diff --git a/GrossesMitaines/GrossesMitainesAPI/Controllers/AddressController.cs b/GrossesMitaines/GrossesMitainesAPI/Controllers/AddressController.cs index c138575..429767f 100644 --- a/GrossesMitaines/GrossesMitainesAPI/Controllers/AddressController.cs +++ b/GrossesMitaines/GrossesMitainesAPI/Controllers/AddressController.cs @@ -14,7 +14,7 @@ using Microsoft.EntityFrameworkCore; #endregion [EnableCors("_myAllowSpecificOrigins"), ApiController, Route("api/[controller]"), - Authorize(AuthenticationSchemes = "Identity.Application")] + Authorize(AuthenticationSchemes = "Identity.Application", Roles ="Client, Administrateur")] public class AddressController : Controller { #region DI Fields private readonly ILogger _logger; diff --git a/GrossesMitaines/GrossesMitainesAPI/Controllers/InvoiceController.cs b/GrossesMitaines/GrossesMitainesAPI/Controllers/InvoiceController.cs index 931a949..39152b0 100644 --- a/GrossesMitaines/GrossesMitainesAPI/Controllers/InvoiceController.cs +++ b/GrossesMitaines/GrossesMitainesAPI/Controllers/InvoiceController.cs @@ -16,7 +16,7 @@ using System.Linq; #endregion [EnableCors("_myAllowSpecificOrigins"), ApiController, Route("api/[controller]"), - Authorize(AuthenticationSchemes = "Identity.Application", Roles = "Administrateur")] + Authorize(AuthenticationSchemes = "Identity.Application", Roles = "Client, Administrateur")] public class InvoiceController : Controller { #region DI Fields private readonly ILogger _logger; @@ -43,15 +43,14 @@ public class InvoiceController : Controller { #endregion #region API Methods - [HttpGet, Authorize(Roles = "Client, Administrateur")] + [HttpGet] public async Task>> Get(bool? all = false) { IList roles; string id; try { // Trouver les rôles de l'utilisateur, assumer non-admin si impossible à trouver. var user = await _userMan.GetUserAsync(_signInMan.Context.User); roles = await _userMan.GetRolesAsync(user); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(10, e.Message); roles = new List(); } @@ -71,30 +70,27 @@ public class InvoiceController : Controller { .Include(x => x.Products) .ThenInclude(y => y.Product) .Where(x => x.LinkedAccount != null && x.LinkedAccount.Id == id).ToList()); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(10, e.Message); return BadRequest(); } } - [HttpGet("{id}"), Authorize(Roles = "Client, Administrateur")] + [HttpGet("{id}")] public async Task> Get(int id) { IList roles; InvoiceModel inv; try { // Trouver les rôles de l'utilisateur, assumer non-admin si impossible à trouver. roles = await _userMan.GetRolesAsync(await _userMan.GetUserAsync(_signInMan.Context.User)); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(10, e.Message); roles = new List(); } try { inv = _context.Invoices.Where(x => x.Id == id).Include("ShippingAddress").First(); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(10, e.Message); return BadRequest(); } @@ -119,7 +115,11 @@ public class InvoiceController : Controller { PhoneNumber = sinv.PhoneNumber, PurchaseDate = DateTime.Now }; - AddressModel ad = _context.Addresses.FirstOrDefault(x => x.CivicNumber == sinv.CivicNumber && + AddressModel ad; + + if (user is not null) { + inv.LinkedAccount = user; + ad = _context.Addresses.FirstOrDefault(x => x.CivicNumber == sinv.CivicNumber && x.Appartment == sinv.Appartment && x.Street == sinv.Street && x.City == sinv.City && @@ -134,14 +134,22 @@ public class InvoiceController : Controller { Country = sinv.Country, PostalCode = sinv.PostalCode }; + } + else ad = new() { + CivicNumber = sinv.CivicNumber, + Appartment = sinv.Appartment, + Street = sinv.Street, + City = sinv.City, + Province = sinv.Province, + Country = sinv.Country, + PostalCode = sinv.PostalCode + }; + inv.ShippingAddress = ad; - if (user is not null) - inv.LinkedAccount = user; try { prods = _context.Products.Where(x => sinv.ProdQuant.Select(x => x.Key).Contains(x.Id)).ToList(); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(8, e.Message); return BadRequest(); } @@ -158,8 +166,7 @@ public class InvoiceController : Controller { inventProd.Status = inventProd.Status == ProductModel.States.Clearance ? ProductModel.States.Discontinued : ProductModel.States.BackOrder; - } - else inventProd.Quantity -= prod.Value; + } else inventProd.Quantity -= prod.Value; inventProd.LastSale = DateTime.Now; inventProd.Sales += prod.Value; } @@ -172,8 +179,7 @@ public class InvoiceController : Controller { _context.Invoices.Add(inv); _context.Products.UpdateRange(prods); _context.SaveChanges(); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(8, e.Message); return BadRequest(e.InnerException.Message); } @@ -190,16 +196,14 @@ public class InvoiceController : Controller { try { // Trouver la commande. inv = _context.Invoices.Where(x => x.Id == id) .Include("Product").First(); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(8, e.Message); return BadRequest(); } try { // Trouver les rôles de l'utilisateur, assumer non-admin si impossible à trouver. roles = await _userMan.GetRolesAsync(await _userMan.GetUserAsync(_signInMan.Context.User)); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(10, e.Message); roles = new List(); } @@ -231,8 +235,7 @@ public class InvoiceController : Controller { try { _context.Update(inv); _context.SaveChanges(); - } - catch (Exception e) { + } catch (Exception e) { _logger.LogError(8, e.Message); return BadRequest(); } diff --git a/GrossesMitaines/GrossesMitainesAPI/Program.cs b/GrossesMitaines/GrossesMitainesAPI/Program.cs index 91bf90d..ad50110 100644 --- a/GrossesMitaines/GrossesMitainesAPI/Program.cs +++ b/GrossesMitaines/GrossesMitainesAPI/Program.cs @@ -28,6 +28,9 @@ builder.Services.AddIdentityCore() .AddRoles() .AddEntityFrameworkStores() .AddSignInManager(); +builder.Services.Configure(o => + o.User.RequireUniqueEmail = true); + builder.Services.AddAuthorization(); builder.Services.AddAuthentication().AddIdentityCookies();