feat: Now changing user permission returns 400.

author: crupest <crupest@outlook.com> 2020-11-15 20:31:22 +0800
committer: crupest <crupest@outlook.com> 2020-11-15 20:31:22 +0800
commit: 667143d870679deb4be55122237e66d2d480946f (patch)
tree: da5c5c4f4b0edcc827182a448bed0e7cc5ec1729
parent: 63ec1050dd24e4123f73e9ed757376dc8128803d (diff)
download: timeline-667143d870679deb4be55122237e66d2d480946f.tar.gz
timeline-667143d870679deb4be55122237e66d2d480946f.tar.bz2
timeline-667143d870679deb4be55122237e66d2d480946f.zip
9 files changed, 61 insertions, 28 deletions
diff --git a/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs b/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs
index 91e0c1fd..df3d1861 100644
--- a/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs
+++ b/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs
@@ -43,6 +43,7 @@
         {
             public const int UsernameConflict = 1_102_01_01;
             public const int ChangePassword_BadOldPassword = 1_102_02_01;
+            public const int ChangePermission_RootUser = 1_102_03_01;
         }
 
         public static class UserAvatar
diff --git a/BackEnd/Timeline.Tests/IntegratedTests/UserPermissionTest.cs b/BackEnd/Timeline.Tests/IntegratedTests/UserPermissionTest.cs
index 77cae590..3fb581f0 100644
--- a/BackEnd/Timeline.Tests/IntegratedTests/UserPermissionTest.cs
+++ b/BackEnd/Timeline.Tests/IntegratedTests/UserPermissionTest.cs
@@ -36,23 +36,15 @@ namespace Timeline.Tests.IntegratedTests
 
         [Theory]
         [MemberData(nameof(EveryPermissionTestData))]
-        public async Task ModifyRootUserPermissionShouldHaveNoEffect(UserPermission permission)
+        public async Task ModifyRootUserPermission_Should_Error(UserPermission permission)
         {
             using var client = await CreateClientAsAdministrator();
 
-            await client.TestDeleteAsync($"users/admin/permissions/{permission}");
+            await client.TestPutAssertErrorAsync($"users/admin/permissions/{permission}",
+                errorCode: ErrorCodes.UserController.ChangePermission_RootUser);
 
-            {
-                var body = await client.GetUserAsync("admin");
-                body.Permissions.Should().BeEquivalentTo(Enum.GetNames<UserPermission>());
-            }
-
-            await client.TestPutAsync($"users/admin/permissions/{permission}");
-
-            {
-                var body = await client.GetUserAsync("admin");
-                body.Permissions.Should().BeEquivalentTo(Enum.GetNames<UserPermission>());
-            }
+            await client.TestDeleteAssertErrorAsync($"users/admin/permissions/{permission}",
+                errorCode: ErrorCodes.UserController.ChangePermission_RootUser);
         }
 
         [Theory]
diff --git a/BackEnd/Timeline.Tests/Services/UserPermissionServiceTest.cs b/BackEnd/Timeline.Tests/Services/UserPermissionServiceTest.cs
index 5a4e4954..ea20bd18 100644
--- a/BackEnd/Timeline.Tests/Services/UserPermissionServiceTest.cs
+++ b/BackEnd/Timeline.Tests/Services/UserPermissionServiceTest.cs
@@ -48,18 +48,10 @@ namespace Timeline.Tests.Services
         }
 
         [Fact]
-        public async Task ModifyPermissionOnRootUserShouldHaveNoEffect()
+        public async Task ModifyPermissionOnRootUser_Should_Throw()
         {
-            await _service.AddPermissionToUserAsync(1, UserPermission.AllTimelineManagement);
-            {
-                var permission = await _service.GetPermissionsOfUserAsync(1);
-                permission.Should().BeEquivalentTo(Enum.GetValues<UserPermission>());
-            }
-            await _service.RemovePermissionFromUserAsync(1, UserPermission.AllTimelineManagement);
-            {
-                var permission = await _service.GetPermissionsOfUserAsync(1);
-                permission.Should().BeEquivalentTo(Enum.GetValues<UserPermission>());
-            }
+            await _service.Awaiting(s => s.AddPermissionToUserAsync(1, UserPermission.AllTimelineManagement)).Should().ThrowAsync<InvalidOperationOnRootUserException>();
+            await _service.Awaiting(s => s.RemovePermissionFromUserAsync(1, UserPermission.AllTimelineManagement)).Should().ThrowAsync<InvalidOperationOnRootUserException>();
         }
 
