august/Computer_Hardware_Store
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

изменение политики безопасности

Browse Source
This commit is contained in:
dasha 2023-05-19 15:26:48 +04:00
parent 51c8a7da5a
commit ce13c36817
6 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
HardwareShop/HardwareShopClientApp/Controllers/HomeController.cs
View File

@ -68,7 +68,7 @@ namespace HardwareShopStorekeeperApp.Controllers
throw new Exception("Введите почту и пароль");
}
APIClient.User = APIClient.GetRequest<UserViewModel>($"api/user/login?email={email}&password={password}");
if (APIClient.User == null)
if (APIClient.User == null || APIClient.User.Role != UserRole.Кладовщик)
{
throw new Exception("Неверные почта и/или пароль");
}

4
HardwareShop/HardwareShopClientApp/Controllers/StorekeeperController.cs
View File

@ -186,7 +186,7 @@ namespace HardwareShopStorekeeperApp.Controllers
throw new Exception("Вы как сюда попали? Сюда вход только авторизованным");
}
var result = APIClient.GetRequest<Tuple<GoodViewModel,
List<Tuple<ComponentViewModel?, int>>>?>($"api/good/getgoodupdate?id={goodid}");
List<Tuple<ComponentViewModel?, int>>>?>($"api/good/getgoodupdate?id={goodid}&userId={APIClient.User.Id}");
return result;
}
@ -225,7 +225,7 @@ namespace HardwareShopStorekeeperApp.Controllers
throw new Exception("Вы как сюда попали? Сюда вход только авторизованным");
}
componentModel.UserId = APIClient.User.Id;
APIClient.PostRequest("api/component/updatedata", componentModel);
APIClient.PostRequest($"api/component/updatedata", componentModel);
}
[HttpGet]

2
HardwareShop/HardwareShopClientApp/Views/Storekeeper/Components.cshtml
View File

@ -53,7 +53,7 @@
asp-action="LinkBuilds"
asp-route-componentid="@item.Id"
class="btn btn-success">
<i class="fa fa-pen-to-square" aria-hidden="true"></i>
<i class="fa fa-paperclip fa-rotate-90" aria-hidden="true"></i>
</a>
<button onclick="getComponent(@item.Id)" type="button" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#updateModal">
<i class="fa fa-pencil" aria-hidden="true"></i>

2
HardwareShop/HardwareShopDatabaseImplement/Implements/Storekeeper/ComponentStorage.cs
View File

@ -119,7 +119,7 @@ namespace HardwareShopDatabaseImplement.Implements.Storekeeper
.Include(x => x.Builds)
.ThenInclude(x => x.Build)
.FirstOrDefault(rec => rec.Id == model.Id);
if (good == null)
if (good == null || good.UserId != model.UserId)
{
return null;
}

4
HardwareShop/HardwareShopDatabaseImplement/Implements/Storekeeper/GoodStorage.cs
View File

@ -28,11 +28,11 @@ namespace HardwareShopDatabaseImplement.Implements.Storekeeper
public GoodViewModel? GetElement(GoodSearchModel model)
{
using var context = new HardwareShopDatabase();
if (model.UserId.HasValue)
if (model.UserId.HasValue && model.Id.HasValue)
return context.Goods
.Include(x => x.Components)
.ThenInclude(x => x.Component)
.FirstOrDefault(x => x.UserId == model.UserId)
.FirstOrDefault(x => x.UserId == model.UserId && model.Id == x.Id)
?.GetViewModel;
if (!string.IsNullOrEmpty(model.GoodName) || model.Id.HasValue)
return context.Goods

4
HardwareShop/HardwareShopRestApi/Controllers/GoodController.cs
View File

@ -63,11 +63,11 @@ namespace HardwareShopRestApi.Controllers
}
[HttpGet]
public Tuple<GoodViewModel, List<Tuple<ComponentViewModel, int>>>? GetGoodUpdate(int id)
public Tuple<GoodViewModel, List<Tuple<ComponentViewModel, int>>>? GetGoodUpdate(int id, int userId)
{
try
{
var good = _good.ReadElement(new() { Id = id });
var good = _good.ReadElement(new() { Id = id, UserId = userId });
if (good == null)
return null;
var tuple = Tuple.Create(good,