AZEN-SGG/Kavita
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added a new policy to require being an admin. Implemented ability to delete a user.

Browse source
This commit is contained in:
Joseph Milazzo 2020-12-24 08:13:58 -06:00
parent bb276a5984
commit f0919042b0
6 changed files with 44 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
API/Controllers/LibraryController.cs
View file

@ -77,14 +77,13 @@ namespace API.Controllers
// return Ok(await _libraryRepository.GetLibrariesForUserAsync(user));
// }
[Authorize(Policy = "RequireAdminRole")]
[HttpPut("update-for")]
public async Task<ActionResult<MemberDto>> UpdateLibrary(UpdateLibraryDto updateLibraryDto)
{
// TODO: Only admins can do this
var user = await _userRepository.GetUserByUsernameAsync(updateLibraryDto.Username);
if (user == null) return BadRequest("Could not validate user");
if (!user.IsAdmin) return Unauthorized("Only admins are permitted");
user.Libraries = new List<Library>();