hargata/lubelog
1
0
Fork 0
mirror of https://github.com/hargata/lubelog.git synced 2025-12-10 00:46:08 -06:00
Code Issues Packages Projects Releases 51 Wiki Activity

only init endpoint list if vehicleId is 0.

Browse Source
This commit is contained in:
DESKTOP-GENO133\IvanPlex 2024-02-08 17:54:42 -07:00
parent baf9e8e833
commit 78408427b8
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Filter/CollaboratorFilter.cs
View File

@ -17,7 +17,6 @@ namespace CarCareTracker.Filter
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var shopSupplyEndpoints = new List<string> { "ImportToVehicleIdFromCsv", "GetSupplyRecordsByVehicleId", "ExportFromVehicleToCsv" };
if (!filterContext.HttpContext.User.IsInRole(nameof(UserData.IsRootUser)))
{
var vehicleId = int.Parse(filterContext.ActionArguments["vehicleId"].ToString());
@ -28,11 +27,15 @@ namespace CarCareTracker.Filter
{
filterContext.Result = new RedirectResult("/Error/Unauthorized");
}
} else if (shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()) && !_config.GetServerEnableShopSupplies())
} else
{
var shopSupplyEndpoints = new List<string> { "ImportToVehicleIdFromCsv", "GetSupplyRecordsByVehicleId", "ExportFromVehicleToCsv" };
if (shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()) && !_config.GetServerEnableShopSupplies())
{
//user trying to access shop supplies but shop supplies is not enabled by root user.
filterContext.Result = new RedirectResult("/Error/Unauthorized");
} else if (!shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()))
}
else if (!shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()))
{
//user trying to access any other endpoints using 0 as vehicle id.
filterContext.Result = new RedirectResult("/Error/Unauthorized");
@ -40,4 +43,5 @@ namespace CarCareTracker.Filter
}
}
}
}
}