// GET: Users/Details/5
        public async Task <IActionResult> Details(int?id)
        {
            var           context  = this;
            var           identity = context.HttpContext.User.Identity as ClaimsIdentity;
            IList <Claim> claim    = identity.Claims.ToList();

            var thisUser = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value));

            if (AuthHandler.CheckIfAdmin(this))
            {
                TempData["IsAdmin"] = true;
            }
            else if (thisUser.UserId != id)
            {
                return(StatusCode(403));
            }

            if (id == null)
            {
                return(NotFound());
            }

            var user = await sqlTheaterData.OnGetUser(id);

            if (user == null)
            {
                return(NotFound());
            }

            return(View(user));
        }
        // GET: Users/Edit/5
        public async Task <IActionResult> Edit(int?id)
        {
            var           context  = this;
            var           identity = context.HttpContext.User.Identity as ClaimsIdentity;
            IList <Claim> claim    = identity.Claims.ToList();

            var thisUser = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value));

            if (AuthHandler.CheckIfAdmin(this))
            {
                TempData["IsAdmin"] = true;
            }
            else if (thisUser.UserId != id)
            {
                return(StatusCode(403));
            }

            if (id == null)
            {
                return(NotFound());
            }
            var user = await _context.Users.FindAsync(id);

            if (user == null)
            {
                return(NotFound());
            }


            user.Password = Encryption.DecryptString("kljsdkkdlo4454GG00155sajuklmbkdl", user.Password);
            return(View(user));
        }
 // GET: Users/Create
 public IActionResult Create()
 {
     if (AuthHandler.CheckIfAdmin(this))
     {
         return(Redirect(String.Format($"../../Users/CreateAdmin")));
     }
     return(View());
 }
Beispiel #4
0
        public IActionResult Create()
        {
            bool isAdmin = AuthHandler.CheckIfAdmin(this);

            if (isAdmin)
            {
                return(View());
            }
            else
            {
                return(StatusCode(403));
            }
        }
        public async Task <IActionResult> Index()
        {
            if (AuthHandler.CheckIfAdmin(this))
            {
                List <User> users = await sqlTheaterData.OnGetUsers();

                return(base.View(users));
            }
            else
            {
                return(StatusCode(403));
            }
        }
Beispiel #6
0
        public async Task <IActionResult> Edit(int id)
        {
            bool isAdmin = AuthHandler.CheckIfAdmin(this);

            if (isAdmin)
            {
                Movie movie = await sqlTheaterData.OnGetMovie(id);

                return(View(movie));
            }
            else
            {
                return(StatusCode(403));
            }
        }
        //Method to acess your own profile page from the navbar button "my profile"
        public async Task <IActionResult> MyDetails()
        {
            if (AuthHandler.CheckIfAdmin(this))
            {
                TempData["IsAdmin"] = true;
            }

            var           context  = this;
            var           identity = context.HttpContext.User.Identity as ClaimsIdentity;
            IList <Claim> claim    = identity.Claims.ToList();

            var user = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value));

            return(RedirectToAction("Details", new { id = user.UserId }));
        }
Beispiel #8
0
        public async Task <IActionResult> CreateViewing(int id)
        {
            bool isAdmin = AuthHandler.CheckIfAdmin(this);

            if (isAdmin)
            {
                Movie movie = await sqlTheaterData.OnGetMovie(id);

                List <Salon> salons = sqlTheaterData.GetSalons();
                var          model  = new CreateViewingViewModel {
                    MovieId = id, Movie = movie, Salons = salons
                };
                return(View(model));
            }
            else
            {
                return(StatusCode(403));
            }
        }
Beispiel #9
0
        public async Task <IActionResult> Details(int?id)
        {
            bool isAdmin = AuthHandler.CheckIfAdmin(this);

            if (isAdmin)
            {
                if (id == null)
                {
                    return(NotFound());
                }

                var movie = await sqlTheaterData.OnGetMovie(id);

                if (movie == null)
                {
                    return(NotFound());
                }
                return(View(movie));
            }
            else
            {
                return(StatusCode(403));
            }
        }
        public async Task <IActionResult> Edit(int id, [Bind("UserId,UserName,FirstName,LastName,Password,IsAdmin,PhoneNumber")] User user)
        {
            var           context  = this;
            var           identity = context.HttpContext.User.Identity as ClaimsIdentity;
            IList <Claim> claim    = identity.Claims.ToList();

            var thisUser = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value));

            var duplicateUserName = await _context.Users.FirstOrDefaultAsync(u => u.UserName == user.UserName);



            if (AuthHandler.CheckIfAdmin(this))
            {
                TempData["IsAdmin"] = true;
            }
            else if (thisUser.UserId != id)
            {
                return(StatusCode(403));
            }

            if (duplicateUserName != null && duplicateUserName.UserId != user.UserId)
            {
                TempData["UserNameTaken"] = "Username taken";
                return(View(user));
            }

            if (id != user.UserId)
            {
                return(NotFound());
            }

            if (ModelState.IsValid)
            {
                try
                {
                    user.Password = Encryption.EncryptString("kljsdkkdlo4454GG00155sajuklmbkdl", user.Password);

                    var oldUser = await _context.Users.FirstOrDefaultAsync(u => u.UserId == user.UserId);

                    oldUser.FirstName   = user.FirstName;
                    oldUser.LastName    = user.LastName;
                    oldUser.Password    = user.Password;
                    oldUser.PhoneNumber = user.PhoneNumber;
                    oldUser.IsAdmin     = user.IsAdmin;
                    oldUser.UserName    = user.UserName;

                    await _context.SaveChangesAsync();


                    if (thisUser.UserId == user.UserId)
                    {
                        var claims = new[] { new Claim(ClaimTypes.Name, user.UserName),
                                             new Claim(ClaimTypes.Role, user.IsAdmin ? "Admin" : "User") };

                        var identityClaims = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
                        await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identityClaims));
                    }
                }
                catch (DbUpdateConcurrencyException)
                {
                    if (!UserExists(user.UserId))
                    {
                        return(NotFound());
                    }
                    else
                    {
                        throw;
                    }
                }
                if (AuthHandler.CheckIfAdmin(this))
                {
                    return(RedirectToAction(nameof(Index)));
                }
                else
                {
                    return(RedirectToAction("Details", new { id = user.UserId }));
                }
            }
            return(View(user));
        }