homeburger/agologum
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: policy mismatch
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 8s
Details

Browse Source
This commit is contained in:
Blitblank
2026-04-21 19:18:54 -05:00
parent 2f3cb46af3
commit 143d194cdb
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
api/src/Controllers/UsersController.cs
View File

@@ -20,7 +20,7 @@ public class UsersController : ControllerBase {
service_ = service; service_ = service;
} }
[Authorize(Policy = "RequireAdmin")] [Authorize(Policy = "SensitiveDataRead")]
[HttpGet] [HttpGet]
public async Task<ActionResult<List<User>>> getUsers() { public async Task<ActionResult<List<User>>> getUsers() {
List<User> rawArray = await service_.GetAll(); List<User> rawArray = await service_.GetAll();
@@ -42,7 +42,7 @@ public class UsersController : ControllerBase {
return Ok(dtoArray); return Ok(dtoArray);
} }
[Authorize(Policy = "RequireAdmin")] [Authorize(Policy = "SensitiveDataRead")]
[HttpGet("{id:int}")] [HttpGet("{id:int}")]
public async Task<ActionResult<User>> getUser(int id) { public async Task<ActionResult<User>> getUser(int id) {
@@ -60,7 +60,7 @@ public class UsersController : ControllerBase {
return Ok(newDto); return Ok(newDto);
} }
[Authorize(Policy = "RequireSuperuser")] [Authorize(Policy = "SensitiveDataModify")]
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<ActionResult> deleteUser(int id) { public async Task<ActionResult> deleteUser(int id) {

3
scripts/DEV_README.md
View File

@@ -13,7 +13,8 @@ To see live logs:
sudo docker logs -f -t agologum-api sudo docker logs -f -t agologum-api
public user: public user:
> username=bard > username=bard (admin)
> username=xvbard (superuser)
> password=Public*890 > password=Public*890
chrome dev tools troubleshooting chrome dev tools troubleshooting