aboutsummaryrefslogtreecommitdiff
path: root/src/Web/DevHive.Web/Controllers
diff options
context:
space:
mode:
Diffstat (limited to 'src/Web/DevHive.Web/Controllers')
-rw-r--r--src/Web/DevHive.Web/Controllers/RatingController.cs6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/Web/DevHive.Web/Controllers/RatingController.cs b/src/Web/DevHive.Web/Controllers/RatingController.cs
index 216dc27..33e6992 100644
--- a/src/Web/DevHive.Web/Controllers/RatingController.cs
+++ b/src/Web/DevHive.Web/Controllers/RatingController.cs
@@ -28,6 +28,9 @@ namespace DevHive.Web.Controllers
[HttpPost]
public async Task<IActionResult> RatePost(Guid userId, [FromBody] CreateRatingWebModel createRatingWebModel, [FromHeader] string authorization)
{
+ if (!await this._rateService.ValidateJwtForCreating(userId, authorization))
+ return new UnauthorizedResult();
+
CreateRatingServiceModel ratePostServiceModel = this._mapper.Map<CreateRatingServiceModel>(createRatingWebModel);
ratePostServiceModel.UserId = userId;
@@ -51,6 +54,9 @@ namespace DevHive.Web.Controllers
[HttpPut]
public async Task<IActionResult> UpdateRating(Guid userId, [FromBody] UpdateRatingWebModel updateRatingWebModel, [FromHeader] string authorization)
{
+ if (!await this._rateService.ValidateJwtForRating(updateRatingWebModel.Id, authorization))
+ return new UnauthorizedResult();
+
UpdateRatingServiceModel updateRatingServiceModel =
this._mapper.Map<UpdateRatingServiceModel>(updateRatingWebModel);
updateRatingServiceModel.UserId = userId;
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-16 17:57:46 +0000