diff --git a/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Api/Extensions/AuthExtensions.cs b/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Api/Extensions/AuthExtensions.cs index 33b447b0..e88a3a5e 100644 --- a/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Api/Extensions/AuthExtensions.cs +++ b/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Api/Extensions/AuthExtensions.cs @@ -1,4 +1,5 @@ -using Microsoft.AspNetCore.Authentication.JwtBearer; +using System.Security.Claims; +using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.IdentityModel.Tokens; using Streetcode.Auth.Common.Configurations; using System.Text; @@ -41,6 +42,8 @@ public static IServiceCollection AddJwtAuthentication(this IServiceCollection se ValidIssuer = jwtSettings.Issuer, ValidAudience = jwtSettings.Audience, IssuerSigningKey = new SymmetricSecurityKey(keyBytes), + + RoleClaimType = ClaimTypes.Role, ClockSkew = TimeSpan.Zero }; diff --git a/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Infrastructure/Services/Token/TokenService.cs b/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Infrastructure/Services/Token/TokenService.cs index d2154f33..ab468928 100644 --- a/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Infrastructure/Services/Token/TokenService.cs +++ b/Streetcode/Services/Streetcode.Auth/Streetcode.Auth.Infrastructure/Services/Token/TokenService.cs @@ -57,6 +57,7 @@ public async Task> GenerateTokensAsync(User user, Cance await _refreshTokenRepository.AddAsync(refreshTokenEntity, cancellationToken); var changesSaved = await _refreshTokenRepository.SaveChangesAsync(cancellationToken) > 0; + if (changesSaved) { var tokenResponseDto = new TokenResponseDto diff --git a/Streetcode/Streetcode.WebApi/Controllers/AdditionalContent/CoordinateController.cs b/Streetcode/Streetcode.WebApi/Controllers/AdditionalContent/CoordinateController.cs index 8538393f..ce193406 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/AdditionalContent/CoordinateController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/AdditionalContent/CoordinateController.cs @@ -6,6 +6,7 @@ using Streetcode.BLL.MediatR.AdditionalContent.Coordinate.Delete; using Streetcode.BLL.MediatR.AdditionalContent.Coordinate.GetByStreetcodeId; using Streetcode.BLL.MediatR.AdditionalContent.Coordinate.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.AdditionalContent; @@ -18,21 +19,21 @@ public async Task GetByStreetcodeId([FromRoute] int streetcodeId) } [HttpPost] - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] StreetcodeCoordinateDto dto) { return HandleResult(await Mediator.Send(new CreateCoordinateCommand(dto))); } [HttpPut] - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update([FromBody] StreetcodeCoordinateDto dto) { return HandleResult(await Mediator.Send(new UpdateCoordinateCommand(dto))); } [HttpDelete("{id:int}")] - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteCoordinateCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Email/EmailController.cs b/Streetcode/Streetcode.WebApi/Controllers/Email/EmailController.cs index 5d87c0ba..78821c21 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Email/EmailController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Email/EmailController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Email; using Streetcode.BLL.MediatR.Email; @@ -7,6 +8,7 @@ namespace Streetcode.WebApi.Controllers.Email public class EmailController : BaseApiController { [HttpPost] + [Authorize] public async Task Send([FromBody] EmailDto email) { return HandleResult(await Mediator.Send(new SendEmailCommand(email))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Media/AudioController.cs b/Streetcode/Streetcode.WebApi/Controllers/Media/AudioController.cs index f904bbd5..6ed33d53 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Media/AudioController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Media/AudioController.cs @@ -1,4 +1,5 @@ -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Media.Audio; using Streetcode.BLL.MediatR.Media.Audio.Create; using Streetcode.BLL.MediatR.Media.Audio.Delete; @@ -6,6 +7,7 @@ using Streetcode.BLL.MediatR.Media.Audio.GetBaseAudio; using Streetcode.BLL.MediatR.Media.Audio.GetById; using Streetcode.BLL.MediatR.Media.Audio.GetByStreetcodeId; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Media; @@ -36,12 +38,14 @@ public async Task GetBaseAudio([FromRoute] int id) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] AudioFileBaseCreateDto audio) { return HandleResult(await Mediator.Send(new CreateAudioCommand(audio))); } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteAudioCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Media/Images/ImageController.cs b/Streetcode/Streetcode.WebApi/Controllers/Media/Images/ImageController.cs index ad2e4d71..d09da0c6 