diff options
Diffstat (limited to 'BackEnd')
| -rw-r--r-- | BackEnd/Timeline.ErrorCodes/ErrorCodes.cs | 1 | ||||
| -rw-r--r-- | BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs | 7 | ||||
| -rw-r--r-- | BackEnd/Timeline.Tests/Services/UserDeleteServiceTest.cs | 27 | ||||
| -rw-r--r-- | BackEnd/Timeline/Controllers/UserController.cs | 18 | ||||
| -rw-r--r-- | BackEnd/Timeline/Models/Http/ErrorResponse.cs | 10 | ||||
| -rw-r--r-- | BackEnd/Timeline/Resources/Messages.Designer.cs | 9 | ||||
| -rw-r--r-- | BackEnd/Timeline/Resources/Messages.resx | 3 | ||||
| -rw-r--r-- | BackEnd/Timeline/Services/UserDeleteService.cs | 5 | ||||
| -rw-r--r-- | BackEnd/Timeline/Services/UserPermissionService.cs | 4 |
9 files changed, 77 insertions, 7 deletions
diff --git a/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs b/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs index df3d1861..90c4ed99 100644 --- a/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs +++ b/BackEnd/Timeline.ErrorCodes/ErrorCodes.cs @@ -44,6 +44,7 @@ public const int UsernameConflict = 1_102_01_01;
public const int ChangePassword_BadOldPassword = 1_102_02_01;
public const int ChangePermission_RootUser = 1_102_03_01;
+ public const int Delete_RootUser = 1_102_04_01;
}
public static class UserAvatar
diff --git a/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs b/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs index 0c2e0b0d..55a37198 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs @@ -176,6 +176,13 @@ namespace Timeline.Tests.IntegratedTests }
[Fact]
+ public async Task DeleteRootUser_Should_Error()
+ {
+ using var client = await CreateClientAsAdministrator();
+ await client.TestDeleteAssertErrorAsync("users/admin", errorCode: ErrorCodes.UserController.Delete_RootUser);
+ }
+
+ [Fact]
public async Task Delete_InvalidModel()
{
using var client = await CreateClientAsAdministrator();
diff --git a/BackEnd/Timeline.Tests/Services/UserDeleteServiceTest.cs b/BackEnd/Timeline.Tests/Services/UserDeleteServiceTest.cs new file mode 100644 index 00000000..be11564e --- /dev/null +++ b/BackEnd/Timeline.Tests/Services/UserDeleteServiceTest.cs @@ -0,0 +1,27 @@ +using FluentAssertions;
+using Microsoft.Extensions.Logging.Abstractions;
+using Moq;
+using System.Threading.Tasks;
+using Timeline.Services;
+using Timeline.Services.Exceptions;
+using Xunit;
+
+namespace Timeline.Tests.Services
+{
+ public class UserDeleteServiceTest : DatabaseBasedTest
+ {
+ private readonly Mock<ITimelineService> _mockTimelineService = new Mock<ITimelineService>();
+ private UserDeleteService _service = default!;
+
+ protected override void OnDatabaseCreated()
+ {
+ _service = new UserDeleteService(NullLogger<UserDeleteService>.Instance, Database, _mockTimelineService.Object);
+ }
+
+ [Fact]
+ public async Task DeleteRootUser_Should_Throw()
+ {
+ await _service.Awaiting(s => s.DeleteUser("admin")).Should().ThrowAsync<InvalidOperationOnRootUserException>();
+ }
+ }
+}
diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs index da34cb1b..8edae139 100644 --- a/BackEnd/Timeline/Controllers/UserController.cs +++ b/BackEnd/Timeline/Controllers/UserController.cs @@ -138,15 +138,23 @@ namespace Timeline.Controllers /// <returns>Info of deletion.</returns>
[HttpDelete("users/{username}"), PermissionAuthorize(UserPermission.UserManagement)]
[ProducesResponseType(StatusCodes.Status200OK)]
+ [ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(StatusCodes.Status403Forbidden)]
public async Task<ActionResult<CommonDeleteResponse>> Delete([FromRoute][Username] string username)
{
- var delete = await _userDeleteService.DeleteUser(username);
- if (delete)
- return Ok(CommonDeleteResponse.Delete());
- else
- return Ok(CommonDeleteResponse.NotExist());
+ try
+ {
+ var delete = await _userDeleteService.DeleteUser(username);
+ if (delete)
+ return Ok(CommonDeleteResponse.Delete());
+ else
+ return Ok(CommonDeleteResponse.NotExist());
+ }
+ catch (InvalidOperationOnRootUserException)
+ {
+ return BadRequest(ErrorResponse.UserController.Delete_RootUser());
+ }
}
/// <summary>
diff --git a/BackEnd/Timeline/Models/Http/ErrorResponse.cs b/BackEnd/Timeline/Models/Http/ErrorResponse.cs index 616a0037..10755fd1 100644 --- a/BackEnd/Timeline/Models/Http/ErrorResponse.cs +++ b/BackEnd/Timeline/Models/Http/ErrorResponse.cs @@ -166,6 +166,16 @@ namespace Timeline.Models.Http return new CommonResponse(ErrorCodes.UserController.ChangePermission_RootUser, string.Format(message, formatArgs));
}
+ public static CommonResponse Delete_RootUser(params object?[] formatArgs)
+ {
+ return new CommonResponse(ErrorCodes.UserController.Delete_RootUser, string.Format(UserController_Delete_RootUser, formatArgs));
+ }
+
+ public static CommonResponse CustomMessage_Delete_RootUser(string message, params object?[] formatArgs)
+ {
+ return new CommonResponse(ErrorCodes.UserController.Delete_RootUser, string.Format(message, formatArgs));
+ }
+
}
public static class UserAvatar
diff --git a/BackEnd/Timeline/Resources/Messages.Designer.cs b/BackEnd/Timeline/Resources/Messages.Designer.cs index fd3e1848..c6b7d5e7 100644 --- a/BackEnd/Timeline/Resources/Messages.Designer.cs +++ b/BackEnd/Timeline/Resources/Messages.Designer.cs @@ -367,6 +367,15 @@ namespace Timeline.Resources { }
/// <summary>
+ /// Looks up a localized string similar to You can't delete root user..
