This commit is contained in:
@@ -25,8 +25,7 @@ namespace AyaNova.Api.Controllers
|
||||
[ApiController]
|
||||
[ApiVersion("8.0")]
|
||||
[Route("api/v{version:apiVersion}/backup")]
|
||||
[Produces("application/json")]
|
||||
[Authorize]
|
||||
[Produces("application/json")]
|
||||
public class BackupController : ControllerBase
|
||||
{
|
||||
private readonly AyContext ct;
|
||||
@@ -80,6 +79,7 @@ namespace AyaNova.Api.Controllers
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
[HttpGet("status")]
|
||||
[Authorize]
|
||||
public ActionResult BackupStatus()
|
||||
{
|
||||
//Need size and more info
|
||||
@@ -119,7 +119,8 @@ namespace AyaNova.Api.Controllers
|
||||
await Task.Delay(nFailedAuthDelay);//DOS protection
|
||||
return StatusCode(401, new ApiErrorResponse(ApiErrorCode.AUTHENTICATION_FAILED));
|
||||
}
|
||||
if (!Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited))
|
||||
|
||||
if (!Authorized.HasAnyRole(DownloadUser.Roles, AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited))
|
||||
{
|
||||
await Task.Delay(nFailedAuthDelay);//DOS protection
|
||||
return StatusCode(403, new ApiNotAuthorizedResponse());
|
||||
@@ -133,10 +134,13 @@ namespace AyaNova.Api.Controllers
|
||||
string mimetype = fileName.EndsWith("zip") ? "application/zip" : "application/octet-stream";
|
||||
var utilityFilePath = FileUtil.GetFullPathForUtilityFile(fileName);
|
||||
await EventLogProcessor.LogEventToDatabaseAsync(new Event(DownloadUser.Id, 0, AyaType.NoType, AyaEvent.UtilityFileDownload, fileName), ct);
|
||||
return PhysicalFile(utilityFilePath, mimetype);
|
||||
return PhysicalFile(utilityFilePath, mimetype, fileName);
|
||||
|
||||
}
|
||||
|
||||
|
||||
//DANGER: MUST ADD AUTHORIZE ATTRIBUTE TO ANY NEW ROUTES
|
||||
//[Authorize]
|
||||
|
||||
}//eoc
|
||||
}//eons
|
||||
|
||||
Reference in New Issue
Block a user