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Media/Images/ImageController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Media/Images/ImageController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Media.Images; using Streetcode.BLL.MediatR.Media.Image.GetAll; @@ -6,6 +7,7 @@ using Streetcode.BLL.MediatR.Media.Image.GetByStreetcodeId; using Streetcode.BLL.MediatR.Media.Image.Create; using Streetcode.BLL.MediatR.Media.Image.Delete; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Media.Images; @@ -30,12 +32,14 @@ public async Task GetById([FromRoute] int id) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] ImageFileBaseCreateDto image) { return HandleResult(await Mediator.Send(new CreateImageCommand(image))); } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteImageCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Newss/NewssController.cs b/Streetcode/Streetcode.WebApi/Controllers/Newss/NewssController.cs index 4abcd302..d90ca138 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Newss/NewssController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Newss/NewssController.cs @@ -1,4 +1,5 @@ -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.News; using Streetcode.BLL.MediatR.Newss.Create; using Streetcode.BLL.MediatR.Newss.Delete; @@ -8,6 +9,7 @@ using Streetcode.BLL.MediatR.Newss.GetNewsAndLinksByUrl; using Streetcode.BLL.MediatR.Newss.SortedByDateTime; using Streetcode.BLL.MediatR.Newss.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Newss; @@ -44,18 +46,21 @@ public async Task SortedByDateTime() } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] NewsDto news) { return HandleResult(await Mediator.Send(new CreateNewsCommand(news))); } [HttpPut] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update([FromBody] NewsDto news) { return HandleResult(await Mediator.Send(new UpdateNewsCommand(news))); } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteNewsCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Partners/PartnersController.cs b/Streetcode/Streetcode.WebApi/Controllers/Partners/PartnersController.cs index 78e48380..cc3bac23 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Partners/PartnersController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Partners/PartnersController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Partners; using Streetcode.BLL.MediatR.Partners.Create; @@ -5,6 +6,7 @@ using Streetcode.BLL.MediatR.Partners.GetAllPartnerShort; using Streetcode.BLL.MediatR.Partners.GetById; using Streetcode.BLL.MediatR.Partners.GetByStreetcodeId; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Partners; @@ -35,18 +37,21 @@ public async Task GetByStreetcodeId([FromRoute] int streetcodeId) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] CreatePartnerDto partner) { return HandleResult(await Mediator.Send(new CreatePartnerCommand(partner))); } [HttpPut] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update([FromBody] CreatePartnerDto partner) { return HandleResult(await Mediator.Send(new BLL.MediatR.Partners.Update.UpdatePartnerCommand(partner))); } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new BLL.MediatR.Partners.Delete.DeletePartnerCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Payment/PaymentController.cs b/Streetcode/Streetcode.WebApi/Controllers/Payment/PaymentController.cs index af242b54..7a6fd68f 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Payment/PaymentController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Payment/PaymentController.cs @@ -1,4 +1,5 @@ -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Payment; using Streetcode.BLL.MediatR.Payment; @@ -7,6 +8,7 @@ namespace Streetcode.WebApi.Controllers.Payment public class PaymentController : BaseApiController { [HttpPost] + [Authorize] public async Task CreateInvoice([FromBody] PaymentDto payment) { return HandleResult(await Mediator.Send(new CreateInvoiceCommand(payment))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/CommentsController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/CommentsController.cs index e19d2156..843d4e8a 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/CommentsController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/CommentsController.cs @@ -1,4 +1,5 @@ -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Streetcode.Comments; using Streetcode.BLL.MediatR.Streetcode.Comments.Create; using Streetcode.BLL.MediatR.Streetcode.Comments.Delete; @@ -7,6 +8,7 @@ namespace Streetcode.WebApi.Controllers.Streetcode { + [Authorize] public class CommentsController : BaseApiController { [HttpGet("{streetcodeId:int}")] diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/RelatedFigureController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/RelatedFigureController.cs index db3d9f41..74027c00 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/RelatedFigureController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/RelatedFigureController.cs @@ -1,8 +1,10 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.MediatR.Streetcode.RelatedFigure.Create; using Streetcode.BLL.MediatR.Streetcode.RelatedFigure.Delete; using Streetcode.BLL.MediatR.Streetcode.RelatedFigure.GetByStreetcodeId; using Streetcode.BLL.MediatR.Streetcode.RelatedFigure.GetByTagId; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Streetcode; @@ -21,12 +23,14 @@ public async Task GetByTagId([FromRoute] int tagId) } [HttpPost("{ObserverId:int}&{TargetId:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromRoute] int ObserverId, int TargetId) { return HandleResult(await Mediator.Send(new CreateRelatedFigureCommand(ObserverId, TargetId))); } [HttpDelete("{ObserverId:int}&{TargetId:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int ObserverId, int TargetId) { return HandleResult(await Mediator.Send(new DeleteRelatedFigureCommand(ObserverId, TargetId))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/StreetcodeController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/StreetcodeController.cs index c1c69ace..e6953cbd 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/StreetcodeController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/StreetcodeController.cs @@ -1,4 +1,5 @@ using System.Text.Json; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.AdditionalContent.Filter; using Streetcode.BLL.DTO.Streetcode; @@ -15,6 +16,7 @@ using Streetcode.BLL.MediatR.Streetcode.Streetcode.GetCount; using Streetcode.BLL.MediatR.Streetcode.Streetcode.GetShortById; using Streetcode.BLL.MediatR.Streetcode.Streetcode.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Streetcode; @@ -75,12 +77,14 @@ public async Task GetById([FromRoute] int id) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] JsonElement streetcodeDTO) { return HandleResult(await Mediator.Send(new CreateStreetcodeCommand(streetcodeDTO))); } [HttpPut("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update(int id, [FromBody] JsonElement streetcodeDTO) { var command = new UpdateStreetcodeCommand(id, streetcodeDTO); @@ -88,12 +92,14 @@ public async Task Update(int id, [FromBody] JsonElement streetcod } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task SoftDelete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteSoftStreetcodeCommand(id))); } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task DeleteFull([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteFullStreetcodeCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/FactController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/FactController.cs index c058940a..a11aeeb0 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/FactController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/FactController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Streetcode.TextContent.Fact; using Streetcode.BLL.MediatR.Streetcode.Fact.Create; @@ -6,6 +7,7 @@ using Streetcode.BLL.MediatR.Streetcode.Fact.GetById; using Streetcode.BLL.MediatR.Streetcode.Fact.GetByStreetcodeId; using Streetcode.BLL.MediatR.Streetcode.Fact.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Streetcode.TextContent { @@ -30,18 +32,21 @@ public async Task GetByStreetcodeId([FromRoute] int streetcodeId) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] CreateFactDto fact) { return HandleResult(await Mediator.Send(new CreateFactCommand(fact))); } [HttpPut] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update([FromBody] UpdateFactDto fact) { return HandleResult(await Mediator.Send(new UpdateFactCommand(fact))); } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteFactCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/RelatedTermController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/RelatedTermController.cs index 98b7caf0..ddfa01c2 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/RelatedTermController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/RelatedTermController.cs @@ -1,9 +1,11 @@ -using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Streetcode.TextContent; using Streetcode.BLL.MediatR.Streetcode.RelatedTerm.Create; using Streetcode.BLL.MediatR.Streetcode.RelatedTerm.Delete; using Streetcode.BLL.MediatR.Streetcode.RelatedTerm.GetAllByTermId; using Streetcode.BLL.MediatR.Streetcode.RelatedTerm.