s464958/FirmTracker-Server
2
2
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

autoryzacja

Browse Source
This commit is contained in:
Maciej Maciejewski 2024-10-26 21:17:52 +02:00
parent ccef96c6da
commit e2cab45690
5 changed files with 47 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Controllers/ExpenseController.cs
View File

@ -17,11 +17,13 @@
using FirmTracker_Server.nHibernate.Expenses;
using FirmTracker_Server.nHibernate.Products;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace FirmTracker_Server.Controllers
{
[Route("api/[controller]")]
[ApiController]
[Authorize]
public class ExpensesController : ControllerBase
{
private readonly ExpenseCRUD _expenseCrud;
@ -34,6 +36,7 @@ namespace FirmTracker_Server.Controllers
[HttpPost]
[ProducesResponseType(201)] // Created
[ProducesResponseType(400)] // Bad Request
[Authorize(Roles = Roles.Admin)]
public IActionResult CreateExpense([FromBody] Expense expense) {
try
{
@ -59,6 +62,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("{id}")]
[ProducesResponseType(200)] // Created
[ProducesResponseType(404)] // Bad Request
[Authorize(Roles = Roles.Admin)]
public IActionResult GetExpense(int id)
{
var expense = _expenseCrud.GetExpense(id);
@ -73,6 +77,7 @@ namespace FirmTracker_Server.Controllers
[HttpPut("{id}")]
[ProducesResponseType(204)]
[ProducesResponseType(400)]
[Authorize(Roles = Roles.Admin)]
public IActionResult UpdateExpense(int id, [FromBody] Expense expense)
{
try
@ -103,6 +108,7 @@ namespace FirmTracker_Server.Controllers
[HttpDelete("{id}")]
[ProducesResponseType(204)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult DeleteExpense(int id)
{
try
@ -123,6 +129,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet]
[ProducesResponseType(200)]
[ProducesResponseType(400)]
[Authorize(Roles = Roles.Admin)]
public IActionResult GetAllExpenses()
{
try

6
Controllers/ProductController.cs
View File

@ -42,7 +42,7 @@ namespace FirmTracker_Server.Controllers
[HttpPost]
[ProducesResponseType(200)] // Created
[ProducesResponseType(400)] // Bad Request
[Authorize(Roles = Roles.User)]
[Authorize(Roles = Roles.Admin)]
public IActionResult CreateProduct([FromBody] Product product)
{
try
@ -81,6 +81,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("{id}")]
[ProducesResponseType(200)] // Created
[ProducesResponseType(400)] // Bad Request
[Authorize(Roles=Roles.Admin+","+Roles.User)]
public IActionResult GetProduct(int id)
{
var product = _productCrud.GetProduct(id);
@ -92,6 +93,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("name/{name}")]
[ProducesResponseType(200)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult GetProductByName(string name)
{
var product = _productCrud.GetProductByName(name);
@ -104,6 +106,7 @@ namespace FirmTracker_Server.Controllers
[HttpPut("{id}")]
[ProducesResponseType(200)] // Created
[ProducesResponseType(400)] // Bad Request
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult UpdateProduct(int id, [FromBody] Product product)
{
try
@ -145,6 +148,7 @@ namespace FirmTracker_Server.Controllers
[HttpDelete("{id}")]
[ProducesResponseType(200)] // Created
[ProducesResponseType(400)] // Bad Request
[Authorize(Roles = Roles.Admin)]
public IActionResult DeleteProduct(int id)
{
try

