Merge pull request #188 from crupest/root-user

Forbid some operation on root user.
author: crupest <crupest@outlook.com> 2020-11-15 20:54:33 +0800
committer: GitHub <noreply@github.com> 2020-11-15 20:54:33 +0800
commit: 515430ecc976008c50cf27a38dc869c2b1aa73c0 (patch)
tree: 945016b5c2a911a2a19b8f4f1472ecfdbe32a602 /BackEnd/Timeline/Controllers/UserController.cs
parent: fa7b123be84afe020fc582535cc270e8cf24e85b (diff)
parent: 45873d9115840c9db596c2dffebc7bb29df13686 (diff)
download: timeline-515430ecc976008c50cf27a38dc869c2b1aa73c0.tar.gz
timeline-515430ecc976008c50cf27a38dc869c2b1aa73c0.tar.bz2
timeline-515430ecc976008c50cf27a38dc869c2b1aa73c0.zip
1 files changed, 21 insertions, 5 deletions
diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs
index bbdb5d57..8edae139 100644
--- a/BackEnd/Timeline/Controllers/UserController.cs
+++ b/BackEnd/Timeline/Controllers/UserController.cs
@@ -138,15 +138,23 @@ namespace Timeline.Controllers
         /// <returns>Info of deletion.</returns>
         [HttpDelete("users/{username}"), PermissionAuthorize(UserPermission.UserManagement)]
         [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status400BadRequest)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]
         [ProducesResponseType(StatusCodes.Status403Forbidden)]
         public async Task<ActionResult<CommonDeleteResponse>> Delete([FromRoute][Username] string username)
         {
-            var delete = await _userDeleteService.DeleteUser(username);
-            if (delete)
-                return Ok(CommonDeleteResponse.Delete());
-            else
-                return Ok(CommonDeleteResponse.NotExist());
+            try
+            {
+                var delete = await _userDeleteService.DeleteUser(username);
+                if (delete)
+                    return Ok(CommonDeleteResponse.Delete());
+                else
+                    return Ok(CommonDeleteResponse.NotExist());
+            }
+            catch (InvalidOperationOnRootUserException)
+            {
+                return BadRequest(ErrorResponse.UserController.Delete_RootUser());
+            }
         }
 
         /// <summary>
@@ -212,6 +220,10 @@ namespace Timeline.Controllers
             {
                 return NotFound(ErrorResponse.UserCommon.NotExist());
             }
+            catch (InvalidOperationOnRootUserException)
+            {
+                return BadRequest(ErrorResponse.UserController.ChangePermission_RootUser());
+            }
         }
 
         [HttpDelete("users/{username}/permissions/{permission}"), PermissionAuthorize(UserPermission.UserManagement)]
@@ -232,6 +244,10 @@ namespace Timeline.Controllers
             {
                 return NotFound(ErrorResponse.UserCommon.NotExist());
             }
+            catch (InvalidOperationOnRootUserException)
+            {
+                return BadRequest(ErrorResponse.UserController.ChangePermission_RootUser());
+            }
         }
     }
 }
author	crupest <crupest@outlook.com>	2020-11-15 20:54:33 +0800
committer	GitHub <noreply@github.com>	2020-11-15 20:54:33 +0800
commit	515430ecc976008c50cf27a38dc869c2b1aa73c0 (patch)
tree	945016b5c2a911a2a19b8f4f1472ecfdbe32a602 /BackEnd/Timeline/Controllers/UserController.cs
parent	fa7b123be84afe020fc582535cc270e8cf24e85b (diff)
parent	45873d9115840c9db596c2dffebc7bb29df13686 (diff)
download	timeline-515430ecc976008c50cf27a38dc869c2b1aa73c0.tar.gz timeline-515430ecc976008c50cf27a38dc869c2b1aa73c0.tar.bz2 timeline-515430ecc976008c50cf27a38dc869c2b1aa73c0.zip