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Streetcode.TextContent { @@ -16,18 +18,21 @@ public async Task GetByTermId([FromRoute] int id) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] RelatedTermDto relatedTerm) { return HandleResult(await Mediator.Send(new CreateRelatedTermCommand(relatedTerm))); } [HttpPut("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update([FromRoute] int id, [FromBody] RelatedTermDto relatedTerm) { return HandleResult(await Mediator.Send(new UpdateRelatedTermCommand(id, relatedTerm))); } [HttpDelete("{word}/{termId:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] string word, [FromRoute] int termId) { return HandleResult(await Mediator.Send(new DeleteRelatedTermCommand(word, termId))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TermController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TermController.cs index 09cdd7e5..86c982e9 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TermController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TermController.cs @@ -1,8 +1,10 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Streetcode.TextContent; using Streetcode.BLL.MediatR.Streetcode.Term.Create; using Streetcode.BLL.MediatR.Streetcode.Term.GetAll; using Streetcode.BLL.MediatR.Streetcode.Term.GetById; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Streetcode.TextContent; @@ -21,6 +23,7 @@ public async Task GetById([FromRoute] int id) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] TermDto term) { return HandleResult(await Mediator.Send(new CreateTermCommand(term))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TextController.cs b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TextController.cs index 9de8e118..0aeae9b9 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TextController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Streetcode/TextContent/TextController.cs @@ -1,4 +1,5 @@ using FluentResults; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Streetcode.TextContent.Text; using Streetcode.BLL.MediatR.Streetcode.Text.Create; @@ -8,6 +9,7 @@ using Streetcode.BLL.MediatR.Streetcode.Text.GetByStreetcodeId; using Streetcode.BLL.MediatR.Streetcode.Text.GetParsed; using Streetcode.BLL.MediatR.Streetcode.Text.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Streetcode.TextContent; @@ -38,6 +40,7 @@ public async Task GetParsedText([FromQuery] string text) } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] TextCreateDto textDto) { if (!ModelState.IsValid) @@ -49,6 +52,7 @@ public async Task Create([FromBody] TextCreateDto textDto) } [HttpPut("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Update([FromRoute] int id, [FromBody] TextUpdateDto textDto) { if (!ModelState.IsValid) @@ -60,6 +64,7 @@ public async Task Update([FromRoute] int id, [FromBody] TextUpdat } [HttpDelete("{id:int}")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Delete([FromRoute] int id) { return HandleResult(await Mediator.Send(new DeleteTextCommand(id))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Team/PositionController.cs b/Streetcode/Streetcode.WebApi/Controllers/Team/PositionController.cs index 2249024d..c257a72a 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Team/PositionController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Team/PositionController.cs @@ -1,8 +1,10 @@ using MediatR; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Team; using Streetcode.BLL.MediatR.Team.Create; using Streetcode.BLL.MediatR.Team.Position.GetAll; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Team { @@ -15,6 +17,7 @@ public async Task GetAll() } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] PositionDto position) { return HandleResult(await Mediator.Send(new CreatePositionQuery(position))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Team/TeamLinkController.cs b/Streetcode/Streetcode.WebApi/Controllers/Team/TeamLinkController.cs index 2644ecd6..c44d0473 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Team/TeamLinkController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Team/TeamLinkController.cs @@ -1,10 +1,12 @@ using MediatR; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Team; using Streetcode.BLL.MediatR.Team.Create; using Streetcode.BLL.MediatR.Team.GetAll; using Streetcode.BLL.MediatR.Team.TeamMembersLinks.Create; using Streetcode.BLL.MediatR.Team.TeamMembersLinks.GetAll; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Team { @@ -17,6 +19,7 @@ public async Task GetAll() } [HttpPost] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task Create([FromBody] TeamMemberLinkDto teamMemberLink) { return HandleResult(await Mediator.Send(new CreateTeamLinkCommand(teamMemberLink))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Timeline/HistoricalContextController.cs b/Streetcode/Streetcode.WebApi/Controllers/Timeline/HistoricalContextController.cs index 87dd5d38..83ff82cb 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Timeline/HistoricalContextController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Timeline/HistoricalContextController.cs @@ -5,6 +5,7 @@ using Streetcode.BLL.MediatR.Timeline.HistoricalContext.Delete; using Streetcode.BLL.MediatR.Timeline.HistoricalContext.GetAll; using Streetcode.BLL.MediatR.Timeline.HistoricalContext.