Securty

Aberwyn/Controllers/RssController.cs

@@ -1,5 +1,6 @@
 using Aberwyn.Data;
 using BencodeNET.Torrents;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 
@@ -24,7 +25,7 @@ public class RssController : Controller
         _movieMetadataService = movieMetadataService;
         _context = context;
     }
-
+    [Authorize(Roles = "Admin")]
     [HttpGet]
     public async Task<IActionResult> Index(int page = 1, string sort = "date", string range = "all")
     {
@@ -105,7 +106,7 @@ public class RssController : Controller
     }
 
 
-
+    [Authorize(Roles = "Admin")]
     [HttpPost]
     public async Task<IActionResult> Add(string torrentUrl)
     {
@@ -164,7 +165,7 @@ public class RssController : Controller
     }
 
 
-
+    [Authorize(Roles = "Admin")]
     [HttpPost]
     [ValidateAntiForgeryToken]
     public async Task<IActionResult> Upload(TorrentUploadViewModel model)
@@ -211,7 +212,7 @@ public class RssController : Controller
             return View("Index", model);
         }
     }
-
+    [Authorize(Roles = "Admin")]
     [HttpPost]
     [ValidateAntiForgeryToken]
     public async Task<IActionResult> RefreshStats(string infoHash, string scrapeUrl)