Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.0.7 #511

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

1.0.7 #511

Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions api/Crt.Api/Controllers/CodeTableController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ public async Task<ActionResult<PagedDto<CodeLookupListDto>>> GetCodeLookupsAsync
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<CodeLookupCreateDto>> CreateCodeLookup(CodeLookupCreateDto codeLookup)
{
var response = await _codeTableService.CreateCodeLookupAsync(codeLookup);
Expand All @@ -64,7 +64,7 @@ public async Task<ActionResult<CodeLookupDto>> GetCodeLookupByIdAsync(decimal id
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateCodeLookup(decimal id, CodeLookupUpdateDto codeLookup)
{
if (id != codeLookup.CodeLookupId)
Expand All @@ -88,7 +88,7 @@ public async Task<ActionResult> UpdateCodeLookup(decimal id, CodeLookupUpdateDto
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.CodeWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteActivityCode(decimal id)
{
var response = await _codeTableService.DeleteCodeLookupAsync(id);
Expand Down
6 changes: 3 additions & 3 deletions api/Crt.Api/Controllers/ElementController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ public async Task<ActionResult<IEnumerable<ElementDto>>> GetElementByIdAsync(dec
}

[HttpPost]
[RequiresPermission(Permissions.CodeWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<ElementCreateDto>> CreateElement(ElementCreateDto element)
{
var response = await _elementService.CreateElementAsync(element);
Expand All @@ -68,7 +68,7 @@ public async Task<ActionResult<ElementCreateDto>> CreateElement(ElementCreateDto
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.CodeWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateElement(decimal id, ElementUpdateDto element)
{
if (id != element.ElementId)
Expand All @@ -92,7 +92,7 @@ public async Task<ActionResult> UpdateElement(decimal id, ElementUpdateDto eleme
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.CodeWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteActivityCode(decimal id)
{
var response = await _elementService.DeleteElementAsync(id);
Expand Down
8 changes: 4 additions & 4 deletions api/Crt.Api/Controllers/FinTargetsController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ public async Task<ActionResult<FinTargetDto>> GetFinTargetByIdAsync(decimal proj
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<FinTargetDto>> CreateFinTarget(decimal projectId, FinTargetCreateDto finTarget)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -59,7 +59,7 @@ public async Task<ActionResult<FinTargetDto>> CreateFinTarget(decimal projectId,
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateFinTarget(decimal projectId, decimal id, FinTargetUpdateDto finTarget)
{
var result = await IsProjectAuthorized(projectId);
Expand Down Expand Up @@ -88,7 +88,7 @@ public async Task<ActionResult> UpdateFinTarget(decimal projectId, decimal id, F
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteFinTarget(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand Down Expand Up @@ -128,7 +128,7 @@ private async Task<ActionResult> IsProjectAuthorized(decimal projectId)
}

[HttpPost("{id}/clone", Name="CloneFinTarget")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<FinTargetDto>> CloneFinTarget(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand Down
6 changes: 3 additions & 3 deletions api/Crt.Api/Controllers/NoteController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ public async Task<ActionResult<NoteDto>> GetNote(decimal id, decimal projectId)
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<NoteDto>> CreateNote(decimal projectId, NoteCreateDto note)
{
if (projectId != note.ProjectId)
Expand All @@ -72,7 +72,7 @@ public async Task<ActionResult<NoteDto>> CreateNote(decimal projectId, NoteCreat
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateNote(decimal id, NoteUpdateDto note)
{
if (id != note.NoteId)
Expand All @@ -96,7 +96,7 @@ public async Task<ActionResult> UpdateNote(decimal id, NoteUpdateDto note)
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteActivityCode(decimal id)
{
var response = await _noteService.DeleteNoteAsync(id);
Expand Down
6 changes: 3 additions & 3 deletions api/Crt.Api/Controllers/ProjectController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ public async Task<ActionResult<ProjectDto>> GetProjectByIdAsync(decimal id)
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<ProjectCreateDto>> CreateProject(ProjectCreateDto project)
{
var problem = IsRegionIdAuthorized(project.RegionId);
Expand All @@ -79,7 +79,7 @@ public async Task<ActionResult<ProjectCreateDto>> CreateProject(ProjectCreateDto
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateProject(decimal id, ProjectUpdateDto project)
{
var problem = IsRegionIdAuthorized(project.RegionId);
Expand Down Expand Up @@ -109,7 +109,7 @@ public async Task<ActionResult> UpdateProject(decimal id, ProjectUpdateDto proje
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteProject(decimal id, ProjectDeleteDto project)
{
if (id != project.ProjectId)
Expand Down
8 changes: 4 additions & 4 deletions api/Crt.Api/Controllers/QtyAccmpController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ public async Task<ActionResult<QtyAccmpDto>> GetQtyAccmpByIdAsync(decimal projec
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<QtyAccmpCreateDto>> CreateQtyAccmp(decimal projectId, QtyAccmpCreateDto qtyAccmp)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -59,7 +59,7 @@ public async Task<ActionResult<QtyAccmpCreateDto>> CreateQtyAccmp(decimal projec
}

