|
|
@ -25,6 +25,7 @@ using IO.Swagger.ClientCollaborateur; |
|
|
|
using Microsoft.AspNetCore.Server.Kestrel.Core; |
|
|
|
using Microsoft.AspNetCore.Server.Kestrel.Core; |
|
|
|
using System.Threading.Tasks; |
|
|
|
using System.Threading.Tasks; |
|
|
|
using Microsoft.AspNetCore.Authentication.JwtBearer; |
|
|
|
using Microsoft.AspNetCore.Authentication.JwtBearer; |
|
|
|
|
|
|
|
using EPAServeur.Security; |
|
|
|
|
|
|
|
|
|
|
|
namespace IO.Swagger.Controllers |
|
|
|
namespace IO.Swagger.Controllers |
|
|
|
{ |
|
|
|
{ |
|
|
@ -36,10 +37,12 @@ namespace IO.Swagger.Controllers |
|
|
|
{ |
|
|
|
{ |
|
|
|
private readonly ICollaborateurService collaborateurService; |
|
|
|
private readonly ICollaborateurService collaborateurService; |
|
|
|
private readonly ILogger<CollaborateursApiController> logger; |
|
|
|
private readonly ILogger<CollaborateursApiController> logger; |
|
|
|
public CollaborateursApiController(ICollaborateurService _collaborateurService, ILogger<CollaborateursApiController> _logger) |
|
|
|
private readonly IAuthorizationService authorizationService; |
|
|
|
|
|
|
|
public CollaborateursApiController(ICollaborateurService _collaborateurService, ILogger<CollaborateursApiController> _logger, IAuthorizationService _authorizationService) |
|
|
|
{ |
|
|
|
{ |
|
|
|
collaborateurService = _collaborateurService; |
|
|
|
collaborateurService = _collaborateurService; |
|
|
|
logger = _logger; |
|
|
|
logger = _logger; |
|
|
|
|
|
|
|
authorizationService = _authorizationService; |
|
|
|
} |
|
|
|
} |
|
|
|
/// <summary> |
|
|
|
/// <summary> |
|
|
|
/// |
|
|
|
/// |
|
|
@ -51,7 +54,7 @@ namespace IO.Swagger.Controllers |
|
|
|
/// <response code="404">Ressource n'a pas été trouvée</response> |
|
|
|
/// <response code="404">Ressource n'a pas été trouvée</response> |
|
|
|
[HttpGet] |
|
|
|
[HttpGet] |
|
|
|
[Route("/api/collaborateurs/{idCollaborateur}")] |
|
|
|
[Route("/api/collaborateurs/{idCollaborateur}")] |
|
|
|
//[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial")] |
|
|
|
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Roles = "RH,Assistante,Commercial,Collaborateur")] |
|
|
|
[ValidateModelState] |
|
|
|
[ValidateModelState] |
|
|
|
[SwaggerOperation("GetCollaborateurById")] |
|
|
|
[SwaggerOperation("GetCollaborateurById")] |
|
|
|
[SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")] |
|
|
|
[SwaggerResponse(statusCode: 200, type: typeof(CollaborateurDTO), description: "OK")] |
|
|
@ -86,6 +89,23 @@ namespace IO.Swagger.Controllers |
|
|
|
logger.LogError("Une erreur inconnue est survenue lors de la récupération du collaborateur {idCollaborateur}", idCollaborateur); |
|
|
|
logger.LogError("Une erreur inconnue est survenue lors de la récupération du collaborateur {idCollaborateur}", idCollaborateur); |
|
|
|
} |
|
|
|
} |
|
|
|
logger.LogInformation("Collaborateur {id} trouvée", idCollaborateur); |
|
|
|
logger.LogInformation("Collaborateur {id} trouvée", idCollaborateur); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Si l'utilisateur connecté est un collaborateur, on vérifie si il est autorisé à accéder au détail du collaborateur |
|
|
|
|
|
|
|
if (User.IsInRole("Collaborateur")) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
if (!(await authorizationService.AuthorizeAsync(User, collaborateurDTO, "SameMailRequirement")).Succeeded) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
ErreurDTO erreurDTO = new ErreurDTO() |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
Code = "403", |
|
|
|
|
|
|
|
Message = "Accès interdit", |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
return StatusCode(403, erreurDTO); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return Ok(collaborateurDTO); |
|
|
|
return Ok(collaborateurDTO); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|