Diplomarbeit-Absolventenverein/Module.AdminModules
6
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
4158b5c370482068e06186f9a8190033b5a254c5
Module.AdminModules/Server/Controllers/AdminModulesController.cs

171 lines
7.1 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using System.Collections.Generic;
using Microsoft.AspNetCore.Http;
using Oqtane.Shared;
using Oqtane.Enums;
using Oqtane.Infrastructure;
using SZUAbsolventenverein.Module.AdminModules.Services;
using Oqtane.Controllers;
using System.Net;
using System.Threading.Tasks;
using SZUAbsolventenverein.Module.AdminModules.Models;
using Oqtane.Models;
namespace SZUAbsolventenverein.Module.AdminModules.Controllers
{
[Route(ControllerRoutes.ApiRoute)]
public class AdminModulesController : ModuleControllerBase
{
private readonly IAdminModulesService _AdminModulesService;
public AdminModulesController(IAdminModulesService AdminModulesService, ILogManager logger, IHttpContextAccessor accessor) : base(logger, accessor)
{
_AdminModulesService = AdminModulesService;
}
// GET: api/<controller>?moduleid=x
[HttpGet]
[Authorize(Policy = PolicyNames.ViewModule)]
public async Task<IEnumerable<Models.AdminModules>> Get(string moduleid)
{
int ModuleId;
if (int.TryParse(moduleid, out ModuleId) && IsAuthorizedEntityId(EntityNames.Module, ModuleId))
{
return await _AdminModulesService.GetAdminModulessAsync(ModuleId);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {ModuleId}", moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
// GET api/<controller>/5
[HttpGet("get/{id}/{moduleid}")]
[Authorize(Policy = PolicyNames.ViewModule)]
public async Task<Models.AdminModules> Get(int id, int moduleid)
{
Models.AdminModules AdminModules = await _AdminModulesService.GetAdminModulesAsync(id, moduleid);
if (AdminModules != null && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
{
return AdminModules;
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {AdminModulesId} {ModuleId}", id, moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
// POST api/<controller>
[HttpPost]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task<Models.AdminModules> Post([FromBody] Models.AdminModules AdminModules)
{
if (ModelState.IsValid && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
{
AdminModules = await _AdminModulesService.AddAdminModulesAsync(AdminModules);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Post Attempt {AdminModules}", AdminModules);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
AdminModules = null;
}
return AdminModules;
}
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task<Models.AdminModules> Put(int id, [FromBody] Models.AdminModules AdminModules)
{
if (ModelState.IsValid && AdminModules.AdminModulesId == id && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
{
AdminModules = await _AdminModulesService.UpdateAdminModulesAsync(AdminModules);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Put Attempt {AdminModules}", AdminModules);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
AdminModules = null;
}
return AdminModules;
}
// DELETE api/<controller>/5
[HttpDelete("{id}/{moduleid}")]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task Delete(int id, int moduleid)
{
Models.AdminModules AdminModules = await _AdminModulesService.GetAdminModulesAsync(id, moduleid);
if (AdminModules != null && IsAuthorizedEntityId(EntityNames.Module, AdminModules.ModuleId))
{
await _AdminModulesService.DeleteAdminModulesAsync(id, AdminModules.ModuleId);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Delete Attempt {AdminModulesId} {ModuleId}", id, moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
// GET api/<controller>/roles
[HttpGet("roles")]
[Authorize(Policy = PolicyNames.ViewModule)]
public async Task<List<Role>> GetRoles(string moduleid)
{
int ModuleId;
if (int.TryParse(moduleid, out ModuleId) && IsAuthorizedEntityId(EntityNames.Module, ModuleId))
{
return await _AdminModulesService.GetRoles(ModuleId);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {ModuleId}", moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
// Post api/<controller>/roles/5
[HttpPost("roles/{id}")]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task<EmailFields> PostUserCount(int id, [FromBody] EmailFields EmailFields)
{
if (ModelState.IsValid && EmailFields.AdminModulesId == id && IsAuthorizedEntityId(EntityNames.Module, EmailFields.ModuleId))
{
return await _AdminModulesService.PostUsercountInRole(EmailFields);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Put Attempt {AdminModules}", EmailFields);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
EmailFields = null;
return null;
}
}
// Post api/<controller>/roles/5
[HttpPut("send/{id}")]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task<EmailFields> PutSendMails(int id, [FromBody] EmailFields EmailFields)
{
if (ModelState.IsValid && EmailFields.AdminModulesId == id && IsAuthorizedEntityId(EntityNames.Module, EmailFields.ModuleId))
{
return await _AdminModulesService.SendMassNotification(EmailFields);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Put Attempt {AdminModules}", EmailFields);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
EmailFields = null;
return null;
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink