fix(api): 403 instead of 401 on API v1 member routes

This commit is contained in:
spiral 2022-02-05 09:37:18 -05:00
parent 375758206e
commit f13c60a841
No known key found for this signature in database
GPG Key ID: A6059F0CA0E1BD31

View File

@ -84,7 +84,7 @@ public class MemberController: ControllerBase
if (member == null) return NotFound("Member not found.");
var res = await _auth.AuthorizeAsync(User, member, "EditMember");
if (!res.Succeeded) return Unauthorized($"Member '{hid}' is not part of your system.");
if (!res.Succeeded) return StatusCode(StatusCodes.Status403Forbidden, $"Member '{hid}' is not part of your system.");
var patch = MemberPatch.FromJSON(changes);
@ -112,7 +112,7 @@ public class MemberController: ControllerBase
if (member == null) return NotFound("Member not found.");
var res = await _auth.AuthorizeAsync(User, member, "EditMember");
if (!res.Succeeded) return Unauthorized($"Member '{hid}' is not part of your system.");
if (!res.Succeeded) return StatusCode(StatusCodes.Status403Forbidden, $"Member '{hid}' is not part of your system.");
await _repo.DeleteMember(member.Id);
return Ok();