From e4c4a284571d51dcda373a0a1c047e634b17882d Mon Sep 17 00:00:00 2001 From: crupest Date: Thu, 12 Nov 2020 21:38:43 +0800 Subject: ... --- BackEnd/Timeline/Models/Http/UserInfo.cs | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'BackEnd/Timeline/Models/Http') diff --git a/BackEnd/Timeline/Models/Http/UserInfo.cs b/BackEnd/Timeline/Models/Http/UserInfo.cs index d92a12c4..26b04e90 100644 --- a/BackEnd/Timeline/Models/Http/UserInfo.cs +++ b/BackEnd/Timeline/Models/Http/UserInfo.cs @@ -2,7 +2,9 @@ using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.Infrastructure; using Microsoft.AspNetCore.Mvc.Routing; +using System.Collections.Generic; using Timeline.Controllers; +using Timeline.Services; namespace Timeline.Models.Http { @@ -27,6 +29,12 @@ namespace Timeline.Models.Http /// True if the user is a administrator. /// public bool? Administrator { get; set; } = default!; +#pragma warning disable CA2227 // Collection properties should be read only + /// + /// The permissions of the user. + /// + public List Permissions { get; set; } = default!; +#pragma warning restore CA2227 // Collection properties should be read only #pragma warning disable CA1707 // Identifiers should not contain underscores /// /// Related links. @@ -54,6 +62,14 @@ namespace Timeline.Models.Http public string Timeline { get; set; } = default!; } + public class UserPermissionsValueConverter : ITypeConverter> + { + public List Convert(UserPermissions source, List destination, ResolutionContext context) + { + return source.ToStringList(); + } + } + public class UserInfoLinksValueResolver : IValueResolver { private readonly IActionContextAccessor _actionContextAccessor; @@ -84,7 +100,10 @@ namespace Timeline.Models.Http { public UserInfoAutoMapperProfile() { - CreateMap().ForMember(u => u._links, opt => opt.MapFrom()); + CreateMap>() + .ConvertUsing(); + CreateMap() + .ForMember(u => u._links, opt => opt.MapFrom()); } } } -- cgit v1.2.3 From 34dea0b713aaac265909fe24eeb9483c9ec8fe2a Mon Sep 17 00:00:00 2001 From: crupest Date: Thu, 12 Nov 2020 23:21:31 +0800 Subject: ... --- BackEnd/Timeline.Tests/Helpers/TestDatabase.cs | 21 +++---------- .../IntegratedTests/IntegratedTestBase.cs | 25 +++++---------- .../Timeline.Tests/IntegratedTests/TokenTest.cs | 3 +- BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs | 36 +++++----------------- .../Timeline.Tests/Services/TimelineServiceTest.cs | 9 ++++-- .../Controllers/ControllerAuthExtensions.cs | 5 +-- BackEnd/Timeline/Controllers/TimelineController.cs | 20 ++++++------ .../Timeline/Controllers/UserAvatarController.cs | 6 ++-- BackEnd/Timeline/Controllers/UserController.cs | 24 +++++++-------- BackEnd/Timeline/Models/Http/UserController.cs | 21 ++----------- BackEnd/Timeline/Services/TimelineService.cs | 14 ++++----- BackEnd/Timeline/Services/UserService.cs | 4 +-- 12 files changed, 67 insertions(+), 121 deletions(-) (limited to 'BackEnd/Timeline/Models/Http') diff --git a/BackEnd/Timeline.Tests/Helpers/TestDatabase.cs b/BackEnd/Timeline.Tests/Helpers/TestDatabase.cs index f0c26180..74db74aa 100644 --- a/BackEnd/Timeline.Tests/Helpers/TestDatabase.cs +++ b/BackEnd/Timeline.Tests/Helpers/TestDatabase.cs @@ -4,7 +4,6 @@ using Microsoft.Extensions.Logging.Abstractions; using System.Threading.Tasks; using Timeline.Entities; using Timeline.Migrations; -using Timeline.Models; using Timeline.Services; using Xunit; @@ -36,23 +35,13 @@ namespace Timeline.Tests.Helpers if (_createUser) { var passwordService = new PasswordService(); - var userService = new UserService(NullLogger.Instance, context, passwordService, new Clock()); + var userService = new UserService(NullLogger.Instance, context, passwordService, new Clock(), new UserPermissionService(context)); - await userService.CreateUser(new User - { - Username = "admin", - Password = "adminpw", - Administrator = true, - Nickname = "administrator" - }); + var admin = await userService.CreateUser("admin", "adminpw"); + await userService.ModifyUser(admin.Id, new ModifyUserParams() { Nickname = "administrator" }); - await userService.CreateUser(new User - { - Username = "user", - Password = "userpw", - Administrator = false, - Nickname = "imuser" - }); + var user = await userService.CreateUser("user", "userpw"); + await userService.ModifyUser(user.Id, new ModifyUserParams() { Nickname = "imuser" }); } } } diff --git a/BackEnd/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs b/BackEnd/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs index 7cf27297..f75ce69c 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs @@ -7,7 +7,6 @@ using System.Net.Http; using System.Text.Json; using System.Text.Json.Serialization; using System.Threading.Tasks; -using Timeline.Models; using Timeline.Models.Converters; using Timeline.Models.Http; using