require admin role

HanyadikHetVan/Controllers/V1/HanyadikHetVanController.cs

@@ -22,7 +22,6 @@ namespace HanyadikHetVan.Controllers.V1
         }
 
         [HttpGet("json")]
-        [Consumes(MediaTypeNames.Application.Json)]
         [Produces(MediaTypeNames.Application.Json)]
         public HanyadikHetVanDTO GetJson()
         {

HanyadikHetVan/Controllers/V1/TestController.cs

@@ -2,6 +2,7 @@
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using System;
+using System.Net.Mime;
 using System.Security.Claims;
 
 namespace HanyadikHetVan.Controllers.V1
@@ -19,7 +20,7 @@ namespace HanyadikHetVan.Controllers.V1
         }
 
         [HttpGet("unprotected")]
-        [Produces("application/json")]
+        [Produces(MediaTypeNames.Application.Json)]
         public string Unprotected()
         {
 
@@ -28,10 +29,18 @@ namespace HanyadikHetVan.Controllers.V1
 
         [Authorize]
         [HttpGet("protected")]
-        [Produces("application/json")]
+        [Produces(MediaTypeNames.Application.Json)]
         public string Protected()
         {
             return this.User.FindFirst(ClaimTypes.NameIdentifier).Value;
         }
+
+        [Authorize(Roles = "admin")]
+        [HttpGet("roleprotected")]
+        [Produces(MediaTypeNames.Application.Json)]
+        public string RoleProtected()
+        {
+            return this.User.FindFirst(ClaimTypes.NameIdentifier).Value;
+        }
     }
 }

HanyadikHetVan/Controllers/V2/PauseController.cs

@@ -41,7 +41,7 @@ namespace HanyadikHetVan.Controllers.V2
             }
         }
         [HttpDelete("{pauseId}")]
-        [Authorize]
+        [Authorize(Roles = "admin")]
         [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(WeeklyTimeSpanDTO))]
         [ProducesResponseType(StatusCodes.Status404NotFound)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]
@@ -58,7 +58,7 @@ namespace HanyadikHetVan.Controllers.V2
             }
         }
         [HttpPut]
-        [Authorize]
+        [Authorize(Roles = "admin")]
         [Consumes(MediaTypeNames.Application.Json)]
         [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(PauseDTO))]
         [ProducesResponseType(StatusCodes.Status404NotFound)]

HanyadikHetVan/Controllers/V2/PurseController.cs

@@ -24,7 +24,7 @@ namespace HanyadikHetVan.Controllers.V2
         }
 
         [HttpPut("{userId}")]
-        [Authorize]
+        [Authorize(Roles = "admin")]
         [Consumes(MediaTypeNames.Application.Json)]
         [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(PurseDTO))]
         [ProducesResponseType(StatusCodes.Status404NotFound)]
@@ -43,7 +43,7 @@ namespace HanyadikHetVan.Controllers.V2
         }
 
         [HttpGet("{userId}")]
-        [Authorize]
+        [Authorize(Roles = "admin")]
         [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(PurseDTO))]
         [ProducesResponseType(StatusCodes.Status404NotFound)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]

HanyadikHetVan/Controllers/V2/WeeklyTimeSpanController.cs

@@ -41,7 +41,7 @@ namespace HanyadikHetVan.Controllers.V2
             }
         }
         [HttpDelete("{weeklyTimeSpanId}")]
-        [Authorize]
+        [Authorize(Roles = "admin")]
         [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(bool))]
         [ProducesResponseType(StatusCodes.Status404NotFound)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]
@@ -58,7 +58,7 @@ namespace HanyadikHetVan.Controllers.V2
             }
         }
         [HttpPut]
-        [Authorize]
+        [Authorize(Roles = "admin")]
         [Consumes(MediaTypeNames.Application.Json)]
         [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(WeeklyTimeSpanDTO))]
         [ProducesResponseType(StatusCodes.Status404NotFound)]