From cad4268b792e02f19aaa7dadd39a5c1d9fb1755e Mon Sep 17 00:00:00 2001
From: Karolis2011 <Karolis2011@users.noreply.github.com>
Date: Wed, 22 Dec 2021 22:50:09 +0200
Subject: [PATCH] Some stuff

---
 KTUSAPS/Auth/AdminAuthorizationHandler.cs     | 38 ++++++++
 KTUSAPS/Auth/AdminRequirement.cs              |  8 ++
 KTUSAPS/ClientApp/public/index.html           |  2 +-
 KTUSAPS/ClientApp/src/components/NavMenu.vue  | 19 ++--
 KTUSAPS/ClientApp/src/pages/Home.vue          | 79 +++++++++++------
 KTUSAPS/ClientApp/src/pages/Submit.vue        | 86 +++++++++++++++++++
 KTUSAPS/ClientApp/src/router/index.js         |  6 ++
 .../ClientApp/src/store/modules/msalAuth.js   | 19 +++-
 KTUSAPS/Controllers/AuthMetadataController.cs |  5 ++
 KTUSAPS/Properties/launchSettings.json        |  1 -
 KTUSAPS/Startup.cs                            |  9 ++
 11 files changed, 236 insertions(+), 36 deletions(-)
 create mode 100644 KTUSAPS/Auth/AdminAuthorizationHandler.cs
 create mode 100644 KTUSAPS/Auth/AdminRequirement.cs
 create mode 100644 KTUSAPS/ClientApp/src/pages/Submit.vue

diff --git a/KTUSAPS/Auth/AdminAuthorizationHandler.cs b/KTUSAPS/Auth/AdminAuthorizationHandler.cs
new file mode 100644
index 0000000..a3b7002
--- /dev/null
+++ b/KTUSAPS/Auth/AdminAuthorizationHandler.cs
@@ -0,0 +1,38 @@
+using KTUSAPS.Data;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using System;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace KTUSAPS.Auth
+{
+    public class AdminAuthorizationHandler : AuthorizationHandler<AdminRequirement>
+    {
+        private readonly IServiceProvider serviceProvider;
+        public AdminAuthorizationHandler(IServiceProvider serviceProvider)
+        {
+            this.serviceProvider = serviceProvider;
+        }
+
+        protected async override Task HandleRequirementAsync(AuthorizationHandlerContext context, AdminRequirement requirement)
+        {
+            var idclaim = context.User.Claims.Where(c => c.Type == "http://schemas.microsoft.com/identity/claims/objectidentifier").FirstOrDefault();
+            if(idclaim == default)
+            {
+                context.Fail();
+                return;
+            }
+            using var scope = serviceProvider.CreateScope();
+            var dataContext = scope.ServiceProvider.GetRequiredService<SAPSDataContext>();
+            var admin = await dataContext.Admins.Where(a => a.UserId == idclaim.Value).FirstOrDefaultAsync();
+            if (admin != default)
+            {
+                context.Succeed(requirement);
+                return;
+            }
+            context.Fail();
+        }
+    }
+}
diff --git a/KTUSAPS/Auth/AdminRequirement.cs b/KTUSAPS/Auth/AdminRequirement.cs
new file mode 100644
index 0000000..9fa1cef
--- /dev/null
+++ b/KTUSAPS/Auth/AdminRequirement.cs
@@ -0,0 +1,8 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace KTUSAPS.Auth
+{
+    public class AdminRequirement : IAuthorizationRequirement
+    {
+    }
+}
