Merge branch 'dev' of https://github.com/Team-Kaleidoscope/DevHive into dev

author: Danail Dimitrov <danaildimitrov321@gmail.com> 2021-01-28 21:26:22 +0200
committer: Danail Dimitrov <danaildimitrov321@gmail.com> 2021-01-28 21:26:22 +0200
commit: c450d08b0bb15bd050695ee599e286815958def0 (patch)
tree: 11beb839b2bb8716423dc7f1f6a3541430a6f86c /src/DevHive.Web/Controllers
parent: 6b11b2001a227a09387548853071c63b6fe5c991 (diff)
parent: 3c7da624040169b7597ebc2691cf51943106a2a4 (diff)
download: DevHive-c450d08b0bb15bd050695ee599e286815958def0.tar
DevHive-c450d08b0bb15bd050695ee599e286815958def0.tar.gz
DevHive-c450d08b0bb15bd050695ee599e286815958def0.zip
1 files changed, 8 insertions, 3 deletions
diff --git a/src/DevHive.Web/Controllers/PostController.cs b/src/DevHive.Web/Controllers/PostController.cs
index 8bb1d66..0ca041f 100644
--- a/src/DevHive.Web/Controllers/PostController.cs
+++ b/src/DevHive.Web/Controllers/PostController.cs
@@ -27,9 +27,11 @@ namespace DevHive.Web.Controllers
 
 		#region Create
 		[HttpPost]
-		[Authorize(Roles = "Admin")]
-		public async Task<IActionResult> Create(Guid userId, [FromBody] CreatePostWebModel createPostWebModel)
+		public async Task<IActionResult> Create(Guid userId, [FromBody] CreatePostWebModel createPostWebModel, [FromHeader] string authorization)
 		{
+			if (await this._postService.ValidateJwtForCreating(userId, authorization))
+				return new UnauthorizedResult();
+
 			CreatePostServiceModel createPostServiceModel =
 				this._postMapper.Map<CreatePostServiceModel>(createPostWebModel);
 			createPostServiceModel.CreatorId = userId;
@@ -43,8 +45,11 @@ namespace DevHive.Web.Controllers
 
 		[HttpPost]
 		[Route("Comment")]
-		public async Task<IActionResult> AddComment(Guid userId, [FromBody] CreateCommentWebModel createCommentWebModel)
+		public async Task<IActionResult> AddComment(Guid userId, [FromBody] CreateCommentWebModel createCommentWebModel, [FromHeader] string authorization)
 		{
+			if (await this._postService.ValidateJwtForCreating(userId, authorization))
+				return new UnauthorizedResult();
+
 			CreateCommentServiceModel createCommentServiceModel =
 				this._postMapper.Map<CreateCommentServiceModel>(createCommentWebModel);
 			createCommentServiceModel.CreatorId = userId;
author	Danail Dimitrov <danaildimitrov321@gmail.com>	2021-01-28 21:26:22 +0200
committer	Danail Dimitrov <danaildimitrov321@gmail.com>	2021-01-28 21:26:22 +0200
commit	c450d08b0bb15bd050695ee599e286815958def0 (patch)
tree	11beb839b2bb8716423dc7f1f6a3541430a6f86c /src/DevHive.Web/Controllers
parent	6b11b2001a227a09387548853071c63b6fe5c991 (diff)
parent	3c7da624040169b7597ebc2691cf51943106a2a4 (diff)
download	DevHive-c450d08b0bb15bd050695ee599e286815958def0.tar DevHive-c450d08b0bb15bd050695ee599e286815958def0.tar.gz DevHive-c450d08b0bb15bd050695ee599e286815958def0.zip