From c76154a2fb27465cc1597031a3961345525591f3 Mon Sep 17 00:00:00 2001 From: Sandra Westerhoff Date: Mon, 14 Jun 2021 13:38:12 +0200 Subject: [PATCH 1/3] Update: Check for archived status (coscine/issues#1575) --- src/Tree/Controllers/TreeController.cs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Tree/Controllers/TreeController.cs b/src/Tree/Controllers/TreeController.cs index 47f7b38..3b8d84b 100644 --- a/src/Tree/Controllers/TreeController.cs +++ b/src/Tree/Controllers/TreeController.cs @@ -226,6 +226,11 @@ namespace Coscine.Api.Tree.Controllers return Forbid("User is no project member!"); } + if (resource.Archived == "1") + { + return Forbid("The resource is readonly!"); + } + if (resource.ApplicationProfile[^1] != '/') { resource.ApplicationProfile += '/'; -- GitLab From f0f4630ec8dbca141645dcaeadff0f36ae849577 Mon Sep 17 00:00:00 2001 From: Sandra Westerhoff Date: Tue, 15 Jun 2021 10:05:09 +0200 Subject: [PATCH 2/3] Update: fixed an error (coscine/issues#1575) --- src/Tree/Controllers/TreeController.cs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/Tree/Controllers/TreeController.cs b/src/Tree/Controllers/TreeController.cs index 3b8d84b..2bcf59b 100644 --- a/src/Tree/Controllers/TreeController.cs +++ b/src/Tree/Controllers/TreeController.cs @@ -94,6 +94,10 @@ namespace Coscine.Api.Tree.Controllers var user = _authenticator.GetUser(); var check = CheckResourceIdAndPath(resourceId, path, out Resource resource); + if (check != null) + { + return check; + } if (resource.ApplicationProfile[^1] != '/') { @@ -104,12 +108,7 @@ namespace Coscine.Api.Tree.Controllers { return Forbid("User has no Access to this resource."); } - - if (check != null) - { - return check; - } - + try { var resourceTypeOptions = _resourceModel.GetResourceTypeOptions(resource.Id); -- GitLab From f908f97b217b8e810a6d6a06e6012d0184284036 Mon Sep 17 00:00:00 2001 From: Petar Hristov Date: Tue, 15 Jun 2021 14:08:01 +0000 Subject: [PATCH 3/3] Fix: changed Forbid() method to BadRequest() method for displaying the correct message (coscine/issues#1575) --- src/Tree/Controllers/TreeController.cs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Tree/Controllers/TreeController.cs b/src/Tree/Controllers/TreeController.cs index 2bcf59b..67d6eae 100644 --- a/src/Tree/Controllers/TreeController.cs +++ b/src/Tree/Controllers/TreeController.cs @@ -1,4 +1,4 @@ -using Coscine.WaterbutlerHelper; +using Coscine.WaterbutlerHelper; using Coscine.WaterbutlerHelper.ReturnObjects; using Coscine.ApiCommons; using Coscine.ApiCommons.Factories; @@ -106,7 +106,7 @@ namespace Coscine.Api.Tree.Controllers if (user == null || !_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member)) { - return Forbid("User has no Access to this resource."); + return BadRequest("User has no Access to this resource."); } try @@ -222,12 +222,12 @@ namespace Coscine.Api.Tree.Controllers if (user == null || !_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member)) { - return Forbid("User is no project member!"); + return BadRequest("User is no project member!"); } if (resource.Archived == "1") { - return Forbid("The resource is readonly!"); + return BadRequest("The resource is readonly!"); } if (resource.ApplicationProfile[^1] != '/') -- GitLab