diff options
Diffstat (limited to 'BackEnd/Timeline/Controllers/UserAvatarController.cs')
| -rw-r--r-- | BackEnd/Timeline/Controllers/UserAvatarController.cs | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/BackEnd/Timeline/Controllers/UserAvatarController.cs b/BackEnd/Timeline/Controllers/UserAvatarController.cs index bc4afa30..44d45b76 100644 --- a/BackEnd/Timeline/Controllers/UserAvatarController.cs +++ b/BackEnd/Timeline/Controllers/UserAvatarController.cs @@ -86,7 +86,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task<IActionResult> Put([FromRoute][Username] string username, [FromBody] ByteData body)
{
- if (!User.IsAdministrator() && User.Identity.Name != username)
+ if (!this.UserHasPermission(UserPermission.UserManagement) && User.Identity!.Name != username)
{
_logger.LogInformation(Log.Format(LogPutForbid,
("Operator Username", User.Identity.Name), ("Username To Put Avatar", username)));
@@ -149,10 +149,10 @@ namespace Timeline.Controllers [Authorize]
public async Task<IActionResult> Delete([FromRoute][Username] string username)
{
- if (!User.IsAdministrator() && User.Identity.Name != username)
+ if (!this.UserHasPermission(UserPermission.UserManagement) && User.Identity!.Name != username)
{
_logger.LogInformation(Log.Format(LogDeleteForbid,
- ("Operator Username", User.Identity.Name), ("Username To Delete Avatar", username)));
+ ("Operator Username", User.Identity!.Name), ("Username To Delete Avatar", username)));
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
|