support both 404 andf 403 status codes in API response (404 should not log)

2023-07-11 08:14:00 -04:00
parent 59fffbd3ee
commit df0f562817
17 changed files with 179 additions and 41 deletions
--- a/Oqtane.Server/Controllers/ProfileController.cs
+++ b/Oqtane.Server/Controllers/ProfileController.cs
@ -56,8 +56,15 @@ namespace Oqtane.Controllers
            }
            else
            {
-                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Profile Get Attempt {ProfileId}", id);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                if (profile != null)
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Profile Get Attempt {ProfileId}", id);
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                }
+                else
+                {
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
+                }
                return null;
            }
        }