|
|
|
@ -10,7 +10,8 @@ using Shared.DTOs;
|
|
|
|
|
namespace CatalogService.Controllers;
|
|
|
|
|
|
|
|
|
|
[ApiController]
|
|
|
|
|
[Route("api/[controller]")]
|
|
|
|
|
[Authorize]
|
|
|
|
|
[Route("api/catalog/[controller]")]
|
|
|
|
|
public class ExercicesController : ControllerBase
|
|
|
|
|
{
|
|
|
|
|
private readonly CatalogDbContext _context;
|
|
|
|
@ -24,6 +25,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpPost]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<IActionResult> Create([FromBody] CreateExerciceTemplateDto dto)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -36,6 +38,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpPut("{id}")]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<IActionResult> Update(string id, [FromBody] UpdateExerciceTemplateDto dto)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -51,6 +54,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpDelete("{id}")]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<IActionResult> Delete(string id)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -65,6 +69,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpGet("{id}")]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<ActionResult<ExerciceTemplateDto>> GetById(string id)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
|