From 2173f6593fa1655bbd2be17488e3f223e2e2aac4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A4=D1=80=D0=BE=D0=BB=D0=BE=D0=B2?= Date: Thu, 14 Oct 2021 16:16:35 +0500 Subject: [PATCH] Fix DrillFlowChartController autorization. Fix DrillFlowChartController.GetByTelemetryAsync() assertion --- .../Controllers/DrillFlowChartController.cs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/AsbCloudWebApi/Controllers/DrillFlowChartController.cs b/AsbCloudWebApi/Controllers/DrillFlowChartController.cs index ec241b9d..dfb24088 100644 --- a/AsbCloudWebApi/Controllers/DrillFlowChartController.cs +++ b/AsbCloudWebApi/Controllers/DrillFlowChartController.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using AsbCloudApp.Data; using AsbCloudApp.Services; +using Microsoft.AspNetCore.Authorization; namespace AsbCloudWebApi.Controllers { @@ -12,6 +13,7 @@ namespace AsbCloudWebApi.Controllers /// Контроллер для корридоров бурения на панели /// [ApiController] + [Authorize] public class DrillFlowChartController : ControllerBase { private readonly IDrillFlowChartService drillFlowChartService; @@ -60,17 +62,14 @@ namespace AsbCloudWebApi.Controllers /// Список параметров для корридоров бурения [HttpGet] [Route("api/telemetry/{uid}/drillFlowChart")] + [AllowAnonymous] [ProducesResponseType(typeof(IEnumerable), (int) System.Net.HttpStatusCode.OK)] public async Task GetByTelemetryAsync(string uid, DateTime updateFrom = default, CancellationToken token = default) { - var idCompany = User.GetCompanyId(); - var idWell = telemetryService.GetidWellByTelemetryUid(uid); + if (idWell is null) + return BadRequest($"Wrong uid {uid}"); - if (idCompany is null || idWell is null || !await wellService.IsCompanyInvolvedInWellAsync((int)idCompany, - (int)idWell, token).ConfigureAwait(false)) - return Forbid(); - var dto = await drillFlowChartService.GetAllAsync((int)idWell, updateFrom, token);