PO2024-29 #5
@ -17,11 +17,13 @@
|
||||
|
||||
using FirmTracker_Server.nHibernate.Expenses;
|
||||
using FirmTracker_Server.nHibernate.Products;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
namespace FirmTracker_Server.Controllers
|
||||
{
|
||||
[Route("api/[controller]")]
|
||||
[ApiController]
|
||||
[Authorize]
|
||||
public class ExpensesController : ControllerBase
|
||||
{
|
||||
private readonly ExpenseCRUD _expenseCrud;
|
||||
@ -34,6 +36,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPost]
|
||||
[ProducesResponseType(201)] // Created
|
||||
[ProducesResponseType(400)] // Bad Request
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult CreateExpense([FromBody] Expense expense) {
|
||||
try
|
||||
{
|
||||
@ -59,6 +62,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("{id}")]
|
||||
[ProducesResponseType(200)] // Created
|
||||
[ProducesResponseType(404)] // Bad Request
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult GetExpense(int id)
|
||||
{
|
||||
var expense = _expenseCrud.GetExpense(id);
|
||||
@ -73,6 +77,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPut("{id}")]
|
||||
[ProducesResponseType(204)]
|
||||
[ProducesResponseType(400)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult UpdateExpense(int id, [FromBody] Expense expense)
|
||||
{
|
||||
try
|
||||
@ -103,6 +108,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpDelete("{id}")]
|
||||
[ProducesResponseType(204)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult DeleteExpense(int id)
|
||||
{
|
||||
try
|
||||
@ -123,6 +129,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet]
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(400)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult GetAllExpenses()
|
||||
{
|
||||
try
|
||||
|
@ -42,7 +42,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPost]
|
||||
[ProducesResponseType(200)] // Created
|
||||
[ProducesResponseType(400)] // Bad Request
|
||||
[Authorize(Roles = Roles.User)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult CreateProduct([FromBody] Product product)
|
||||
{
|
||||
try
|
||||
@ -81,6 +81,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("{id}")]
|
||||
[ProducesResponseType(200)] // Created
|
||||
[ProducesResponseType(400)] // Bad Request
|
||||
[Authorize(Roles=Roles.Admin+","+Roles.User)]
|
||||
public IActionResult GetProduct(int id)
|
||||
{
|
||||
var product = _productCrud.GetProduct(id);
|
||||
@ -92,6 +93,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("name/{name}")]
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult GetProductByName(string name)
|
||||
{
|
||||
var product = _productCrud.GetProductByName(name);
|
||||
@ -104,6 +106,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPut("{id}")]
|
||||
[ProducesResponseType(200)] // Created
|
||||
[ProducesResponseType(400)] // Bad Request
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult UpdateProduct(int id, [FromBody] Product product)
|
||||
{
|
||||
try
|
||||
@ -145,6 +148,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpDelete("{id}")]
|
||||
[ProducesResponseType(200)] // Created
|
||||
[ProducesResponseType(400)] // Bad Request
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult DeleteProduct(int id)
|
||||
{
|
||||
try
|
||||
|
@ -24,12 +24,14 @@ using FirmTracker_Server.nHibernate.Expenses;
|
||||
using FirmTracker_Server.nHibernate.Products;
|
||||
using FirmTracker_Server.nHibernate;
|
||||
using NHibernate.Linq;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
|
||||
|
||||
namespace FirmTracker_Server.Controllers
|
||||
{
|
||||
[Route("api/[controller]")]
|
||||
[ApiController]
|
||||
[Authorize]
|
||||
public class ReportController : ControllerBase
|
||||
{
|
||||
private readonly ReportCRUD _reportCRUD;
|
||||
@ -43,6 +45,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPost]
|
||||
[ProducesResponseType(201)] //Created
|
||||
[ProducesResponseType(400)] //Bad request
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult CreateReport([FromBody] Report.DateRangeDto dateRange)
|
||||
{
|
||||
try
|
||||
@ -118,6 +121,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("{id}")]
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult GetReport(int id)
|
||||
{
|
||||
var report = _reportCRUD.GetReport(id);
|
||||
@ -136,6 +140,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("{id}/transactions")]
