From da9139b7bab95f6e5ba5f4bb2d99011c2d6db03a Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Wed, 23 Mar 2022 21:30:14 +0800
Subject: …
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 BackEnd/Timeline/Controllers/MyControllerBase.cs | 33 +++++++++++++++---------
 1 file changed, 21 insertions(+), 12 deletions(-)

(limited to 'BackEnd/Timeline/Controllers/MyControllerBase.cs')

diff --git a/BackEnd/Timeline/Controllers/MyControllerBase.cs b/BackEnd/Timeline/Controllers/MyControllerBase.cs
index d4ee9d3e..b74193f4 100644
--- a/BackEnd/Timeline/Controllers/MyControllerBase.cs
+++ b/BackEnd/Timeline/Controllers/MyControllerBase.cs
@@ -1,8 +1,11 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.DependencyInjection;
 using System;
+using System.Threading.Tasks;
 using Timeline.Auth;
 using Timeline.Models.Http;
+using Timeline.Services;
 using Timeline.Services.User;
 
 namespace Timeline.Controllers
@@ -15,24 +18,30 @@ namespace Timeline.Controllers
             return User.HasPermission(permission);
         }
 
-        protected string? GetOptionalUsername()
+        protected long? GetOptionalAuthUserId()
         {
-            return User.GetOptionalName();
-        }
-
-        protected string GetUsername()
-        {
-            return GetOptionalUsername() ?? throw new InvalidOperationException(Resource.ExceptionNoUsername);
+            return User.GetOptionalUserId();
         }
 
-        protected long? GetOptionalUserId()
+        protected long GetAuthUserId()
         {
-            return User.GetOptionalUserId();
+            return GetOptionalAuthUserId() ?? throw new InvalidOperationException(Resource.ExceptionNoUserId);
         }
 
-        protected long GetUserId()
-        {
-            return GetOptionalUserId() ?? throw new InvalidOperationException(Resource.ExceptionNoUserId);
+        protected async Task<bool> CheckIsSelf(string username)
+        {
+            var authUserId = GetOptionalAuthUserId();
+            if (!authUserId.HasValue) return false;
+            try
+            {
+                var userService = HttpContext.RequestServices.GetRequiredService<IUserService>();
+                var id = await userService.GetUserIdByUsernameAsync(username);
+                return authUserId == id;
+            }
+            catch (EntityNotExistException)
+            {
+                return false;
+            }
         }
         #endregion auth
 
-- 
cgit v1.2.3