Put most things behind administrator authorization. Update access denied page.

Areas/Identity/Pages/Account/AccessDenied.cshtml

@@ -1,10 +1,23 @@
 @page
 @model AccessDeniedModel
+@{ Layout = "/Views/Shared/_LayoutBasic.cshtml"; }
 @{
     ViewData["Title"] = "Access denied";
 }
 
-<header>
+<div class="page page-center">
-    <h1 class="text-danger">@ViewData["Title"]</h1>
+    <div class="container py-4">
-    <p class="text-danger">You do not have access to this resource.</p>
+        <div class="empty">
-</header>
+            <div class="empty-header">Access Denied</div>
+            <p class="empty-title">You're not allowed to enter this area</p>
+            <p class="empty-subtitle text-muted">Your account does not have permission to access this area. Contact an administrator.</p>
+            <div class="empty-action">
+                <a asp-action="Index" asp-controller="Home" class="btn btn-primary" onclick="history.go(-1)">Take me back</a>
+            </div>
+        </div>
+    </div>
+</div>
+
+<audio autoplay>
+    <source src="~/static/access-denied.mp3" type="audio/mp3" />
+</audio>

Controllers/ArchivesController.cs

@@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Mvc;
 
 namespace LANCommander.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Administrator")]
     public class ArchivesController : Controller
     {
         private readonly DatabaseContext Context;

Controllers/CompaniesController.cs

@@ -11,7 +11,7 @@ using Microsoft.AspNetCore.Authorization;
 
 namespace LANCommander.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Administrator")]
     public class CompaniesController : Controller
     {
         private readonly DatabaseContext _context;

Controllers/GamesController.cs

@@ -11,7 +11,7 @@ using Microsoft.AspNetCore.Authorization;
 
 namespace LANCommander.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Administrator")]
     public class GamesController : Controller
     {
         private readonly DatabaseContext Context;

Controllers/HomeController.cs

@@ -2,11 +2,13 @@
 using LANCommander.Data;
 using LANCommander.Data.Models;
 using LANCommander.Models;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System.Diagnostics;
 
 namespace LANCommander.Controllers
 {
+    [Authorize]
     public class HomeController : Controller
     {
         private readonly ILogger<HomeController> _logger;

Controllers/TagsController.cs

@@ -11,7 +11,7 @@ using Microsoft.AspNetCore.Authorization;
 
 namespace LANCommander.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Administrator")]
     public class TagsController : Controller
     {
         private readonly DatabaseContext _context;

Controllers/UploadController.cs

@@ -5,7 +5,7 @@ using Microsoft.AspNetCore.Mvc;
 
 namespace LANCommander.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = "Administrator")]
     public class UploadController : Controller
     {
         private const string UploadDirectory = "Upload";