AppStd/EnvelopeGenerator
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update authorization policy in ConfigController

Browse Source 
Replaced the generic [Authorize] attribute with a more specific
[Authorize(Policy = AuthPolicy.SenderOrReceiver)] to enforce
a stricter authorization policy. Added a `using` directive for
`EnvelopeGenerator.Domain.Constants` to support the new policy.
This commit is contained in:
tekh
2026-06-12 15:21:29 +02:00
parent 1326407462
commit fa354a05cc
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
EnvelopeGenerator.API/Controllers/ConfigController.cs
View File

@@ -1,4 +1,5 @@
using EnvelopeGenerator.API.Models.PsPdfKitAnnotation;
using EnvelopeGenerator.Domain.Constants;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
@@ -13,7 +14,7 @@ namespace EnvelopeGenerator.API.Controllers;
/// </remarks>
[Route("api/[controller]")]
[ApiController]
[Authorize]
[Authorize(Policy = AuthPolicy.SenderOrReceiver)]
public class ConfigController(IOptionsMonitor<AnnotationParams> annotationParamsOptions) : ControllerBase
{
private readonly AnnotationParams _annotationParams = annotationParamsOptions.CurrentValue;