From f1451e8ad6c332c114689edbc92b88b5e449ef3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me> Date: Thu, 6 Jul 2023 15:20:01 +0200 Subject: [PATCH] SecurityCheck => Add enonce published test --- ExpressAPI/src/middlewares/SecurityMiddleware.ts | 3 +++ ExpressAPI/src/types/SecurityCheckType.ts | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ExpressAPI/src/middlewares/SecurityMiddleware.ts b/ExpressAPI/src/middlewares/SecurityMiddleware.ts index 4beeee7..85a6056 100644 --- a/ExpressAPI/src/middlewares/SecurityMiddleware.ts +++ b/ExpressAPI/src/middlewares/SecurityMiddleware.ts @@ -28,6 +28,9 @@ class SecurityMiddleware { case SecurityCheckType.ENONCE_STAFF: isAllowed = isAllowed || await EnonceManager.isUserAllowedToAccessEnonce(req.boundParams.enonce, req.session.profile); break; + case SecurityCheckType.ENONCE_IS_PUBLISHED: + isAllowed = isAllowed || req.boundParams.enonce.published; + break; default: isAllowed = isAllowed || false; break; diff --git a/ExpressAPI/src/types/SecurityCheckType.ts b/ExpressAPI/src/types/SecurityCheckType.ts index 32a1592..fcb3a6d 100644 --- a/ExpressAPI/src/types/SecurityCheckType.ts +++ b/ExpressAPI/src/types/SecurityCheckType.ts @@ -1,6 +1,7 @@ enum SecurityCheckType { - TEACHING_STAFF = 'teachingStaff', - ENONCE_STAFF = 'enonceStaff' + TEACHING_STAFF = 'teachingStaff', + ENONCE_STAFF = 'enonceStaff', + ENONCE_IS_PUBLISHED = 'enonceIsPublished', } -- GitLab