Add 401 response type to Delete and Create actions in multiple controllers for improved security handling

2025-12-16 19:14:25 +00:00 · 2025-11-13 19:28:21 +00:00
parent 1826c70883
commit 583f20ff99
53 changed files with 135 additions and 0 deletions
--- a/Marechai.Server/Controllers/MachinePhotosController.cs
+++ b/Marechai.Server/Controllers/MachinePhotosController.cs
@@ -105,6 +105,7 @@ public class MachinePhotosController(MarechaiContext context) : ControllerBase
    [ProducesResponseType(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status400BadRequest)]
    [ProducesResponseType(StatusCodes.Status404NotFound)]
+    [ProducesResponseType(StatusCodes.Status401Unauthorized)]
    public async Task<ActionResult> UpdateAsync(MachinePhotoDto dto)
    {
        string userId = User.FindFirstValue(ClaimTypes.Sid);
@@ -158,6 +159,7 @@ public class MachinePhotosController(MarechaiContext context) : ControllerBase
    [Authorize(Roles = "Admin,UberAdmin")]
    [ProducesResponseType(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status400BadRequest)]
+    [ProducesResponseType(StatusCodes.Status401Unauthorized)]
    public async Task<ActionResult<Guid>> CreateAsync(MachinePhotoDto dto)
    {
        string userId = User.FindFirstValue(ClaimTypes.Sid);