1 files changed, 15 insertions, 5 deletions

diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs
index 0d35bd776..383a59850 100644
--- a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs
+++ b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/DataStoreController.cs
@@ -62,6 +62,11 @@ namespace Tango.MachineService.Controllers
                     throw new AuthenticationException("Your account has been disabled. Please contact your administrator.");
                 }
 
+                if (!user.HasPermission(Permissions.DataStoreRead))
+                {
+                    throw new AuthenticationException("You are not authorized to access the data store.");
+                }
+
                 var token = WebToken<TokenObject>.CreateNew(MachineServiceConfig.JWT_TOKEN_SECRET, new TokenObject()
                 {
                     UserGuid = user.Guid,
@@ -81,7 +86,7 @@ namespace Tango.MachineService.Controllers
         {
             try
             {
-                if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreRead))
+                if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreRead))
                 {
                     throw CreateHttpException(new AuthenticationException("The current user was not authorized to read from the data store."), HttpStatusCode.Unauthorized);
                 }
@@ -150,9 +155,9 @@ namespace Tango.MachineService.Controllers
         {
             try
             {
-                if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreWrite))
+                if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreWrite))
                 {
-                    throw CreateHttpException(new AuthenticationException("The current user was not authorized to write to the data store."), HttpStatusCode.BadRequest);
+                    throw CreateHttpException(new AuthenticationException("The current user was not authorized to write to the data store."), HttpStatusCode.Unauthorized);
                 }
 
                 if (item.Collection == null || item.Key == null)
@@ -177,7 +182,7 @@ namespace Tango.MachineService.Controllers
 
                         if (dbItem == null)
                         {
-                            if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreCreate))
+                            if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreCreate))
                             {
                                 throw CreateHttpException(new AuthenticationException("The current user was not authorized to create new items on the data store."), HttpStatusCode.Unauthorized);
                             }
@@ -197,11 +202,16 @@ namespace Tango.MachineService.Controllers
                     }
                     else
                     {
+                        if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreCreateWriteGlobal))
+                        {
+                            throw CreateHttpException(new AuthenticationException("The current user was not authorized to write to the global data store."), HttpStatusCode.Unauthorized);
+                        }
+
                         GlobalDataStoreItem dbItem = db.GlobalDataStoreItems.FirstOrDefault(x => x.CollectionName == item.Collection && x.Key == item.Key);
 
                         if (dbItem == null)
                         {
-                            if (!RequestToken.Object.Permissions.Contains(Permissions.FSE_DataStoreCreate))
+                            if (!RequestToken.Object.Permissions.Contains(Permissions.DataStoreCreate))
                             {
                                 throw CreateHttpException(new AuthenticationException("The current user was not authorized to create new items on the data store."), HttpStatusCode.Unauthorized);
                             }