+ /// </summary>
+ internal static string UserController_Delete_RootUser {
+ get {
+ return ResourceManager.GetString("UserController_Delete_RootUser", resourceCulture);
+ }
+ }
+
+ /// <summary>
/// Looks up a localized string similar to You can't set permission unless you are administrator..
/// </summary>
internal static string UserController_Patch_Forbid_Administrator {
diff --git a/BackEnd/Timeline/Resources/Messages.resx b/BackEnd/Timeline/Resources/Messages.resx index d808499b..2386d1eb 100644 --- a/BackEnd/Timeline/Resources/Messages.resx +++ b/BackEnd/Timeline/Resources/Messages.resx @@ -219,6 +219,9 @@ <data name="UserController_ChangePermission_RootUser" xml:space="preserve">
<value>You can't change permission of root user.</value>
</data>
+ <data name="UserController_Delete_RootUser" xml:space="preserve">
+ <value>You can't delete root user.</value>
+ </data>
<data name="UserController_Patch_Forbid_Administrator" xml:space="preserve">
<value>You can't set permission unless you are administrator.</value>
</data>
diff --git a/BackEnd/Timeline/Services/UserDeleteService.cs b/BackEnd/Timeline/Services/UserDeleteService.cs index b6306682..5365313b 100644 --- a/BackEnd/Timeline/Services/UserDeleteService.cs +++ b/BackEnd/Timeline/Services/UserDeleteService.cs @@ -7,6 +7,7 @@ using System.Threading.Tasks; using Timeline.Entities;
using Timeline.Helpers;
using Timeline.Models.Validation;
+using Timeline.Services.Exceptions;
using static Timeline.Resources.Services.UserService;
namespace Timeline.Services
@@ -20,6 +21,7 @@ namespace Timeline.Services /// <returns>True if user is deleted, false if user not exist.</returns>
/// <exception cref="ArgumentNullException">Thrown if <paramref name="username"/> is null.</exception>
/// <exception cref="ArgumentException">Thrown when <paramref name="username"/> is of bad format.</exception>
+ /// <exception cref="InvalidOperationOnRootUserException">Thrown when deleting root user.</exception>
Task<bool> DeleteUser(string username);
}
@@ -54,6 +56,9 @@ namespace Timeline.Services if (user == null)
return false;
+ if (user.Id == 1)
+ throw new InvalidOperationOnRootUserException("Can't delete root user.");
+
await _timelineService.DeleteAllPostsOfUser(user.Id);
_databaseContext.Users.Remove(user);
diff --git a/BackEnd/Timeline/Services/UserPermissionService.cs b/BackEnd/Timeline/Services/UserPermissionService.cs index 2fdf3d2d..42c93283 100644 --- a/BackEnd/Timeline/Services/UserPermissionService.cs +++ b/BackEnd/Timeline/Services/UserPermissionService.cs @@ -127,7 +127,7 @@ namespace Timeline.Services /// <param name="userId">The id of the user.</param>
/// <param name="permission">The new permission.</param>
/// <exception cref="UserNotExistException">Thrown when user does not exist.</exception>
- /// <exception cref="InvalidOperationException">Thrown when change root user's permission.</exception>
+ /// <exception cref="InvalidOperationOnRootUserException">Thrown when change root user's permission.</exception>
Task AddPermissionToUserAsync(long userId, UserPermission permission);
/// <summary>
@@ -137,7 +137,7 @@ namespace Timeline.Services /// <param name="permission">The permission.</param>
/// <param name="checkUserExistence">Whether check the user's existence.</param>
/// <exception cref="UserNotExistException">Thrown when <paramref name="checkUserExistence"/> is true and user does not exist.</exception>
- /// <exception cref="InvalidOperationException">Thrown when change root user's permission.</exception>
+ /// <exception cref="InvalidOperationOnRootUserException">Thrown when change root user's permission.</exception>
Task RemovePermissionFromUserAsync(long userId, UserPermission permission, bool checkUserExistence = true);
}
|