diff --git a/lib/Controller/SigningController.php b/lib/Controller/SigningController.php index a998e0c3..407548d8 100644 --- a/lib/Controller/SigningController.php +++ b/lib/Controller/SigningController.php @@ -102,13 +102,18 @@ public function signTerms(int $termId): DataResponse { /** * As a guest sign the terms * - * @return DataResponse, array{}> + * @return DataResponse, array{}> * * 200: Signed successfully + * 406: The user is already authenticated and therefore not allowed to sign the terms through this endpoint */ #[PublicPage] #[UseSession] public function signTermsPublic(): DataResponse { + if ($this->userId !== null) { + return new DataResponse([], Http::STATUS_NOT_ACCEPTABLE); + } + $uuid = $this->config->getAppValue(Application::APPNAME, 'term_uuid', ''); $this->session->set('term_uuid', $uuid); diff --git a/openapi-full.json b/openapi-full.json index a1d590b4..0c31166b 100644 --- a/openapi-full.json +++ b/openapi-full.json @@ -542,6 +542,34 @@ } } } + }, + "406": { + "description": "The user is already authenticated and therefore not allowed to sign the terms through this endpoint", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } } } } diff --git a/openapi.json b/openapi.json index 175e5fcf..fce07dd2 100644 --- a/openapi.json +++ b/openapi.json @@ -323,6 +323,34 @@ } } } + }, + "406": { + "description": "The user is already authenticated and therefore not allowed to sign the terms through this endpoint", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } } } }