feat(AuthController): aktualisiert, um zu prüfen, ob der eingeloggte Benutzer in der erlaubten Gruppe in appsettings ist.

2024-10-31 14:44:39 +01:00
parent 1be71a42e5
commit 671500b3a5
10 changed files with 21 additions and 59 deletions
--- a/DigitalData.UserManager.API/Controllers/AuthController.cs
+++ b/DigitalData.UserManager.API/Controllers/AuthController.cs
@@ -21,15 +21,16 @@ namespace DigitalData.UserManager.API.Controllers
        private readonly IDirectorySearchService _dirSearchService;
        private readonly IStringLocalizer<Resource> _localizer;
        private readonly ILogger<AuthController> _logger;
-
-        public AuthController(IUserService userService, IGroupOfUserService gouService, IDirectorySearchService directorySearchService, IStringLocalizer<Resource> localizer, ILogger<AuthController> logger)
+        private readonly IConfiguration _config;
+        public AuthController(IUserService userService, IGroupOfUserService gouService, IDirectorySearchService directorySearchService, IStringLocalizer<Resource> localizer, ILogger<AuthController> logger, IConfiguration configuration)
        {
            _userService = userService;
            _gouService = gouService;
            _dirSearchService = directorySearchService;
            _localizer = localizer;
            _logger = logger;
-        }
+            _config = configuration;
+        }    

        [AllowAnonymous]
        [HttpGet("check")]
@@ -57,10 +58,13 @@ namespace DigitalData.UserManager.API.Controllers
                if (!isValid)
                    return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFound]));

-                var gouMsg = await _gouService.HasGroup(login.Username, "PM_USER", caseSensitive: false);
+                var allowedGroupName = _config.GetSection("AllowedGroupName").Get<string>()
+                    ?? throw new InvalidOperationException("Allowed group names configuration is missing.");
+
+                var gouMsg = await _gouService.HasGroup(login.Username, allowedGroupName, caseSensitive: false);
                if (!gouMsg.IsSuccess)
                    return Unauthorized(Result.Fail().Message(_localizer[Key.UnauthorizedUser]));
-
+                
                //find the user
                var uRes = await _userService.ReadByUsernameAsync(login.Username);
                if (!uRes.IsSuccess || uRes.Data is null)
--- a/DigitalData.UserManager.API/Controllers/ConstantsController.cs
+++ b/DigitalData.UserManager.API/Controllers/ConstantsController.cs
@@ -1,27 +0,0 @@
-using DigitalData.UserManager.API.Models;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
-
-namespace DigitalData.UserManager.API.Controllers
-{
-    [Route("api/[controller]")]
-    [ApiController]
-    public class ConstantsController : ControllerBase
-    {
-        private readonly Constants _constants;
-        public ConstantsController(IOptions<Constants> constantsOptions)
-        {
-            _constants = constantsOptions.Value;
-        }
-
-        [HttpGet]
-        public IActionResult GetConstant(string? name = null)
-        {
-            if(name is null)
-                return Ok(_constants);
-
-
-            return Ok(_constants[name]);
-        }
-    }
-}