adding roles

.idea/.idea.ApiEfCoreLibrary/.idea/dataSources.xml

@@ -6,6 +6,11 @@
       <synchronize>true</synchronize>
       <jdbc-driver>com.jetbrains.jdbc.sqlserver.SqlServerDriver</jdbc-driver>
       <jdbc-url>Server=romaric-thibault.fr,1433</jdbc-url>
+      <jdbc-additional-properties>
+        <property name="com.intellij.clouds.kubernetes.db.host.port" />
+        <property name="com.intellij.clouds.kubernetes.db.enabled" value="false" />
+        <property name="com.intellij.clouds.kubernetes.db.container.port" />
+      </jdbc-additional-properties>
       <working-dir>$ProjectFileDir$</working-dir>
     </data-source>
   </component>

ApiEfCoreLibrary/Endpoints/Author/CreateAuthorEndpoint.cs

@@ -9,6 +9,7 @@ public class CreateAuthorEndpoint(LibraryDbContext database) : Endpoint<CreateAu
     public override void Configure()
     {
         Post("/api/authors");
+        Roles("admin");
     }
 
     public override async Task HandleAsync(CreateAuthorDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Author/DeleteAuthorEndpoint.cs

@@ -15,6 +15,7 @@ public class DeleteAuthorEndpoint(LibraryDbContext database) : Endpoint<DeleteAu
     public override void Configure()
     {
         Delete("/api/authors/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(DeleteAuthorRequest req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Author/GetAllAuthorsEndpoint.cs

@@ -10,6 +10,7 @@ public class GetAllAuthorsEndpoint(LibraryDbContext database) : EndpointWithoutR
     public override void Configure()
     {
         Get("/api/authors");
+        Roles("viewer", "admin", "librarian");
     }
 
     public override async Task HandleAsync(CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Author/GetAuthorEndpoint.cs

@@ -16,6 +16,7 @@ public class GetAuthorEndpoint(LibraryDbContext database) : Endpoint<GetAuthorRe
     public override void Configure()
     {
         Get("/api/authors/{@Id}", x => new {x.Id});
+        Roles("viewer", "admin", "librarian");
     }
 
     public override async Task HandleAsync(GetAuthorRequest req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Author/UpdateAuthorEndpoint.cs

@@ -11,6 +11,7 @@ public class UpdateAuthorEndpoint(LibraryDbContext database) : Endpoint<UpdateAu
     public override void Configure()
     {
         Put("/api/authors/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(UpdateAuthorDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Book/CreateBookEndpoint.cs

@@ -9,7 +9,8 @@ public class CreateBookEndpoint(LibraryDbContext database) : Endpoint<CreateBook
 {
     public override void Configure()
     {
-        Post("/api/books");        AllowAnonymous();
+        Post("/api/books");       
+        Roles("admin");
     }
 
     public override async Task HandleAsync(CreateBookDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Book/DeleteBookEndpoint.cs

@@ -16,6 +16,7 @@ public class DeleteBookEndpoint(LibraryDbContext database) : Endpoint<DeleteBook
     public override void Configure()
     {
         Delete("/api/books/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(DeleteBookRequest req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Book/GetAllBooksEndpoint.cs

@@ -9,7 +9,7 @@ public class GetAllBooksEndpoint(LibraryDbContext database) : EndpointWithoutReq
     public override void Configure()
     {
         Get("/api/books");
-    }
+        Roles("viewer", "admin", "librarian");    }
 
     public override async Task HandleAsync(CancellationToken ct)
     {

ApiEfCoreLibrary/Endpoints/Book/GetBookEndpoint.cs

@@ -14,7 +14,7 @@ public class GetBookEndpoint(LibraryDbContext database) : Endpoint<GetBookReques
     public override void Configure()
     {
         Get("/api/books/{@Id}", x => new {x.Id});
-    }
+        Roles("viewer", "admin", "librarian");    }
 
     public override async Task HandleAsync(GetBookRequest req, CancellationToken ct)
     {

ApiEfCoreLibrary/Endpoints/Book/UpdateBookEndpoint.cs

@@ -10,6 +10,7 @@ public class UpdateBookEndpoint(LibraryDbContext database) : Endpoint<UpdateBook
     public override void Configure()
     {
         Put("/api/books/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(UpdateBookDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Loan/CreateLoanEndpoint.cs

@@ -10,6 +10,7 @@ public class CreateLoanEndpoint(LibraryDbContext database) : Endpoint<CreateLoan
     public override void Configure()
     {
         Post("/api/loans");
+        Roles("admin", "librarian");
     }
 
     public override async Task HandleAsync(CreateLoanDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Loan/DeleteLoanEndpoint.cs

