From eb35c608b3d73db2cd819a8280fa1cdce1f59dc2 Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Wed, 20 Nov 2019 00:32:32 +0800
Subject: Add delete nonexist post test, and fix the bug.

---
 Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs |  7 +++++++
 Timeline/Controllers/PersonalTimelineController.cs     | 12 ++++++------
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs
index 9dae4c3e..43549d1a 100644
--- a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs
+++ b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs
@@ -441,6 +441,13 @@ namespace Timeline.Tests.IntegratedTests
                         new TimelinePostDeleteRequest { Id = createRes.Id });
                     res.Should().HaveStatusCode(200);
                 }
+                {
+                    var res = await client.PostAsJsonAsync("users/user/timeline/postop/delete",
+                        new TimelinePostDeleteRequest { Id = 30000 });
+                    res.Should().HaveStatusCode(400)
+                        .And.HaveCommonBody()
+                        .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostOperationDeleteNotExist);
+                }
                 {
                     var res = await client.GetAsync("users/user/timeline/posts");
                     res.Should().HaveStatusCode(200)
diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs
index 88f5ba00..c864ed39 100644
--- a/Timeline/Controllers/PersonalTimelineController.cs
+++ b/Timeline/Controllers/PersonalTimelineController.cs
@@ -107,14 +107,14 @@ namespace Timeline.Controllers
         [CatchTimelineNotExistException]
         public async Task<ActionResult> PostOperationDelete([FromRoute][Username] string username, [FromBody] TimelinePostDeleteRequest body)
         {
-            var postId = body.Id!.Value;
-            if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!))
-            {
-                return StatusCode(StatusCodes.Status403Forbidden,
-                    new CommonResponse(ErrorCodes.Http.Timeline.PostOperationDeleteForbid, MessagePostOperationCreateForbid));
-            }
             try
             {
+                var postId = body.Id!.Value;
+                if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!))
+                {
+                    return StatusCode(StatusCodes.Status403Forbidden,
+                        new CommonResponse(ErrorCodes.Http.Timeline.PostOperationDeleteForbid, MessagePostOperationCreateForbid));
+                }
                 await _service.DeletePost(username, postId);
             }
             catch (TimelinePostNotExistException)
-- 
cgit v1.2.3