From 901ed6824ce709c46b2bd21ae932290e453ee34d Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Tue, 19 Jan 2021 15:38:03 +0800
Subject: feat: Deprecate userop/createuser api and add users post api.

---
 BackEnd/Timeline/Controllers/UserController.cs | 34 +++++++++++++++++++-------
 1 file changed, 25 insertions(+), 9 deletions(-)

(limited to 'BackEnd/Timeline/Controllers')

diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs
index e1a9d454..4091174c 100644
--- a/BackEnd/Timeline/Controllers/UserController.cs
+++ b/BackEnd/Timeline/Controllers/UserController.cs
@@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
+using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 using Timeline.Auth;
@@ -59,6 +60,28 @@ namespace Timeline.Controllers
             return result;
         }
 
+        /// <summary>
+        /// Create a new user. You have to be administrator.
+        /// </summary>
+        /// <returns>The new user's info.</returns>
+        [HttpPost("users"), PermissionAuthorize(UserPermission.UserManagement)]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status400BadRequest)]
+        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+        [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        public async Task<ActionResult<HttpUser>> Post([FromBody] HttpCreateUserRequest body)
+        {
+            try
+            {
+                var user = await _userService.CreateUser(body.Username, body.Password);
+                return await _userMapper.MapToHttp(user, Url);
+            }
+            catch (EntityAlreadyExistException e) when (e.EntityName == EntityNames.User)
+            {
+                return BadRequest(ErrorResponse.UserController.UsernameConflict());
+            }
+        }
+
         /// <summary>
         /// Get a user's info.
         /// </summary>
@@ -168,17 +191,10 @@ namespace Timeline.Controllers
         [ProducesResponseType(StatusCodes.Status400BadRequest)]
         [ProducesResponseType(StatusCodes.Status401Unauthorized)]
         [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        [Obsolete("Use post instead.")]
         public async Task<ActionResult<HttpUser>> CreateUser([FromBody] HttpCreateUserRequest body)
         {
-            try
-            {
-                var user = await _userService.CreateUser(body.Username, body.Password);
-                return await _userMapper.MapToHttp(user, Url);
-            }
-            catch (EntityAlreadyExistException e) when (e.EntityName == EntityNames.User)
-            {
-                return BadRequest(ErrorResponse.UserController.UsernameConflict());
-            }
+            return await Post(body);
         }
 
         /// <summary>
-- 
cgit v1.2.3