[HttpPost("{id}/clone", Name="CloneQtyAccmp")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<QtyAccmpDto>> CloneQtyAccmp(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -76,7 +76,7 @@ public async Task<ActionResult<QtyAccmpDto>> CloneQtyAccmp(decimal projectId, de
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateQtyAccmp(decimal projectId, decimal id, QtyAccmpUpdateDto qtyAccmp)
{
var result = await IsProjectAuthorized(projectId);
Expand Down Expand Up @@ -105,7 +105,7 @@ public async Task<ActionResult> UpdateQtyAccmp(decimal projectId, decimal id, Qt
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteQtyAccmp(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand Down
8 changes: 4 additions & 4 deletions api/Crt.Api/Controllers/RatioController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ public RatioController(CrtCurrentUser currentUser, IProjectService projectServic
/// <param name="ratio"></param>
/// <returns></returns>
[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<RatioDto>> CreateRatio(decimal projectId, RatioCreateDto ratio)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -50,7 +50,7 @@ public async Task<ActionResult<RatioDto>> CreateRatio(decimal projectId, RatioCr
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateRatio(decimal projectId, decimal id, RatioUpdateDto ratio)
{
var result = await IsProjectAuthorized(projectId);
Expand Down Expand Up @@ -95,7 +95,7 @@ public async Task<ActionResult<RatioDto>> GetRatioByIdAsync(decimal projectId, d
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteRatio(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -118,7 +118,7 @@ public async Task<ActionResult> DeleteRatio(decimal projectId, decimal id)

[HttpPut]
[Route("~/api/projects/{projectId}/ratios")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DetermineProjectRatios(decimal projectId)
{
var result = await IsProjectAuthorized(projectId);
Expand Down
6 changes: 3 additions & 3 deletions api/Crt.Api/Controllers/RolesController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ public async Task<ActionResult<RoleDto>> GetRoleAsync(decimal id)
}

[HttpPost]
[RequiresPermission(Permissions.RoleWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<RoleDto>> CreateRole(RoleCreateDto role)
{
var response = await _roleSvc.CreateRoleAsync(role);
Expand All @@ -59,7 +59,7 @@ public async Task<ActionResult<RoleDto>> CreateRole(RoleCreateDto role)
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.RoleWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateRole(decimal id, RoleUpdateDto role)
{
if (id != role.RoleId)
Expand All @@ -83,7 +83,7 @@ public async Task<ActionResult> UpdateRole(decimal id, RoleUpdateDto role)
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.RoleWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteRole(decimal id, RoleDeleteDto role)
{
if (id != role.RoleId)
Expand Down
6 changes: 3 additions & 3 deletions api/Crt.Api/Controllers/SegmentController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ public SegmentController(CrtCurrentUser currentUser, IProjectService projectServ
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<SegmentCreateDto>> CreateSegment(decimal projectId, SegmentCreateDto segment)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -46,7 +46,7 @@ public async Task<ActionResult<SegmentCreateDto>> CreateSegment(decimal projectI
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<SegmentCreateDto>> UpdateSegment(decimal projectId, decimal id, SegmentUpdateDto segment)
{
var result = await IsProjectAuthorized(projectId);
Expand Down Expand Up @@ -99,7 +99,7 @@ public async Task<ActionResult<List<SegmentListDto>>> GetSegmentsAsync(decimal p
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteSegment(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand Down
8 changes: 4 additions & 4 deletions api/Crt.Api/Controllers/TenderController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ public async Task<ActionResult<TenderDto>> GetTenderByIdAsync(decimal projectId,
}