diff --git a/KTUSAPS/ClientApp/public/index.html b/KTUSAPS/ClientApp/public/index.html
index 4123528..25f45cc 100644
--- a/KTUSAPS/ClientApp/public/index.html
+++ b/KTUSAPS/ClientApp/public/index.html
@@ -5,7 +5,7 @@
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width,initial-scale=1.0">
     <link rel="icon" href="<%= BASE_URL %>favicon.ico">
-    <title><%= htmlWebpackPlugin.options.title %></title>
+    <title>KTU SA Problemų sprendimo sistema</title>
   </head>
   <body>
     <noscript>
diff --git a/KTUSAPS/ClientApp/src/components/NavMenu.vue b/KTUSAPS/ClientApp/src/components/NavMenu.vue
index a757b13..5a1cfb9 100644
--- a/KTUSAPS/ClientApp/src/components/NavMenu.vue
+++ b/KTUSAPS/ClientApp/src/components/NavMenu.vue
@@ -27,17 +27,24 @@
                 >Pagrindinis</router-link
               >
             </li>
+            <li class="nav-item" v-if="$store.state.msalAuth.isLoggedIn">
+              <router-link :to="{ name: 'Submit' }" class="nav-link"
+                >Pateikti problemą</router-link
+              >
+            </li>
             <!-- <li class="nav-item">
               <a href="/swagger" class="nav-link">Swagger UI</a>
             </li> -->
           </ul>
           <div class="navbar-nav">
-            <span v-if="$store.state.msalAuth.isLoggedIn" class="navbar-text"
-              >Prisijungta kaip {{ $store.state.msalAuth.displayName }}
-              <a href="#" @click="LogoutMsal" class="nav-link"
-                >Atsijungti</a
-              ></span
-            >
+            <template v-if="$store.state.msalAuth.isLoggedIn">
+              <span class="navbar-text"
+                >Prisijungta kaip {{ $store.state.msalAuth.displayName }}
+              </span>
+              <div class="nav-item">
+                <a href="#" @click="LogoutMsal" class="nav-link">Atsijungti</a>
+              </div>
+            </template>
             <div v-else class="nav-item">
               <a href="#" @click="LoginMsal" class="nav-link">Prisijungti</a>
             </div>
diff --git a/KTUSAPS/ClientApp/src/pages/Home.vue b/KTUSAPS/ClientApp/src/pages/Home.vue
index da626b4..5037683 100644
--- a/KTUSAPS/ClientApp/src/pages/Home.vue
+++ b/KTUSAPS/ClientApp/src/pages/Home.vue
@@ -10,34 +10,46 @@
           el. paštas yra: <b>{{ $store.state.msalAuth.email }}</b>
         </span>
       </div>
-      <h3>Priegos raktas (Access token)</h3>
-      <a
-        href="https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens"
-        >Dokumentacija</a
-      >
-      <pre>{{ $store.state.msalAuth.accessToken }}</pre>
+      <template v-if="$store.state.msalAuth.isAdmin">
+        <div class="alert alert-warning">
+          <span>
+            Tu esi administratorius.
+          </span>
+        </div>
+        <h3>Prieigos raktas (Access token)</h3>
+        <a
+          href="https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens"
+          >Dokumentacija</a
+        >
+        <pre>{{ $store.state.msalAuth.accessToken }}</pre>
 
