Additional auth

web/Controllers/CustomerController.cs

@@ -127,6 +127,7 @@ public async Task<IActionResult> Details(int? id)
         }
 
         // GET: Customer/Create
+        [Authorize(Roles = "Administrator, Manager")]
         public IActionResult Create()
         {
             return View();
@@ -149,6 +150,7 @@ public async Task<IActionResult> Create([Bind("ID,FirstName,LastName,Address,ZIP
         }
 
         // GET: Customer/Edit/5
+        [Authorize(Roles = "Administrator, Manager")]
         public async Task<IActionResult> Edit(int? id)
         {
             if (id == null)
@@ -200,6 +202,7 @@ public async Task<IActionResult> Edit(int id, [Bind("ID,FirstName,LastName,Addre
         }
 
         // GET: Customer/Delete/5
+        [Authorize(Roles = "Administrator, Manager")]
         public async Task<IActionResult> Delete(int? id)
         {
             if (id == null)

web/Controllers/DistributorController.cs

@@ -120,6 +120,7 @@ public async Task<IActionResult> Details(int? id)
         }
 
         // GET: Distributor/Create
+        [Authorize(Roles = "Administrator, Manager")]
         public IActionResult Create()
         {
             return View();
@@ -142,6 +143,7 @@ public async Task<IActionResult> Create([Bind("ID,Name,Address,ZIP,City,Country"
         }
 
         // GET: Distributor/Edit/5
+        [Authorize(Roles = "Administrator, Manager")]
         public async Task<IActionResult> Edit(int? id)
         {
             if (id == null)
@@ -193,6 +195,7 @@ public async Task<IActionResult> Edit(int id, [Bind("ID,Name,Address,ZIP,City,Co
         }
 
         // GET: Distributor/Delete/5
+        [Authorize(Roles = "Administrator, Manager")]
         public async Task<IActionResult> Delete(int? id)
         {
             if (id == null)

web/Controllers/EvidenceController.cs

@@ -149,6 +149,7 @@ public async Task<IActionResult> Create([Bind("ID,ItemID,WarehouseID,CustomerID,
         }
 
         // GET: Evidence/Edit/5
+        [Authorize(Roles = "Administrator, Manager")]
         public async Task<IActionResult> Edit(int? id)
         {
             if (id == null)
@@ -206,6 +207,7 @@ public async Task<IActionResult> Edit(int id, [Bind("ID,ItemID,WarehouseID,Custo
         }
 
         // GET: Evidence/Delete/5
+        [Authorize(Roles = "Administrator, Manager")]
         public async Task<IActionResult> Delete(int? id)
         {
             if (id == null)

web/Views/Customer/Index.cshtml

@@ -67,9 +67,14 @@
                     @Html.DisplayFor(modelItem => item.Country)
                 </td>
                 <td>
-                    <a asp-action="Edit" asp-route-id="@item.ID">Edit</a> |
-                    <a asp-action="Details" asp-route-id="@item.ID">Details</a> |
-                    <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
+                    <a asp-action="Details" asp-route-id="@item.ID">Details</a>
+                    @if (User.Identity.IsAuthenticated)
+                    {
+                        if (User.IsInRole("Administrator") || User.IsInRole("Manager")) {
+                            <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
+                            <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
+                        }
+                    }
                 </td>
             </tr>
     }

web/Views/Distributor/Index.cshtml

@@ -60,9 +60,15 @@
                     @Html.DisplayFor(modelItem => item.Country)
                 </td>
                 <td>
-                    <a asp-action="Edit" asp-route-id="@item.ID">Edit</a> |
-                    <a asp-action="Details" asp-route-id="@item.ID">Details</a> |
-                    <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
+                    <a asp-action="Details" asp-route-id="@item.ID">Details</a>
+                    @if (User.Identity.IsAuthenticated)
+                    {
+                        if (User.IsInRole("Administrator") || User.IsInRole("Manager"))
+                        {
+                            <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
+                            <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
+                        }
+                    }
                 </td>
             </tr>
     }

web/Views/Evidence/Index.cshtml

@@ -55,9 +55,17 @@
                     @Html.DisplayFor(modelItem => item.Customer.LastName), @Html.DisplayFor(modelItem => item.Customer.FirstName)
                 </td>
                 <td>
-                    <a asp-action="Edit" asp-route-id="@item.ID">Edit</a> |
-                    <a asp-action="Details" asp-route-id="@item.ID">Details</a> |
-                    <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
+                    <a asp-action="Details" asp-route-id="@item.ID">Details</a>
+                    @if (User.Identity.IsAuthenticated)
+                    {
+
+                        if (User.IsInRole("Administrator") || User.IsInRole("Manager"))
+                        {
+                            <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
+                            <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>  
+                        }
+                    }
+
                 </td>
             </tr>
     }

web/Views/Item/Index.cshtml

@@ -10,6 +10,18 @@
 
 <div class="border rounded-3 p-4 shadow">
 
+<form asp-action="Index" method="get">
+    <div class="form-actions no-color">
+        <p>
+            Find by name: <input type="text" name="SearchString" value="@ViewData["CurrentFilter"]" />
+            <input type="submit" value="Search" class="btn border border-primary btn-default" />
+            @* Filter by activity: <input type="checkbox" name="activeBool" value="@ViewData["ActiveFilter"]" />
+            <input type="submit" value="Confirm" class="btn btn-default" /> | *@
+            <a asp-action="Index" class="btn border border-primary btn-default">Clear filter</a>
+            <a asp-action="Create" class="no-decor btn btn-primary float-end">Add New</a>
+        </p>
+    </div>
+</form>
 
     <form asp-action="Index" method="get">
         <div class="form-actions no-color">

web/Views/Warehouse/Index.cshtml

@@ -58,13 +58,12 @@
                     {
                         if (User.IsInRole("Manager"))
                         {
-                            <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
+                           <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
                         }
                         else if (User.IsInRole("Administrator"))
                         {
-                            <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
-                            <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
-                            <a asp-action="Create" asp-route-id="@item.ID">Create</a>
+                           <a asp-action="Edit" asp-route-id="@item.ID">Edit</a>
+                           <a asp-action="Delete" asp-route-id="@item.ID">Delete</a>
                         }
                     }
                 </td>