diff options
| author | Danail Dimitrov <danaildimitrov321@gmail.com> | 2021-02-27 21:53:14 +0200 |
|---|---|---|
| committer | Danail Dimitrov <danaildimitrov321@gmail.com> | 2021-02-27 21:53:14 +0200 |
| commit | 6089bc2e3b14155c334c9fed057383b9ca6e4df6 (patch) | |
| tree | e219e1d4fa870a81a88f1ee8c63902f0f45133f2 /src/Web/DevHive.Web | |
| parent | 379eda6a42fdba0a6ed7e7ae53e0fbf2acd774b6 (diff) | |
| download | DevHive-6089bc2e3b14155c334c9fed057383b9ca6e4df6.tar DevHive-6089bc2e3b14155c334c9fed057383b9ca6e4df6.tar.gz DevHive-6089bc2e3b14155c334c9fed057383b9ca6e4df6.zip | |
Adding user validation for rating layer
Diffstat (limited to 'src/Web/DevHive.Web')
| -rw-r--r-- | src/Web/DevHive.Web/Controllers/RatingController.cs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/Web/DevHive.Web/Controllers/RatingController.cs b/src/Web/DevHive.Web/Controllers/RatingController.cs index 216dc27..33e6992 100644 --- a/src/Web/DevHive.Web/Controllers/RatingController.cs +++ b/src/Web/DevHive.Web/Controllers/RatingController.cs @@ -28,6 +28,9 @@ namespace DevHive.Web.Controllers [HttpPost] public async Task<IActionResult> RatePost(Guid userId, [FromBody] CreateRatingWebModel createRatingWebModel, [FromHeader] string authorization) { + if (!await this._rateService.ValidateJwtForCreating(userId, authorization)) + return new UnauthorizedResult(); + CreateRatingServiceModel ratePostServiceModel = this._mapper.Map<CreateRatingServiceModel>(createRatingWebModel); ratePostServiceModel.UserId = userId; @@ -51,6 +54,9 @@ namespace DevHive.Web.Controllers [HttpPut] public async Task<IActionResult> UpdateRating(Guid userId, [FromBody] UpdateRatingWebModel updateRatingWebModel, [FromHeader] string authorization) { + if (!await this._rateService.ValidateJwtForRating(updateRatingWebModel.Id, authorization)) + return new UnauthorizedResult(); + UpdateRatingServiceModel updateRatingServiceModel = this._mapper.Map<UpdateRatingServiceModel>(updateRatingWebModel); updateRatingServiceModel.UserId = userId; |