aboutsummaryrefslogtreecommitdiff
path: root/src/DevHive.Web
diff options
context:
space:
mode:
Diffstat (limited to 'src/DevHive.Web')
-rw-r--r--src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs12
-rw-r--r--src/DevHive.Web/Controllers/LanguageController.cs3
-rw-r--r--src/DevHive.Web/Controllers/PostController.cs2
-rw-r--r--src/DevHive.Web/Controllers/RoleController.cs11
-rw-r--r--src/DevHive.Web/Controllers/TechnologyController.cs3
-rw-r--r--src/DevHive.Web/Controllers/UserController.cs7
6 files changed, 27 insertions, 11 deletions
diff --git a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs
index 4831435..6e92a65 100644
--- a/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs
+++ b/src/DevHive.Web/Configurations/Extensions/ConfigureDatabase.cs
@@ -8,6 +8,8 @@ using Microsoft.AspNetCore.Builder;
using System;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using DevHive.Data;
+using Microsoft.AspNetCore.Authorization;
+using System.Collections.Generic;
namespace DevHive.Web.Configurations.Extensions
{
@@ -19,6 +21,7 @@ namespace DevHive.Web.Configurations.Extensions
options.UseNpgsql(configuration.GetConnectionString("DEV")));
services.AddIdentity<User, Role>()
+ .AddRoles<Role>()
.AddEntityFrameworkStores<DevHiveContext>();
services.Configure<IdentityOptions>(options =>
@@ -47,6 +50,15 @@ namespace DevHive.Web.Configurations.Extensions
options.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme);
options.RequireRole("User");
});
+
+ options.AddPolicy("Administrator", options =>
+ {
+ options.RequireAuthenticatedUser();
+ options.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme);
+ options.RequireRole("Admin");
+ });
+
+ // options.DefaultPolicy = ;
});
}
diff --git a/src/DevHive.Web/Controllers/LanguageController.cs b/src/DevHive.Web/Controllers/LanguageController.cs
index e2d0dec..c0c5fd1 100644
--- a/src/DevHive.Web/Controllers/LanguageController.cs
+++ b/src/DevHive.Web/Controllers/LanguageController.cs
@@ -4,12 +4,14 @@ using AutoMapper;
using DevHive.Services.Interfaces;
using DevHive.Services.Models.Language;
using DevHive.Web.Models.Language;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace DevHive.Web.Controllers
{
[ApiController]
[Route("/api/[controller]")]
+ [Authorize(Policy = "Administrator")]
public class LanguageController
{
private readonly ILanguageService _languageService;
@@ -34,6 +36,7 @@ namespace DevHive.Web.Controllers
}
[HttpGet]
+ [Authorize(Policy = "User")]
public async Task<IActionResult> GetById(Guid id)
{
ReadLanguageServiceModel languageServiceModel = await this._languageService.GetLanguageById(id);
diff --git a/src/DevHive.Web/Controllers/PostController.cs b/src/DevHive.Web/Controllers/PostController.cs
index 50923d2..8b7344b 100644
--- a/src/DevHive.Web/Controllers/PostController.cs
+++ b/src/DevHive.Web/Controllers/PostController.cs
@@ -13,7 +13,6 @@ namespace DevHive.Web.Controllers
{
[ApiController]
[Route("/api/[controller]")]
- [Authorize(Roles = "User")]
public class PostController
{
private readonly IPostService _postService;
@@ -27,6 +26,7 @@ namespace DevHive.Web.Controllers
//Create
[HttpPost]
+ [Authorize(Roles = "User")]
public async Task<IActionResult> Create([FromBody] CreatePostWebModel createPostModel)
{
CreatePostServiceModel postServiceModel =
diff --git a/src/DevHive.Web/Controllers/RoleController.cs b/src/DevHive.Web/Controllers/RoleController.cs
index 227b877..0206542 100644
--- a/src/DevHive.Web/Controllers/RoleController.cs
+++ b/src/DevHive.Web/Controllers/RoleController.cs
@@ -5,12 +5,12 @@ using AutoMapper;
using System;
using DevHive.Services.Interfaces;
using DevHive.Services.Models.Identity.Role;
+using Microsoft.AspNetCore.Authorization;
namespace DevHive.Web.Controllers
{
[ApiController]
[Route("/api/[controller]")]
- //[Authorize(Roles = "Admin")]
public class RoleController
{
private readonly IRoleService _roleService;
@@ -23,20 +23,21 @@ namespace DevHive.Web.Controllers
}
[HttpPost]
+ [Authorize(Policy = "Administrator")]
public async Task<IActionResult> Create([FromBody] CreateRoleWebModel createRoleWebModel)
{
- RoleServiceModel roleServiceModel =
- this._roleMapper.Map<RoleServiceModel>(createRoleWebModel);
+ CreateRoleServiceModel roleServiceModel =
+ this._roleMapper.Map<CreateRoleServiceModel>(createRoleWebModel);
Guid id = await this._roleService.CreateRole(roleServiceModel);
return id == Guid.Empty ?
