Added memberId check before deletion and updation of an Interview Experience

Sherin-2711 · i-am-that-guy · commit 15cd0550146e · 2025-08-11T12:22:57.000+05:30
diff --git a/src/controllers/interview.controller.ts b/src/controllers/interview.controller.ts
@@ -82,7 +82,7 @@ export const updateInterviewById = async (req: Request, res: Response) => {
   }
 
   if (existingInterview.memberId !== memberId) {
-    throw new ApiError("You are not authorized to update this interview experience", 403);
+    throw new ApiError("You are not authorized to update this interview experience", 401);
   }
 
   const updatedInterview = await interviewService.updateInterviewById(interviewId, {
@@ -103,17 +103,27 @@ export const updateInterviewById = async (req: Request, res: Response) => {
 
 export const deleteInterviewById = async (req: Request, res: Response) => {
   const interviewId = parseInt(req.params.id);
+  const { memberId } = req.body;
 
   if (!interviewId) {
     throw new ApiError("Invalid interview ID", 400);
   }
 
+  if (!memberId) {
+    throw new ApiError("Member ID is required for verification", 400);
+  }
+
   const existingInterview = await interviewService.getInterviewById(interviewId);
 
   if (!existingInterview) {
     throw new ApiError("Interview experience not found", 404);
   }
 
+  
+  if (existingInterview.memberId !== memberId) {
+    throw new ApiError("You are not authorized to delete this interview", 401);
+  }
+
   await interviewService.deleteInterviewById(interviewId);
 
   res.status(200).json({
@@ -122,4 +132,3 @@ export const deleteInterviewById = async (req: Request, res: Response) => {
   });
 };
 
-
