public IActionResult Index() { if (User.IsInRole("Admin") || User.FindAll("Nursery").ToList().Count > 1) { return(View(null)); } else if (User.FindFirst("Nursery") != null) { int id = int.Parse(User.FindFirst("Nursery").Value); var nursery = _repository.GetNurseryById(id); var nurseryBasic = Mapper.Map <NurseryBasicViewModel>(nursery); return(View(nurseryBasic)); } else { return(RedirectToAction("Error", "Public")); } }
public JsonResult Get(int id) { var matchingNurs = User.FindAll("Nursery").FirstOrDefault(claim => claim.Value == id.ToString()); if (User.IsInRole("Admin") || matchingNurs != null) { return(Json(Mapper.Map <NurseryViewModel>(_repository.GetNurseryById(id)))); } _logger.LogInformation("Attempting to get unauthorized nursery"); Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(new { Message = "Do not have permissionts to view this item" })); }