Added grants getMine

2024-08-31 20:59:42 -05:00 · 2024-08-31 20:59:42 -05:00 · e62f390942
commit e62f390942
parent 787cdf5c6d
7 changed files with 49 additions and 1 deletions
--- a/API/Authentication/GrantAuthentication.cs
+++ b/API/Authentication/GrantAuthentication.cs
@ -43,5 +43,9 @@ namespace API.Authentication
 			       _grantManager.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id))
 				&& _grantManager.hasGrant(user.permissionId, model.name);
 		}
+		public bool canGetMine(User user)
+		{
+			return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetSelf);
+		}
 	}
 }
--- a/API/Authentication/GrantNames/GrantGrantNames.cs
+++ b/API/Authentication/GrantNames/GrantGrantNames.cs
@ -2,6 +2,7 @@ namespace API.Authentication.GrantNames
 {
 	public static class GrantGrantNames
 	{
+		public const string CanGetSelf = "api.grant.get.self";
 		public const string CanGetAll = "api.grant.get.all";
 		public const string CanGetAny = "api.grant.get.any";
 		public const string CanGet = "api.grant.get";
--- a/API/Authentication/Interfaces/IGrantAuthentication.cs
+++ b/API/Authentication/Interfaces/IGrantAuthentication.cs
@ -5,5 +5,6 @@ namespace API.Authentication.Interfaces
 {
 	public interface IGrantAuthentication : IGenericAuthentication<GrantDTO, Grant>
 	{
+		bool canGetMine(User user);
 	}
 }
--- a/API/Controllers/GrantController.cs
+++ b/API/Controllers/GrantController.cs
@ -5,6 +5,7 @@ using API.Services;
 using DAL.Models;
 using DAL.Models.Audits;
 using Microsoft.AspNetCore.Mvc;
+using MUser = DAL.Models.User;

 namespace API.Controllers
 {
@ -15,5 +16,28 @@ namespace API.Controllers
 		public GrantController(ILogger<GrantController> logger, UserService userService, GrantService service) : base(logger, userService, service)
 		{
 		}
+
+		[HttpGet("mine")]
+		public ActionResult<List<GrantDTO>> getMine()
+		{
+			MUser? user = getUser(User);
+			if (user == null)
+				return Unauthorized();
+
+			IEnumerable<Grant>? result = Service.getMine(user);
+			if (result == null)
+				return Forbid();
+
+			List<GrantDTO> dtos = [];
+
+			Parallel.ForEach(result, item =>
+			{
+				GrantDTO dto = new GrantDTO();
+				dto.adaptFromModel(item);
+				dtos.Add(dto);
+			});
+
+			return Ok(dtos);
+		}
 	}
 }
--- a/API/Program.cs
+++ b/API/Program.cs
@ -98,7 +98,14 @@ namespace API
 			});


-			builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
+			builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
+			{
+				options.Events.OnRedirectToAccessDenied = context =>
+				{
+					context.Response.StatusCode = 403;
+					return Task.CompletedTask;
+				};
+			});
 			// builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
 			// {
 			// 	options.Cookie.SameSite = SameSiteMode.None;
--- a/API/Services/GrantService.cs
+++ b/API/Services/GrantService.cs
@ -11,5 +11,13 @@ namespace API.Services
 		public GrantService(ILogger<GrantService> logger, SASGContext context, IGrantAuthentication auth) : base(logger, context, auth)
 		{
 		}
+
+		public IEnumerable<Grant>? getMine(User user)
+		{
+			if (!_auth.canGetMine(user))
+				return null;
+
+			return Context.Set<Grant>().Where(x => x.permissionId == user.permissionId);
+		}
 	}
 }
--- a/Setup/Filler/Grants.sql
+++ b/Setup/Filler/Grants.sql
@ -48,6 +48,9 @@ VALUES ('api.event.delete.any', 1, NOW(), 1);
 INSERT INTO san_antonio_senior_golf.grants (name, permissionId, updated, updater)
 VALUES ('api.event.delete', 1, NOW(), 1);

+INSERT INTO san_antonio_senior_golf.grants (name, permissionId, updated, updater)
+VALUES ('api.grant.get.self', 1, NOW(), 1);
+
 INSERT INTO san_antonio_senior_golf.grants (name, permissionId, updated, updater)
 VALUES ('api.grant.get.all', 1, NOW(), 1);