Skip to content

Commit

Permalink
auth for addMember
Browse files Browse the repository at this point in the history
  • Loading branch information
@quoncc @WillNilges
quoncc authored and WillNilges committed Aug 25, 2023
1 parent eaa3334 commit 529509d
Showing 1 changed file with 12 additions and 4 deletions.
16 changes: 12 additions & 4 deletions api/api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,8 +66,16 @@ def apiGetMemberDetailsByID(id):

@app.route("/addMember", methods=["POST"])
def apiAddMember():
try:
queries.createNewMember(request.get_json())
return "OK", 200
token = request.headers["token"]
try:
permission = authenticate.getRolePermission(token, 'put')
except:
return "Error", 500
return "Forbidden", 403
if permission == True:
try:
queries.createNewMember(request.get_json())
return "OK", 200
except:
return "Error", 500
else:
return "Forbidden", 403

0 comments on commit 529509d

Please sign in to comment.