added authorization

GdscBackend.sln.DotSettings

@@ -0,0 +1,2 @@
+<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Gdsc/@EntryIndexedValue">True</s:Boolean></wpf:ResourceDictionary>

GdscBackend/Features/Articles/ArticleController.cs

@@ -7,7 +7,7 @@ namespace GdscBackend.Features.Articles;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize]
+[Authorize("CoreTeam")]
 [Route("v1/Articles")]
 public class ArticleController : ControllerBase
 {

GdscBackend/Features/Contacts/ContactController.cs

@@ -10,8 +10,8 @@
 namespace GdscBackend.Features.Contacts;
 
 [ApiController]
-[Authorize(Roles = "admin")]
-[ApiVersion("1")]
+[Authorize(AuthorizeConstants.CoreTeam)]
+[ApiVersion("v1")]
 [Route("v1/contact")]
 public class ContactController : ControllerBase
 {
@@ -35,15 +35,10 @@ public ContactController(IRepository<ContactModel> repository, IMapper mapper, I
     [ProducesResponseType(StatusCodes.Status400BadRequest)]
     public async Task<ActionResult<IEnumerable<ContactModel>>> Post(ContactRequest entity)
     {
-        if (entity is null)
-        {
-            return BadRequest(new ErrorViewModel { Message = "Request has no body" });
-        }
+        if (entity is null) return BadRequest(new ErrorViewModel { Message = "Request has no body" });
 
         if (!new EmailAddressAttribute().IsValid(entity.Email))
-        {
             return BadRequest(new ErrorViewModel { Message = "Invalid email provided" });
-        }
 
         var newEntity = await _repository.AddAsync(Map(entity));
 

GdscBackend/Features/Events/EventsController.cs

@@ -2,14 +2,15 @@
 using AutoMapper;
 using GdscBackend.Database;
 using GdscBackend.Features.FIles;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GdscBackend.Features.Events;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/events")]
 [Consumes(MediaTypeNames.Application.Json)]
 [Produces(MediaTypeNames.Application.Json)]
@@ -30,7 +31,7 @@ public EventsController(IRepository<EventModel> repository, IMapper mapper,
 /*<<<<<<< HEAD
 
 =======
-    
+
 >>>>>>> dev*/
     [HttpPost]
     [ProducesResponseType(StatusCodes.Status201Created)]

GdscBackend/Features/FIles/FilesController.cs

@@ -1,12 +1,13 @@
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GdscBackend.Features.FIles;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/files")]
 public class FilesController : ControllerBase
 {

GdscBackend/Features/Faqs/FaqsController.cs

@@ -1,14 +1,15 @@
 using System.Net.Mime;
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GdscBackend.Features.Faqs;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/faqs")]
 [Consumes(MediaTypeNames.Application.Json)]
 [Produces(MediaTypeNames.Application.Json)]

GdscBackend/Features/Members/MembersController.cs

@@ -1,6 +1,7 @@
 using System.Net.Mime;
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using GdscBackend.ViewModels;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -9,7 +10,7 @@ namespace GdscBackend.Features.Members;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/members")]
 [Consumes(MediaTypeNames.Application.Json)]
 [Produces(MediaTypeNames.Application.Json)]

GdscBackend/Features/MenuItems/MenuItemsController.cs

@@ -1,14 +1,15 @@
 using System.Net.Mime;
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GdscBackend.Features.MenuItems;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/menu-items")]
 [Consumes(MediaTypeNames.Application.Json)]
 [Produces(MediaTypeNames.Application.Json)]

GdscBackend/Features/Pages/PagesController.cs

@@ -1,5 +1,6 @@
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using GdscBackend.ViewModels;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -8,7 +9,7 @@ namespace GdscBackend.Features.Pages;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/pages")]
 public class PagesController : ControllerBase
 {

