TD-4092 Adding a check for an unauthorise candidate number

sherif-olaboye · sherif-olaboye · commit 51dcb6842e5d · 2024-05-20T09:38:23.000+01:00
diff --git a/DigitalLearningSolutions.Web/Controllers/SupervisorController/Supervisor.cs b/DigitalLearningSolutions.Web/Controllers/SupervisorController/Supervisor.cs
@@ -1368,9 +1368,13 @@ public IActionResult CompetencySelfAssessmentCertificatesupervisor(int candidate
             var adminId = User.GetAdminId();
             User.GetUserIdKnownNotNull();
             var competencymaindata = selfAssessmentService.GetCompetencySelfAssessmentCertificate(candidateAssessmentId);
+            if ((competencymaindata == null) || (candidateAssessmentId == 0))
+            {
+                return RedirectToAction("StatusCode", "LearningSolutions", new { code = 403 });
+            }
             var supervisorDelegateDetails = supervisorService.GetSupervisorDelegateDetailsForAdminId(adminId.Value);
             var checkSupervisorDelegate = supervisorDelegateDetails.Where(x => x.DelegateUserID == competencymaindata.LearnerId).FirstOrDefault();
-            if ((competencymaindata == null) || (checkSupervisorDelegate == null) || (candidateAssessmentId == 0))
+            if ( (checkSupervisorDelegate == null) )
             {
                 return RedirectToAction("StatusCode", "LearningSolutions", new { code = 403 });
             }
