// GET: Users/Details/5 public async Task <IActionResult> Details(int?id) { var context = this; var identity = context.HttpContext.User.Identity as ClaimsIdentity; IList <Claim> claim = identity.Claims.ToList(); var thisUser = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value)); if (AuthHandler.CheckIfAdmin(this)) { TempData["IsAdmin"] = true; } else if (thisUser.UserId != id) { return(StatusCode(403)); } if (id == null) { return(NotFound()); } var user = await sqlTheaterData.OnGetUser(id); if (user == null) { return(NotFound()); } return(View(user)); }
// GET: Users/Edit/5 public async Task <IActionResult> Edit(int?id) { var context = this; var identity = context.HttpContext.User.Identity as ClaimsIdentity; IList <Claim> claim = identity.Claims.ToList(); var thisUser = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value)); if (AuthHandler.CheckIfAdmin(this)) { TempData["IsAdmin"] = true; } else if (thisUser.UserId != id) { return(StatusCode(403)); } if (id == null) { return(NotFound()); } var user = await _context.Users.FindAsync(id); if (user == null) { return(NotFound()); } user.Password = Encryption.DecryptString("kljsdkkdlo4454GG00155sajuklmbkdl", user.Password); return(View(user)); }
// GET: Users/Create public IActionResult Create() { if (AuthHandler.CheckIfAdmin(this)) { return(Redirect(String.Format($"../../Users/CreateAdmin"))); } return(View()); }
public IActionResult Create() { bool isAdmin = AuthHandler.CheckIfAdmin(this); if (isAdmin) { return(View()); } else { return(StatusCode(403)); } }
public async Task <IActionResult> Index() { if (AuthHandler.CheckIfAdmin(this)) { List <User> users = await sqlTheaterData.OnGetUsers(); return(base.View(users)); } else { return(StatusCode(403)); } }
public async Task <IActionResult> Edit(int id) { bool isAdmin = AuthHandler.CheckIfAdmin(this); if (isAdmin) { Movie movie = await sqlTheaterData.OnGetMovie(id); return(View(movie)); } else { return(StatusCode(403)); } }
//Method to acess your own profile page from the navbar button "my profile" public async Task <IActionResult> MyDetails() { if (AuthHandler.CheckIfAdmin(this)) { TempData["IsAdmin"] = true; } var context = this; var identity = context.HttpContext.User.Identity as ClaimsIdentity; IList <Claim> claim = identity.Claims.ToList(); var user = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value)); return(RedirectToAction("Details", new { id = user.UserId })); }
public async Task <IActionResult> CreateViewing(int id) { bool isAdmin = AuthHandler.CheckIfAdmin(this); if (isAdmin) { Movie movie = await sqlTheaterData.OnGetMovie(id); List <Salon> salons = sqlTheaterData.GetSalons(); var model = new CreateViewingViewModel { MovieId = id, Movie = movie, Salons = salons }; return(View(model)); } else { return(StatusCode(403)); } }
public async Task <IActionResult> Details(int?id) { bool isAdmin = AuthHandler.CheckIfAdmin(this); if (isAdmin) { if (id == null) { return(NotFound()); } var movie = await sqlTheaterData.OnGetMovie(id); if (movie == null) { return(NotFound()); } return(View(movie)); } else { return(StatusCode(403)); } }
public async Task <IActionResult> Edit(int id, [Bind("UserId,UserName,FirstName,LastName,Password,IsAdmin,PhoneNumber")] User user) { var context = this; var identity = context.HttpContext.User.Identity as ClaimsIdentity; IList <Claim> claim = identity.Claims.ToList(); var thisUser = await _context.Users.FirstOrDefaultAsync(u => u.UserName == (claim[0].Value)); var duplicateUserName = await _context.Users.FirstOrDefaultAsync(u => u.UserName == user.UserName); if (AuthHandler.CheckIfAdmin(this)) { TempData["IsAdmin"] = true; } else if (thisUser.UserId != id) { return(StatusCode(403)); } if (duplicateUserName != null && duplicateUserName.UserId != user.UserId) { TempData["UserNameTaken"] = "Username taken"; return(View(user)); } if (id != user.UserId) { return(NotFound()); } if (ModelState.IsValid) { try { user.Password = Encryption.EncryptString("kljsdkkdlo4454GG00155sajuklmbkdl", user.Password); var oldUser = await _context.Users.FirstOrDefaultAsync(u => u.UserId == user.UserId); oldUser.FirstName = user.FirstName; oldUser.LastName = user.LastName; oldUser.Password = user.Password; oldUser.PhoneNumber = user.PhoneNumber; oldUser.IsAdmin = user.IsAdmin; oldUser.UserName = user.UserName; await _context.SaveChangesAsync(); if (thisUser.UserId == user.UserId) { var claims = new[] { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.Role, user.IsAdmin ? "Admin" : "User") }; var identityClaims = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identityClaims)); } } catch (DbUpdateConcurrencyException) { if (!UserExists(user.UserId)) { return(NotFound()); } else { throw; } } if (AuthHandler.CheckIfAdmin(this)) { return(RedirectToAction(nameof(Index))); } else { return(RedirectToAction("Details", new { id = user.UserId })); } } return(View(user)); }