- using Campaign_Tracker.Server.Authorization;
- using Microsoft.AspNetCore.Authorization;
- using Microsoft.AspNetCore.Mvc;
-
- namespace Campaign_Tracker.Server.Controllers;
-
- [ApiController]
- public sealed class AuthorizationProbeController : ControllerBase
- {
- [HttpGet("api/municipalities/profile")]
- [Authorize(Policy = ApplicationPolicy.ClientServicesAccess)]
- public ActionResult GetMunicipalityProfile()
- {
- return Ok(new { access = "municipality-profile" });
- }
-
- [HttpPost("api/election-cycles")]
- [Authorize(Policy = ApplicationPolicy.ClientServicesAccess)]
- public ActionResult CreateElectionCycle()
- {
- return Ok(new { access = "election-cycle-create" });
- }
-
- [HttpGet("api/production/work-queue")]
- [Authorize(Policy = ApplicationPolicy.ProductionAccess)]
- public ActionResult GetProductionWorkQueue()
- {
- return Ok(new { access = "production-work-queue" });
- }
-
- [HttpGet("api/admin/settings")]
- [Authorize(Policy = ApplicationPolicy.AdminAccess)]
- public ActionResult GetAdminSettings()
- {
- return Ok(new { access = "admin-settings" });
- }
-
- [HttpPost("api/admin/privileged-operation")]
- [Authorize(Policy = ApplicationPolicy.AdminAccess)]
- public ActionResult PerformPrivilegedOperation()
- {
- return Ok(new { access = "privileged-operation" });
- }
- }
|