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult GetReportTransactions(int id)
|
||||
{
|
||||
var transactions = _reportCRUD.GetReportTransactions(id);
|
||||
@ -149,6 +154,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("{id}/expenses")]
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult GetReportExpenses(int id)
|
||||
{
|
||||
var expenses = _reportCRUD.GetReportExpenses(id);
|
||||
@ -163,6 +169,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet]
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult GetAllReports()
|
||||
{
|
||||
var reports = _reportCRUD.GetAllReports();
|
||||
@ -176,6 +183,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[ProducesResponseType(204)]
|
||||
[ProducesResponseType(400)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult UpdateReport(int id, [FromBody] Report.DateRangeDto dateRange)
|
||||
{
|
||||
try
|
||||
@ -244,6 +252,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpDelete("{id}")]
|
||||
[ProducesResponseType(204)]
|
||||
[ProducesResponseType(404)]
|
||||
[Authorize(Roles = Roles.Admin)]
|
||||
public IActionResult DeleteReport(int id)
|
||||
{
|
||||
try
|
||||
|
@ -24,11 +24,13 @@ using System.Transactions;
|
||||
using FirmTracker_Server.nHibernate.Products;
|
||||
using FirmTracker_Server.nHibernate;
|
||||
using Microsoft.AspNetCore.Http.HttpResults;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
|
||||
namespace FirmTracker_Server.Controllers
|
||||
{
|
||||
[Route("api/[controller]")]
|
||||
[ApiController]
|
||||
[Authorize]
|
||||
public class TransactionController : ControllerBase
|
||||
{
|
||||
private readonly TransactionCRUD _transactionCRUD;
|
||||
@ -48,6 +50,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPost]
|
||||
[ProducesResponseType(StatusCodes.Status201Created)]
|
||||
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult CreateTransaction([FromBody] nHibernate.Transactions.Transaction transaction)
|
||||
{
|
||||
try
|
||||
@ -106,6 +109,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpGet("{id}")]
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult GetTransaction(int id)
|
||||
{
|
||||
var transaction = _transactionCRUD.GetTransaction(id);
|
||||
@ -118,6 +122,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpPut("{id}")]
|
||||
[ProducesResponseType(StatusCodes.Status204NoContent)]
|
||||
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult UpdateTransaction(int id, [FromBody] nHibernate.Transactions.Transaction transaction)
|
||||
{
|
||||
if (id != transaction.Id)
|
||||
@ -160,6 +165,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[HttpDelete("{id}")]
|
||||
[ProducesResponseType(StatusCodes.Status204NoContent)]
|
||||
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult DeleteTransaction(int id)
|
||||
{
|
||||
try
|
||||
@ -182,6 +188,7 @@ namespace FirmTracker_Server.Controllers
|
||||
[ProducesResponseType(StatusCodes.Status200OK)]
|
||||
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
||||
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public IActionResult GetAllTransactions()
|
||||
{
|
||||
var transactions = _transactionCRUD.GetAllTransactions();
|
||||
|
@ -4,6 +4,7 @@ using FirmTracker_Server;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using FirmTracker_Server.Entities;
|
||||
using System.Security.Claims;
|
||||
|
||||
namespace FirmTracker_Server.Controllers
|
||||
{
|
||||
@ -38,13 +39,24 @@ namespace FirmTracker_Server.Controllers
|
||||
var token = UserService.CreateTokenJwt(dto);
|
||||
return Ok(token);
|
||||
}
|
||||
// New method to get all users
|
||||
/* [HttpGet("all")]
|
||||
[AllowAnonymous]
|
||||
public ActionResult<IList<User>> GetAllUsers()
|
||||
[HttpGet("role")]
|
||||
[Authorize(Roles = Roles.Admin + "," + Roles.User)]
|
||||
public ActionResult<string> GetUserRole()
|
||||
{
|
||||
var users = UserService.GetAllUsers();
|
||||
return Ok(users);
|
||||
}*/
|
||||
var roleClaim = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
|
||||
if (roleClaim == null)
|
||||
{
|
||||
return NotFound("Role not found for the logged-in user.");
|
||||
}
|
||||
return Ok(roleClaim);
|
||||
}
|
||||
// New method to get all users
|
||||
/* [HttpGet("all")]
|
||||
[AllowAnonymous]
|
||||
public ActionResult<IList<User>> GetAllUsers()
|
||||
{
|
||||
var users = UserService.GetAllUsers();
|
||||
return Ok(users);
|
||||
}*/
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user