Browse Source

Harden endpoint by restricting to public accesses

pull/7205/head
Thomas Kaul 2 weeks ago
parent
commit
82a176ded6
  1. 5
      apps/api/src/app/endpoints/public/public.controller.ts

5
apps/api/src/app/endpoints/public/public.controller.ts

@ -46,7 +46,10 @@ export class PublicController {
public async getPublicPortfolio( public async getPublicPortfolio(
@Param('accessId') accessId: string @Param('accessId') accessId: string
): Promise<PublicPortfolioResponse> { ): Promise<PublicPortfolioResponse> {
const access = await this.accessService.access({ id: accessId }); const access = await this.accessService.access({
granteeUserId: null,
id: accessId
});
if (!access) { if (!access) {
throw new HttpException( throw new HttpException(

Loading…
Cancel
Save