lots of updates

Memphis.API/Controllers/AirportsController.cs

@@ -38,7 +38,7 @@ public AirportsController(DatabaseContext context, RedisService redisService, Lo
 
 
     [HttpPost]
-    [Authorize(Roles = Constants.CanAirports)]
+    [Authorize(Roles = Constants.FacilitiesStaff)]
     [ProducesResponseType(typeof(Response<Airport>), 201)]
     [ProducesResponseType(typeof(Response<IList<ValidationFailure>>), 400)]
     [ProducesResponseType(401)]
@@ -48,7 +48,7 @@ public async Task<ActionResult<Response<Airport>>> CreateAirport(AirportPayload
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanAirportsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.FacilitiesStaffList))
             {
                 return StatusCode(401);
             }
@@ -70,7 +70,7 @@ public async Task<ActionResult<Response<Airport>>> CreateAirport(AirportPayload
                 Icao = payload.Icao.ToUpper()
             });
             await _context.SaveChangesAsync();
-            string newData = JsonConvert.SerializeObject(result.Entity);
+            var newData = JsonConvert.SerializeObject(result.Entity);
             await _loggingService.AddWebsiteLog(Request, $"Created airport {result.Entity.Id}", string.Empty, newData);
 
             return StatusCode(201, new Response<Airport>
@@ -143,7 +143,7 @@ public async Task<ActionResult<Response<IList<Airport>>>> GetAirport(int airport
     }
 
     [HttpPut("{airportId:int}")]
-    [Authorize(Roles = Constants.CanAirports)]
+    [Authorize(Roles = Constants.FacilitiesStaff)]
     [ProducesResponseType(typeof(Response<Airport>), 200)]
     [ProducesResponseType(typeof(Response<IList<ValidationFailure>>), 400)]
     [ProducesResponseType(401)]
@@ -154,7 +154,7 @@ public async Task<ActionResult<Response<Airport>>> UpdateAirport(int airportId,
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanAirportsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.FacilitiesStaffList))
             {
                 return StatusCode(401);
             }
@@ -204,7 +204,7 @@ public async Task<ActionResult<Response<Airport>>> UpdateAirport(int airportId,
     }
 
     [HttpDelete("{airportId:int}")]
-    [Authorize(Roles = Constants.CanAirports)]
+    [Authorize(Roles = Constants.FacilitiesStaff)]
     [ProducesResponseType(typeof(Response<string?>), 200)]
     [ProducesResponseType(401)]
     [ProducesResponseType(403)]
@@ -214,7 +214,7 @@ public async Task<ActionResult<Response<string>>> DeleteAirport(int airportId)
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanAirportsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.FacilitiesStaffList))
             {
                 return StatusCode(401);
             }

Memphis.API/Controllers/CommentsController.cs

@@ -37,7 +37,7 @@ public CommentsController(DatabaseContext context, RedisService redisService, Lo
     }
 
     [HttpPost]
-    [Authorize(Roles = Constants.CanComment)]
+    [Authorize(Roles = Constants.AllStaff)]
     [ProducesResponseType(typeof(Response<Comment>), 201)]
     [ProducesResponseType(typeof(Response<IList<ValidationFailure>>), 400)]
     [ProducesResponseType(401)]
@@ -48,13 +48,7 @@ public async Task<ActionResult<Response<Comment>>> CreateComment(CommentPayload
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanCommentList))
-            {
-                return StatusCode(401);
-            }
-
-            // Check if they can add a confidential comment
-            if (payload.Confidential && !await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanCommentConfidentialList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.AllStaffList))
             {
                 return StatusCode(401);
             }
@@ -96,7 +90,6 @@ public async Task<ActionResult<Response<Comment>>> CreateComment(CommentPayload
             {
                 User = user,
                 Submitter = submitter,
-                Confidential = payload.Confidential,
                 Message = payload.Message,
             });
             await _context.SaveChangesAsync();
@@ -119,7 +112,7 @@ public async Task<ActionResult<Response<Comment>>> CreateComment(CommentPayload
     }
 
