diff --git a/src/InternshipSystem.Api/Controllers/CompaniesController.cs b/src/InternshipSystem.Api/Controllers/CompaniesController.cs index 312d02e..941f655 100644 --- a/src/InternshipSystem.Api/Controllers/CompaniesController.cs +++ b/src/InternshipSystem.Api/Controllers/CompaniesController.cs @@ -4,6 +4,7 @@ using System.Threading; using System.Threading.Tasks; using InternshipSystem.Api.Queries; using InternshipSystem.Api.Queries.SearchQuery; +using InternshipSystem.Api.Security; using InternshipSystem.Core; using InternshipSystem.Repository; using Microsoft.AspNetCore.Authorization; @@ -35,10 +36,11 @@ namespace InternshipSystem.Api.Controllers [HttpGet] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] - public async Task>> SearchByNameAsync([FromQuery] CompanySearchQuery searchQuery, CancellationToken cancellationToken) => + [Authorize] + public async Task>> SearchByNameAsync([FromQuery] CompanySearchQuery searchQuery, [FromServices] User user, CancellationToken cancellationToken) => await Context.Companies .Where(c => c.Name.ToLower().Contains(searchQuery.Name.ToLower())) - .Where(c => c.Provider == 0) + .Where(c => c.Provider == 0 || c.Provider == user.PersonNumber) .OrderBy(o => o.Name) .Skip(searchQuery.Page * searchQuery.PerPage) .Take(searchQuery.PerPage) @@ -55,7 +57,8 @@ namespace InternshipSystem.Api.Controllers [HttpGet("{companyId}")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] - public async Task>> SearchBranchesByAddress([FromQuery] BranchOfficeSearchQuery searchQuery, long companyId, CancellationToken token) + [Authorize] + public async Task>> SearchBranchesByAddress([FromQuery] BranchOfficeSearchQuery searchQuery, long companyId, [FromServices] User user, CancellationToken token) { var company = await Context.Companies.Where(c => c.Id == companyId).FirstAsync(token); @@ -63,7 +66,7 @@ namespace InternshipSystem.Api.Controllers .Collection(c => c.Branches) .Query() .Where(office => office.Address.City.ToLower().Contains(searchQuery.City.ToLower())) - .Where(office => office.Provider == 0) + .Where(office => office.Provider == 0 || office.Provider == user.PersonNumber) .Skip(searchQuery.Page * searchQuery.PerPage) .Take(searchQuery.PerPage) .ToListAsync(token); diff --git a/src/InternshipSystem.Api/UseCases/UpdateInternshipRegistrationUseCase.cs b/src/InternshipSystem.Api/UseCases/UpdateInternshipRegistrationUseCase.cs index b196099..10e579c 100644 --- a/src/InternshipSystem.Api/UseCases/UpdateInternshipRegistrationUseCase.cs +++ b/src/InternshipSystem.Api/UseCases/UpdateInternshipRegistrationUseCase.cs @@ -144,9 +144,9 @@ namespace InternshipSystem.Api.UseCases private void UpdateMentor(UpdateMentor mentorUpdate) { - var mentor = subjectRegistration.Mentor ?? new Mentor(); + subjectRegistration.Mentor ??= new Mentor(); - mentor.UpdateInformation(mentorUpdate.FirstName, mentorUpdate.LastName, mentorUpdate.Email, mentorUpdate.PhoneNumber); + subjectRegistration.Mentor.UpdateInformation(mentorUpdate.FirstName, mentorUpdate.LastName, mentorUpdate.Email, mentorUpdate.PhoneNumber); } } } \ No newline at end of file