9
Controllers/ReportController.cs
View File

@ -24,12 +24,14 @@ using FirmTracker_Server.nHibernate.Expenses;
using FirmTracker_Server.nHibernate.Products;
using FirmTracker_Server.nHibernate;
using NHibernate.Linq;
using Microsoft.AspNetCore.Authorization;
namespace FirmTracker_Server.Controllers
{
[Route("api/[controller]")]
[ApiController]
[Authorize]
public class ReportController : ControllerBase
{
private readonly ReportCRUD _reportCRUD;
@ -43,6 +45,7 @@ namespace FirmTracker_Server.Controllers
[HttpPost]
[ProducesResponseType(201)] //Created
[ProducesResponseType(400)] //Bad request
[Authorize(Roles = Roles.Admin)]
public IActionResult CreateReport([FromBody] Report.DateRangeDto dateRange)
{
try
@ -118,6 +121,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("{id}")]
[ProducesResponseType(200)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult GetReport(int id)
{
var report = _reportCRUD.GetReport(id);
@ -136,6 +140,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("{id}/transactions")]
[ProducesResponseType(200)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult GetReportTransactions(int id)
{
var transactions = _reportCRUD.GetReportTransactions(id);
@ -149,6 +154,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("{id}/expenses")]
[ProducesResponseType(200)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult GetReportExpenses(int id)
{
var expenses = _reportCRUD.GetReportExpenses(id);
@ -163,6 +169,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet]
[ProducesResponseType(200)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult GetAllReports()
{
var reports = _reportCRUD.GetAllReports();
@ -176,6 +183,7 @@ namespace FirmTracker_Server.Controllers
[ProducesResponseType(204)]
[ProducesResponseType(400)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult UpdateReport(int id, [FromBody] Report.DateRangeDto dateRange)
{
try
@ -244,6 +252,7 @@ namespace FirmTracker_Server.Controllers
[HttpDelete("{id}")]
[ProducesResponseType(204)]
[ProducesResponseType(404)]
[Authorize(Roles = Roles.Admin)]
public IActionResult DeleteReport(int id)
{
try

7
Controllers/TransactionController.cs
View File

@ -24,11 +24,13 @@ using System.Transactions;
using FirmTracker_Server.nHibernate.Products;
using FirmTracker_Server.nHibernate;
using Microsoft.AspNetCore.Http.HttpResults;
using Microsoft.AspNetCore.Authorization;
namespace FirmTracker_Server.Controllers
{
[Route("api/[controller]")]
[ApiController]
[Authorize]
public class TransactionController : ControllerBase
{
private readonly TransactionCRUD _transactionCRUD;
@ -48,6 +50,7 @@ namespace FirmTracker_Server.Controllers
[HttpPost]
[ProducesResponseType(StatusCodes.Status201Created)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult CreateTransaction([FromBody] nHibernate.Transactions.Transaction transaction)
{
try
@ -106,6 +109,7 @@ namespace FirmTracker_Server.Controllers
[HttpGet("{id}")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult GetTransaction(int id)
{
var transaction = _transactionCRUD.GetTransaction(id);
@ -118,6 +122,7 @@ namespace FirmTracker_Server.Controllers
[HttpPut("{id}")]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult UpdateTransaction(int id, [FromBody] nHibernate.Transactions.Transaction transaction)
{
if (id != transaction.Id)
@ -160,6 +165,7 @@ namespace FirmTracker_Server.Controllers
[HttpDelete("{id}")]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult DeleteTransaction(int id)
{
try
@ -182,6 +188,7 @@ namespace FirmTracker_Server.Controllers
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public IActionResult GetAllTransactions()
{
var transactions = _transactionCRUD.GetAllTransactions();

26
Controllers/UserController.cs
View File

@ -4,6 +4,7 @@ using FirmTracker_Server;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using FirmTracker_Server.Entities;
using System.Security.Claims;
namespace FirmTracker_Server.Controllers
{
@ -38,13 +39,24 @@ namespace FirmTracker_Server.Controllers
var token = UserService.CreateTokenJwt(dto);
return Ok(token);
}
// New method to get all users
/* [HttpGet("all")]
[AllowAnonymous]
public ActionResult<IList<User>> GetAllUsers()
[HttpGet("role")]
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
public ActionResult<string> GetUserRole()
{
var users = UserService.GetAllUsers();
return Ok(users);
}*/
var roleClaim = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
if (roleClaim == null)
{
return NotFound("Role not found for the logged-in user.");
}
return Ok(roleClaim);
}
// New method to get all users
/* [HttpGet("all")]
[AllowAnonymous]
public ActionResult<IList<User>> GetAllUsers()
{
var users = UserService.GetAllUsers();
return Ok(users);
}*/
}
}