diff --git a/WebfrontCore/Controllers/InteractionController.cs b/WebfrontCore/Controllers/InteractionController.cs index 8610219a..16a69c91 100644 --- a/WebfrontCore/Controllers/InteractionController.cs +++ b/WebfrontCore/Controllers/InteractionController.cs @@ -7,28 +7,27 @@ using SharedLibraryCore.Interfaces; namespace WebfrontCore.Controllers; -public class InteractionController : BaseController +public class InteractionController(IManager manager, IInteractionRegistration interactionRegistration) + : BaseController(manager) { - private readonly IInteractionRegistration _interactionRegistration; - - public InteractionController(IManager manager, IInteractionRegistration interactionRegistration) : base(manager) - { - _interactionRegistration = interactionRegistration; - } - [HttpGet("[controller]/[action]/{interactionName}")] public async Task Render([FromRoute]string interactionName, CancellationToken token) { - var interactionData = (await _interactionRegistration.GetInteractions(interactionName, token: token)).FirstOrDefault(); + var interactionData = (await interactionRegistration.GetInteractions(interactionName, token: token)).FirstOrDefault(); if (interactionData is null) { return NotFound(); } + if (Client.Level < interactionData.MinimumPermission) + { + return Unauthorized(); + } + ViewBag.Title = interactionData.Description; var meta = HttpContext.Request.Query.ToDictionary(key => key.Key, value => value.Value.ToString()); - var result = await _interactionRegistration.ProcessInteraction(interactionName, Client.ClientId, meta: meta, token: token); + var result = await interactionRegistration.ProcessInteraction(interactionName, Client.ClientId, meta: meta, token: token); if (interactionData.InteractionType == InteractionType.TemplateContent) {