consolidated settings into confighelper, fixed shop supplies access issue for non root user.

2024-02-08 16:54:01 -07:00
parent fd8f93ee5f
commit 08ace8b08d
5 changed files with 21 additions and 9 deletions
--- a/Filter/CollaboratorFilter.cs
+++ b/Filter/CollaboratorFilter.cs
@@ -17,10 +17,13 @@ namespace CarCareTracker.Filter
            if (!filterContext.HttpContext.User.IsInRole(nameof(UserData.IsRootUser)))
            {
                var vehicleId = int.Parse(filterContext.ActionArguments["vehicleId"].ToString());
-                var userId = int.Parse(filterContext.HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier));
-                if (!_userLogic.UserCanEditVehicle(userId, vehicleId))
+                if (vehicleId != default)
                {
-                    filterContext.Result = new RedirectResult("/Error/Unauthorized");
+                    var userId = int.Parse(filterContext.HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier));
+                    if (!_userLogic.UserCanEditVehicle(userId, vehicleId))
+                    {
+                        filterContext.Result = new RedirectResult("/Error/Unauthorized");
+                    }
                }
            }
        }