refactor(Controllers): FullyAuth-Rollenbedingung für jedes bestehende Auth-Attribut hinzugefügt, um die Autorisierung in Stufen aufzuteilen.

2025-02-07 10:53:17 +01:00 · 2025-02-07 10:53:17 +01:00 · 33fcb5b70e
commit 33fcb5b70e
parent 82d8521a25
4 changed files with 13 additions and 12 deletions
--- a/EnvelopeGenerator.Web/Controllers/DocumentController.cs
+++ b/EnvelopeGenerator.Web/Controllers/DocumentController.cs
@ -3,12 +3,12 @@ using EnvelopeGenerator.Common;
 using EnvelopeGenerator.Web.Services;
 using EnvelopeGenerator.Application.Contracts;
 using Microsoft.AspNetCore.Authorization;
 using EnvelopeGenerator.Application;
 using EnvelopeGenerator.Extensions;
 using static EnvelopeGenerator.Common.Constants;
 namespace EnvelopeGenerator.Web.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [Route("api/[controller]")]
    public class DocumentController : BaseController
    {
@ -48,7 +48,7 @@ namespace EnvelopeGenerator.Web.Controllers
            }
        }
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
        [HttpPost("{envelopeKey}")]
        public async Task<IActionResult> Open(string envelopeKey)
        {
--- a/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
@ -10,7 +10,7 @@ using EnvelopeGenerator.Extensions;
 namespace EnvelopeGenerator.Web.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [ApiController]
    [Route("api/[controller]")]
    public class EnvelopeController : BaseController
@ -64,7 +64,7 @@ namespace EnvelopeGenerator.Web.Controllers
            }
        }
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
        [HttpPost("{envelopeKey}")]
        public async Task<IActionResult> Update(string envelopeKey, int index)
        {
@ -110,7 +110,7 @@ namespace EnvelopeGenerator.Web.Controllers
            }
        }
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
        [HttpPost("reject")]
        public async Task<IActionResult> Reject([FromBody] string? reason = null)
        {
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@ -19,7 +19,6 @@ using Ganss.Xss;
 using Newtonsoft.Json;
 using EnvelopeGenerator.Application.DTOs;
 using DigitalData.Core.Client;
 using EnvelopeGenerator.Application.Extensions;
 namespace EnvelopeGenerator.Web.Controllers;
@ -321,7 +320,8 @@ public class HomeController : ViewControllerBase
                            new(ClaimTypes.Name, er.Name ?? string.Empty),
                            new(ClaimTypes.Email, er.Receiver.EmailAddress),
                            new(EnvelopeClaimTypes.Title, er.Envelope.Title),
-                            new(EnvelopeClaimTypes.Id, er.Envelope.Id.ToString())
+                            new(EnvelopeClaimTypes.Id, er.Envelope.Id.ToString()),
                            new(ClaimTypes.Role, ReceiverRole.FullyAuth)
            };
            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
@ -348,7 +348,7 @@ public class HomeController : ViewControllerBase
        }
    }
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [HttpGet("EnvelopeKey/{envelopeReceiverId}/Success")]
    public async Task<IActionResult> EnvelopeSigned(string envelopeReceiverId)
    {
@ -383,7 +383,7 @@ public class HomeController : ViewControllerBase
        }
    }
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [HttpGet("EnvelopeKey/{envelopeReceiverId}/Rejected")]
    public async Task<IActionResult> EnvelopeRejected(string envelopeReceiverId)
    {
@ -489,7 +489,7 @@ public class HomeController : ViewControllerBase
        }
    }
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [HttpGet("IsAuthenticated")]
    public IActionResult IsAuthenticated()
    {
--- a/EnvelopeGenerator.Web/Controllers/ReadOnlyController.cs
+++ b/EnvelopeGenerator.Web/Controllers/ReadOnlyController.cs
@ -4,6 +4,7 @@ using EnvelopeGenerator.Application.DTOs.EnvelopeReceiverReadOnly;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Newtonsoft.Json;
 using static EnvelopeGenerator.Common.Constants;
 namespace EnvelopeGenerator.Web.Controllers
 {
@ -28,7 +29,7 @@ namespace EnvelopeGenerator.Web.Controllers
        }
        [HttpPost]
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
        public async Task<IActionResult> CreateAsync([FromBody] EnvelopeReceiverReadOnlyCreateDto createDto)
        {
            try