersClass customerClass = await checkAuthorizationSpecificRoleAsync(RoleConstants.Admin);
+            //UsersClass customerClass = await checkAuthorizationAsync();
+            ViewBag.isAuthenticated = await getCrrentUser();
             if (customerClass == null)
             {
                 return RedirectToAction("AccessDenied", "Error");
             }
+
+            // Fetch cities for dropdown
             var citiess = await db.CitiesObj.ToListAsync();
             ViewBag.Citiess = new SelectList(citiess, "id", "name", vetClass.citiesid);
+
             return View(vetClass);
         }
 
-        // POST: Customer/Edit/5
-        // To protect from overposting attacks, enable the specific properties you want to bind to, for 
-        // more details see https://go.microsoft.com/fwlink/?LinkId=317598.
         [HttpPost]
         [ValidateAntiForgeryToken]
-        /*
-         public  ActionResult Edit([Bind(include: "id,name,adress,description,workinghours,phonenumber,latitude,longitude,citiesid")] VetCenter vetClass)
-         {
-             if (ModelState.IsValid)
-             {
-                 db.Entry(vetClass).State = EntityState.Modified;
-                 db.SaveChanges();
-                 return RedirectToAction("Index");
-             }
-             return View(vetClass);
-         }*/
-
-        // POST: VetCenter/Edit/5
-
         public async Task<ActionResult> Edit([Bind(include: "id,name,adress,description,workinghours,phonenumber,latitude,longitude,citiesid")] VetCenter vetClass)
         {
@@ -143 +117 @@
             }
 
+            // If model is invalid, repopulate the cities for dropdown
             var citiess = await db.CitiesObj.ToListAsync();
             ViewBag.Citiess = new SelectList(citiess, "id", "name", vetClass.citiesid);
@@ -149 +124 @@
         }
 
-
-
-        // GET: Customer/Delete/5
-        public ActionResult Delete(int? id)
+        public async Task<ActionResult> Delete(int? id)
         {
             if (id == null)
@@ -158 +130 @@
                 return RedirectToAction("NotExist", "Error");
             }
-            VetCenter vetClass = db.VetCentersObj.Find(id);
+
+            VetCenter vetClass = await db.VetCentersObj.FindAsync(id);
             if (vetClass == null)
             {
                 return RedirectToAction("NotExist", "Error");
             }
+
             return View(vetClass);
         }
 
-        // POST: Customer/Delete/5
         [HttpPost, ActionName("Delete")]
         [ValidateAntiForgeryToken]
-        public ActionResult DeleteConfirmed(int id)
+        public async Task<ActionResult> DeleteConfirmed(int id)
         {
-            VetCenter vetClass = db.VetCentersObj.Find(id);
+            VetCenter vetClass = await db.VetCentersObj.FindAsync(id);
             db.VetCentersObj.Remove(vetClass);
-            db.SaveChanges();
+            await db.SaveChangesAsync();
             return RedirectToAction("Index");
         }
@@ -186 +159 @@
         }
 
-
-        // GET: VetCenter/Search
-        public ActionResult IndexWithSearch(string searchTerm)
+        public async Task<ActionResult> IndexWithSearch(string searchTerm)
         {
             if (string.IsNullOrEmpty(searchTerm))
             {
-                var vetCenters = db.VetCentersObj.ToList();
+                var vetCenters = await db.VetCentersObj.ToListAsync();
                 return View(vetCenters);
             }
             else
             {
-                var searchResults = db.VetCentersObj.Where(vc => vc.name.Contains(searchTerm)).ToList();
+                var searchResults = await db.VetCentersObj.Where(vc => vc.name.Contains(searchTerm)).ToListAsync();
                 return View(searchResults);
             }
         }
-
-
-
     }
 }