on.nemtina/DD.WellWorkover.Cloud
1
0
Fork 0
forked from ddrilling/AsbCloudServer
Code Pull Requests Activity

Fix security in WellController

Browse Source
This commit is contained in:
Фролов 2021-10-20 17:55:50 +05:00
parent 167dd3d5f5
commit 8b54966876
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
AsbCloudWebApi/Controllers/WellController.cs
View File

@ -58,7 +58,7 @@ namespace AsbCloudWebApi.Controllers
{
var idCompany = User.GetCompanyId();
if (idCompany is null)
if (idCompany is null || !await wellService.IsCompanyInvolvedInWellAsync(idCompany??default, idWell, token).ConfigureAwait(false))
return NoContent();
var well = await wellService.GetAsync(idWell,