diff options
| author | transtrike <transtrike@gmail.com> | 2021-01-31 13:38:15 +0200 |
|---|---|---|
| committer | transtrike <transtrike@gmail.com> | 2021-01-31 13:38:15 +0200 |
| commit | 5a8c7d92216bb7fafc649056a00c11682b82a279 (patch) | |
| tree | c6b308f1b971b46f4ca750108a1371bb7cd13b5c /src/DevHive.Web/Controllers | |
| parent | 505bc41720cbcd02d65e17a6440931c87abcdeda (diff) | |
| download | DevHive-5a8c7d92216bb7fafc649056a00c11682b82a279.tar DevHive-5a8c7d92216bb7fafc649056a00c11682b82a279.tar.gz DevHive-5a8c7d92216bb7fafc649056a00c11682b82a279.zip | |
Fixed NullReference in cloud, CommentEditingWebModel, PromotionToAdmin, Posts violate key in db
Diffstat (limited to 'src/DevHive.Web/Controllers')
| -rw-r--r-- | src/DevHive.Web/Controllers/CommentController.cs | 9 | ||||
| -rw-r--r-- | src/DevHive.Web/Controllers/PostController.cs | 4 | ||||
| -rw-r--r-- | src/DevHive.Web/Controllers/UserController.cs | 13 |
3 files changed, 12 insertions, 14 deletions
diff --git a/src/DevHive.Web/Controllers/CommentController.cs b/src/DevHive.Web/Controllers/CommentController.cs index ebcb87a..150d622 100644 --- a/src/DevHive.Web/Controllers/CommentController.cs +++ b/src/DevHive.Web/Controllers/CommentController.cs @@ -9,10 +9,11 @@ using DevHive.Services.Interfaces; namespace DevHive.Web.Controllers { - [ApiController] + [ApiController] [Route("/api/[controller]")] [Authorize(Roles = "User,Admin")] - public class CommentController { + public class CommentController + { private readonly ICommentService _commentService; private readonly IMapper _commentMapper; @@ -50,9 +51,9 @@ namespace DevHive.Web.Controllers } [HttpPut] - public async Task<IActionResult> UpdateComment(Guid userId, [FromBody] UpdateCommentWebModel updateCommentWebModel, [FromHeader] string authorization) + public async Task<IActionResult> UpdateComment(Guid userId, Guid commentId, [FromBody] UpdateCommentWebModel updateCommentWebModel, [FromHeader] string authorization) { - if (!await this._commentService.ValidateJwtForComment(updateCommentWebModel.CommentId, authorization)) + if (!await this._commentService.ValidateJwtForComment(commentId, authorization)) return new UnauthorizedResult(); UpdateCommentServiceModel updateCommentServiceModel = diff --git a/src/DevHive.Web/Controllers/PostController.cs b/src/DevHive.Web/Controllers/PostController.cs index 53adfce..ea9a1cd 100644 --- a/src/DevHive.Web/Controllers/PostController.cs +++ b/src/DevHive.Web/Controllers/PostController.cs @@ -9,7 +9,7 @@ using DevHive.Services.Interfaces; namespace DevHive.Web.Controllers { - [ApiController] + [ApiController] [Route("/api/[controller]")] [Authorize(Roles = "User,Admin")] public class PostController @@ -25,7 +25,7 @@ namespace DevHive.Web.Controllers #region Create [HttpPost] - public async Task<IActionResult> Create(Guid userId, [FromBody] CreatePostWebModel createPostWebModel, [FromHeader] string authorization) + public async Task<IActionResult> Create(Guid userId, [FromForm] CreatePostWebModel createPostWebModel, [FromHeader] string authorization) { if (!await this._postService.ValidateJwtForCreating(userId, authorization)) return new UnauthorizedResult(); diff --git a/src/DevHive.Web/Controllers/UserController.cs b/src/DevHive.Web/Controllers/UserController.cs index 2fe9c2f..fdf317c 100644 --- a/src/DevHive.Web/Controllers/UserController.cs +++ b/src/DevHive.Web/Controllers/UserController.cs @@ -13,7 +13,6 @@ namespace DevHive.Web.Controllers { [ApiController] [Route("/api/[controller]")] - [Authorize(Roles = "User,Admin")] public class UserController : ControllerBase { private readonly IUserService _userService; @@ -55,6 +54,7 @@ namespace DevHive.Web.Controllers #region Read [HttpGet] + [Authorize(Roles = "User,Admin")] public async Task<IActionResult> GetById(Guid id, [FromHeader] string authorization) { if (!await this._userService.ValidJWT(id, authorization)) @@ -80,6 +80,7 @@ namespace DevHive.Web.Controllers #region Update [HttpPut] + [Authorize(Roles = "User,Admin")] public async Task<IActionResult> Update(Guid id, [FromBody] UpdateUserWebModel updateUserWebModel, [FromHeader] string authorization) { if (!await this._userService.ValidJWT(id, authorization)) @@ -97,6 +98,7 @@ namespace DevHive.Web.Controllers #region Delete [HttpDelete] + [Authorize(Roles = "User,Admin")] public async Task<IActionResult> Delete(Guid id, [FromHeader] string authorization) { if (!await this._userService.ValidJWT(id, authorization)) @@ -111,16 +113,11 @@ namespace DevHive.Web.Controllers #endregion [HttpPost] + [Authorize(Roles = "User,Admin")] [Route("SuperSecretPromotionToAdmin")] public async Task<IActionResult> SuperSecretPromotionToAdmin(Guid userId) { - object obj = new - { - UserId = userId, - AdminRoleId = await this._userService.SuperSecretPromotionToAdmin(userId) - }; - - return new OkObjectResult(obj); + return new OkObjectResult(await this._userService.SuperSecretPromotionToAdmin(userId)); } } } |