Add role control

API/ROLAC.API/Controllers/GivingCategoriesController.cs

@@ -1,5 +1,6 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
+using ROLAC.API.Authorization;
 using ROLAC.API.DTOs.Giving;
 using ROLAC.API.Services;
 
@@ -7,17 +8,19 @@ namespace ROLAC.API.Controllers;
 
 [ApiController]
 [Route("api/giving-categories")]
-[Authorize(Roles = "finance,super_admin")]
+[Authorize]
 public class GivingCategoriesController : ControllerBase
 {
     private readonly IGivingCategoryService _svc;
     public GivingCategoriesController(IGivingCategoryService svc) => _svc = svc;
 
     [HttpGet]
+    [HasPermission(Modules.GivingCategories, PermissionActions.Read)]
     public async Task<IActionResult> GetAll([FromQuery] bool includeInactive = false)
         => Ok(await _svc.GetAllAsync(includeInactive));
 
     [HttpPost]
+    [HasPermission(Modules.GivingCategories, PermissionActions.Write)]
     public async Task<IActionResult> Create([FromBody] CreateGivingCategoryRequest request)
     {
         var id = await _svc.CreateAsync(request);
@@ -25,6 +28,7 @@ public class GivingCategoriesController : ControllerBase
     }
 
     [HttpPut("{id:int}")]
+    [HasPermission(Modules.GivingCategories, PermissionActions.Write)]
     public async Task<IActionResult> Update(int id, [FromBody] UpdateGivingCategoryRequest request)
     {
         try   { await _svc.UpdateAsync(id, request); return NoContent(); }
@@ -32,6 +36,7 @@ public class GivingCategoriesController : ControllerBase
     }
 
     [HttpDelete("{id:int}")]
+    [HasPermission(Modules.GivingCategories, PermissionActions.Delete)]
     public async Task<IActionResult> Deactivate(int id)
     {
         try   { await _svc.DeactivateAsync(id); return NoContent(); }