diff options
Diffstat (limited to 'src/server/Api/V1/Entries/GetEntriesRoute.cs')
| -rw-r--r-- | src/server/Api/V1/Entries/GetEntriesRoute.cs | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/server/Api/V1/Entries/GetEntriesRoute.cs b/src/server/Api/V1/Entries/GetEntriesRoute.cs index adadf01..27905a2 100644 --- a/src/server/Api/V1/Entries/GetEntriesRoute.cs +++ b/src/server/Api/V1/Entries/GetEntriesRoute.cs @@ -16,6 +16,10 @@ public class GetEntriesRoute : RouteBaseV1Sync.WithoutRequest.WithActionResult<L [ApiVersion(ApiSpecV1.VERSION_STRING)] [HttpGet("~/v{version:apiVersion}/entries")] public override ActionResult<List<EntryDto>> Handle() { + if (IsApiCall() && !HasApiPermission(Constants.TOKEN_ALLOW_READ)) { + return StatusCode(403, "Your token does not permit access to this resource"); + } + return Ok(_context.Entries.Where(c => c.UserId == LoggedInUser.Id).Select(c => new EntryDto(c))); } } |