Added Roles

Added role based authentication to contollers
2022-08-06 16:21:52 +02:00 · 2022-08-06 16:21:52 +02:00 · 35c5e1af28
commit 35c5e1af28
parent f118635029
5 changed files with 7 additions and 45 deletions
--- a/RMDataManager/Controllers/InventoryController.cs
+++ b/RMDataManager/Controllers/InventoryController.cs
@ -9,15 +9,16 @@ using System.Web.Http;

 namespace RMDataManager.Controllers
 {
-    [Authorize]
+
    public class InventoryController : ApiController
    {
+        [Authorize(Roles = "Admin,Manager")]
        public List<InventoryModel> Get()
        {
            InventoryData data = new InventoryData();
            return data.GetInventory();
        }
-
+        [Authorize(Roles = "Admin")]
        public void Post(InventoryModel item)
        {
            InventoryData data = new InventoryData();
--- a/RMDataManager/Controllers/ProductController.cs
+++ b/RMDataManager/Controllers/ProductController.cs
@ -9,7 +9,7 @@ using System.Web.Http;

 namespace RMDataManager.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Cashier")]
    public class ProductController : ApiController
    {
        public List<ProductModel> Get()
--- a/RMDataManager/Controllers/SaleController.cs
+++ b/RMDataManager/Controllers/SaleController.cs
@ -10,9 +10,10 @@ using System.Web.Http;

 namespace RMDataManager.Controllers
 {
-    [Authorize]
+
    public class SaleController : ApiController
    {
+        [Authorize(Roles = "Cashier")]
        public void Post(SaleModel sale)
        {
            string cashierId = RequestContext.Principal.Identity.GetUserId();
@ -21,6 +22,7 @@ namespace RMDataManager.Controllers
            data.SaveSale(sale, cashierId);
        }

+        [Authorize(Roles = "Admin,Manager")]
        [Route("GetSalesReport")]
        public List<SaleReportModel> GetSalesReport()
        {
--- a/RMDataManager/Controllers/ValuesController.cs
+++ b/RMDataManager/Controllers/ValuesController.cs
@ -1,40 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Net;
-using System.Net.Http;
-using System.Web.Http;
-
-namespace RMDataManager.Controllers
-{
-    [Authorize]
-    public class ValuesController : ApiController
-    {
-        // GET api/values
-        public IEnumerable<string> Get()
-        {
-            return new string[] { "value1", "value2" };
-        }
-
-        // GET api/values/5
-        public string Get(int id)
-        {
-            return "value";
-        }
-
-        // POST api/values
-        public void Post([FromBody]string value)
-        {
-        }
-
-        // PUT api/values/5
-        public void Put(int id, [FromBody]string value)
-        {
-        }
-
-        // DELETE api/values/5
-        public void Delete(int id)
-        {
-        }
-    }
-}
--- a/RMDataManager/RMDataManager.csproj
+++ b/RMDataManager/RMDataManager.csproj
@ -217,7 +217,6 @@
    <Compile Include="Controllers\ProductController.cs" />
    <Compile Include="Controllers\SaleController.cs" />
    <Compile Include="Controllers\UserController.cs" />
-    <Compile Include="Controllers\ValuesController.cs" />
    <Compile Include="Global.asax.cs">
      <DependentUpon>Global.asax</DependentUpon>
    </Compile>