From 3c7da624040169b7597ebc2691cf51943106a2a4 Mon Sep 17 00:00:00 2001
From: Syndamia <kamen.d.mladenov@protonmail.com>
Date: Thu, 28 Jan 2021 21:18:39 +0200
Subject: Users with only the role User can now create comments and posts
 (while admins can't create them from other people's accounts)

---
 src/DevHive.Services/Services/PostService.cs | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/DevHive.Services/Services')

diff --git a/src/DevHive.Services/Services/PostService.cs b/src/DevHive.Services/Services/PostService.cs
index c3dc82f..d80d815 100644
--- a/src/DevHive.Services/Services/PostService.cs
+++ b/src/DevHive.Services/Services/PostService.cs
@@ -169,6 +169,13 @@ namespace DevHive.Services.Services
 		#endregion
 
 		#region Validations
+		public async Task<bool> ValidateJwtForCreating(Guid userId, string rawTokenData)
+		{
+			User user = await this.GetUserForValidation(rawTokenData);
+
+			return user.Id == userId;
+		}
+
 		public async Task<bool> ValidateJwtForPost(Guid postId, string rawTokenData)
 		{
 			Post post = await this._postRepository.GetByIdAsync(postId) ??
-- 
cgit v1.2.3