diff options
| author | crupest <crupest@outlook.com> | 2020-11-12 23:45:00 +0800 |
|---|---|---|
| committer | crupest <crupest@outlook.com> | 2020-11-12 23:45:00 +0800 |
| commit | 609804f4e7d5d27496c9c31ed1ec84d6e86313c3 (patch) | |
| tree | b81283ecfd40473cc098298f3e2e8c989467db95 /BackEnd/Timeline/Controllers/UserController.cs | |
| parent | d3da412fa7e10db8c721846152a2c056dd4ccbcf (diff) | |
| download | timeline-609804f4e7d5d27496c9c31ed1ec84d6e86313c3.tar.gz timeline-609804f4e7d5d27496c9c31ed1ec84d6e86313c3.tar.bz2 timeline-609804f4e7d5d27496c9c31ed1ec84d6e86313c3.zip | |
feat: Add REST API for user permission.
Diffstat (limited to 'BackEnd/Timeline/Controllers/UserController.cs')
| -rw-r--r-- | BackEnd/Timeline/Controllers/UserController.cs | 48 |
1 files changed, 46 insertions, 2 deletions
diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs index 524e5559..c5d1d4de 100644 --- a/BackEnd/Timeline/Controllers/UserController.cs +++ b/BackEnd/Timeline/Controllers/UserController.cs @@ -26,20 +26,24 @@ namespace Timeline.Controllers {
private readonly ILogger<UserController> _logger;
private readonly IUserService _userService;
+ private readonly IUserPermissionService _userPermissionService;
private readonly IUserDeleteService _userDeleteService;
private readonly IMapper _mapper;
/// <summary></summary>
- public UserController(ILogger<UserController> logger, IUserService userService, IUserDeleteService userDeleteService, IMapper mapper)
+ public UserController(ILogger<UserController> logger, IUserService userService, IUserPermissionService userPermissionService, IUserDeleteService userDeleteService, IMapper mapper)
{
_logger = logger;
_userService = userService;
+ _userPermissionService = userPermissionService;
_userDeleteService = userDeleteService;
_mapper = mapper;
}
private UserInfo ConvertToUserInfo(User user) => _mapper.Map<UserInfo>(user);
+ private bool UserHasUserManagementPermission => this.UserHasPermission(UserPermission.UserManagement);
+
/// <summary>
/// Get all users.
/// </summary>
@@ -90,7 +94,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status404NotFound)]
public async Task<ActionResult<UserInfo>> Patch([FromBody] UserPatchRequest body, [FromRoute][Username] string username)
{
- if (this.UserHasPermission(UserPermission.UserManagement))
+ if (UserHasUserManagementPermission)
{
try
{
@@ -189,5 +193,45 @@ namespace Timeline.Controllers }
// User can't be non-existent or the token is bad.
}
+
+ [HttpPut("users/{username}/permissions/{permission}"), PermissionAuthorize(UserPermission.UserManagement)]
+ [ProducesResponseType(StatusCodes.Status200OK)]
+ [ProducesResponseType(StatusCodes.Status400BadRequest)]
+ [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+ [ProducesResponseType(StatusCodes.Status403Forbidden)]
+ [ProducesResponseType(StatusCodes.Status404NotFound)]
+ public async Task<ActionResult> PutUserPermission([FromRoute] string username, [FromRoute] UserPermission permission)
+ {
+ try
+ {
+ var id = await _userService.GetUserIdByUsername(username);
+ await _userPermissionService.AddPermissionToUserAsync(id, permission);
+ return Ok();
+ }
+ catch (UserNotExistException)
+ {
+ return NotFound(ErrorResponse.UserCommon.NotExist());
+ }
+ }
+
+ [HttpDelete("users/{username}/permissions/{permission}"), PermissionAuthorize(UserPermission.UserManagement)]
+ [ProducesResponseType(StatusCodes.Status200OK)]
+ [ProducesResponseType(StatusCodes.Status400BadRequest)]
+ [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+ [ProducesResponseType(StatusCodes.Status403Forbidden)]
+ [ProducesResponseType(StatusCodes.Status404NotFound)]
+ public async Task<ActionResult> DeleteUserPermission([FromRoute] string username, [FromRoute] UserPermission permission)
+ {
+ try
+ {
+ var id = await _userService.GetUserIdByUsername(username);
+ await _userPermissionService.RemovePermissionFromUserAsync(id, permission);
+ return Ok();
+ }
+ catch (UserNotExistException)
+ {
+ return NotFound(ErrorResponse.UserCommon.NotExist());
+ }
+ }
}
}
|