public IActionResult Index()
{
if (User.IsInRole("Admin") || User.FindAll("Nursery").ToList().Count > 1)
{
return(View(null));
}
else if (User.FindFirst("Nursery") != null)
{
int id = int.Parse(User.FindFirst("Nursery").Value);
var nursery = _repository.GetNurseryById(id);
var nurseryBasic = Mapper.Map <NurseryBasicViewModel>(nursery);
return(View(nurseryBasic));
}
else
{
return(RedirectToAction("Error", "Public"));
}
}
public JsonResult Get(int id)
{
var matchingNurs = User.FindAll("Nursery").FirstOrDefault(claim => claim.Value == id.ToString());
if (User.IsInRole("Admin") || matchingNurs != null)
{
return(Json(Mapper.Map <NurseryViewModel>(_repository.GetNurseryById(id))));
}
_logger.LogInformation("Attempting to get unauthorized nursery");
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(Json(new { Message = "Do not have permissionts to view this item" }));
}