     [HttpGet("{userId:int}")]
-    [Authorize(Roles = $"{Constants.CanComment},{Constants.CanCommentConfidential}")]
+    [Authorize(Roles = Constants.AllStaff)]
     [ProducesResponseType(typeof(ResponsePaging<IList<Comment>>), 200)]
     [ProducesResponseType(typeof(Response<string?>), 400)]
     [ProducesResponseType(401)]
@@ -159,48 +152,22 @@ public async Task<ActionResult<Response<IList<Comment>>>> GetComments(int userId
                 });
             }
 
-            if (await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanCommentConfidentialList))
+            var result = await _context.Comments
+                .Where(x => x.User == user)
+                .OrderBy(x => x.Timestamp)
+                .Skip((page - 1) * size).Take(size)
+                .ToListAsync();
+            var totalCount = await _context.Comments
+                .Where(x => x.User == user)
+                .OrderBy(x => x.Timestamp).CountAsync();
+            return Ok(new ResponsePaging<IList<Comment>>
             {
-                var confidentialResult = await _context.Comments
-                    .Where(x => x.User == user)
-                    .OrderBy(x => x.Timestamp)
-                    .Skip((page - 1) * size).Take(size)
-                    .ToListAsync();
-                var confidentialTotalCount = await _context.Comments
-                    .Where(x => x.User == user).CountAsync();
-                return Ok(new ResponsePaging<IList<Comment>>
-                {
-                    StatusCode = 200,
-                    ResultCount = confidentialResult.Count,
-                    TotalCount = confidentialTotalCount,
-                    Message = $"Got {confidentialResult.Count} comments",
-                    Data = confidentialResult
-                });
-            }
-
-            if (await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanCommentList))
-            {
-                var result = await _context.Comments
-                    .Where(x => x.User == user)
-                    .Where(x => !x.Confidential)
-                    .OrderBy(x => x.Timestamp)
-                    .Skip((page - 1) * size).Take(size)
-                    .ToListAsync();
-                var totalCount = await _context.Comments
-                    .Where(x => x.User == user)
-                    .Where(x => !x.Confidential)
-                    .OrderBy(x => x.Timestamp).CountAsync();
-                return Ok(new ResponsePaging<IList<Comment>>
-                {
-                    StatusCode = 200,
-                    ResultCount = result.Count,
-                    TotalCount = totalCount,
-                    Message = $"Got {result.Count} comments",
-                    Data = result
-                });
-            }
-
-            return StatusCode(401);
+                StatusCode = 200,
+                ResultCount = result.Count,
+                TotalCount = totalCount,
+                Message = $"Got {result.Count} comments",
+                Data = result
+            });
         }
         catch (Exception ex)
         {

Memphis.API/Controllers/EmailLogsController.cs

@@ -30,14 +30,14 @@ public EmailLogsController(DatabaseContext context, RedisService redisService, I
     }
 
     [HttpGet]
-    [Authorize(Roles = Constants.CanEmailLogs)]
+    [Authorize(Roles = Constants.SeniorStaff)]
     [ProducesResponseType(typeof(Response<IList<EmailLog>>), 200)]
     [ProducesResponseType(typeof(Response<string?>), 500)]
     public async Task<ActionResult<ResponsePaging<IList<EmailLog>>>> GetEmailLogs(int page, int size, string? to = null)
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEmailLogsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.SeniorStaffList))
             {
                 return StatusCode(401);
             }

Memphis.API/Controllers/EventPositionsController.cs

@@ -37,7 +37,7 @@ public EventPositionsController(DatabaseContext context, RedisService redisServi
     }
 
     [HttpPost]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(typeof(Response<EventPosition>), 201)]
     [ProducesResponseType(typeof(Response<IList<ValidationFailure>>), 400)]
     [ProducesResponseType(401)]
@@ -48,7 +48,7 @@ public async Task<ActionResult<Response<EventPosition>>> CreateEventPosition(Eve
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }
@@ -119,7 +119,7 @@ public async Task<ActionResult<Response<IList<EventPosition>>>> GetEventPosition
                 });
             }
 
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.AllStaffList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.FullStaffList))
             {
                 if (!@event.IsOpen)
                 {
@@ -157,7 +157,7 @@ public async Task<ActionResult<Response<IList<EventPosition>>>> GetEventPosition
     }
 
     [HttpDelete("Positions/{eventPositionId:int}")]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(typeof(Response<string?>), 200)]
     [ProducesResponseType(401)]
     [ProducesResponseType(403)]
@@ -167,7 +167,7 @@ public async Task<ActionResult<Response<IList<EventPosition>>>> GetEventPosition
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }

