From 2198ad257a2c049f3601a6f95b8906c5be8b27d5 Mon Sep 17 00:00:00 2001
From: 杨宇千 <crupest@outlook.com>
Date: Thu, 31 Oct 2019 00:56:46 +0800
Subject: Continue to construct feature and tests.

---
 Timeline/Controllers/UserDetailController.cs | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'Timeline/Controllers/UserDetailController.cs')

diff --git a/Timeline/Controllers/UserDetailController.cs b/Timeline/Controllers/UserDetailController.cs
index ef13b462..9de9899e 100644
--- a/Timeline/Controllers/UserDetailController.cs
+++ b/Timeline/Controllers/UserDetailController.cs
@@ -4,6 +4,7 @@ using Timeline.Filters;
 using Timeline.Models.Validation;
 using Timeline.Services;
 using System.ComponentModel.DataAnnotations;
+using Microsoft.AspNetCore.Authorization;
 
 namespace Timeline.Controllers
 {
@@ -25,6 +26,8 @@ namespace Timeline.Controllers
         }
 
         [HttpPut("users/{username}/nickname")]
+        [Authorize]
+        [SelfOrAdmin]
         [CatchUserNotExistException]
         public async Task<ActionResult> PutNickname([FromRoute][Username] string username,
             [FromBody][StringLength(10, MinimumLength = 1)] string body)
@@ -34,6 +37,8 @@ namespace Timeline.Controllers
         }
 
         [HttpDelete("users/{username}/nickname")]
+        [Authorize]
+        [SelfOrAdmin]
         [CatchUserNotExistException]
         public async Task<ActionResult> DeleteNickname([FromRoute][Username] string username)
         {
-- 
cgit v1.2.3