hargata/lubelog
1
0
Fork 0
mirror of https://github.com/hargata/lubelog.git synced 2025-12-10 17:20:15 -06:00
Code Issues Packages Projects Releases 51 Wiki Activity

only init endpoint list if vehicleId is 0.

Browse Source
This commit is contained in:
DESKTOP-GENO133\IvanPlex 2024-02-08 17:54:42 -07:00
parent baf9e8e833
commit 78408427b8
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Filter/CollaboratorFilter.cs
View File

@ -17,7 +17,6 @@ namespace CarCareTracker.Filter
} }
public override void OnActionExecuting(ActionExecutingContext filterContext) public override void OnActionExecuting(ActionExecutingContext filterContext)
{ {
var shopSupplyEndpoints = new List<string> { "ImportToVehicleIdFromCsv", "GetSupplyRecordsByVehicleId", "ExportFromVehicleToCsv" };
if (!filterContext.HttpContext.User.IsInRole(nameof(UserData.IsRootUser))) if (!filterContext.HttpContext.User.IsInRole(nameof(UserData.IsRootUser)))
{ {
var vehicleId = int.Parse(filterContext.ActionArguments["vehicleId"].ToString()); var vehicleId = int.Parse(filterContext.ActionArguments["vehicleId"].ToString());
@ -28,11 +27,15 @@ namespace CarCareTracker.Filter
{ {
filterContext.Result = new RedirectResult("/Error/Unauthorized"); filterContext.Result = new RedirectResult("/Error/Unauthorized");
} }
} else if (shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()) && !_config.GetServerEnableShopSupplies()) } else
{
var shopSupplyEndpoints = new List<string> { "ImportToVehicleIdFromCsv", "GetSupplyRecordsByVehicleId", "ExportFromVehicleToCsv" };
if (shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()) && !_config.GetServerEnableShopSupplies())
{ {
//user trying to access shop supplies but shop supplies is not enabled by root user. //user trying to access shop supplies but shop supplies is not enabled by root user.
filterContext.Result = new RedirectResult("/Error/Unauthorized"); filterContext.Result = new RedirectResult("/Error/Unauthorized");
} else if (!shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString())) }
else if (!shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()))
{ {
//user trying to access any other endpoints using 0 as vehicle id. //user trying to access any other endpoints using 0 as vehicle id.
filterContext.Result = new RedirectResult("/Error/Unauthorized"); filterContext.Result = new RedirectResult("/Error/Unauthorized");
@ -41,3 +44,4 @@ namespace CarCareTracker.Filter
} }
} }
} }
}