         [Fact]
diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs
index bbdb5d57..da34cb1b 100644
--- a/BackEnd/Timeline/Controllers/UserController.cs
+++ b/BackEnd/Timeline/Controllers/UserController.cs
@@ -212,6 +212,10 @@ namespace Timeline.Controllers
             {
                 return NotFound(ErrorResponse.UserCommon.NotExist());
             }
+            catch (InvalidOperationOnRootUserException)
+            {
+                return BadRequest(ErrorResponse.UserController.ChangePermission_RootUser());
+            }
         }
 
         [HttpDelete("users/{username}/permissions/{permission}"), PermissionAuthorize(UserPermission.UserManagement)]
@@ -232,6 +236,10 @@ namespace Timeline.Controllers
             {
                 return NotFound(ErrorResponse.UserCommon.NotExist());
             }
+            catch (InvalidOperationOnRootUserException)
+            {
+                return BadRequest(ErrorResponse.UserController.ChangePermission_RootUser());
+            }
         }
     }
 }
diff --git a/BackEnd/Timeline/Models/Http/ErrorResponse.cs b/BackEnd/Timeline/Models/Http/ErrorResponse.cs
index ac86481f..616a0037 100644
--- a/BackEnd/Timeline/Models/Http/ErrorResponse.cs
+++ b/BackEnd/Timeline/Models/Http/ErrorResponse.cs
@@ -156,6 +156,16 @@ namespace Timeline.Models.Http
                 return new CommonResponse(ErrorCodes.UserController.ChangePassword_BadOldPassword, string.Format(message, formatArgs));
             }
 
+            public static CommonResponse ChangePermission_RootUser(params object?[] formatArgs)
+            {
+                return new CommonResponse(ErrorCodes.UserController.ChangePermission_RootUser, string.Format(UserController_ChangePermission_RootUser, formatArgs));
+            }
+
+            public static CommonResponse CustomMessage_ChangePermission_RootUser(string message, params object?[] formatArgs)
+            {
+                return new CommonResponse(ErrorCodes.UserController.ChangePermission_RootUser, string.Format(message, formatArgs));
+            }
+
         }
 
         public static class UserAvatar
diff --git a/BackEnd/Timeline/Resources/Messages.Designer.cs b/BackEnd/Timeline/Resources/Messages.Designer.cs
index bb654ce6..fd3e1848 100644
--- a/BackEnd/Timeline/Resources/Messages.Designer.cs
+++ b/BackEnd/Timeline/Resources/Messages.Designer.cs
@@ -358,6 +358,15 @@ namespace Timeline.Resources {
         }
         