GdscBackend/Features/Redirects/RedirectsController.cs

@@ -1,14 +1,15 @@
 using System.Net.Mime;
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GdscBackend.Features.Redirects;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/redirects")]
 [Consumes(MediaTypeNames.Application.Json)]
 [Produces(MediaTypeNames.Application.Json)]
@@ -30,10 +31,7 @@ public async Task<ActionResult> Get()
     {
         var dict = new Dictionary<string, string>();
         var redirects = (await _repository.GetAsync()).ToList();
-        foreach (var redirectModel in redirects)
-        {
-            dict.Add(redirectModel.Path, redirectModel.RedirectTo);
-        }
+        foreach (var redirectModel in redirects) dict.Add(redirectModel.Path, redirectModel.RedirectTo);
 
         return Ok(dict);
     }
@@ -67,16 +65,10 @@ public async Task<ActionResult<RedirectResponse>> Delete([FromRoute] string path
     {
         var all = await _repository.GetAsync();
         var newEntity = all.FirstOrDefault(entity => entity.Path == path);
-        if (newEntity is null)
-        {
-            return NotFound();
-        }
+        if (newEntity is null) return NotFound();
 
         var result = await _repository.DeleteAsync(newEntity.Id);
-        if (result is null)
-        {
-            return NotFound();
-        }
+        if (result is null) return NotFound();
 
         return Ok(result);
     }
@@ -90,10 +82,7 @@ public async Task<ActionResult<RedirectResponse>> Update([FromRoute] string path
     {
         var all = await _repository.GetAsync();
         var newEntity = all.FirstOrDefault(entity => entity.Path == path);
-        if (newEntity is null)
-        {
-            return NotFound();
-        }
+        if (newEntity is null) return NotFound();
 
         newEntity.Path = request.Path;
         newEntity.RedirectTo = request.RedirectTo;

GdscBackend/Features/Settings/SettingsController.cs

@@ -1,6 +1,7 @@
 using System.Net.Mime;
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
@@ -9,7 +10,7 @@ namespace GdscBackend.Features.Settings;
 // This marks this controller as a public one that can be called from the internet
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 // This sets the URL that we can enter to call the controller's methods
 // ex: https://localhost:5000/v1/examples
 [Route("v1/settings")]

GdscBackend/Features/Teams/TeamsController.cs

@@ -1,14 +1,15 @@
 using System.Net.Mime;
 using AutoMapper;
 using GdscBackend.Database;
+using GdscBackend.Utils;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace GdscBackend.Features.Teams;
 
 [ApiController]
 [ApiVersion("1")]
-[Authorize(Roles = "admin")]
+[Authorize(AuthorizeConstants.CoreTeam)]
 [Route("v1/teams")]
 [Consumes(MediaTypeNames.Application.Json)]
 [Produces(MediaTypeNames.Application.Json)]

GdscBackend/GdscBackend.csproj

@@ -10,6 +10,7 @@
     <ItemGroup>
         <PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.0"/>
         <PackageReference Include="Keycloak.AuthServices.Authentication" Version="1.6.0"/>
+        <PackageReference Include="Keycloak.AuthServices.Authorization" Version="1.6.0"/>
         <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.0"/>
         <PackageReference Include="Microsoft.AspNetCore.Identity" Version="2.2.0"/>
         <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="7.0.0"/>

GdscBackend/Program.cs

@@ -4,6 +4,7 @@
 using GdscBackend.Utils.Mappers;
 using GdscBackend.Utils.Services;
 using Keycloak.AuthServices.Authentication;
+using Keycloak.AuthServices.Authorization;
 using Keycloak.AuthServices.Common;
 using Microsoft.EntityFrameworkCore;
 
@@ -31,6 +32,9 @@
 services.AddSwaggerConfiguration(keycloakOptions);
 
 services.AddKeycloakAuthentication(configuration);
+services.AddAuthorization(
+    o => o.AddPolicy(AuthorizeConstants.CoreTeam, b => { b.RequireRealmRoles("GDSC_CORE_TEAM"); }));
+services.AddKeycloakAuthorization(configuration);
 
 services.AddTransient<IEmailSender, EmailSender>();
 services.AddTransient<IWebhookService, WebhookService>();

GdscBackend/Utils/AuthorizeConstants.cs

@@ -0,0 +1,6 @@
+namespace GdscBackend.Utils;
+
+public static class AuthorizeConstants
+{
+    public const string CoreTeam = "CoreTeam";
+}