admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2019-05-16 22:28:28 +00:00
parent acc40671a0
commit 8fe776a3ac
21 changed files with 137 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/AyaNova/Controllers/FormCustomController.cs
View File

@@ -66,7 +66,7 @@ namespace AyaNova.Api.Controllers
FormCustomBiz biz = FormCustomBiz.GetBiz(ct, HttpContext);
//Just have to be authenticated for this one
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
@@ -87,7 +87,7 @@ namespace AyaNova.Api.Controllers
}
}
return Ok(ApiOkResponse.Response(o, !Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType)));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
@@ -109,7 +109,7 @@ namespace AyaNova.Api.Controllers
if (serverState.IsClosed)
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.FormCustom))
if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.FormCustom))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
@@ -140,7 +140,7 @@ namespace AyaNova.Api.Controllers
if (serverState.IsClosed)
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.FormCustom))
if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.FormCustom))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
@@ -164,7 +164,7 @@ namespace AyaNova.Api.Controllers
if (serverState.IsClosed)
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.FormCustom))
if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.FormCustom))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
@@ -236,7 +236,7 @@ namespace AyaNova.Api.Controllers
FormCustomBiz biz = FormCustomBiz.GetBiz(ct, HttpContext);
//check rights
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)