From 69c508ef84d65411c6df5f2c2efa272f89b93ff6 Mon Sep 17 00:00:00 2001 From: AleksDw Date: Sun, 18 May 2025 18:16:26 +0200 Subject: [PATCH] Get OrgId only from token --- WebApp/DTOs/EventCreateDto.cs | 1 - WebApp/DTOs/EventUpdateDto.cs | 1 - WebApp/Endpoints/EventsEndpoints.cs | 18 ++++-------------- WebApp/Mapping/EventMapping.cs | 2 -- 4 files changed, 4 insertions(+), 18 deletions(-) diff --git a/WebApp/DTOs/EventCreateDto.cs b/WebApp/DTOs/EventCreateDto.cs index a77bdd0..9a64aa9 100644 --- a/WebApp/DTOs/EventCreateDto.cs +++ b/WebApp/DTOs/EventCreateDto.cs @@ -6,7 +6,6 @@ namespace WebApp.DTOs; // Input values in JSON file to create event public record class EventCreateDto ( - [Required] int? OrganisationId, [Required][StringLength(50)] string Title, [StringLength(500)] string Description, [Required][StringLength(100)] string Location, diff --git a/WebApp/DTOs/EventUpdateDto.cs b/WebApp/DTOs/EventUpdateDto.cs index 59b9d72..1d0047e 100644 --- a/WebApp/DTOs/EventUpdateDto.cs +++ b/WebApp/DTOs/EventUpdateDto.cs @@ -6,7 +6,6 @@ namespace WebApp.DTOs; // Input values in JSON file to update event public record class EventUpdateDto ( - [Required] int? OrganisationId, [Required][StringLength(50)] string Title, [StringLength(500)] string Description, [Required][StringLength(100)] string Location, diff --git a/WebApp/Endpoints/EventsEndpoints.cs b/WebApp/Endpoints/EventsEndpoints.cs index 87b6939..55f3e96 100644 --- a/WebApp/Endpoints/EventsEndpoints.cs +++ b/WebApp/Endpoints/EventsEndpoints.cs @@ -58,16 +58,10 @@ namespace WebApp.Endpoints Organisation? org = await guhf.GetOrganisationFromToken(token); if (org is null) return Results.Unauthorized(); + // dodajemy id organizacji z tokenu Event Eve = newEvent.ToEntity(); - - // Wyzeruj EventRegistrations, ponieważ nie są to dane, - // które powinniśmy przyjmować bez zgody wolontariuszy! - Eve.EventRegistrations = []; Eve.OrganisationId = org.OrganisationId; - // Na wszelki wypadek, gdyby użytkownik wciskał nam kit :D - if (newEvent.OrganisationId is not null && newEvent.OrganisationId != org.OrganisationId) return Results.StatusCode(418); - dbContext.Events.Add(Eve); await dbContext.SaveChangesAsync(); @@ -81,12 +75,12 @@ namespace WebApp.Endpoints group.MapPut("/{id}", async (int id, EventUpdateDto updatedEvent, ApplicationDbContext dbContext, GeneralUseHelpers guhf, HttpContext httpContext) => { - // Uzyskaj organizację z tokenu Token? token = await guhf.GetTokenFromHTTPContext(httpContext); Organisation? org = await guhf.GetOrganisationFromToken(token); if (org is null) return Results.Unauthorized(); + Console.Write(org.OrganisationId); var existingEvent = await dbContext.Events.FindAsync(id); if (existingEvent is null) { @@ -97,15 +91,11 @@ namespace WebApp.Endpoints // do zmodyfikowania tego (EventId = id) eventu. if (org.OrganisationId != existingEvent.OrganisationId) return Results.StatusCode(403); - // Nadpisz organisationId (obecne w updatedEvent, - // lecz nie sprawdzane poniżej) na to, co odczytaliśmy - // do existingEvent. - // ... trzeba by było tworzyć obiekt od nowa, zamiast tego po prostu zwróćmy błąd. - if (existingEvent.OrganisationId != updatedEvent.OrganisationId) return Results.StatusCode(403); - + var originalOrgId = existingEvent.OrganisationId; dbContext.Entry(existingEvent) .CurrentValues .SetValues(updatedEvent.ToEntity(id)); + existingEvent.OrganisationId = originalOrgId; dbContext.Entry(existingEvent) .Collection(Eve => Eve.EventRegistrations) diff --git a/WebApp/Mapping/EventMapping.cs b/WebApp/Mapping/EventMapping.cs index 9b5f240..3053f14 100644 --- a/WebApp/Mapping/EventMapping.cs +++ b/WebApp/Mapping/EventMapping.cs @@ -10,7 +10,6 @@ public static class EventMapping { return new Event() { - OrganisationId = ECDto.OrganisationId!.Value, Title = ECDto.Title, Description = ECDto.Description, Location = ECDto.Location, @@ -25,7 +24,6 @@ public static class EventMapping return new Event() { EventId = id, - OrganisationId = EUDto.OrganisationId!.Value, Title = EUDto.Title, Description = EUDto.Description, Location = EUDto.Location,