Brusher Profile and Blog delete permisssion
This commit is contained in:
Paul Schneider
3494
src/Yavsc.Server/Migrations/20250620185047_BrusherProfileSchedulerId.Designer.cs
generated
Normal file
3494
src/Yavsc.Server/Migrations/20250620185047_BrusherProfileSchedulerId.Designer.cs
generated
Normal file
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,59 @@
|
|||||||
|
using Microsoft.EntityFrameworkCore.Migrations;
|
||||||
|
|
||||||
|
#nullable disable
|
||||||
|
|
||||||
|
namespace Yavsc.Migrations
|
||||||
|
{
|
||||||
|
/// <inheritdoc />
|
||||||
|
public partial class BrusherProfileSchedulerId : Migration
|
||||||
|
{
|
||||||
|
/// <inheritdoc />
|
||||||
|
protected override void Up(MigrationBuilder migrationBuilder)
|
||||||
|
{
|
||||||
|
migrationBuilder.DropForeignKey(
|
||||||
|
name: "FK_BrusherProfile_Schedule_ScheduleOwnerId",
|
||||||
|
table: "BrusherProfile");
|
||||||
|
|
||||||
|
migrationBuilder.AlterColumn<string>(
|
||||||
|
name: "ScheduleOwnerId",
|
||||||
|
table: "BrusherProfile",
|
||||||
|
type: "text",
|
||||||
|
nullable: true,
|
||||||
|
oldClrType: typeof(string),
|
||||||
|
oldType: "text");
|
||||||
|
|
||||||
|
migrationBuilder.AddForeignKey(
|
||||||
|
name: "FK_BrusherProfile_Schedule_ScheduleOwnerId",
|
||||||
|
table: "BrusherProfile",
|
||||||
|
column: "ScheduleOwnerId",
|
||||||
|
principalTable: "Schedule",
|
||||||
|
principalColumn: "OwnerId");
|
||||||
|
}
|
||||||
|
|
||||||
|
/// <inheritdoc />
|
||||||
|
protected override void Down(MigrationBuilder migrationBuilder)
|
||||||
|
{
|
||||||
|
migrationBuilder.DropForeignKey(
|
||||||
|
name: "FK_BrusherProfile_Schedule_ScheduleOwnerId",
|
||||||
|
table: "BrusherProfile");
|
||||||
|
|
||||||
|
migrationBuilder.AlterColumn<string>(
|
||||||
|
name: "ScheduleOwnerId",
|
||||||
|
table: "BrusherProfile",
|
||||||
|
type: "text",
|
||||||
|
nullable: false,
|
||||||
|
defaultValue: "",
|
||||||
|
oldClrType: typeof(string),
|
||||||
|
oldType: "text",
|
||||||
|
oldNullable: true);
|
||||||
|
|
||||||
|
migrationBuilder.AddForeignKey(
|
||||||
|
name: "FK_BrusherProfile_Schedule_ScheduleOwnerId",
|
||||||
|
table: "BrusherProfile",
|
||||||
|
column: "ScheduleOwnerId",
|
||||||
|
principalTable: "Schedule",
|
||||||
|
principalColumn: "OwnerId",
|
||||||
|
onDelete: ReferentialAction.Cascade);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -1123,7 +1123,6 @@ namespace Yavsc.Migrations
|
|||||||
.HasColumnType("numeric");
|
.HasColumnType("numeric");
|
||||||
|
|
||||||
b.Property<string>("ScheduleOwnerId")
|
b.Property<string>("ScheduleOwnerId")
|
||||||
.IsRequired()
|
|
||||||
.HasColumnType("text");
|
.HasColumnType("text");
|
||||||
|
|
||||||
b.Property<decimal>("ShampooPrice")
|
b.Property<decimal>("ShampooPrice")
|
||||||
@ -2835,9 +2834,7 @@ namespace Yavsc.Migrations
|
|||||||
{
|
{
|
||||||
b.HasOne("Yavsc.Models.Calendar.Schedule", "Schedule")
|
b.HasOne("Yavsc.Models.Calendar.Schedule", "Schedule")
|
||||||
.WithMany()
|
.WithMany()
|
||||||
.HasForeignKey("ScheduleOwnerId")
|
.HasForeignKey("ScheduleOwnerId");
|
||||||
.OnDelete(DeleteBehavior.Cascade)
|
|
||||||
.IsRequired();
|
|
||||||
|
|
||||||
b.HasOne("Yavsc.Models.Workflow.PerformerProfile", "BaseProfile")
|
b.HasOne("Yavsc.Models.Workflow.PerformerProfile", "BaseProfile")
|
||||||
.WithMany()
|
.WithMany()
|
||||||
|
|||||||
@ -60,7 +60,7 @@ namespace Yavsc.Models.Haircut
|
|||||||
|
|
||||||
[DisplayFormat(ConvertEmptyStringToNull = true, NullDisplayText = "[Pas d'emploi du temps spécifié]")]
|
[DisplayFormat(ConvertEmptyStringToNull = true, NullDisplayText = "[Pas d'emploi du temps spécifié]")]
|
||||||
[Display(Name="Emploi du temps")]
|
[Display(Name="Emploi du temps")]
|
||||||
public virtual Schedule Schedule { get; set; }
|
public virtual Schedule? Schedule { get; set; }
|
||||||
|
|
||||||
[Display(Name="Coupe femme cheveux longs"),DisplayFormat(DataFormatString="{0:C}")]
|
[Display(Name="Coupe femme cheveux longs"),DisplayFormat(DataFormatString="{0:C}")]
|
||||||
|
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Authorization;
|
||||||
using Microsoft.EntityFrameworkCore;
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
using RazorEngine.Compilation.ImpromptuInterface.Optimization;
|
||||||
using Yavsc.Helpers;
|
using Yavsc.Helpers;
|
||||||
using Yavsc.Models;
|
using Yavsc.Models;
|
||||||
using Yavsc.Models.Blog;
|
using Yavsc.Models.Blog;
|
||||||
@ -55,12 +56,26 @@ public class PermissionHandler : IAuthorizationHandler
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static bool IsOwner(ClaimsPrincipal user, object? resource)
|
private bool IsOwner(ClaimsPrincipal user, object? resource)
|
||||||
{
|
{
|
||||||
if (resource is BlogPost blogPost)
|
if (resource is BlogPost blogPost)
|
||||||
{
|
{
|
||||||
return blogPost.AuthorId == user.GetUserId();
|
return blogPost.AuthorId == user.GetUserId();
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
if (resource is DefaultHttpContext httpContext)
|
||||||
|
{
|
||||||
|
if (httpContext.Request.Path.StartsWithSegments("/Blogspot/Delete", StringComparison.OrdinalIgnoreCase))
|
||||||
|
{
|
||||||
|
string postId = (string)httpContext.GetRouteValue("id");
|
||||||
|
if (long.TryParse(postId, out long id))
|
||||||
|
{
|
||||||
|
BlogPost b = applicationDbContext.BlogSpot.FirstOrDefault(b => b.Id == id && b.AuthorId == user.GetUserId());
|
||||||
|
return b != null;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user