From e62f39094263ceefaabf7429d9e58437e63b507b Mon Sep 17 00:00:00 2001 From: quentin Date: Sat, 31 Aug 2024 20:59:42 -0500 Subject: [PATCH] Added grants getMine --- API/Authentication/GrantAuthentication.cs | 4 ++++ .../GrantNames/GrantGrantNames.cs | 1 + .../Interfaces/IGrantAuthentication.cs | 1 + API/Controllers/GrantController.cs | 24 +++++++++++++++++++ API/Program.cs | 9 ++++++- API/Services/GrantService.cs | 8 +++++++ Setup/Filler/Grants.sql | 3 +++ 7 files changed, 49 insertions(+), 1 deletion(-) diff --git a/API/Authentication/GrantAuthentication.cs b/API/Authentication/GrantAuthentication.cs index 0dab376..3af6a16 100644 --- a/API/Authentication/GrantAuthentication.cs +++ b/API/Authentication/GrantAuthentication.cs @@ -43,5 +43,9 @@ namespace API.Authentication _grantManager.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id)) && _grantManager.hasGrant(user.permissionId, model.name); } + public bool canGetMine(User user) + { + return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetSelf); + } } } diff --git a/API/Authentication/GrantNames/GrantGrantNames.cs b/API/Authentication/GrantNames/GrantGrantNames.cs index 866fbd4..4bd1059 100644 --- a/API/Authentication/GrantNames/GrantGrantNames.cs +++ b/API/Authentication/GrantNames/GrantGrantNames.cs @@ -2,6 +2,7 @@ namespace API.Authentication.GrantNames { public static class GrantGrantNames { + public const string CanGetSelf = "api.grant.get.self"; public const string CanGetAll = "api.grant.get.all"; public const string CanGetAny = "api.grant.get.any"; public const string CanGet = "api.grant.get"; diff --git a/API/Authentication/Interfaces/IGrantAuthentication.cs b/API/Authentication/Interfaces/IGrantAuthentication.cs index fb76ceb..96f477c 100644 --- a/API/Authentication/Interfaces/IGrantAuthentication.cs +++ b/API/Authentication/Interfaces/IGrantAuthentication.cs @@ -5,5 +5,6 @@ namespace API.Authentication.Interfaces { public interface IGrantAuthentication : IGenericAuthentication { + bool canGetMine(User user); } } diff --git a/API/Controllers/GrantController.cs b/API/Controllers/GrantController.cs index 0e1b48a..6c7bdaa 100644 --- a/API/Controllers/GrantController.cs +++ b/API/Controllers/GrantController.cs @@ -5,6 +5,7 @@ using API.Services; using DAL.Models; using DAL.Models.Audits; using Microsoft.AspNetCore.Mvc; +using MUser = DAL.Models.User; namespace API.Controllers { @@ -15,5 +16,28 @@ namespace API.Controllers public GrantController(ILogger logger, UserService userService, GrantService service) : base(logger, userService, service) { } + + [HttpGet("mine")] + public ActionResult> getMine() + { + MUser? user = getUser(User); + if (user == null) + return Unauthorized(); + + IEnumerable? result = Service.getMine(user); + if (result == null) + return Forbid(); + + List dtos = []; + + Parallel.ForEach(result, item => + { + GrantDTO dto = new GrantDTO(); + dto.adaptFromModel(item); + dtos.Add(dto); + }); + + return Ok(dtos); + } } } diff --git a/API/Program.cs b/API/Program.cs index cc40416..c716340 100644 --- a/API/Program.cs +++ b/API/Program.cs @@ -98,7 +98,14 @@ namespace API }); - builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(); + builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options => + { + options.Events.OnRedirectToAccessDenied = context => + { + context.Response.StatusCode = 403; + return Task.CompletedTask; + }; + }); // builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options => // { // options.Cookie.SameSite = SameSiteMode.None; diff --git a/API/Services/GrantService.cs b/API/Services/GrantService.cs index b5e2d06..cc0a5f0 100644 --- a/API/Services/GrantService.cs +++ b/API/Services/GrantService.cs @@ -11,5 +11,13 @@ namespace API.Services public GrantService(ILogger logger, SASGContext context, IGrantAuthentication auth) : base(logger, context, auth) { } + + public IEnumerable? getMine(User user) + { + if (!_auth.canGetMine(user)) + return null; + + return Context.Set().Where(x => x.permissionId == user.permissionId); + } } } diff --git a/Setup/Filler/Grants.sql b/Setup/Filler/Grants.sql index a420cfd..55c92c7 100644 --- a/Setup/Filler/Grants.sql +++ b/Setup/Filler/Grants.sql @@ -48,6 +48,9 @@ VALUES ('api.event.delete.any', 1, NOW(), 1); INSERT INTO san_antonio_senior_golf.grants (name, permissionId, updated, updater) VALUES ('api.event.delete', 1, NOW(), 1); +INSERT INTO san_antonio_senior_golf.grants (name, permissionId, updated, updater) +VALUES ('api.grant.get.self', 1, NOW(), 1); + INSERT INTO san_antonio_senior_golf.grants (name, permissionId, updated, updater) VALUES ('api.grant.get.all', 1, NOW(), 1);