aboutsummaryrefslogtreecommitdiff
path: root/Timeline/Controllers
diff options
context:
space:
mode:
Diffstat (limited to 'Timeline/Controllers')
-rw-r--r--Timeline/Controllers/PersonalTimelineController.cs16
-rw-r--r--Timeline/Controllers/TimelineController.cs149
2 files changed, 157 insertions, 8 deletions
diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs
index 11353bb5..b6c213d9 100644
--- a/Timeline/Controllers/PersonalTimelineController.cs
+++ b/Timeline/Controllers/PersonalTimelineController.cs
@@ -26,9 +26,9 @@ namespace Timeline.Controllers
}
[HttpGet("users/{username}/timeline")]
- public async Task<ActionResult<BaseTimelineInfo>> TimelineGet([FromRoute][Username] string username)
+ public async Task<ActionResult<TimelineInfo>> TimelineGet([FromRoute][Username] string username)
{
- return await _service.GetTimeline(username);
+ return (await _service.GetTimeline(username)).FillLinksForPersonalTimeline(Url);
}
[HttpGet("users/{username}/timeline/posts")]
@@ -77,14 +77,14 @@ namespace Timeline.Controllers
[HttpPatch("users/{username}/timeline")]
[Authorize]
- public async Task<ActionResult<BaseTimelineInfo>> TimelinePatch([FromRoute][Username] string username, [FromBody] TimelinePatchRequest body)
+ public async Task<ActionResult<TimelineInfo>> TimelinePatch([FromRoute][Username] string username, [FromBody] TimelinePatchRequest body)
{
- if (!this.IsAdministrator() && !(User.Identity.Name == username))
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(username, this.GetUserId())))
{
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
await _service.ChangeProperty(username, body);
- var timeline = await _service.GetTimeline(username);
+ var timeline = (await _service.GetTimeline(username)).FillLinksForPersonalTimeline(Url);
return Ok(timeline);
}
@@ -92,7 +92,7 @@ namespace Timeline.Controllers
[Authorize]
public async Task<ActionResult> TimelineMemberPut([FromRoute][Username] string username, [FromRoute][Username] string member)
{
- if (!this.IsAdministrator() && !(User.Identity.Name == username))
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(username, this.GetUserId())))
{
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
@@ -104,7 +104,7 @@ namespace Timeline.Controllers
}
catch (UserNotExistException)
{
- return BadRequest(ErrorResponse.TimelineController.MemberPut_NotExist());
+ return BadRequest(ErrorResponse.TimelineCommon.MemberPut_NotExist());
}
}
@@ -112,7 +112,7 @@ namespace Timeline.Controllers
[Authorize]
public async Task<ActionResult> TimelineMemberDelete([FromRoute][Username] string username, [FromRoute][Username] string member)
{
- if (!this.IsAdministrator() && !(User.Identity.Name == username))
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(username, this.GetUserId())))
{
return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
}
diff --git a/Timeline/Controllers/TimelineController.cs b/Timeline/Controllers/TimelineController.cs
new file mode 100644
index 00000000..a514ccd9
--- /dev/null
+++ b/Timeline/Controllers/TimelineController.cs
@@ -0,0 +1,149 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Timeline.Filters;
+using Timeline.Models.Http;
+using Timeline.Models.Validation;
+using Timeline.Services;
+
+namespace Timeline.Controllers
+{
+ [ApiController]
+ [CatchTimelineNotExistException]
+ public class TimelineController : Controller
+ {
+ private readonly ILogger<TimelineController> _logger;
+
+ private readonly ITimelineService _service;
+
+ public TimelineController(ILogger<TimelineController> logger, ITimelineService service)
+ {
+ _logger = logger;
+ _service = service;
+ }
+
+ [HttpGet("timelines/{name}")]
+ public async Task<ActionResult<TimelineInfo>> TimelineGet([FromRoute][TimelineName] string name)
+ {
+ var result = (await _service.GetTimeline(name)).FillLinksForNormalTimeline(Url);
+ return Ok(result);
+ }
+
+ [HttpGet("timelines/{name}/posts")]
+ public async Task<ActionResult<IList<TimelinePostInfo>>> PostListGet([FromRoute][TimelineName] string name)
+ {
+ if (!this.IsAdministrator() && !await _service.HasReadPermission(name, this.GetOptionalUserId()))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
+
+ return await _service.GetPosts(name);
+ }
+
+ [HttpPost("timelines/{name}/posts")]
+ [Authorize]
+ public async Task<ActionResult<TimelinePostInfo>> PostPost([FromRoute][TimelineName] string name, [FromBody] TimelinePostCreateRequest body)
+ {
+ var id = this.GetUserId();
+ if (!this.IsAdministrator() && !await _service.IsMemberOf(name, id))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
+
+ var res = await _service.CreatePost(name, id, body.Content, body.Time);
+ return res;
+ }
+
+ [HttpDelete("timelines/{name}/posts/{id}")]
+ [Authorize]
+ public async Task<ActionResult> PostDelete([FromRoute][TimelineName] string name, [FromRoute] long id)
+ {
+ try
+ {
+ if (!this.IsAdministrator() && !await _service.HasPostModifyPermission(name, id, this.GetUserId()))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
+ await _service.DeletePost(name, id);
+ return Ok(CommonDeleteResponse.Delete());
+ }
+ catch (TimelinePostNotExistException)
+ {
+ return Ok(CommonDeleteResponse.NotExist());
+ }
+ }
+
+ [HttpPatch("timelines/{name}")]
+ [Authorize]
+ public async Task<ActionResult<TimelineInfo>> TimelinePatch([FromRoute][TimelineName] string name, [FromBody] TimelinePatchRequest body)
+ {
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId())))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
+ await _service.ChangeProperty(name, body);
+ var timeline = (await _service.GetTimeline(name)).FillLinksForNormalTimeline(Url);
+ return Ok(timeline);
+ }
+
+ [HttpPut("timelines/{name}/members/{member}")]
+ [Authorize]
+ public async Task<ActionResult> TimelineMemberPut([FromRoute][TimelineName] string name, [FromRoute][Username] string member)
+ {
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId())))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
+
+ try
+ {
+ await _service.ChangeMember(name, new List<string> { member }, null);
+ return Ok();
+ }
+ catch (UserNotExistException)
+ {
+ return BadRequest(ErrorResponse.TimelineCommon.MemberPut_NotExist());
+ }
+ }
+
+ [HttpDelete("timelines/{name}/members/{member}")]
+ [Authorize]
+ public async Task<ActionResult> TimelineMemberDelete([FromRoute][TimelineName] string name, [FromRoute][Username] string member)
+ {
+ if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId())))
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid());
+ }
+
+ try
+ {
+ await _service.ChangeMember(name, null, new List<string> { member });
+ return Ok(CommonDeleteResponse.Delete());
+ }
+ catch (UserNotExistException)
+ {
+ return Ok(CommonDeleteResponse.NotExist());
+ }
+ }
+
+ [HttpPost("timelines")]
+ [Authorize]
+ public async Task<ActionResult<TimelineInfo>> TimelineCreate([FromBody] TimelineCreateRequest body)
+ {
+ var userId = this.GetUserId();
+
+ try
+ {
+ var timelineInfo = (await _service.CreateTimeline(body.Name, userId)).FillLinksForNormalTimeline(Url);
+ return Ok(timelineInfo);
+ }
+ catch (ConflictException)
+ {
+ return BadRequest(ErrorResponse.TimelineCommon.NameConflict());
+ }
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-29 09:11:52 +0000