@@ -16,6 +16,7 @@ public class DeleteLoanEndpoint(LibraryDbContext database) : Endpoint<DeleteLoan
     public override void Configure()
     {
         Delete("/api/loans/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(DeleteLoanRequest req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Loan/GetAllLoansEndpoint.cs

@@ -9,7 +9,7 @@ public class GetAllLoanEndpoint(LibraryDbContext database) : EndpointWithoutRequ
     public override void Configure()
     {
         Get("/api/loans");
-    }
+        Roles("viewer", "admin", "librarian");    }
 
     public override async Task HandleAsync(CancellationToken ct)
     {

ApiEfCoreLibrary/Endpoints/Loan/GetLoanEndpoint.cs

@@ -14,7 +14,7 @@ public class GetLoanEndpoint(LibraryDbContext database) : Endpoint<GetLoanReques
     public override void Configure()
     {
         Get("/api/loans/{@Id}", x => new {x.Id});
-    }
+        Roles("viewer", "admin", "librarian");    }
 
     public override async Task HandleAsync(GetLoanRequest req, CancellationToken ct)
     {

ApiEfCoreLibrary/Endpoints/Loan/PatchLoanEndpoint.cs

@@ -10,6 +10,7 @@ public class PatchLoanEndpoint(LibraryDbContext database) : Endpoint<PatchLoanDt
     public override void Configure()
     {
         Patch("/api/loans/{@Id}/EffectiveReturningDate", x => new {x.Id});
+        Roles("admin", "librarian");
     }
 
     public override async Task HandleAsync(PatchLoanDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Loan/UpdateLoanEndpoint.cs

@@ -10,6 +10,7 @@ public class UpdateLoanEndpoint(LibraryDbContext database) : Endpoint<UpdateLoan
     public override void Configure()
     {
         Put("/api/loans/{@Id}", x => new {x.Id});
+        Roles("admin", "librarian");
     }
 
     public override async Task HandleAsync(UpdateLoanDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/Login/UserLoginEndpoint.cs

@@ -31,7 +31,7 @@ public class UserLoginEndpoint(LibraryDbContext database) : Endpoint<ConnectLogi
                 {
                     o.SigningKey = "ThisIsASuperSecretJwtKeyThatIsAtLeast32CharsLong";
                     o.ExpireAt = DateTime.UtcNow.AddMinutes(15);
-                    // o.User.Roles.Add("User", "Admin");
+                    if (login.Role != null) o.User.Roles.Add(login.Role);
                     o.User.Claims.Add(("Username", login.Username)!);
                     o.User.Claims.Add(("FullName", login.FullName)!);
                     o.User["UserId"] = "001";

ApiEfCoreLibrary/Endpoints/User/CreateUserEndpoint.cs

@@ -9,6 +9,7 @@ public class CreateUserEndpoint(LibraryDbContext database) : Endpoint<CreateUser
     public override void Configure()
     {
         Post("/api/users");
+        Roles("admin");
     }
 
     public override async Task HandleAsync(CreateUserDto req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/User/DeleteUserEndpoint.cs

@@ -15,6 +15,7 @@ public class DeleteUserEndpoint(LibraryDbContext database) : Endpoint<DeleteUser
     public override void Configure()
     {
         Delete("/api/users/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(DeleteUserRequest req, CancellationToken ct)

ApiEfCoreLibrary/Endpoints/User/GetAllUsersEndpoint.cs

@@ -10,7 +10,7 @@ public class GetAllUsersEndpoint(LibraryDbContext database) : EndpointWithoutReq
     public override void Configure()
     {
         Get("/api/users");
-    }
+        Roles("viewer", "admin", "librarian");    }
 
     public override async Task HandleAsync(CancellationToken ct)
     {

ApiEfCoreLibrary/Endpoints/User/GetUserEndpoint.cs

@@ -16,7 +16,7 @@ public class GetUserEndpoint(LibraryDbContext database) : Endpoint<GetUserReques
     public override void Configure()
     {
         Get("/api/users/{@Id}", x => new {x.Id});
-    }
+        Roles("viewer", "admin", "librarian");    }
 
     public override async Task HandleAsync(GetUserRequest req, CancellationToken ct)
     {

ApiEfCoreLibrary/Endpoints/User/UpdateUserEndpoint.cs

@@ -10,6 +10,7 @@ public class UpdateUserEndpoint(LibraryDbContext database) : Endpoint<UpdateUser
     public override void Configure()
     {
         Put("/api/users/{@Id}", x => new {x.Id});
+        Roles("admin");
     }
 
     public override async Task HandleAsync(UpdateUserDto req, CancellationToken ct)