Users with only the role User can now create comments and posts (while admins can't create them from other people's accounts)

author: Syndamia <kamen.d.mladenov@protonmail.com> 2021-01-28 21:18:39 +0200
committer: Syndamia <kamen.d.mladenov@protonmail.com> 2021-01-28 21:18:39 +0200
commit: 3c7da624040169b7597ebc2691cf51943106a2a4 (patch)
tree: 4f70986a6e798dada8180c06f037ff0efccc9c40 /src/DevHive.Services/Services
parent: fbf051f14bc6872913b293dad231701924291344 (diff)
download: DevHive-3c7da624040169b7597ebc2691cf51943106a2a4.tar
DevHive-3c7da624040169b7597ebc2691cf51943106a2a4.tar.gz
DevHive-3c7da624040169b7597ebc2691cf51943106a2a4.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/src/DevHive.Services/Services/PostService.cs b/src/DevHive.Services/Services/PostService.cs
index c3dc82f..d80d815 100644
--- a/src/DevHive.Services/Services/PostService.cs
+++ b/src/DevHive.Services/Services/PostService.cs
@@ -169,6 +169,13 @@ namespace DevHive.Services.Services
 		#endregion
 
 		#region Validations
+		public async Task<bool> ValidateJwtForCreating(Guid userId, string rawTokenData)
+		{
+			User user = await this.GetUserForValidation(rawTokenData);
+
+			return user.Id == userId;
+		}
+
 		public async Task<bool> ValidateJwtForPost(Guid postId, string rawTokenData)
 		{
 			Post post = await this._postRepository.GetByIdAsync(postId) ??
author	Syndamia <kamen.d.mladenov@protonmail.com>	2021-01-28 21:18:39 +0200
committer	Syndamia <kamen.d.mladenov@protonmail.com>	2021-01-28 21:18:39 +0200
commit	3c7da624040169b7597ebc2691cf51943106a2a4 (patch)
tree	4f70986a6e798dada8180c06f037ff0efccc9c40 /src/DevHive.Services/Services
parent	fbf051f14bc6872913b293dad231701924291344 (diff)
download	DevHive-3c7da624040169b7597ebc2691cf51943106a2a4.tar DevHive-3c7da624040169b7597ebc2691cf51943106a2a4.tar.gz DevHive-3c7da624040169b7597ebc2691cf51943106a2a4.zip