admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-09-08 20:22:25 +00:00
parent c37bddbfe1
commit bb32f26a3d
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/AyaNova/Controllers/DataListController.cs
View File

@@ -93,6 +93,7 @@ namespace AyaNova.Api.Controllers
return StatusCode(403, new ApiNotAuthorizedResponse());
//IF user is a customer type check if they are allowed to view this datalist
//and build the data list internal 'client' criteria
if (UType == UserType.Customer || UType == UserType.HeadOffice)
if (!await HandleCustomerTypeUserDataListRequest(UserId, tableRequest))
return StatusCode(403, new ApiNotAuthorizedResponse());
@@ -128,7 +129,7 @@ namespace AyaNova.Api.Controllers
}
//Build client criteria if user is of correct type
var UserInfo = await ct.User.AsNoTracking().Select(x => new { x.UserType, x.CustomerId, x.HeadOfficeId }).FirstOrDefaultAsync();
var UserInfo = await ct.User.AsNoTracking().Where(x => x.Id == currentUserId).Select(x => new { x.UserType, x.CustomerId, x.HeadOfficeId }).SingleOrDefaultAsync();
switch (UserInfo.UserType)
{
case UserType.Customer: