public static LoginStatusResponse IsAdmin(User loginInfo, ManagementSystemDbContext context) { var user = context.Users.FirstOrDefault(user => user.UserName == loginInfo.UserName && user.Password == loginInfo.Password ); LoginStatusResponse loginStatus = new LoginStatusResponse(); //vertify is user admin if (user == null) { loginStatus.Status = 1; loginStatus.Msg = "Incorrect username or password"; return(loginStatus); } var AdminRole = context.Roles.FirstOrDefault(r => r.RoleName == "Admin"); var isAdmin = context.RoleUsers.FirstOrDefault(ru => ru.UserId == user.Id && ru.RoleId == AdminRole.Id); if (isAdmin != null) { loginStatus.User = user; loginStatus.Status = 0; } else { //Need to check which website send the post. loginStatus.Status = 1; loginStatus.Msg = "You don't have permission to access to the Management System"; } return(loginStatus); }
public ActionResult <IEnumerable <Category> > GetCategories(User user) { LoginStatusResponse loginStatus = VertifyUser.IsAdmin(user, _context); if (loginStatus.Status == 0) { return(_context.Categories); } return(null); }
public ActionResult <IEnumerable <Product> > GetProducts(User user) { LoginStatusResponse loginStatus = VertifyUser.IsAdmin(user, _context); if (loginStatus.Status == 0) { return(_context.Products); } return(null); }
public ActionResult <ICollection <Category> > GetProductsByName(RequestModel <string> requestInfo) { LoginStatusResponse loginStatus = VertifyUser.IsAdmin(requestInfo.User, _context); var categories = _context.Categories.Where(pr => pr.Name.ToLower().Contains(requestInfo.Content.ToLower())).ToList(); if (loginStatus.Status == 0 && categories.Count > 0) { return(categories); } return(null); }
public ActionResult <LoginStatusResponse> CheckLoginInfo(User loginInfo) { LoginStatusResponse loginStatus = VertifyUser.IsAdmin(loginInfo, _context); return(loginStatus); }