merged user access module with latest changes for sql database

2023-10-19 15:59:02 -04:00
parent c77e0452c4
commit e2bed66428
96 changed files with 2773 additions and 533 deletions
--- a/DamageAssesmentApi/DamageAssesment.Api.Surveys/Controllers/SurveysController.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Surveys/Controllers/SurveysController.cs
@ -1,4 +1,5 @@
 using DamageAssesment.Api.Surveys.Interfaces;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

 namespace DamageAssesment.Api.Surveys.Controllers
@ -15,6 +16,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
        /// <summary>
        /// GET request for retrieving surveys.
        /// </summary>
+        [Authorize(Roles ="admin,survey,user,report")]
        [Route("surveys")]
        [Route("surveys/{language:alpha}")]
        [HttpGet]
@ -31,6 +33,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
        /// <summary>
        /// GET request for retrieving surveys by ID.
        /// </summary>
+        [Authorize(Roles = "admin,survey,user,report")]
        [Route("surveys/{id:int}")]
        [Route("surveys/{id:int}/{language:alpha}")]
        [HttpGet]
@ -46,6 +49,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
        /// <summary>
        /// POST request for creating a new survey.
        /// </summary>
+        [Authorize(Roles = "admin,survey,user,report")]
        [HttpPost("surveys")]
        public async Task<ActionResult> PostSurveysAsync(Models.Survey survey)
        {
@ -59,6 +63,8 @@ namespace DamageAssesment.Api.Surveys.Controllers
        /// <summary>
        /// PUT request for updating an existing survey (surveyId,Updated Survey data).
        /// </summary>
+
+        [Authorize(Roles = "admin,survey")]
        [HttpPut("surveys/{id}")]
        public async Task<ActionResult> PutSurveysAsync(int id, Models.Survey survey)
        {
@ -76,6 +82,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
        /// <summary>
        /// DELETE request for deleting a survey by ID.
        /// </summary>
+        [Authorize(Roles = "admin,survey")]
        [HttpDelete("surveys/{id}")]
        public async Task<ActionResult> DeleteSurveysAsync(int id)
        {
--- a/DamageAssesmentApi/DamageAssesment.Api.Surveys/Program.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Surveys/Program.cs
@ -6,6 +6,7 @@ using Microsoft.EntityFrameworkCore;
 using Microsoft.IdentityModel.Tokens;
 using System.Text;
 using System.Reflection;
+using Microsoft.OpenApi.Models;

 var builder = WebApplication.CreateBuilder(args);

@ -34,14 +35,44 @@ builder.Services.AddControllers();
 builder.Services.AddScoped<ISurveyProvider, SurveysProvider>();
 builder.Services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
 builder.Services.AddEndpointsApiExplorer();
-//builder.Services.AddSwaggerGen();
-builder.Services.AddSwaggerGen(c =>
+
+builder.Services.AddSwaggerGen(options =>
 {
    // Include XML comments from your assembly
    var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
    var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
-    c.IncludeXmlComments(xmlPath);
+    options.IncludeXmlComments(xmlPath);
+
+    OpenApiSecurityScheme securityDefinition = new OpenApiSecurityScheme()
+    {
+        Name = "Bearer",
+        BearerFormat = "JWT",
+        Scheme = "bearer",
+        Description = "Specify the authorization token.",
+        In = ParameterLocation.Header,
+        Type = SecuritySchemeType.Http,
+    };
+
+    options.AddSecurityDefinition("jwt_auth", securityDefinition);
+
+    // Make sure swagger UI requires a Bearer token specified
+    OpenApiSecurityScheme securityScheme = new OpenApiSecurityScheme()
+    {
+        Reference = new OpenApiReference()
+        {
+            Id = "jwt_auth",
+            Type = ReferenceType.SecurityScheme
+        }
+    };
+
+    OpenApiSecurityRequirement securityRequirements = new OpenApiSecurityRequirement()
+    {
+        {securityScheme, new string[] { }},
+    };
+
+    options.AddSecurityRequirement(securityRequirements);
 });
+
 builder.Services.AddDbContext<SurveysDbContext>(option =>
 {
    option.UseSqlServer("SurveyConnection");
--- a/DamageAssesmentApi/DamageAssesment.Api.Surveys/Providers/SurveysProvider.cs
+++ b/DamageAssesmentApi/DamageAssesment.Api.Surveys/Providers/SurveysProvider.cs
@ -95,7 +95,6 @@ namespace DamageAssesment.Api.Surveys.Providers
                logger?.LogInformation("Get all Surveys from DB");
                //checking is enabled in survey response 
                var surveys = await surveyDbContext.Surveys.ToListAsync();//Where(s => s.IsEnabled == true)
-
                if (surveys != null)
                {
                    surveysList = from s in surveys
--- a/DamageAssesmentApi/DamageAssesment.Api.Surveys/appsettings.json
+++ b/DamageAssesmentApi/DamageAssesment.Api.Surveys/appsettings.json
@ -10,8 +10,8 @@
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
-    //"SurveyConnection": "Server=DESKTOP-OF5DPLQ\\SQLEXPRESS;Database=da_survey_dev;Trusted_Connection=True;TrustServerCertificate=True;"
-    //"SurveyConnection": "Server=localhost,1433;Database=da_survey_dev;User Id=sa;Password=Password123;TrustServerCertificate=True;",
-    "SurveyConnection": "Server=207.180.248.35;Database=da_survey_dev;User Id=sa;Password=YourStrongPassw0rd;TrustServerCertificate=True;"
+    "SurveyConnection": "Server=DESKTOP-OF5DPLQ\\SQLEXPRESS;Database=da_survey_dev;Trusted_Connection=True;TrustServerCertificate=True;"
+    //"SurveyConnection": "Server=tcp:da-dev.database.windows.net,1433;Initial Catalog=da-dev-db;Encrypt=True;User ID=admin-dev;Password=b3tgRABw8LGE75k;TrustServerCertificate=False;Connection Timeout=30;"
+
  }
 }