From 78408427b82e5043c8523ef77ebc9b622c37f26c Mon Sep 17 00:00:00 2001
From: "DESKTOP-GENO133\\IvanPlex" <ivancheahkf@gmail.com>
Date: Thu, 8 Feb 2024 17:54:42 -0700
Subject: [PATCH] only init endpoint list if vehicleId is 0.

---
 Filter/CollaboratorFilter.cs | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/Filter/CollaboratorFilter.cs b/Filter/CollaboratorFilter.cs
index c68f4f1..b9f5301 100644
--- a/Filter/CollaboratorFilter.cs
+++ b/Filter/CollaboratorFilter.cs
@@ -17,7 +17,6 @@ namespace CarCareTracker.Filter
         }
         public override void OnActionExecuting(ActionExecutingContext filterContext)
         {
-            var shopSupplyEndpoints = new List<string> { "ImportToVehicleIdFromCsv", "GetSupplyRecordsByVehicleId", "ExportFromVehicleToCsv" };
             if (!filterContext.HttpContext.User.IsInRole(nameof(UserData.IsRootUser)))
             {
                 var vehicleId = int.Parse(filterContext.ActionArguments["vehicleId"].ToString());
@@ -28,14 +27,19 @@ namespace CarCareTracker.Filter
                     {
                         filterContext.Result = new RedirectResult("/Error/Unauthorized");
                     }
-                } else if (shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()) && !_config.GetServerEnableShopSupplies())
+                } else
                 {
-                    //user trying to access shop supplies but shop supplies is not enabled by root user.
-                    filterContext.Result = new RedirectResult("/Error/Unauthorized");
-                } else if (!shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()))
-                {
-                    //user trying to access any other endpoints using 0 as vehicle id.
-                    filterContext.Result = new RedirectResult("/Error/Unauthorized");
+                    var shopSupplyEndpoints = new List<string> { "ImportToVehicleIdFromCsv", "GetSupplyRecordsByVehicleId", "ExportFromVehicleToCsv" };
+                    if (shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()) && !_config.GetServerEnableShopSupplies())
+                    {
+                        //user trying to access shop supplies but shop supplies is not enabled by root user.
+                        filterContext.Result = new RedirectResult("/Error/Unauthorized");
+                    }
+                    else if (!shopSupplyEndpoints.Contains(filterContext.RouteData.Values["action"].ToString()))
+                    {
+                        //user trying to access any other endpoints using 0 as vehicle id.
+                        filterContext.Result = new RedirectResult("/Error/Unauthorized");
+                    }
                 }
             }
         }