Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add additional validation logic to Update API methods to ensure model ID matches ID parameter

Browse Source
This commit is contained in:
sbwalker
2023-11-22 14:47:28 -05:00
parent fc186f1718
commit 14d36ef8dc
17 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Oqtane.Server/Controllers/SiteController.cs
View File

@ -192,7 +192,7 @@ namespace Oqtane.Controllers
public Site Put(int id, [FromBody] Site site)
{
var current = _sites.GetSite(site.SiteId, false);
if (ModelState.IsValid && site.SiteId == _alias.SiteId && site.TenantId == _alias.TenantId && current != null)
if (ModelState.IsValid && site.SiteId == _alias.SiteId && site.TenantId == _alias.TenantId && site.SiteId == id && current != null)
{
site = _sites.UpdateSite(site);
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.Site, site.SiteId, SyncEventActions.Update);