diff options
Diffstat (limited to 'src/server/Api/V1/Entries/CreateEntryRoute.cs')
| -rw-r--r-- | src/server/Api/V1/Entries/CreateEntryRoute.cs | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/server/Api/V1/Entries/CreateEntryRoute.cs b/src/server/Api/V1/Entries/CreateEntryRoute.cs index ebe49fc..b502e4a 100644 --- a/src/server/Api/V1/Entries/CreateEntryRoute.cs +++ b/src/server/Api/V1/Entries/CreateEntryRoute.cs @@ -21,6 +21,10 @@ public class CreateEntryRoute : RouteBaseV1Sync.WithRequest<CreateEntryRequest>. [ApiVersion(ApiSpecV1.VERSION_STRING)] [HttpPost("~/v{version:apiVersion}/entries/create")] public override ActionResult<EntryDto> Handle(CreateEntryRequest entry) { + if (IsApiCall() && !HasApiPermission(Constants.TOKEN_ALLOW_CREATE)) { + return StatusCode(403, "Your token does not permit access to this resource"); + } + var errors = entry.GetErrors(); if (errors.Count != 0) { return BadRequest(errors); |