add roles management for api accessibility

damienmoulard · Clement-Roque · commit 4af346731779 · 2015-11-17T12:00:01.000+01:00
diff --git a/Zenergy/Zenergy/Controllers/ApiControllers/membersController.cs b/Zenergy/Zenergy/Controllers/ApiControllers/membersController.cs
@@ -13,6 +13,7 @@
 
 namespace Zenergy.Controllers.ApiControllers
 {
+    [Authorize]
     public class membersController : ApiController
     {
         private ZenergyContext db = new ZenergyContext();
diff --git a/Zenergy/Zenergy/Controllers/ApiControllers/usersController.cs b/Zenergy/Zenergy/Controllers/ApiControllers/usersController.cs
@@ -14,6 +14,7 @@
 
 namespace Zenergy.Controllers.ApiControllers
 {
+    [Authorize]
     public class usersController : ApiController
     {
         private ZenergyContext db = new ZenergyContext();
@@ -25,14 +26,12 @@ public usersController()
         }
 
         // GET: api/users
-        [Authorize]
         public IQueryable<user> Getuser()
         {
             return db.user;
         }
 
         // GET: api/users/5
-        //[Authorize(Roles = "Admin")]
         [ResponseType(typeof(user))]
         public async Task<IHttpActionResult> Getuser(int id)
         {
@@ -55,7 +54,6 @@ public async Task<IHttpActionResult> findByMail(string userMail)
             {
                 return NotFound();
             }
-
             return Ok(user);
         }
 
diff --git a/Zenergy/Zenergy/Providers/ApplicationOAuthProvider.cs b/Zenergy/Zenergy/Providers/ApplicationOAuthProvider.cs
@@ -51,7 +51,7 @@ public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwner
             identity.AddClaim(new Claim("mail", context.UserName));
             identity.AddClaim(new Claim("role", "user"));
             identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
-            /*
+            
             if (user.member != null)
             {
                 identity.AddClaim(new Claim(ClaimTypes.Role, "Member"));
@@ -67,7 +67,7 @@ public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwner
             if (user.admin != null)
             {
                 identity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
-            }       */
+            }
 
             AuthenticationProperties properties = CreateProperties(user.mail);
             AuthenticationTicket ticket = new AuthenticationTicket(identity, properties);

Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,7 @@`
`13`	`13`
`14`	`14`	`namespace Zenergy.Controllers.ApiControllers`
`15`	`15`	`{`
	`16`	`+ [Authorize]`
`16`	`17`	`public class membersController : ApiController`
`17`	`18`	`{`
`18`	`19`	`private ZenergyContext db = new ZenergyContext();`
Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@`
`14`	`14`
`15`	`15`	`namespace Zenergy.Controllers.ApiControllers`
`16`	`16`	`{`
	`17`	`+ [Authorize]`
`17`	`18`	`public class usersController : ApiController`
`18`	`19`	`{`
`19`	`20`	`private ZenergyContext db = new ZenergyContext();`
`@@ -25,14 +26,12 @@ public usersController()`
`25`	`26`	`}`
`26`	`27`
`27`	`28`	`// GET: api/users`
`28`		`- [Authorize]`
`29`	`29`	`public IQueryable<user> Getuser()`
`30`	`30`	`{`
`31`	`31`	`return db.user;`
`32`	`32`	`}`
`33`	`33`
`34`	`34`	`// GET: api/users/5`
`35`		`- //[Authorize(Roles = "Admin")]`
`36`	`35`	`[ResponseType(typeof(user))]`
`37`	`36`	`public async Task<IHttpActionResult> Getuser(int id)`
`38`	`37`	`{`
`@@ -55,7 +54,6 @@ public async Task<IHttpActionResult> findByMail(string userMail)`
`55`	`54`	`{`
`56`	`55`	`return NotFound();`
`57`	`56`	`}`
`58`		`-`
`59`	`57`	`return Ok(user);`
`60`	`58`	`}`
`61`	`59`