|
|
|
@ -1,4 +1,3 @@
|
|
|
|
|
using System.Security.Claims;
|
|
|
|
|
using AutoMapper;
|
|
|
|
|
using CatalogService.Data;
|
|
|
|
|
using CatalogService.DTOs;
|
|
|
|
@ -11,7 +10,8 @@ using Shared.DTOs;
|
|
|
|
|
namespace CatalogService.Controllers;
|
|
|
|
|
|
|
|
|
|
[ApiController]
|
|
|
|
|
[Route("api/[controller]")]
|
|
|
|
|
[Authorize]
|
|
|
|
|
[Route("api/catalog/[controller]")]
|
|
|
|
|
public class ExercicesController : ControllerBase
|
|
|
|
|
{
|
|
|
|
|
private readonly CatalogDbContext _context;
|
|
|
|
@ -25,6 +25,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpPost]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<IActionResult> Create([FromBody] CreateExerciceTemplateDto dto)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -37,6 +38,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpPut("{id}")]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<IActionResult> Update(string id, [FromBody] UpdateExerciceTemplateDto dto)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -52,6 +54,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpDelete("{id}")]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<IActionResult> Delete(string id)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -66,6 +69,7 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
[Authorize]
|
|
|
|
|
[HttpGet("{id}")]
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
|
public async Task<ActionResult<ExerciceTemplateDto>> GetById(string id)
|
|
|
|
|
{
|
|
|
|
|
if (User.Identity.Name != "admin") return Forbid();
|
|
|
|
@ -75,6 +79,4 @@ public class ExercicesController : ControllerBase
|
|
|
|
|
|
|
|
|
|
return _mapper.Map<ExerciceTemplateDto>(exercice);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|