Permission-based authorization utilizing Policies

2019-08-27 17:14:41 -04:00
parent f037898c6e
commit 3ce7f1a227
54 changed files with 1104 additions and 388 deletions
--- a/Oqtane.Server/Controllers/RoleController.cs
+++ b/Oqtane.Server/Controllers/RoleController.cs
@ -39,7 +39,7 @@ namespace Oqtane.Controllers

        // POST api/<controller>
        [HttpPost]
-        [Authorize]
+        [Authorize(Roles = "Administrators")]
        public Role Post([FromBody] Role Role)
        {
            if (ModelState.IsValid)
@ -51,7 +51,7 @@ namespace Oqtane.Controllers

        // PUT api/<controller>/5
        [HttpPut("{id}")]
-        [Authorize]
+        [Authorize(Roles = "Administrators")]
        public Role Put(int id, [FromBody] Role Role)
        {
            if (ModelState.IsValid)
@ -63,7 +63,7 @@ namespace Oqtane.Controllers

        // DELETE api/<controller>/5
        [HttpDelete("{id}")]
-        [Authorize]
+        [Authorize(Roles = "Administrators")]
        public void Delete(int id)
        {
            Roles.DeleteRole(id);