From 35c5e1af2892e0daf14309438e77d1716ccbd280 Mon Sep 17 00:00:00 2001 From: s459315 Date: Sat, 6 Aug 2022 16:21:52 +0200 Subject: [PATCH] Added Roles Added role based authentication to contollers --- .../Controllers/InventoryController.cs | 5 ++- .../Controllers/ProductController.cs | 2 +- RMDataManager/Controllers/SaleController.cs | 4 +- RMDataManager/Controllers/ValuesController.cs | 40 ------------------- RMDataManager/RMDataManager.csproj | 1 - 5 files changed, 7 insertions(+), 45 deletions(-) delete mode 100644 RMDataManager/Controllers/ValuesController.cs diff --git a/RMDataManager/Controllers/InventoryController.cs b/RMDataManager/Controllers/InventoryController.cs index dbeaabe..658ba16 100644 --- a/RMDataManager/Controllers/InventoryController.cs +++ b/RMDataManager/Controllers/InventoryController.cs @@ -9,15 +9,16 @@ using System.Web.Http; namespace RMDataManager.Controllers { - [Authorize] + public class InventoryController : ApiController { + [Authorize(Roles = "Admin,Manager")] public List Get() { InventoryData data = new InventoryData(); return data.GetInventory(); } - + [Authorize(Roles = "Admin")] public void Post(InventoryModel item) { InventoryData data = new InventoryData(); diff --git a/RMDataManager/Controllers/ProductController.cs b/RMDataManager/Controllers/ProductController.cs index c26380c..18064ce 100644 --- a/RMDataManager/Controllers/ProductController.cs +++ b/RMDataManager/Controllers/ProductController.cs @@ -9,7 +9,7 @@ using System.Web.Http; namespace RMDataManager.Controllers { - [Authorize] + [Authorize(Roles = "Cashier")] public class ProductController : ApiController { public List Get() diff --git a/RMDataManager/Controllers/SaleController.cs b/RMDataManager/Controllers/SaleController.cs index 285f50c..0d07f9d 100644 --- a/RMDataManager/Controllers/SaleController.cs +++ b/RMDataManager/Controllers/SaleController.cs @@ -10,9 +10,10 @@ using System.Web.Http; namespace RMDataManager.Controllers { - [Authorize] + public class SaleController : ApiController { + [Authorize(Roles = "Cashier")] public void Post(SaleModel sale) { string cashierId = RequestContext.Principal.Identity.GetUserId(); @@ -21,6 +22,7 @@ namespace RMDataManager.Controllers data.SaveSale(sale, cashierId); } + [Authorize(Roles = "Admin,Manager")] [Route("GetSalesReport")] public List GetSalesReport() { diff --git a/RMDataManager/Controllers/ValuesController.cs b/RMDataManager/Controllers/ValuesController.cs deleted file mode 100644 index 8e9a9af..0000000 --- a/RMDataManager/Controllers/ValuesController.cs +++ /dev/null @@ -1,40 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Net.Http; -using System.Web.Http; - -namespace RMDataManager.Controllers -{ - [Authorize] - public class ValuesController : ApiController - { - // GET api/values - public IEnumerable Get() - { - return new string[] { "value1", "value2" }; - } - - // GET api/values/5 - public string Get(int id) - { - return "value"; - } - - // POST api/values - public void Post([FromBody]string value) - { - } - - // PUT api/values/5 - public void Put(int id, [FromBody]string value) - { - } - - // DELETE api/values/5 - public void Delete(int id) - { - } - } -} diff --git a/RMDataManager/RMDataManager.csproj b/RMDataManager/RMDataManager.csproj index 8fd0801..944caf1 100644 --- a/RMDataManager/RMDataManager.csproj +++ b/RMDataManager/RMDataManager.csproj @@ -217,7 +217,6 @@ - Global.asax