AppStd/EnvelopeGenerator
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

refactor(Controllers): FullyAuth-Rollenbedingung für jedes bestehende Auth-Attribut hinzugefügt, um die Autorisierung in Stufen aufzuteilen.

Browse Source
This commit is contained in:
Developer 02 2025-02-07 10:53:17 +01:00
parent 82d8521a25
commit 33fcb5b70e
4 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
EnvelopeGenerator.Web/Controllers/DocumentController.cs
View File

@ -3,12 +3,12 @@ using EnvelopeGenerator.Common;
using EnvelopeGenerator.Web.Services;
using EnvelopeGenerator.Application.Contracts;
using Microsoft.AspNetCore.Authorization;
using EnvelopeGenerator.Application;
using EnvelopeGenerator.Extensions;
using static EnvelopeGenerator.Common.Constants;
namespace EnvelopeGenerator.Web.Controllers
{
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[Route("api/[controller]")]
public class DocumentController : BaseController
{
@ -48,7 +48,7 @@ namespace EnvelopeGenerator.Web.Controllers
}
}
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[HttpPost("{envelopeKey}")]
public async Task<IActionResult> Open(string envelopeKey)
{

6
EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
View File

@ -10,7 +10,7 @@ using EnvelopeGenerator.Extensions;
namespace EnvelopeGenerator.Web.Controllers
{
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[ApiController]
[Route("api/[controller]")]
public class EnvelopeController : BaseController
@ -64,7 +64,7 @@ namespace EnvelopeGenerator.Web.Controllers
}
}
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[HttpPost("{envelopeKey}")]
public async Task<IActionResult> Update(string envelopeKey, int index)
{
@ -110,7 +110,7 @@ namespace EnvelopeGenerator.Web.Controllers
}
}
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[HttpPost("reject")]
public async Task<IActionResult> Reject([FromBody] string? reason = null)
{

10
EnvelopeGenerator.Web/Controllers/HomeController.cs
View File

@ -19,7 +19,6 @@ using Ganss.Xss;
using Newtonsoft.Json;
using EnvelopeGenerator.Application.DTOs;
using DigitalData.Core.Client;
using EnvelopeGenerator.Application.Extensions;
namespace EnvelopeGenerator.Web.Controllers;
@ -321,7 +320,8 @@ public class HomeController : ViewControllerBase
new(ClaimTypes.Name, er.Name ?? string.Empty),
new(ClaimTypes.Email, er.Receiver.EmailAddress),
new(EnvelopeClaimTypes.Title, er.Envelope.Title),
new(EnvelopeClaimTypes.Id, er.Envelope.Id.ToString())
new(EnvelopeClaimTypes.Id, er.Envelope.Id.ToString()),
new(ClaimTypes.Role, ReceiverRole.FullyAuth)
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
@ -348,7 +348,7 @@ public class HomeController : ViewControllerBase
}
}
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[HttpGet("EnvelopeKey/{envelopeReceiverId}/Success")]
public async Task<IActionResult> EnvelopeSigned(string envelopeReceiverId)
{
@ -383,7 +383,7 @@ public class HomeController : ViewControllerBase
}
}
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[HttpGet("EnvelopeKey/{envelopeReceiverId}/Rejected")]
public async Task<IActionResult> EnvelopeRejected(string envelopeReceiverId)
{
@ -489,7 +489,7 @@ public class HomeController : ViewControllerBase
}
}
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
[HttpGet("IsAuthenticated")]
public IActionResult IsAuthenticated()
{

3
EnvelopeGenerator.Web/Controllers/ReadOnlyController.cs
View File

@ -4,6 +4,7 @@ using EnvelopeGenerator.Application.DTOs.EnvelopeReceiverReadOnly;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using static EnvelopeGenerator.Common.Constants;
namespace EnvelopeGenerator.Web.Controllers
{
@ -28,7 +29,7 @@ namespace EnvelopeGenerator.Web.Controllers
}
[HttpPost]
[Authorize]
[Authorize(Roles = ReceiverRole.FullyAuth)]
public async Task<IActionResult> CreateAsync([FromBody] EnvelopeReceiverReadOnlyCreateDto createDto)
{
try