-      <h3>Indentifikacijos raktas (ID Token)</h3>
-      <a
-        href="https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens"
-        >Dokumentacija</a
-      >
-      <pre>{{ $store.state.msalAuth.idToken }}</pre>
+        <h3>Indentifikacijos raktas (ID Token)</h3>
+        <a
+          href="https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens"
+          >Dokumentacija</a
+        >
+        <pre>{{ $store.state.msalAuth.idToken }}</pre>
 
-      <h4>Duomenys gaunami iš Indentifikacijos rakto (ID Token)</h4>
-      <pre>{{
-        $store.state.msalAuth.debugFullTokenResponse.idTokenClaims
-      }}</pre>
-      <h3>Autorizuotos sritys</h3>
-      <pre>{{ $store.state.msalAuth.debugFullTokenResponse.scopes }}</pre>
-      <h3>Serverio tokeno patikrinimas</h3>
-      <button type="button" class="btn btn-primary" @click="serverVerify">
-        Patikrinti
-      </button>
-      <h5>Verifikacijos atsakas:</h5>
-      <pre>
-        {{ verificationResult }}
-      </pre>
+        <h4>Duomenys gaunami iš Indentifikacijos rakto (ID Token)</h4>
+        <pre>{{
+          $store.state.msalAuth.debugFullTokenResponse.idTokenClaims
+        }}</pre>
+        <h3>Autorizuotos sritys</h3>
+        <pre>{{ $store.state.msalAuth.debugFullTokenResponse.scopes }}</pre>
+        <h3>Serverio tokeno patikrinimas</h3>
+        <button type="button" class="btn btn-primary" @click="serverVerify">
+          Patikrinti
+        </button>
+        <button
+          type="button"
+          class="btn btn-primary"
+          @click="serverAdminVerify"
+        >
+          Patikrinti ar admin
+        </button>
+        <h5>Verifikacijos atsakas:</h5>
+        <pre>{{ verificationResult }}</pre>
+      </template>
     </template>
     <div v-else class="alert alert-danger" role="alert">
       <h4 class="alert-heading">Tu neprisijungęs</h4>
@@ -71,6 +83,21 @@ export default {
           alert(error)
         })
     },
+    serverAdminVerify() {
+      this.verificationResult = null
+      axios
+        .get('/api/AuthMetadata/Admin', {
+          headers: {
+            Authorization: `Bearer ${this.$store.state.msalAuth.idToken}`,
+          },
+        })
+        .then(response => {
+          this.verificationResult = response.data
+        })
+        .catch(function(error) {
+          alert(error)
+        })
+    },
   },
 }
 </script>
diff --git a/KTUSAPS/ClientApp/src/pages/Submit.vue b/KTUSAPS/ClientApp/src/pages/Submit.vue
new file mode 100644
index 0000000..a0faf16
--- /dev/null
+++ b/KTUSAPS/ClientApp/src/pages/Submit.vue
@@ -0,0 +1,86 @@
+<template>
+  <div class="container mt-2">
+    <div class="row justify-content-center">
+      <div class="card col-lg-6 p-5">
+        <h1>Pateik savo problemą</h1>
+        <div class="mb-3">
+          <label for="emailInput" class="form-label">El. paštas</label>
+          <input
+            class="form-control"
+            type="email"
+            id="emailInput"
+            :value="$store.state.msalAuth.email"
+            disabled
+            readonly
+          />
+        </div>
+        <div class="mb-3">
+          <label for="issueTypeSelect" class="form-label"
+            >Problemos tipas</label
+          >
+          <select
+            v-model="issue.issueTypeId"
+            id="issueTypeSelect"
+            class="form-select"
+          >
+            <option v-for="it in issueTypes" :key="it.id" :value="it.id">{{
+              it.name
+            }}</option>
+          </select>
+        </div>
+        <div class="mb-3">
+          <label for="descriptionTextArea" class="form-label">Aprašymas</label>
+          <textarea
+            v-model="issue.description"
+            class="form-control"
+            id="descriptionTextArea"
+            rows="4"
+            aria-describedby="descriptionHelp"
+          ></textarea>
+          <div id="descriptionHelp" class="form-text">
+            Nepamirškite paminėti kokiame modulyje susiduriate su šią problemą.
+          </div>
+        </div>
+        <div class="mb-3 form-check">
+          <input
+            class="form-check-input"
+            type="checkbox"
+            id="publishableCheckbox"
+            v-model="issue.publishable"
+          />
+          <label class="form-check-label" for="publishable">
+            Ši problema turėtų būti viešai paskelbta, kad galėtų ją matyti kiti
+            studentai.
+          </label>
+        </div>
+        <button class="btn btn-primary">Pateikti</button>
+      </div>
+    </div>
+  </div>
+  <pre>{{ $data }}</pre>
+</template>
+
+<script>
+import axios from 'axios'
+export default {
+  data() {
+    return {
+      issueTypes: [],
+      issue: {
+        description: '',
+        issueTypeId: null,
+        publishable: false,
+      },
+    }
+  },
+  created() {
+    this.fetchData()
+  },
+  methods: {
+    async fetchData() {
+      const response = await axios.get('/api/IssueTypes')
+      this.issueTypes = response.data
+    },
+  },
+}
+</script>
diff --git a/KTUSAPS/ClientApp/src/router/index.js b/KTUSAPS/ClientApp/src/router/index.js
index 0c1731a..75cc5da 100644
--- a/KTUSAPS/ClientApp/src/router/index.js
+++ b/KTUSAPS/ClientApp/src/router/index.js
@@ -1,5 +1,6 @@
 import { createWebHistory, createRouter } from 'vue-router'
 import Home from '@/pages/Home.vue'
+import Submit from '@/pages/Submit.vue'
 
 const routes = [
   {
@@ -7,6 +8,11 @@ const routes = [
     name: 'Home',
     component: Home,
   },
+  {
+    path: '/new',
+    name: 'Submit',
+    component: Submit,
+  },
 ]
 
 const router = createRouter({
diff --git a/KTUSAPS/ClientApp/src/store/modules/msalAuth.js b/KTUSAPS/ClientApp/src/store/modules/msalAuth.js
index 9ae577e..2cc3c50 100644
--- a/KTUSAPS/ClientApp/src/store/modules/msalAuth.js
+++ b/KTUSAPS/ClientApp/src/store/modules/msalAuth.js
@@ -1,8 +1,10 @@
 import { WatchMsalState, GetMsalState } from '@/msal'
+import axios from 'axios'
 
