diff --git a/Notesnook.API/Controllers/S3Controller.cs b/Notesnook.API/Controllers/S3Controller.cs index e163569..294cdba 100644 --- a/Notesnook.API/Controllers/S3Controller.cs +++ b/Notesnook.API/Controllers/S3Controller.cs @@ -29,7 +29,6 @@ namespace Notesnook.API.Controllers { [ApiController] [Route("s3")] - [Authorize("Pro")] [ResponseCache(NoStore = true, Location = ResponseCacheLocation.None)] public class S3Controller : ControllerBase { @@ -40,6 +39,7 @@ namespace Notesnook.API.Controllers } [HttpPut] + [Authorize("Pro")] public IActionResult Upload([FromQuery] string name) { var userId = this.User.FindFirstValue("sub"); @@ -50,6 +50,7 @@ namespace Notesnook.API.Controllers [HttpGet("multipart")] + [Authorize("Pro")] public async Task MultipartUpload([FromQuery] string name, [FromQuery] int parts, [FromQuery] string uploadId) { var userId = this.User.FindFirstValue("sub"); @@ -62,6 +63,7 @@ namespace Notesnook.API.Controllers } [HttpDelete("multipart")] + [Authorize("Pro")] public async Task AbortMultipartUpload([FromQuery] string name, [FromQuery] string uploadId) { var userId = this.User.FindFirstValue("sub"); @@ -74,6 +76,7 @@ namespace Notesnook.API.Controllers } [HttpPost("multipart")] + [Authorize("Pro")] public async Task CompleteMultipartUpload([FromBody] CompleteMultipartUploadRequest uploadRequest) { var userId = this.User.FindFirstValue("sub"); @@ -86,7 +89,7 @@ namespace Notesnook.API.Controllers } [HttpGet] - [Authorize] + [Authorize("Sync")] public IActionResult Download([FromQuery] string name) { var userId = this.User.FindFirstValue("sub"); @@ -96,7 +99,7 @@ namespace Notesnook.API.Controllers } [HttpHead] - [Authorize] + [Authorize("Sync")] public async Task Info([FromQuery] string name) { var userId = this.User.FindFirstValue("sub"); @@ -106,6 +109,7 @@ namespace Notesnook.API.Controllers } [HttpDelete] + [Authorize("Sync")] public async Task DeleteAsync([FromQuery] string name) { try