admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-06-10 23:51:25 +00:00
parent 571f11236e
commit 746f60af15
14 changed files with 29 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/AyaNova/Controllers/LicenseController.cs
View File

@@ -192,9 +192,9 @@ namespace AyaNova.Api.Controllers
/// Posting to this route causes AyaNova completely erase all data in it's database and erase all attachment files
/// returning the database to an empty state
///
/// The only items retained are the Manager account and the license key
/// The only items retained are the SuperUser account and the license key
///
/// (Only *the* Manager account can use this route)
/// (Only *the* SuperUser account can use this route)
/// </summary>
/// <param name="acceptCode">Must be "I understand"</param>
/// <returns>HTTP 204 No Content result code on success or fail code with explanation</returns>
@@ -209,7 +209,7 @@ namespace AyaNova.Api.Controllers
long UserId = UserIdFromContext.Id(HttpContext.Items);
//Manager only and must have accept code
//SuperUser only and must have accept code
if (UserId != 1 || string.IsNullOrWhiteSpace(acceptCode) || acceptCode.ToLowerInvariant() != "i understand")
return StatusCode(403, new ApiNotAuthorizedResponse());