cphipps/lubelog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #284 from hargata/Hargata/calendar.view

Browse Source 
Lock down contoller methods for extra fields.
This commit is contained in:
Hargata Softworks
2024-02-13 16:48:48 -07:00
committed by GitHub
parent 92b9c6953c 8584d2cf9c
commit e7dc4f67f5
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Controllers/HomeController.cs
View File

@@ -99,6 +99,7 @@ namespace CarCareTracker.Controllers
{ {
return View(); return View();
} }
[Authorize(Roles = nameof(UserData.IsRootUser))]
public IActionResult GetExtraFieldsModal(int importMode = 0) public IActionResult GetExtraFieldsModal(int importMode = 0)
{ {
var recordExtraFields = _extraFieldDataAccess.GetExtraFieldsById(importMode); var recordExtraFields = _extraFieldDataAccess.GetExtraFieldsById(importMode);
@@ -108,6 +109,7 @@ namespace CarCareTracker.Controllers
} }
return PartialView("_ExtraFields", recordExtraFields); return PartialView("_ExtraFields", recordExtraFields);
} }
[Authorize(Roles = nameof(UserData.IsRootUser))]
public IActionResult UpdateExtraFields(RecordExtraField record) public IActionResult UpdateExtraFields(RecordExtraField record)
{ {
try try