separate Uploader role

Azaion.Api/Program.cs

@@ -35,8 +35,22 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
         };
     });
 
-var apiAdminPolicy = new AuthorizationPolicyBuilder().RequireRole(RoleEnum.ApiAdmin.ToString()).Build();
-builder.Services.AddAuthorization(o => o.AddPolicy("apiAdminPolicy", apiAdminPolicy));
+#region Policies
+
+var apiAdminPolicy = new AuthorizationPolicyBuilder()
+    .RequireRole(RoleEnum.ApiAdmin.ToString()).Build();
+
+var apiUploaderPolicy = new AuthorizationPolicyBuilder()
+    .RequireRole(RoleEnum.ResourceUploader.ToString(), RoleEnum.ApiAdmin.ToString()).Build();
+
+builder.Services.AddAuthorization(o =>
+{
+    o.AddPolicy(nameof(apiAdminPolicy), apiAdminPolicy);
+    o.AddPolicy(nameof(apiUploaderPolicy), apiUploaderPolicy);
+});
+
+#endregion Policies
+
 
 builder.Services.AddHttpContextAccessor();
 
@@ -101,7 +115,7 @@ app.MapPost("/login",
 app.MapPost("/users",
     async (RegisterUserRequest registerUserRequest, IUserService userService, CancellationToken cancellationToken)
         => await userService.RegisterUser(registerUserRequest, cancellationToken))
-    //.RequireAuthorization(apiAdminPolicy)
+    .RequireAuthorization(apiAdminPolicy)
     .WithOpenApi(op => new(op){ Summary = "Creates a new user"});
 
 app.MapGet("/users",
@@ -114,7 +128,7 @@ app.MapPost("/resources",
         async (IFormFile data, IResourcesService resourceService, CancellationToken cancellationToken)
             => await resourceService.SaveResource(data, cancellationToken))
     .Accepts<IFormFile>("multipart/form-data")
-    .RequireAuthorization(apiAdminPolicy)
+    .RequireAuthorization(apiUploaderPolicy)
     .DisableAntiforgery();
 
 app.MapPost("/resources/get", //Need to have POST method for secure password