Nell/eShopOnWeb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix fraud posibility the client sent the unit price (#702)

Browse Source 
* fix fraud posibility the client sent the unit price, fix unit test to use the fomat as server base

* fix bad coding convention

* update dotnet tool ef and nuget package

* Align MD with real database by default
This commit is contained in:
Cédric Michel
2022-04-13 20:15:48 +02:00
committed by GitHub
parent 44534f5a8b
commit 31be1d4d74
14 changed files with 55 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/ApplicationCore/ApplicationCore.csproj
View File

@@ -10,7 +10,7 @@
<PackageReference Include="Ardalis.Specification" Version="6.0.1" />
<PackageReference Include="MediatR" Version="10.0.1" />
<PackageReference Include="System.Security.Claims" Version="4.3.0" />
<PackageReference Include="System.Text.Json" Version="6.0.2" />
<PackageReference Include="System.Text.Json" Version="6.0.3" />
</ItemGroup>
<ItemGroup>

10
src/BlazorAdmin/BlazorAdmin.csproj
View File

@@ -7,11 +7,11 @@
<ItemGroup>
<PackageReference Include="Blazored.LocalStorage" Version="4.2.0" />
<PackageReference Include="BlazorInputFile" Version="0.2.0" />
<PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="6.0.3" PrivateAssets="all" />
<PackageReference Include="Microsoft.Extensions.Identity.Core" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="6.0.4" PrivateAssets="all" />
<PackageReference Include="Microsoft.Extensions.Identity.Core" Version="6.0.4" />
<PackageReference Include="Microsoft.Extensions.Logging.Configuration" Version="6.0.0" />
<PackageReference Include="System.Net.Http.Json" Version="6.0.0" />
</ItemGroup>

6
src/Infrastructure/Infrastructure.csproj
View File

@@ -7,9 +7,9 @@
<ItemGroup>
<PackageReference Include="Ardalis.Specification.EntityFrameworkCore" Version="6.0.1" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.4" />
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.17.0" />
</ItemGroup>
<ItemGroup>

16
src/PublicApi/PublicApi.csproj
View File

@@ -17,18 +17,18 @@
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.3.0" />
<PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="6.3.0" />
<PackageReference Include="Swashbuckle.AspNetCore.Annotations" Version="6.3.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="6.0.3">
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="6.0.4">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.15.0" />
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="6.0.2" />
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="6.0.3" />
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.17.0" />
</ItemGroup>

2
src/Web/.config/dotnet-tools.json
View File

@@ -3,7 +3,7 @@
"isRoot": true,
"tools": {
"dotnet-ef": {
"version": "5.0.0",
"version": "6.0.4",
"commands": [
"dotnet-ef"
]

6
src/Web/Pages/Basket/BasketViewModel.cs
View File

@@ -1,8 +1,4 @@
using System;
using System.Collections.Generic;
using System.Linq;
namespace Microsoft.eShopWeb.Web.Pages.Basket;
namespace Microsoft.eShopWeb.Web.Pages.Basket;
public class BasketViewModel
{

21
src/Web/Pages/Basket/Index.cshtml.cs
View File

@@ -1,10 +1,6 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.eShopWeb.ApplicationCore.Entities;
using Microsoft.eShopWeb.ApplicationCore.Interfaces;
using Microsoft.eShopWeb.Web.Interfaces;
using Microsoft.eShopWeb.Web.ViewModels;
@@ -15,12 +11,15 @@ public class IndexModel : PageModel
{
private readonly IBasketService _basketService;
private readonly IBasketViewModelService _basketViewModelService;
private readonly IRepository<CatalogItem> _itemRepository;
public IndexModel(IBasketService basketService,
IBasketViewModelService basketViewModelService)
IBasketViewModelService basketViewModelService,
IRepository<CatalogItem> itemRepository)
{
_basketService = basketService;
_basketViewModelService = basketViewModelService;
_itemRepository = itemRepository;
}
public BasketViewModel BasketModel { get; set; } = new BasketViewModel();
@@ -37,9 +36,15 @@ public class IndexModel : PageModel
return RedirectToPage("/Index");
}
var item = await _itemRepository.GetByIdAsync(productDetails.Id);
if (item == null)
{
return RedirectToPage("/Index");
}
var username = GetOrSetBasketCookieAndUserName();
var basket = await _basketService.AddItemToBasket(username,
productDetails.Id, productDetails.Price);
productDetails.Id, item.Price);
BasketModel = await _basketViewModelService.Map(basket);

3
src/Web/Pages/Index.cshtml.cs
View File

@@ -1,5 +1,4 @@
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.eShopWeb.Web.Services;
using Microsoft.eShopWeb.Web.ViewModels;

18
src/Web/Web.csproj
View File

@@ -20,16 +20,16 @@
<PackageReference Include="MediatR" Version="10.0.1" />
<PackageReference Include="MediatR.Extensions.Microsoft.DependencyInjection" Version="10.0.1" />
<PackageReference Include="BuildBundlerMinifier" Version="3.2.449" Condition="'$(Configuration)'=='Release'" PrivateAssets="All" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="6.0.3" />
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="6.0.2" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="6.0.4" />
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="6.0.3" />
<PackageReference Include="Microsoft.Web.LibraryManager.Build" Version="2.1.161" />
<PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.3" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.3" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="6.0.3">
<PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="6.0.4">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>