Разграничил доступы к ресурсам посредством ролей

8105692c · Нурбек Созоев · 04706103 · 8105692c · 8105692c · 8105692c
Commit 8105692c authored Jun 27, 2019 by Нурбек Созоев
5 changed files
--- a/webinar65/Controllers/AccountController.cs
+++ b/webinar65/Controllers/AccountController.cs
@@ -55,5 +55,11 @@ namespace webinar65.Controllers

            return RedirectToAction("Login");
        }
+
+        public IActionResult AccessDenied(string returnUrl)
+        {
+            ViewBag.returnUrl = returnUrl;
+            return View();
+        }
    }
 }
--- a/webinar65/Controllers/HomeController.cs
+++ b/webinar65/Controllers/HomeController.cs
@@ -5,7 +5,7 @@ using webinar65.Models;

 namespace webinar65.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Users,Admins")]
    public class HomeController : Controller
    {
        public IActionResult Index()

--- a/webinar65/Controllers/RoleController.cs
+++ b/webinar65/Controllers/RoleController.cs
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using webinar65.ViewModels;

 namespace webinar65.Controllers
 {
+    [Authorize(Roles = "Admins")]
    public class RoleController : Controller
    {
        private RoleManager<IdentityRole> _roleManager;

--- a/webinar65/Controllers/UserController.cs
+++ b/webinar65/Controllers/UserController.cs
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using webinar65.Models;
@@ -7,6 +8,7 @@ using webinar65.ViewModels;

 namespace webinar65.Controllers
 {
+    [Authorize(Roles = "Admins")]
    public class UserController : Controller
    {
        private UserManager<User> _userManager;
@@ -44,7 +46,10 @@ namespace webinar65.Controllers
                var result = await _userManager.CreateAsync(newUser, model.Password);

                if (result.Succeeded)
+                {
+                    await _userManager.AddToRoleAsync(newUser, model.RoleName);
                    return RedirectToAction("Index");
+                }

                foreach (var error in result.Errors)
                {

--- a/webinar65/Views/Account/AccessDenied.cshtml
+++ b/webinar65/Views/Account/AccessDenied.cshtml
+@{
+    Layout = null;
+}
+
+<!DOCTYPE html>
+
+<html>
+<head>
+    <title>Forbidden</title>
+</head>
+<body>
+<div>
+    <h1>Access Denied</h1>
+</div>
+</body>
+</html>