admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-08-26 22:42:38 +00:00
parent 915076aea7
commit 4ea07ada85
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
server/AyaNova/biz/ReportBiz.cs
View File

@@ -259,8 +259,15 @@ namespace AyaNova.Biz
effectiveRoles = effectiveUser.Roles; effectiveRoles = effectiveUser.Roles;
} }
if (!AyaNova.Api.ControllerHelpers.Authorized.HasReadFullRole(effectiveRoles, report.ObjectType))
{
AddError(ApiErrorCode.NOT_AUTHORIZED, null, $"User not authorized for {report.ObjectType} type object");
return null;
}
//Get data
//initialization //initialization