2020-04-10 18:41:09 +00:00
parent b46b9dcf72
commit 34708e7e2e
2 changed files with 8 additions and 8 deletions
--- a/server/AyaNova/Controllers/EventLogController.cs
+++ b/server/AyaNova/Controllers/EventLogController.cs
@@ -61,6 +61,9 @@ namespace AyaNova.Api.Controllers
                return StatusCode(403, new ApiNotAuthorizedResponse());
            }

+            if (!ModelState.IsValid)
+                return BadRequest(new ApiErrorResponse(ModelState));
+
            var result = await EventLogProcessor.GetLogForObjectAsync(opt, ct);
            return Ok(ApiOkResponse.Response(result, true));
        }
@@ -80,16 +83,13 @@ namespace AyaNova.Api.Controllers
            if (serverState.IsClosed)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));

-            if (opt.AyType != AyaType.User)
-            {
-                //return bad request
-                return BadRequest(new ApiErrorResponse(ApiErrorCode.VALIDATION_INVALID_VALUE, "AyType", "User type required"));
-            }
+            if (!ModelState.IsValid)
+                return BadRequest(new ApiErrorResponse(ModelState));

            long UserId = UserIdFromContext.Id(HttpContext.Items);

            //If not authorized to read a user and also not the current user asking for their own log then NO LOG FOR YOU!
-            if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.User) && opt.AyId != UserId)
+            if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.User) && opt.UserId != UserId)
            {
                return StatusCode(403, new ApiNotAuthorizedResponse());
            }
@@ -121,7 +121,7 @@ namespace AyaNova.Api.Controllers
        {

            [FromQuery]
-            public long AyId { get; set; }
+            public long UserId { get; set; }
            [FromQuery]
            public int? Offset { get; set; }
            [FromQuery]
--- a/server/AyaNova/biz/EventLogProcessor.cs
+++ b/server/AyaNova/biz/EventLogProcessor.cs
@@ -83,7 +83,7 @@ namespace AyaNova.Biz
            //Set up the query
            var q = ct.Event.Select(m => m);

-            q = q.Where(m => m.UserId == opt.AyId);
+            q = q.Where(m => m.UserId == opt.UserId);
            var limit = opt.Limit ?? 100;
            var offset = opt.Offset ?? 0;
            q = q.OrderBy(m => m.Created);