using System.Collections.Generic; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authorization; using Oqtane.Models; using Oqtane.Shared; using Oqtane.Enums; using Oqtane.Infrastructure; using System.Net; using Oqtane.Services; using System.Threading.Tasks; namespace Oqtane.Controllers { [Route(ControllerRoutes.ApiRoute)] public class SiteController : Controller { private readonly ISiteService _siteService; private readonly ILogManager _logger; public SiteController(ISiteService siteService, ILogManager logger) { _siteService = siteService; _logger = logger; } // GET: api/ [HttpGet] [Authorize(Roles = RoleNames.Host)] public async Task> Get() { return await _siteService.GetSitesAsync(); } // GET api//5 [HttpGet("{id}")] public async Task Get(int id) { return await _siteService.GetSiteAsync(id); } // POST api/ [HttpPost] [Authorize(Roles = RoleNames.Host)] public async Task Post([FromBody] Site site) { if (ModelState.IsValid) { site = await _siteService.AddSiteAsync(site); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Site Post Attempt {Site}", site); HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; site = null; } return site; } // PUT api//5 [HttpPut("{id}")] [Authorize(Roles = RoleNames.Admin)] public async Task Put(int id, [FromBody] Site site) { if (ModelState.IsValid) { site = await _siteService.UpdateSiteAsync(site); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Site Put Attempt {Site}", site); HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; site = null; } return site; } // DELETE api//5 [HttpDelete("{id}")] [Authorize(Roles = RoleNames.Host)] public async Task Delete(int id) { await _siteService.DeleteSiteAsync(id); } // GET api//modules/5/6 [HttpGet("modules/{siteId}/{pageId}")] public async Task> GetModules(int siteId, int pageId) { return await _siteService.GetModulesAsync(siteId, pageId); } } }