admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2019-04-30 15:26:05 +00:00
parent de36cbbaf1
commit e8ef841590
17 changed files with 72 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/AyaNova/Controllers/UserController.cs
View File

@@ -67,7 +67,7 @@ namespace AyaNova.Api.Controllers
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
@@ -106,7 +106,7 @@ namespace AyaNova.Api.Controllers
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
return Ok(new
{
@@ -137,7 +137,7 @@ namespace AyaNova.Api.Controllers
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
@@ -216,7 +216,7 @@ namespace AyaNova.Api.Controllers
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
}
@@ -280,7 +280,7 @@ namespace AyaNova.Api.Controllers
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
}
try
@@ -330,7 +330,7 @@ namespace AyaNova.Api.Controllers
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
@@ -394,7 +394,7 @@ namespace AyaNova.Api.Controllers
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, dbObj.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
}