Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

improve validation and exception handling in API Controllers

Browse Source
This commit is contained in:
Shaun Walker
2021-06-15 19:11:00 -04:00
parent 0a2293119e
commit 65a14da5a9
14 changed files with 101 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Oqtane.Server/Controllers/ThemeController.cs
View File

@ -11,6 +11,7 @@ using Oqtane.Enums;
using Oqtane.Infrastructure;
using Oqtane.Repository;
using System.Text.Json;
using System.Net;
// ReSharper disable StringIndexOfIsCultureSpecific.1
@ -84,6 +85,11 @@ namespace Oqtane.Controllers
_themes.DeleteTheme(theme.ThemeName);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Theme Removed For {ThemeName}", theme.ThemeName);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Theme Delete Attempt {Themename}", themename);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
// GET: api/<controller>/templates
@ -141,6 +147,12 @@ namespace Oqtane.Controllers
ProcessTemplatesRecursively(new DirectoryInfo(templatePath), rootPath, rootFolder.Name, templatePath, theme);
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Theme Created {Theme}", theme);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Theme Post Attempt {Theme}", theme);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
theme = null;
}
return theme;
}