[HttpPost]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<TenderCreateDto>> CreateTender(decimal projectId, TenderCreateDto tender)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -59,7 +59,7 @@ public async Task<ActionResult<TenderCreateDto>> CreateTender(decimal projectId,
}

[HttpPost("{id}/clone", Name ="CloneTender")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<TenderDto>> CloneTender(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand All @@ -75,7 +75,7 @@ public async Task<ActionResult<TenderDto>> CloneTender(decimal projectId, decima
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateTender(decimal projectId, decimal id, TenderUpdateDto tender)
{
var result = await IsProjectAuthorized(projectId);
Expand Down Expand Up @@ -104,7 +104,7 @@ public async Task<ActionResult> UpdateTender(decimal projectId, decimal id, Tend
}

[HttpDelete("{id}")]
[RequiresPermission(Permissions.ProjectWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteTender(decimal projectId, decimal id)
{
var result = await IsProjectAuthorized(projectId);
Expand Down
14 changes: 7 additions & 7 deletions api/Crt.Api/Controllers/UsersController.cs
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ public async Task<ActionResult<UserDto>> GetUsersAsync(decimal id)
}

[HttpGet("adaccount/{username}", Name = "GeAdAccount")]
[RequiresPermission(Permissions.UserWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<AdAccountDto>> GetAdAccountAsync(string username)
{
var adAccount = await _userService.GetAdAccountAsync(username);
Expand All @@ -101,7 +101,7 @@ public async Task<ActionResult<AdAccountDto>> GetAdAccountAsync(string username)
}

[HttpPost]
[RequiresPermission(Permissions.UserWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<UserDto>> CreateUser(UserCreateDto user)
{
var response = await _userService.CreateUserAsync(user);
Expand All @@ -115,7 +115,7 @@ public async Task<ActionResult<UserDto>> CreateUser(UserCreateDto user)
}

[HttpPut("{id}")]
[RequiresPermission(Permissions.UserWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> UpdateUser(decimal id, UserUpdateDto user)
{
if (id != user.SystemUserId)
Expand All @@ -140,7 +140,7 @@ public async Task<ActionResult> UpdateUser(decimal id, UserUpdateDto user)


[HttpDelete("{id}")]
[RequiresPermission(Permissions.UserWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> DeleteUser(decimal id, UserDeleteDto user)
{
if (id != user.SystemUserId)
Expand All @@ -165,7 +165,7 @@ public async Task<ActionResult> DeleteUser(decimal id, UserDeleteDto user)

#region API Client
[HttpGet("api-client", Name = "GetUserKeycloakClient")]
[RequiresPermission(Permissions.ApiClientWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<KeycloakClientDto>> GetUserKeycloakClient()
{
var client = await _keyCloakService.GetUserClientAsync();
Expand All @@ -181,7 +181,7 @@ public async Task<ActionResult<KeycloakClientDto>> GetUserKeycloakClient()
}

[HttpPost("api-client")]
[RequiresPermission(Permissions.ApiClientWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult<KeycloakClientDto>> CreateUserKeycloakClient()
{
var response = await _keyCloakService.CreateUserClientAsync();
Expand All @@ -195,7 +195,7 @@ public async Task<ActionResult<KeycloakClientDto>> CreateUserKeycloakClient()
}

[HttpPost("api-client/secret")]
[RequiresPermission(Permissions.ApiClientWrite)]
[RequiresPermission(Permissions.AllWrite)]
public async Task<ActionResult> RegenerateUserKeycloakClientSecret()
{
var response = await _keyCloakService.RegenerateUserClientSecretAsync();
Expand Down
3 changes: 3 additions & 0 deletions api/Crt.Model/Constants.cs
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,9 @@ public static class Permissions
public const string ProjectRead = "PROJECT_R";
public const string ProjectWrite = "PROJECT_W";
public const string ApiClientWrite = "API_W";
// Use this permission to disable all write access for all users
public const string AllWrite = "ALL_W";

}

public static class Entities
Expand Down
Loading
Loading