diff options
Diffstat (limited to 'BackEnd/Timeline/Controllers/UserController.cs')
| -rw-r--r-- | BackEnd/Timeline/Controllers/UserController.cs | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs index 740bd0ed..95a99a03 100644 --- a/BackEnd/Timeline/Controllers/UserController.cs +++ b/BackEnd/Timeline/Controllers/UserController.cs @@ -7,6 +7,7 @@ using Timeline.Auth; using Timeline.Filters;
using Timeline.Models.Http;
using Timeline.Models.Validation;
+using Timeline.Services; using Timeline.Services.Mapper;
using Timeline.Services.User;
@@ -103,7 +104,7 @@ namespace Timeline.Controllers }
else
{
- if (GetUsername() != username)
+ if (!await CheckIsSelf(username))
return ForbidWithCommonResponse(Resource.MessageForbidNotAdministratorOrOwner);
if (body.Username is not null)
@@ -112,7 +113,7 @@ namespace Timeline.Controllers if (body.Password is not null)
return ForbidWithCommonResponse(Resource.MessageForbidNotAdministrator);
- var user = await _userService.ModifyUserAsync(GetUserId(), _mapper.AutoMapperMap<ModifyUserParams>(body));
+ var user = await _userService.ModifyUserAsync(GetAuthUserId(), _mapper.AutoMapperMap<ModifyUserParams>(body));
return await _mapper.MapAsync<HttpUser>(user, Url, User);
}
}
@@ -152,7 +153,7 @@ namespace Timeline.Controllers {
try
{
- await _userService.ChangePassword(GetUserId(), request.OldPassword, request.NewPassword);
+ await _userService.ChangePassword(GetAuthUserId(), request.OldPassword, request.NewPassword);
return OkWithCommonResponse();
}
catch (BadPasswordException)
|