         /// <summary>
+        ///   Looks up a localized string similar to You can&apos;t change permission of root user..
+        /// </summary>
+        internal static string UserController_ChangePermission_RootUser {
+            get {
+                return ResourceManager.GetString("UserController_ChangePermission_RootUser", resourceCulture);
+            }
+        }
+        
+        /// <summary>
         ///   Looks up a localized string similar to You can&apos;t set permission unless you are administrator..
         /// </summary>
         internal static string UserController_Patch_Forbid_Administrator {
diff --git a/BackEnd/Timeline/Resources/Messages.resx b/BackEnd/Timeline/Resources/Messages.resx
index 2bbf494e..d808499b 100644
--- a/BackEnd/Timeline/Resources/Messages.resx
+++ b/BackEnd/Timeline/Resources/Messages.resx
@@ -216,6 +216,9 @@
   <data name="UserController_ChangePassword_BadOldPassword" xml:space="preserve">
     <value>Old password is wrong.</value>
   </data>
+  <data name="UserController_ChangePermission_RootUser" xml:space="preserve">
+    <value>You can't change permission of root user.</value>
+  </data>
   <data name="UserController_Patch_Forbid_Administrator" xml:space="preserve">
     <value>You can't set permission unless you are administrator.</value>
   </data>
diff --git a/BackEnd/Timeline/Services/Exceptions/InvalidOperationOnRootUserException.cs b/BackEnd/Timeline/Services/Exceptions/InvalidOperationOnRootUserException.cs
new file mode 100644
index 00000000..2bcab316
--- /dev/null
+++ b/BackEnd/Timeline/Services/Exceptions/InvalidOperationOnRootUserException.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Timeline.Services.Exceptions
+{
+
+    [Serializable]
+    public class InvalidOperationOnRootUserException : InvalidOperationException
+    {
+        public InvalidOperationOnRootUserException() { }
+        public InvalidOperationOnRootUserException(string message) : base(message) { }
+        public InvalidOperationOnRootUserException(string message, Exception inner) : base(message, inner) { }
+        protected InvalidOperationOnRootUserException(
+          System.Runtime.Serialization.SerializationInfo info,
+          System.Runtime.Serialization.StreamingContext context) : base(info, context) { }
+    }
+}
diff --git a/BackEnd/Timeline/Services/UserPermissionService.cs b/BackEnd/Timeline/Services/UserPermissionService.cs
index ff09b4ee..2fdf3d2d 100644
--- a/BackEnd/Timeline/Services/UserPermissionService.cs
+++ b/BackEnd/Timeline/Services/UserPermissionService.cs
@@ -127,6 +127,7 @@ namespace Timeline.Services
         /// <param name="userId">The id of the user.</param>
         /// <param name="permission">The new permission.</param>
         /// <exception cref="UserNotExistException">Thrown when user does not exist.</exception>
+        /// <exception cref="InvalidOperationException">Thrown when change root user's permission.</exception>
         Task AddPermissionToUserAsync(long userId, UserPermission permission);
 
         /// <summary>
@@ -136,6 +137,7 @@ namespace Timeline.Services
         /// <param name="permission">The permission.</param>
         /// <param name="checkUserExistence">Whether check the user's existence.</param>
         /// <exception cref="UserNotExistException">Thrown when <paramref name="checkUserExistence"/> is true and user does not exist.</exception>
+        /// <exception cref="InvalidOperationException">Thrown when change root user's permission.</exception>
         Task RemovePermissionFromUserAsync(long userId, UserPermission permission, bool checkUserExistence = true);
     }
 
@@ -176,8 +178,8 @@ namespace Timeline.Services
 
         public async Task AddPermissionToUserAsync(long userId, UserPermission permission)
         {
-            if (userId == 1) // The init administrator account.
-                return;
+            if (userId == 1)
+                throw new InvalidOperationOnRootUserException("Can't change root user's permission.");
 
             await CheckUserExistence(userId, true);
 
@@ -193,8 +195,8 @@ namespace Timeline.Services
 
         public async Task RemovePermissionFromUserAsync(long userId, UserPermission permission, bool checkUserExistence = true)
         {
-            if (userId == 1) // The init administrator account.
-                return;
+            if (userId == 1)
+                throw new InvalidOperationOnRootUserException("Can't change root user's permission.");
 
             await CheckUserExistence(userId, checkUserExistence);
author	crupest <crupest@outlook.com>	2020-11-15 20:31:22 +0800
committer	crupest <crupest@outlook.com>	2020-11-15 20:31:22 +0800
commit	667143d870679deb4be55122237e66d2d480946f (patch)
tree	da5c5c4f4b0edcc827182a448bed0e7cc5ec1729
parent	63ec1050dd24e4123f73e9ed757376dc8128803d (diff)
download	timeline-667143d870679deb4be55122237e66d2d480946f.tar.gz timeline-667143d870679deb4be55122237e66d2d480946f.tar.bz2 timeline-667143d870679deb4be55122237e66d2d480946f.zip