Memphis.API/Controllers/EventRegistrationController.cs

@@ -272,7 +272,7 @@ public async Task<ActionResult<Response<EventRegistration>>> GetOwnEventRegistra
     }
 
     [HttpGet("Registrations/{eventId:int}")]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(401)]
     [ProducesResponseType(403)]
     [ProducesResponseType(typeof(Response<IList<EventRegistration>>), 200)]
@@ -282,7 +282,7 @@ public async Task<ActionResult<Response<IList<EventRegistration>>>> GetEventRegi
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }
@@ -313,7 +313,7 @@ public async Task<ActionResult<Response<IList<EventRegistration>>>> GetEventRegi
     }
 
     [HttpPut("assign/{eventRegistrationId:int}")]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(401)]
     [ProducesResponseType(403)]
     [ProducesResponseType(typeof(Response<EventRegistration>), 200)]
@@ -324,7 +324,7 @@ public async Task<ActionResult<Response<EventRegistration>>> AssignEventRegistra
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }
@@ -455,7 +455,7 @@ public async Task<ActionResult<Response<string>>> DeleteOwnEventRegistration(int
     }
 
     [HttpDelete("{eventRegistrationId:int}")]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(401)]
     [ProducesResponseType(typeof(Response<string?>), 200)]
     [ProducesResponseType(typeof(Response<string?>), 404)]
@@ -464,7 +464,7 @@ public async Task<ActionResult<Response<string>>> DeleteEventRegistration(int ev
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }

Memphis.API/Controllers/EventsController.cs

@@ -39,7 +39,7 @@ public EventsController(DatabaseContext context, RedisService redisService, Logg
     }
 
     [HttpPost]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(typeof(Response<Comment>), 201)]
     [ProducesResponseType(typeof(Response<IList<ValidationFailure>>), 400)]
     [ProducesResponseType(401)]
@@ -49,7 +49,7 @@ public async Task<ActionResult<Response<Event>>> CreateEvent(EventPayload payloa
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }
@@ -119,7 +119,7 @@ public async Task<ActionResult<Response<Event>>> GetEvents(int page = 1, int siz
     {
         try
         {
-            var getClosed = await _redisService.ValidateRoles(Request.HttpContext.User, Constants.AllStaffList);
+            var getClosed = await _redisService.ValidateRoles(Request.HttpContext.User, Constants.FullStaffList);
             if (getClosed)
             {
                 var result = await _context.Events
@@ -169,7 +169,7 @@ public async Task<ActionResult<Response<Event>>> GetEvent(int eventId)
     {
         try
         {
-            var getClosed = await _redisService.ValidateRoles(Request.HttpContext.User, Constants.AllStaffList);
+            var getClosed = await _redisService.ValidateRoles(Request.HttpContext.User, Constants.FullStaffList);
             var result = await _context.Events.FindAsync(eventId);
             if (result == null)
             {
@@ -204,7 +204,7 @@ public async Task<ActionResult<Response<Event>>> GetEvent(int eventId)
     }
 
     [HttpPut("{eventId:int}")]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(typeof(Response<Event>), 200)]
     [ProducesResponseType(typeof(Response<IList<ValidationFailure>>), 400)]
     [ProducesResponseType(401)]
@@ -215,7 +215,7 @@ public async Task<ActionResult<Response<Event>>> UpdateEvent(int eventId, EventP
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }
@@ -282,7 +282,7 @@ public async Task<ActionResult<Response<Event>>> UpdateEvent(int eventId, EventP
 
 
     [HttpDelete("{eventId:int}")]
-    [Authorize(Roles = Constants.CanEvents)]
+    [Authorize(Roles = Constants.EventsStaff)]
     [ProducesResponseType(typeof(Response<string?>), 200)]
     [ProducesResponseType(401)]
     [ProducesResponseType(403)]
@@ -292,7 +292,7 @@ public async Task<ActionResult<Response<Event>>> UpdateEvent(int eventId, EventP
     {
         try
         {
-            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.CanEventsList))
+            if (!await _redisService.ValidateRoles(Request.HttpContext.User, Constants.EventsStaffList))
             {
                 return StatusCode(401);
             }