From e8fb31b4523875501696b28e535abcc2958d7762 Mon Sep 17 00:00:00 2001
From: hoeppner-dataport <marcus.hoeppner@dataport.de>
Date: Fri, 3 Nov 2023 12:15:22 +0100
Subject: [PATCH] add check if user is authorized

---
 .../meta-tag-extractor/uc/meta-tag-extractor.uc.ts   | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/apps/server/src/modules/meta-tag-extractor/uc/meta-tag-extractor.uc.ts b/apps/server/src/modules/meta-tag-extractor/uc/meta-tag-extractor.uc.ts
index d7264f6d193..2952d256047 100644
--- a/apps/server/src/modules/meta-tag-extractor/uc/meta-tag-extractor.uc.ts
+++ b/apps/server/src/modules/meta-tag-extractor/uc/meta-tag-extractor.uc.ts
@@ -1,12 +1,13 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { EntityId } from '@shared/domain';
 import { LegacyLogger } from '@src/core/logger';
+import { AuthorizationService } from '@src/modules/authorization';
 import { MetaData, MetaTagExtractorService } from '../service';
 
 @Injectable()
 export class MetaTagExtractorUc {
 	constructor(
-		// private readonly authorizationService: AuthorizationService,
+		private readonly authorizationService: AuthorizationService,
 		private readonly metaTagExtractorService: MetaTagExtractorService,
 		private readonly logger: LegacyLogger
 	) {
@@ -16,9 +17,12 @@ export class MetaTagExtractorUc {
 	async fetchMetaData(userId: EntityId, url: string): Promise<MetaData> {
 		this.logger.debug({ action: 'fetchMetaData', userId });
 
-		const result = await this.metaTagExtractorService.fetchMetaData(url);
-		// WIP: check permission
+		const user = await this.authorizationService.getUserWithPermissions(userId);
+		if (!user) {
+			throw new UnauthorizedException();
+		}
 
+		const result = await this.metaTagExtractorService.fetchMetaData(url);
 		return result;
 	}
 }