Use organization and auth to find organization sponsorship

2025-03-02 04:11:04 +01:00 · 2021-11-10 15:39:39 -05:00 · 2021-11-10 15:39:39 -05:00 · 5cb6930fd7
commit 5cb6930fd7
parent 339248ffaf
1 changed files with 6 additions and 6 deletions
--- a/src/Api/Controllers/OrganizationSponsorshipsController.cs
+++ b/src/Api/Controllers/OrganizationSponsorshipsController.cs
@ -116,21 +116,21 @@ namespace Bit.Api.Controllers
            await _organizationsSponsorshipService.SetUpSponsorshipAsync(existingSponsorshipOffer, organizationToSponsor);
        }

-        [HttpDelete("{sponsoringOrgUserId}")]
-        [HttpPost("{sponsoringOrgUserId}/delete")]
+        [HttpDelete("{sponsoringOrganizationId}")]
+        [HttpPost("{sponsoringOrganizationId}/delete")]
        [SelfHosted(NotSelfHostedOnly = true)]
-        public async Task RevokeSponsorship(string sponsoringOrgUserId)
+        public async Task RevokeSponsorship(string sponsoringOrganizationId)
        {
-            var sponsoringOrgUserIdGuid = new Guid(sponsoringOrgUserId);
+            var sponsoringOrganizationIdGuid = new Guid(sponsoringOrganizationId);

-            var orgUser = await _organizationUserRepository.GetByIdAsync(sponsoringOrgUserIdGuid);
+            var orgUser = await _organizationUserRepository.GetByOrganizationAsync(sponsoringOrganizationIdGuid, _currentContext.UserId ?? default);
            if (_currentContext.UserId != orgUser?.UserId)
            {
                throw new BadRequestException("Can only revoke a sponsorship you granted.");
            }

            var existingOrgSponsorship = await _organizationSponsorshipRepository
-                .GetBySponsoringOrganizationUserIdAsync(sponsoringOrgUserIdGuid);
+                .GetBySponsoringOrganizationUserIdAsync(orgUser.Id);
            if (existingOrgSponsorship == null || existingOrgSponsorship.SponsoredOrganizationId == null)
            {
                throw new BadRequestException("You are not currently sponsoring an organization.");