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Timeline { @@ -16,21 +17,21 @@ public async Task GetAll() return HandleResult(await Mediator.Send(new GetAllHistoricalContextQuery())); } - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] [HttpPost] public async Task Create([FromBody] CreateHistoricalContextDto historicalContext) { return HandleResult(await Mediator.Send(new CreateHistoricalContextCommand(historicalContext))); } - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] [HttpPut] public async Task Update([FromBody] UpdateHistoricalContextDto historicalContext) { return HandleResult(await Mediator.Send(new UpdateHistoricalContextCommand(historicalContext))); } - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] [HttpDelete("{id:int}")] public async Task Delete([FromRoute] int id) { diff --git a/Streetcode/Streetcode.WebApi/Controllers/Timeline/TimelineItemController.cs b/Streetcode/Streetcode.WebApi/Controllers/Timeline/TimelineItemController.cs index c60cf277..cc9c2149 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Timeline/TimelineItemController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Timeline/TimelineItemController.cs @@ -7,6 +7,7 @@ using Streetcode.BLL.MediatR.Timeline.TimelineItem.GetById; using Streetcode.BLL.MediatR.Timeline.TimelineItem.GetByStreetcodeId; using Streetcode.BLL.MediatR.Timeline.TimelineItem.Update; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Timeline; @@ -30,21 +31,21 @@ public async Task GetByStreetcodeId([FromRoute] int streetcodeId) return HandleResult(await Mediator.Send(new GetTimelineItemsByStreetcodeIdQuery(streetcodeId))); } - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] [HttpPost] public async Task Create([FromBody] CreateTimelineItemDto timelineItem) { return HandleResult(await Mediator.Send(new CreateTimelineItemCommand(timelineItem))); } - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] [HttpPut] public async Task Update([FromBody] UpdateTimelineItemDto timelineItem) { return HandleResult(await Mediator.Send(new UpdateTimelineItemCommand(timelineItem))); } - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] [HttpDelete("{id:int}")] public async Task Delete([FromRoute] int id) { diff --git a/Streetcode/Streetcode.WebApi/Controllers/Toponyms/ToponymController.cs b/Streetcode/Streetcode.WebApi/Controllers/Toponyms/ToponymController.cs index dd9d5e3f..a498b80f 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Toponyms/ToponymController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Toponyms/ToponymController.cs @@ -7,6 +7,7 @@ using Streetcode.BLL.MediatR.Toponyms.GetById; using Streetcode.BLL.MediatR.Toponyms.GetByStreetcodeId; using Streetcode.BLL.MediatR.Toponyms.Merge; +using Streetcode.DAL.Enums; namespace Streetcode.WebApi.Controllers.Toponyms; @@ -31,14 +32,14 @@ public async Task GetByStreetcodeId([FromRoute] int streetcodeId) } [HttpPost("streetcode-toponym")] - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task CreateStreetcodeToponym([FromBody] StreetcodeToponymDto dto) { return HandleResult(await Mediator.Send(new CreateStreetcodeToponymCommand(dto))); } [HttpDelete("streetcode-toponym/{streetcodeId:int}/{toponymId:int}")] - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task DeleteStreetcodeToponym( [FromRoute] int streetcodeId, [FromRoute] int toponymId) @@ -47,7 +48,7 @@ public async Task DeleteStreetcodeToponym( } [HttpPost("merge")] - [Authorize(Roles = "Admin")] + [Authorize(Roles = nameof(UserRole.Administrator))] public async Task MergeToponyms([FromBody] MergeToponymsDto dto) { return HandleResult(await Mediator.Send(new MergeToponymsCommand(dto))); diff --git a/Streetcode/Streetcode.WebApi/Controllers/Transactions/TransactLinksController.cs b/Streetcode/Streetcode.WebApi/Controllers/Transactions/TransactLinksController.cs index aafc6491..f7bd278f 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Transactions/TransactLinksController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Transactions/TransactLinksController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Transactions; using Streetcode.BLL.MediatR.Transactions.TransactionLink.GetAll; @@ -6,6 +7,7 @@ namespace Streetcode.WebApi.Controllers.Transactions; +[Authorize] public class TransactLinksController : BaseApiController { [HttpGet] diff --git a/Streetcode/Streetcode.WebApi/Controllers/Users/UsersController.cs b/Streetcode/Streetcode.WebApi/Controllers/Users/UsersController.cs index 19ebbc5f..60bbed46 100644 --- a/Streetcode/Streetcode.WebApi/Controllers/Users/UsersController.cs +++ b/Streetcode/Streetcode.WebApi/Controllers/Users/UsersController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Streetcode.BLL.DTO.Users; using Streetcode.BLL.MediatR.Users.Login; @@ -20,6 +21,7 @@ public async Task Login([FromBody] UserLoginDto user) return HandleResult(await Mediator.Send(new UserLoginCommand(user))); } + [Authorize] [HttpPost("logout")] public async Task Logout([FromBody] LogoutRequestDto logoutRequest) {