using FamilyTreeAPI.Entities; using FamilyTreeAPI.Interface; using Microsoft.AspNetCore.Mvc; namespace FamilyTreeAPI.Controllers { [Route("api/[controller]")] [ApiController] public class LookupController : ControllerBase { private readonly ILookup _repo; public LookupController(ILookup repo) { _repo = repo; } [HttpGet("[action]")] public async Task LoadLookup(string type) { var list = await _repo.GetLookupAsync(type); return Ok(list); } [HttpGet("[action]")] public async Task LoadLookupEdit(string type) { var list = await _repo.GetLookupEditAsync(type); return Ok(list); } [HttpGet("[action]")] public async Task GetPersons() { var list = await _repo.GetPersonsAsync(); return Ok(list); } [HttpGet("[action]")] public async Task GetStaffs() { var list = await _repo.GetStaffAsync(); return Ok(list); } [HttpPost] public async Task Lookup([FromBody] LookupEditDto model) { //var currentUser = (User?)(HttpContext.Items["User"]); //if (null == currentUser) // return Unauthorized(new { message = "Unauthorized" }); var response = await _repo.SaveLookupAsync(model); return Ok(response); } [HttpGet] public async Task Lookup(int id, string type) { //lookup/id?type='abc' /* // only admins can access other user records var currentUser = (User)HttpContext.Items["User"]; if (id != currentUser.Id && currentUser.Role != Role.Admin) return Unauthorized(new { message = "Unauthorized" }); */ var retval = await _repo.GetLookupEditByIdAsync(id, type); return Ok(retval); } } }