Feature/Auth: last one was authentication, this one is authorization #4
@@ -52,6 +52,8 @@ builder.Services.AddAuthorization(options => {
|
|||||||
policy.RequireRole("admin", "superuser"));
|
policy.RequireRole("admin", "superuser"));
|
||||||
options.AddPolicy("SensitiveDataModify", policy =>
|
options.AddPolicy("SensitiveDataModify", policy =>
|
||||||
policy.RequireRole("superuser"));
|
policy.RequireRole("superuser"));
|
||||||
|
|
||||||
|
// TODO: policies are read at runtime. define policy names in a central place and distribute the symbol
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|||||||
@@ -3,14 +3,14 @@
|
|||||||
|
|
||||||
import { onMounted } from "vue"
|
import { onMounted } from "vue"
|
||||||
import { useRoute, useRouter } from "vue-router";
|
import { useRoute, useRouter } from "vue-router";
|
||||||
import { useItemsStore } from "../stores/ItemsStore.ts"
|
import { useUsersStore } from "../stores/UsersStore.ts"
|
||||||
import * as authApi from "../api/AuthApi";
|
import * as authApi from "../api/AuthApi";
|
||||||
|
|
||||||
const store = useItemsStore()
|
const store = useUsersStore()
|
||||||
const router = useRouter();
|
const router = useRouter();
|
||||||
|
|
||||||
onMounted(() => {
|
onMounted(() => {
|
||||||
store.fetchItems()
|
store.fetchUsers()
|
||||||
})
|
})
|
||||||
|
|
||||||
function logout() {
|
function logout() {
|
||||||
@@ -22,20 +22,13 @@ function logout() {
|
|||||||
|
|
||||||
<template>
|
<template>
|
||||||
<div>
|
<div>
|
||||||
<h1>Items</h1>
|
<h1>Users</h1>
|
||||||
|
|
||||||
<router-link to="/item/new">Create Item</router-link>
|
|
||||||
|
|
||||||
<table>
|
<table>
|
||||||
<tr v-for="item in store.items" :key="item.id">
|
<tr v-for="user in store.users" :key="user.id">
|
||||||
<td>{{ item.name }}</td>
|
<td>{{ user.username }}</td>
|
||||||
<td>
|
<td>
|
||||||
|
<button @click="store.removeUser(user.id)">Delete</button>
|
||||||
<router-link :to="`/item/${item.id}`" custom v-slot="{ navigate }">
|
|
||||||
<button @click="navigate" role="link">Edit</button>
|
|
||||||
</router-link>
|
|
||||||
|
|
||||||
<button @click="store.removeItem(item.id)">Delete</button>
|
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|||||||
Reference in New Issue
Block a user