public async Task <IActionResult> GetGroups([FromQuery] SieveModel sieveModel)
{
var user = await GetCurrentUser();
var groups = _context.Groups.AsNoTracking();
if (!await _roleHelper.IsAdmin(user))
{
return(Forbid());
}
groups = _sieveProcessor.Apply(sieveModel, groups);
return(Ok(groups));
}
public async Task <IActionResult> GetTasks([FromQuery] SieveModel sieveModel)
{
var user = await GetCurrentUser();
// TODO: disallow teacher access (update to UI is required)
if (!await _roleHelper.IsAdmin(user))
{
return(Forbid());
}
var tasks = _context.Tasks.AsNoTracking();
tasks = _sieveProcessor.Apply(sieveModel, tasks);
return(Ok(tasks));
}
protected Task <bool> IsAdmin(ApplicationUser user) => _roleHelper.IsAdmin(user);