196 lines
6.0 KiB
C#
196 lines
6.0 KiB
C#
namespace GrossesMitainesAPI.Controllers;
|
|
|
|
#region Dependencies
|
|
using GrossesMitainesAPI.Data;
|
|
using GrossesMitainesAPI.Models;
|
|
using GrossesMitainesAPI.Services;
|
|
using Microsoft.AspNet.Identity;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Cors;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
|
|
#endregion
|
|
|
|
[EnableCors("_myAllowSpecificOrigins"), ApiController, Route("api/[controller]"),
|
|
Authorize(AuthenticationSchemes = "Identity.Application", Roles ="Client, Administrateur")]
|
|
public class AddressController : Controller {
|
|
#region DI Fields
|
|
private readonly ILogger<AddressController> _logger;
|
|
private readonly InventoryContext _context;
|
|
private readonly SignInManager<InventoryUser> _signInMan;
|
|
private readonly Microsoft.AspNetCore.Identity.UserManager<InventoryUser> _userMan;
|
|
|
|
#endregion
|
|
|
|
#region Ctor
|
|
public AddressController(ILogger<AddressController> logger,
|
|
InventoryContext context,
|
|
SignInManager<InventoryUser> signInMan,
|
|
Microsoft.AspNetCore.Identity.UserManager<InventoryUser> userMan) {
|
|
_logger = logger;
|
|
_context = context;
|
|
_userMan = userMan;
|
|
_signInMan = signInMan;
|
|
}
|
|
|
|
#endregion
|
|
|
|
#region API Methods
|
|
[EnableCors("_myAllowSpecificOrigins"), HttpGet]
|
|
public async Task<ActionResult<List<AddressModel>>> GetList(bool? all) {
|
|
IList<string> roles;
|
|
InventoryUser user;
|
|
string id;
|
|
|
|
try {
|
|
user = await _userMan.GetUserAsync(_signInMan.Context.User);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
try { // Trouver les rôles de l'utilisateur, assumer non-admin si impossible à trouver.
|
|
roles = await _userMan.GetRolesAsync(user);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
roles = new List<string>();
|
|
}
|
|
|
|
try {
|
|
id = _signInMan.Context.User.Identity.GetUserId();
|
|
if (all is not null && all == true && roles.Contains("Administrateur"))
|
|
return Ok(_context.Addresses.ToList());
|
|
else return Ok(_context.Users.Where(x=>x.Id == id).Include("Adresses").First().Adresses);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
}
|
|
|
|
[EnableCors("_myAllowSpecificOrigins"), HttpGet("{id}")]
|
|
public async Task<ActionResult<AddressModel>> Get(int id) {
|
|
IList<string> roles;
|
|
string userId;
|
|
AddressModel ad;
|
|
InventoryUser user;
|
|
|
|
try {
|
|
user = await _userMan.GetUserAsync(_signInMan.Context.User);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
try {
|
|
roles = await _userMan.GetRolesAsync(user);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
roles = new List<string>();
|
|
}
|
|
|
|
try {
|
|
ad = _context.Addresses.First(a => a.Id == id);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
if (roles.Contains("Administrateur") ||
|
|
(user.Adresses.Contains(ad)))
|
|
return ad;
|
|
else return Unauthorized();
|
|
}
|
|
|
|
[EnableCors("_myAllowSpecificOrigins"), HttpPost]
|
|
public async Task<ActionResult<AddressModel>> Post(AddressModel ad) {
|
|
try {
|
|
var user = await _userMan.GetUserAsync(_signInMan.Context.User);
|
|
user.Adresses.Add(ad);
|
|
_context.SaveChanges();
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
return ad;
|
|
}
|
|
|
|
[EnableCors("_myAllowSpecificOrigins"), HttpPatch]
|
|
public async Task<ActionResult<AddressModel>> Patch(AddressModel ad) {
|
|
IList<string> roles;
|
|
InventoryUser user;
|
|
|
|
try {
|
|
user = await _userMan.GetUserAsync(_signInMan.Context.User);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
try {
|
|
roles = await _userMan.GetRolesAsync(user);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
roles = new List<string>();
|
|
}
|
|
|
|
if (roles.Contains("Administrateur") ||
|
|
user.Adresses.Contains(ad))
|
|
try {
|
|
_context.Addresses.Update(ad);
|
|
_context.SaveChanges();
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
else return Unauthorized();
|
|
return ad;
|
|
}
|
|
|
|
[EnableCors("_myAllowSpecificOrigins"), HttpDelete]
|
|
public async Task<ActionResult<int>> Delete(int id) {
|
|
IList<string> roles;
|
|
AddressModel ad;
|
|
InventoryUser user;
|
|
int adId = 0;
|
|
|
|
try {
|
|
user = await _userMan.GetUserAsync(_signInMan.Context.User);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
try {
|
|
roles = await _userMan.GetRolesAsync(user);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
roles = new List<string>();
|
|
}
|
|
|
|
try {
|
|
ad = _context.Addresses.First(a => a.Id == id);
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
|
|
adId = ad.Id;
|
|
if (roles.Contains("Administrateur") ||
|
|
user.Adresses.Contains(ad))
|
|
try {
|
|
user.Adresses.Remove(ad);
|
|
_context.SaveChanges();
|
|
} catch (Exception e) {
|
|
_logger.LogError(10, e.Message);
|
|
return BadRequest();
|
|
}
|
|
else return Unauthorized();
|
|
return adId;
|
|
}
|
|
|
|
#endregion
|
|
}
|