 // initial state
 const state = () => ({
   isLoggedIn: false,
+  isAdmin: false,
   accessToken: null,
   idToken: null,
   email: null,
@@ -18,8 +20,20 @@ const getters = {}
 // actions
 const actions = {
   initialize({ commit }) {
-    WatchMsalState(() => {
-      commit('setState', GetMsalState())
+    WatchMsalState(async () => {
+      const state = GetMsalState()
+      let isAdmin = false
+      if (state.isLoggedIn && state.idToken) {
+        await axios
+          .get('/api/AuthMetadata/Admin', {
+            headers: {
+              Authorization: `Bearer ${state.idToken}`,
+            },
+          })
+          .then(res => (isAdmin = res.data))
+          .catch(error => console.error(error))
+      }
+      commit('setState', { ...state, isAdmin })
     })
   },
 }
@@ -28,6 +42,7 @@ const actions = {
 const mutations = {
   setState(state, msalState) {
     state.isLoggedIn = msalState.isLoggedIn
+    state.isAdmin = msalState.isAdmin
     state.accessToken = msalState.accessToken
     state.idToken = msalState.idToken
     state.debugFullTokenResponse = msalState.debugFullTokenResponse
diff --git a/KTUSAPS/Controllers/AuthMetadataController.cs b/KTUSAPS/Controllers/AuthMetadataController.cs
index 1a4f510..bfaad23 100644
--- a/KTUSAPS/Controllers/AuthMetadataController.cs
+++ b/KTUSAPS/Controllers/AuthMetadataController.cs
@@ -44,5 +44,10 @@ namespace KTUSAPS.Controllers
         [ProducesResponseType(StatusCodes.Status200OK)]
         [HttpGet("Authed")]
         public bool IsAuthed() => true;
+
+        [Authorize("admin")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [HttpGet("Admin")]
+        public bool IsAdmin() => true;
     }
 }
diff --git a/KTUSAPS/Properties/launchSettings.json b/KTUSAPS/Properties/launchSettings.json
index 6982f02..c5c87a0 100644
--- a/KTUSAPS/Properties/launchSettings.json
+++ b/KTUSAPS/Properties/launchSettings.json
@@ -19,7 +19,6 @@
     "KTUSAPS": {
       "commandName": "Project",
       "launchBrowser": true,
-      "launchUrl": "weatherforecast",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
diff --git a/KTUSAPS/Startup.cs b/KTUSAPS/Startup.cs
index 569c250..71690b6 100644
--- a/KTUSAPS/Startup.cs
+++ b/KTUSAPS/Startup.cs
@@ -1,5 +1,7 @@
+using KTUSAPS.Auth;
 using KTUSAPS.Services;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.EntityFrameworkCore;
@@ -43,6 +45,11 @@ namespace KTUSAPS
 
             services.AddAuthorization((configure) =>
             {
+                var adminPolicy = new Microsoft.AspNetCore.Authorization.AuthorizationPolicyBuilder()
+                    .RequireAuthenticatedUser()
+                    .AddRequirements(new AdminRequirement())
+                    .Build();
+                configure.AddPolicy("admin", adminPolicy);
                 configure.DefaultPolicy = new Microsoft.AspNetCore.Authorization.AuthorizationPolicyBuilder()
                     .RequireAuthenticatedUser()
                     .Build();
@@ -52,6 +59,8 @@ namespace KTUSAPS
             services.AddDbContext<Data.SAPSDataContext>((options) => options.UseMySql(connectionString, ServerVersion.AutoDetect(connectionString)));
             services.AddHostedService<DatabaseInitializationService>();
 
+            services.AddSingleton<IAuthorizationHandler, AdminAuthorizationHandler>();
+
             services.AddSwaggerGen(options =>
             {
                 options.OperationFilter<AuthorizeCheckOperationFilter>();