cphipps/lubelog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

filtered out vehicles not owned by the user when accessing via API.

Browse Source
This commit is contained in:
DESKTOP-GENO133\IvanPlex
2024-01-13 21:35:23 -07:00
parent d80f0dcb8f
commit 4f706d3e93
1 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Controllers/APIController.cs
View File

@@ -1,9 +1,11 @@
using CarCareTracker.External.Interfaces;
using CarCareTracker.Filter;
using CarCareTracker.Helper;
using CarCareTracker.Logic;
using CarCareTracker.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;
namespace CarCareTracker.Controllers
{
@@ -20,6 +22,7 @@ namespace CarCareTracker.Controllers
private readonly IUpgradeRecordDataAccess _upgradeRecordDataAccess;
private readonly IReminderHelper _reminderHelper;
private readonly IGasHelper _gasHelper;
private readonly IUserLogic _userLogic;
public APIController(IVehicleDataAccess dataAccess,
IGasHelper gasHelper,
IReminderHelper reminderHelper,
@@ -29,7 +32,8 @@ namespace CarCareTracker.Controllers
ICollisionRecordDataAccess collisionRecordDataAccess,
ITaxRecordDataAccess taxRecordDataAccess,
IReminderRecordDataAccess reminderRecordDataAccess,
IUpgradeRecordDataAccess upgradeRecordDataAccess)
IUpgradeRecordDataAccess upgradeRecordDataAccess,
IUserLogic userLogic)
{
_dataAccess = dataAccess;
_noteDataAccess = noteDataAccess;
@@ -41,17 +45,25 @@ namespace CarCareTracker.Controllers
_upgradeRecordDataAccess = upgradeRecordDataAccess;
_gasHelper = gasHelper;
_reminderHelper = reminderHelper;
_userLogic = userLogic;
}
public IActionResult Index()
{
return View();
}
private int GetUserID()
{
return int.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier));
}
[HttpGet]
[Route("/api/vehicles")]
public IActionResult Vehicles()
{
var result = _dataAccess.GetVehicles();
if (!User.IsInRole(nameof(UserData.IsRootUser)))
{
result = _userLogic.FilterUserVehicles(result, GetUserID());
}
return Json(result);
}
[TypeFilter(typeof(CollaboratorFilter))]