diff options
| -rw-r--r-- | BackEnd/Timeline/Controllers/UserController.cs | 48 | ||||
| -rw-r--r-- | BackEnd/Timeline/Models/Converters/JsonDateTimeConverter.cs | 2 | ||||
| -rw-r--r-- | BackEnd/Timeline/Models/Validation/Validator.cs | 4 | ||||
| -rw-r--r-- | BackEnd/Timeline/Services/UserService.cs | 7 |
4 files changed, 55 insertions, 6 deletions
diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs index 524e5559..c5d1d4de 100644 --- a/BackEnd/Timeline/Controllers/UserController.cs +++ b/BackEnd/Timeline/Controllers/UserController.cs @@ -26,20 +26,24 @@ namespace Timeline.Controllers {
private readonly ILogger<UserController> _logger;
private readonly IUserService _userService;
+ private readonly IUserPermissionService _userPermissionService;
private readonly IUserDeleteService _userDeleteService;
private readonly IMapper _mapper;
/// <summary></summary>
- public UserController(ILogger<UserController> logger, IUserService userService, IUserDeleteService userDeleteService, IMapper mapper)
+ public UserController(ILogger<UserController> logger, IUserService userService, IUserPermissionService userPermissionService, IUserDeleteService userDeleteService, IMapper mapper)
{
_logger = logger;
_userService = userService;
+ _userPermissionService = userPermissionService;
_userDeleteService = userDeleteService;
_mapper = mapper;
}
private UserInfo ConvertToUserInfo(User user) => _mapper.Map<UserInfo>(user);
+ private bool UserHasUserManagementPermission => this.UserHasPermission(UserPermission.UserManagement);
+
/// <summary>
/// Get all users.
/// </summary>
@@ -90,7 +94,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status404NotFound)]
public async Task<ActionResult<UserInfo>> Patch([FromBody] UserPatchRequest body, [FromRoute][Username] string username)
{
- if (this.UserHasPermission(UserPermission.UserManagement))
+ if (UserHasUserManagementPermission)
{
try
{
@@ -189,5 +193,45 @@ namespace Timeline.Controllers }
// User can't be non-existent or the token is bad.
}
+
+ [HttpPut("users/{username}/permissions/{permission}"), PermissionAuthorize(UserPermission.UserManagement)]
+ [ProducesResponseType(StatusCodes.Status200OK)]
+ [ProducesResponseType(StatusCodes.Status400BadRequest)]
+ [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+ [ProducesResponseType(StatusCodes.Status403Forbidden)]
+ [ProducesResponseType(StatusCodes.Status404NotFound)]
+ public async Task<ActionResult> PutUserPermission([FromRoute] string username, [FromRoute] UserPermission permission)
+ {
+ try
+ {
+ var id = await _userService.GetUserIdByUsername(username);
+ await _userPermissionService.AddPermissionToUserAsync(id, permission);
+ return Ok();
+ }
+ catch (UserNotExistException)
+ {
+ return NotFound(ErrorResponse.UserCommon.NotExist());
+ }
+ }
+
+ [HttpDelete("users/{username}/permissions/{permission}"), PermissionAuthorize(UserPermission.UserManagement)]
+ [ProducesResponseType(StatusCodes.Status200OK)]
+ [ProducesResponseType(StatusCodes.Status400BadRequest)]
+ [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+ [ProducesResponseType(StatusCodes.Status403Forbidden)]
+ [ProducesResponseType(StatusCodes.Status404NotFound)]
+ public async Task<ActionResult> DeleteUserPermission([FromRoute] string username, [FromRoute] UserPermission permission)
+ {
+ try
+ {
+ var id = await _userService.GetUserIdByUsername(username);
+ await _userPermissionService.RemovePermissionFromUserAsync(id, permission);
+ return Ok();
+ }
+ catch (UserNotExistException)
+ {
+ return NotFound(ErrorResponse.UserCommon.NotExist());
+ }
+ }
}
}
diff --git a/BackEnd/Timeline/Models/Converters/JsonDateTimeConverter.cs b/BackEnd/Timeline/Models/Converters/JsonDateTimeConverter.cs index 94b5cab0..72a2908c 100644 --- a/BackEnd/Timeline/Models/Converters/JsonDateTimeConverter.cs +++ b/BackEnd/Timeline/Models/Converters/JsonDateTimeConverter.cs @@ -12,7 +12,7 @@ namespace Timeline.Models.Converters public override DateTime Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
{
Debug.Assert(typeToConvert == typeof(DateTime));
- return DateTime.Parse(reader.GetString(), CultureInfo.InvariantCulture, DateTimeStyles.AssumeUniversal | DateTimeStyles.AdjustToUniversal);
+ return DateTime.Parse(reader.GetString()!, CultureInfo.InvariantCulture, DateTimeStyles.AssumeUniversal | DateTimeStyles.AdjustToUniversal);
}
public override void Write(Utf8JsonWriter writer, DateTime value, JsonSerializerOptions options)
diff --git a/BackEnd/Timeline/Models/Validation/Validator.cs b/BackEnd/Timeline/Models/Validation/Validator.cs index aef7891c..b7e754d3 100644 --- a/BackEnd/Timeline/Models/Validation/Validator.cs +++ b/BackEnd/Timeline/Models/Validation/Validator.cs @@ -111,12 +111,12 @@ namespace Timeline.Models.Validation }
}
- protected override ValidationResult IsValid(object value, ValidationContext validationContext)
+ protected override ValidationResult IsValid(object? value, ValidationContext validationContext)
{
var (result, message) = _validator.Validate(value);
if (result)
{
- return ValidationResult.Success;
+ return ValidationResult.Success!;
}
else
{
diff --git a/BackEnd/Timeline/Services/UserService.cs b/BackEnd/Timeline/Services/UserService.cs index b925742e..915c9460 100644 --- a/BackEnd/Timeline/Services/UserService.cs +++ b/BackEnd/Timeline/Services/UserService.cs @@ -17,7 +17,12 @@ namespace Timeline.Services /// <summary>
/// Null means not change.
/// </summary>
- public record ModifyUserParams(string? Username = null, string? Password = null, string? Nickname = null);
+ public record ModifyUserParams
+ {
+ public string? Username { get; set; }
+ public string? Password { get; set; }
+ public string? Nickname { get; set; }
+ }
public interface IUserService
{
|