new BadRequestObjectResult($"Could not create role {createRoleWebModel.Name}") :
new OkObjectResult(new { Id = id });
-
}
[HttpGet]
+ [Authorize(Policy = "User")]
public async Task<IActionResult> GetById(Guid id)
{
RoleServiceModel roleServiceModel = await this._roleService.GetRoleById(id);
@@ -46,6 +47,7 @@ namespace DevHive.Web.Controllers
}
[HttpPut]
+ [Authorize(Policy = "Administrator")]
public async Task<IActionResult> Update(Guid id, [FromBody] UpdateRoleWebModel updateRoleWebModel)
{
UpdateRoleServiceModel updateRoleServiceModel =
@@ -61,6 +63,7 @@ namespace DevHive.Web.Controllers
}
[HttpDelete]
+ [Authorize(Policy = "Administrator")]
public async Task<IActionResult> Delete(Guid id)
{
bool result = await this._roleService.DeleteRole(id);
diff --git a/src/DevHive.Web/Controllers/TechnologyController.cs b/src/DevHive.Web/Controllers/TechnologyController.cs
index ba2ffdc..9c6c094 100644
--- a/src/DevHive.Web/Controllers/TechnologyController.cs
+++ b/src/DevHive.Web/Controllers/TechnologyController.cs
@@ -4,12 +4,14 @@ using AutoMapper;
using DevHive.Services.Interfaces;
using DevHive.Services.Models.Technology;
using DevHive.Web.Models.Technology;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace DevHive.Web.Controllers
{
[ApiController]
[Route("/api/[controller]")]
+ [Authorize(Policy = "Administrator")]
public class TechnologyController
{
private readonly ITechnologyService _technologyService;
@@ -34,6 +36,7 @@ namespace DevHive.Web.Controllers
}
[HttpGet]
+ [Authorize(Policy = "User")]
public async Task<IActionResult> GetById(Guid id)
{
CreateTechnologyServiceModel createTechnologyServiceModel = await this._technologyService.GetTechnologyById(id);
diff --git a/src/DevHive.Web/Controllers/UserController.cs b/src/DevHive.Web/Controllers/UserController.cs
index fbbbbff..dd94089 100644
--- a/src/DevHive.Web/Controllers/UserController.cs
+++ b/src/DevHive.Web/Controllers/UserController.cs
@@ -7,15 +7,12 @@ using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using DevHive.Common.Models.Identity;
using DevHive.Services.Interfaces;
-using Microsoft.AspNetCore.JsonPatch;
-using DevHive.Common.Models.Misc;
-using System.Collections.Generic;
namespace DevHive.Web.Controllers
{
[ApiController]
[Route("/api/[controller]")]
- [Authorize(Roles = "User")]
+ [Authorize(Policy = "User")]
public class UserController : ControllerBase
{
private readonly IUserService _userService;
@@ -56,7 +53,6 @@ namespace DevHive.Web.Controllers
#endregion
#region Read
-
[HttpGet]
public async Task<IActionResult> GetById(Guid id, [FromHeader] string authorization)
{
@@ -71,7 +67,6 @@ namespace DevHive.Web.Controllers
[HttpGet]
[Route("GetUser")]
- [AllowAnonymous]
public async Task<IActionResult> GetUser(string username)
{
UserServiceModel friendServiceModel = await this._userService.GetUserByUsername(username);
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-16 11:53:38 +0000