From 070cb9201958178fbc453f6c1ddbe11479add94b Mon Sep 17 00:00:00 2001
From: Karsten Thiems <150006841+typecastcloud@users.noreply.github.com>
Date: Wed, 14 Aug 2024 13:04:56 +0200
Subject: [PATCH] feat(invitation): update authorization policy in
 InvitationController

Technical user/clients were now able to use endpoint.

Refs: #932
---
 .../Administration.Service/Controllers/InvitationController.cs  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/administration/Administration.Service/Controllers/InvitationController.cs b/src/administration/Administration.Service/Controllers/InvitationController.cs
index df1108cfb1..48987cbe9f 100644
--- a/src/administration/Administration.Service/Controllers/InvitationController.cs
+++ b/src/administration/Administration.Service/Controllers/InvitationController.cs
@@ -62,7 +62,7 @@ public InvitationController(IInvitationBusinessLogic logic)
     /// <response code="409">user is not associated with  company.</response>
     [HttpPost]
     [Authorize(Roles = "invite_new_partner")]
-    [Authorize(Policy = PolicyTypes.CompanyUser)]
+    [Authorize(Policy = PolicyTypes.ValidCompany)]
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(typeof(ErrorResponse), StatusCodes.Status400BadRequest)]
     [ProducesResponseType(typeof(ErrorResponse), StatusCodes.Status500InternalServerError)]