Added Roles

Added role based authentication to contollers
2022-08-06 16:21:52 +02:00 · 2022-08-06 16:21:52 +02:00 · 35c5e1af28
commit 35c5e1af28
parent f118635029
5 changed files with 7 additions and 45 deletions
--- a/RMDataManager/Controllers/InventoryController.cs
+++ b/RMDataManager/Controllers/InventoryController.cs
@ -9,15 +9,16 @@ using System.Web.Http;
 namespace RMDataManager.Controllers
 {
-    [Authorize]
+
    public class InventoryController : ApiController
    {
        [Authorize(Roles = "Admin,Manager")]
        public List<InventoryModel> Get()
        {
            InventoryData data = new InventoryData();
            return data.GetInventory();
        }
-
+        [Authorize(Roles = "Admin")]
        public void Post(InventoryModel item)
        {
            InventoryData data = new InventoryData();
--- a/RMDataManager/Controllers/ProductController.cs
+++ b/RMDataManager/Controllers/ProductController.cs
@ -9,7 +9,7 @@ using System.Web.Http;
 namespace RMDataManager.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Cashier")]
    public class ProductController : ApiController
    {
        public List<ProductModel> Get()
--- a/RMDataManager/Controllers/SaleController.cs
+++ b/RMDataManager/Controllers/SaleController.cs
@ -10,9 +10,10 @@ using System.Web.Http;
 namespace RMDataManager.Controllers
 {
-    [Authorize]
+
    public class SaleController : ApiController
    {
        [Authorize(Roles = "Cashier")]
        public void Post(SaleModel sale)
        {
            string cashierId = RequestContext.Principal.Identity.GetUserId();
@ -21,6 +22,7 @@ namespace RMDataManager.Controllers
            data.SaveSale(sale, cashierId);
        }
        [Authorize(Roles = "Admin,Manager")]
        [Route("GetSalesReport")]
        public List<SaleReportModel> GetSalesReport()
        {
--- a/RMDataManager/Controllers/ValuesController.cs
+++ b/RMDataManager/Controllers/ValuesController.cs
@ -1,40 +0,0 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Net;
 using System.Net.Http;
 using System.Web.Http;
 namespace RMDataManager.Controllers
 {
    [Authorize]
    public class ValuesController : ApiController
    {
        // GET api/values
        public IEnumerable<string> Get()
        {
            return new string[] { "value1", "value2" };
        }
        // GET api/values/5
        public string Get(int id)
        {
            return "value";
        }
        // POST api/values
        public void Post([FromBody]string value)
        {
        }
        // PUT api/values/5
        public void Put(int id, [FromBody]string value)
        {
        }
        // DELETE api/values/5
        public void Delete(int id)
        {
        }
    }
 }
--- a/RMDataManager/RMDataManager.csproj
+++ b/RMDataManager/RMDataManager.csproj
@ -217,7 +217,6 @@
    <Compile Include="Controllers\ProductController.cs" />
    <Compile Include="Controllers\SaleController.cs" />
    <Compile Include="Controllers\UserController.cs" />
    <Compile Include="Controllers\ValuesController.cs" />
    <Compile Include="Global.asax.cs">
      <DependentUpon>Global.asax</DependentUpon>
    </Compile>