public static LoginStatusResponse IsAdmin(User loginInfo, ManagementSystemDbContext context)
{
var user = context.Users.FirstOrDefault(user =>
user.UserName == loginInfo.UserName &&
user.Password == loginInfo.Password
);
LoginStatusResponse loginStatus = new LoginStatusResponse();
//vertify is user admin
if (user == null)
{
loginStatus.Status = 1;
loginStatus.Msg = "Incorrect username or password";
return(loginStatus);
}
var AdminRole = context.Roles.FirstOrDefault(r => r.RoleName == "Admin");
var isAdmin = context.RoleUsers.FirstOrDefault(ru => ru.UserId == user.Id && ru.RoleId == AdminRole.Id);
if (isAdmin != null)
{
loginStatus.User = user;
loginStatus.Status = 0;
}
else
{
//Need to check which website send the post.
loginStatus.Status = 1;
loginStatus.Msg = "You don't have permission to access to the Management System";
}
return(loginStatus);
}
public ActionResult <IEnumerable <Category> > GetCategories(User user)
{
LoginStatusResponse loginStatus = VertifyUser.IsAdmin(user, _context);
if (loginStatus.Status == 0)
{
return(_context.Categories);
}
return(null);
}
public ActionResult <IEnumerable <Product> > GetProducts(User user)
{
LoginStatusResponse loginStatus = VertifyUser.IsAdmin(user, _context);
if (loginStatus.Status == 0)
{
return(_context.Products);
}
return(null);
}
public ActionResult <ICollection <Category> > GetProductsByName(RequestModel <string> requestInfo)
{
LoginStatusResponse loginStatus = VertifyUser.IsAdmin(requestInfo.User, _context);
var categories = _context.Categories.Where(pr => pr.Name.ToLower().Contains(requestInfo.Content.ToLower())).ToList();
if (loginStatus.Status == 0 && categories.Count > 0)
{
return(categories);
}
return(null);
}
public ActionResult <LoginStatusResponse> CheckLoginInfo(User loginInfo)
{
LoginStatusResponse loginStatus = VertifyUser.IsAdmin(loginInfo, _context);
return(loginStatus);
}