Timeline.Services; @@ -60,26 +59,14 @@ namespace Timeline.Tests.IntegratedTests using (var scope = TestApp.Host.Services.CreateScope()) { - var users = new List() + var users = new List<(string username, string password, string nickname)>() { - new User - { - Username = "admin", - Password = "adminpw", - Administrator = true, - Nickname = "administrator" - } + ("admin", "adminpw", "administrator") }; for (int i = 1; i <= _userCount; i++) { - users.Add(new User - { - Username = $"user{i}", - Password = $"user{i}pw", - Administrator = false, - Nickname = $"imuser{i}" - }); + users.Add(($"user{i}", $"user{i}pw", $"imuser{i}")); } var userInfoList = new List(); @@ -87,7 +74,9 @@ namespace Timeline.Tests.IntegratedTests var userService = scope.ServiceProvider.GetRequiredService(); foreach (var user in users) { - await userService.CreateUser(user); + var (username, password, nickname) = user; + var u = await userService.CreateUser(username, password); + await userService.ModifyUser(u.Id, new ModifyUserParams() { Nickname = nickname }); } using var client = await CreateDefaultClient(); @@ -99,7 +88,7 @@ namespace Timeline.Tests.IntegratedTests options.Converters.Add(new JsonDateTimeConverter()); foreach (var user in users) { - var s = await client.GetStringAsync($"users/{user.Username}"); + var s = await client.GetStringAsync($"users/{user.username}"); userInfoList.Add(JsonSerializer.Deserialize(s, options)); } diff --git a/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs b/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs index 480d66cd..f4a406d1 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs @@ -103,7 +103,8 @@ namespace Timeline.Tests.IntegratedTests { // create a user for test var userService = scope.ServiceProvider.GetRequiredService(); - await userService.ModifyUser("user1", new User { Password = "user1pw" }); + var id = await userService.GetUserIdByUsername("user1"); + await userService.ModifyUser(id, new ModifyUserParams { Password = "user1pw" }); } (await client.PostAsJsonAsync(VerifyTokenUrl, diff --git a/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs b/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs index 9dfcc6a5..329e53f5 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests/UserTest.cs @@ -2,6 +2,7 @@ using FluentAssertions; using System.Collections.Generic; using System.Net; using System.Net.Http; +using System.Net.Http.Json; using System.Threading.Tasks; using Timeline.Models.Http; using Timeline.Tests.Helpers; @@ -129,13 +130,11 @@ namespace Timeline.Tests.IntegratedTests { Username = "newuser", Password = "newpw", - Administrator = true, Nickname = "aaa" }); var body = res.Should().HaveStatusCode(200) .And.HaveJsonBody() .Which; - body.Administrator.Should().Be(true); body.Nickname.Should().Be("aaa"); } @@ -144,14 +143,14 @@ namespace Timeline.Tests.IntegratedTests var body = res.Should().HaveStatusCode(200) .And.HaveJsonBody() .Which; - body.Administrator.Should().Be(true); body.Nickname.Should().Be("aaa"); } { + var token = userClient.DefaultRequestHeaders.Authorization.Parameter; // Token should expire. - var res = await userClient.GetAsync("testing/auth/Authorize"); - res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); + var res = await userClient.PostAsJsonAsync("token/verify", new() { Token = token }); + res.Should().HaveStatusCode(HttpStatusCode.BadRequest); } { @@ -235,14 +234,6 @@ namespace Timeline.Tests.IntegratedTests res.Should().HaveStatusCode(HttpStatusCode.Forbidden); } - [Fact] - public async Task Patch_Administrator_Forbid() - { - using var client = await CreateClientAsUser(); - var res = await client.PatchAsJsonAsync("users/user1", new UserPatchRequest { Administrator = true }); - res.Should().HaveStatusCode(HttpStatusCode.Forbidden); - } - [Fact] public async Task Delete_Deleted() { @@ -301,22 +292,16 @@ namespace Timeline.Tests.IntegratedTests { Username = "aaa", Password = "bbb", - Administrator = true, - Nickname = "ccc" }); var body = res.Should().HaveStatusCode(200) .And.HaveJsonBody().Which; body.Username.Should().Be("aaa"); - body.Nickname.Should().Be("ccc"); - body.Administrator.Should().BeTrue(); } { var res = await client.GetAsync("users/aaa"); var body = res.Should().HaveStatusCode(200) .And.HaveJsonBody().Which; body.Username.Should().Be("aaa"); - body.Nickname.Should().Be("ccc"); - body.Administrator.Should().BeTrue(); } { // Test password. @@ -326,12 +311,10 @@ namespace Timeline.Tests.IntegratedTests public static IEnumerable Op_CreateUser_InvalidModel_Data() { - yield return new[] { new CreateUserRequest { Username = "aaa", Password = "bbb" } }; - yield return new[] { new CreateUserRequest { Username = "aaa", Administrator = true } }; - yield return new[] { new CreateUserRequest { Password = "bbb", Administrator = true } }; - yield return new[] { new CreateUserRequest { Username = "a!a", Password = "bbb", Administrator = true } }; - yield return new[] { new CreateUserRequest { Username = "aaa", Password = "", Administrator = true } }; - yield return new[] { new CreateUserRequest { Username = "aaa", Password = "bbb", Administrator = true, Nickname = new string('a', 40) } }; + yield return new[] { new CreateUserRequest { Username = "aaa" } }; + yield return new[] { new CreateUserRequest { Password = "bbb" } }; + yield return new[] { new CreateUserRequest { Username = "a!a", Password = "bbb" } }; + yield return new[] { new CreateUserRequest { Username = "aaa", Password = "" } }; } [Theory] @@ -354,7 +337,6 @@ namespace Timeline.Tests.IntegratedTests { Username = "user1", Password = "bbb", - Administrator = false }); res.Should().HaveStatusCode(400) .And.HaveCommonBody(ErrorCodes.UserController.UsernameConflict); @@ -370,7 +352,6 @@ namespace Timeline.Tests.IntegratedTests { Username = "aaa", Password = "bbb", - Administrator = false }); res.Should().HaveStatusCode(HttpStatusCode.Unauthorized); } @@ -385,7 +366,6 @@ namespace Timeline.Tests.IntegratedTests { Username = "aaa", Password = "bbb", - Administrator = false }); res.Should().HaveStatusCode(HttpStatusCode.Forbidden); } diff --git a/BackEnd/Timeline.Tests/Services/TimelineServiceTest.cs b/BackEnd/Timeline.Tests/Services/TimelineServiceTest.cs index 19d2781a..73fdd32f 100644 --- a/BackEnd/Timeline.Tests/Services/TimelineServiceTest.cs +++ b/BackEnd/Timeline.Tests/Services/TimelineServiceTest.cs @@ -24,6 +24,8 @@ namespace Timeline.Tests.Services private DataManager _dataManager; + private UserPermissionService _userPermissionService; + private UserService _userService; private TimelineService _timelineService; @@ -37,7 +39,8 @@ namespace Timeline.Tests.Services protected override void OnDatabaseCreated() { _dataManager = new DataManager(Database, _eTagGenerator); - _userService = new UserService(NullLogger.Instance, Database, _passwordService, _clock); + _userPermissionService = new UserPermissionService(Database); + _userService = new UserService(NullLogger.Instance, Database, _passwordService, _clock, _userPermissionService); _timelineService = new TimelineService(NullLogger.Instance, Database, _dataManager, _userService, _imageValidator, _clock); _userDeleteService = new UserDeleteService(NullLogger.Instance, Database, _timelineService); } @@ -207,13 +210,13 @@ namespace Timeline.Tests.Services } { - await _userService.ModifyUser(userId, new User { Nickname = "haha" }); + await _userService.ModifyUser(userId, new ModifyUserParams { Nickname = "haha" }); var posts = await _timelineService.GetPosts(timelineName, time2); posts.Should().HaveCount(0); } { - await _userService.ModifyUser(userId, new User { Username = "haha" }); + await _userService.ModifyUser(userId, new ModifyUserParams { Username = "haha" }); var posts = await _timelineService.GetPosts(timelineName, time2); posts.Should().HaveCount(4); } diff --git a/BackEnd/Timeline/Controllers/ControllerAuthExtensions.cs b/BackEnd/Timeline/Controllers/ControllerAuthExtensions.cs index 00a65454..9096978d 100644 --- a/BackEnd/Timeline/Controllers/ControllerAuthExtensions.cs +++ b/BackEnd/Timeline/Controllers/ControllerAuthExtensions.cs @@ -2,15 +2,16 @@ using System; using System.Security.Claims; using Timeline.Auth; +using Timeline.Services; using static Timeline.Resources.Controllers.ControllerAuthExtensions; namespace Timeline.Controllers { public static class ControllerAuthExtensions { - public static bool IsAdministrator(this ControllerBase controller) + public static bool UserHasPermission(this ControllerBase controller, UserPermission permission) { - return controller.User != null && controller.User.IsAdministrator(); + return controller.User != null && controller.User.HasPermission(permission); } public static long GetUserId(this ControllerBase controller) diff --git a/BackEnd/Timeline/Controllers/TimelineController.cs b/BackEnd/Timeline/Controllers/TimelineController.cs index 9a3147ea..45060b5d 100644 --- a/BackEnd/Timeline/Controllers/TimelineController.cs +++ b/BackEnd/Timeline/Controllers/TimelineController.cs @@ -43,6 +43,8 @@ namespace Timeline.Controllers _mapper = mapper; } + private bool UserHasAllTimelineManagementPermission => this.UserHasPermission(UserPermission.AllTimelineManagement); + /// /// List all timelines. /// @@ -180,7 +182,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task>> PostListGet([FromRoute][GeneralTimelineName] string name, [FromQuery] DateTime? modifiedSince, [FromQuery] bool? includeDeleted) { - if (!this.IsAdministrator() && !await _service.HasReadPermission(name, this.GetOptionalUserId())) + if (!UserHasAllTimelineManagementPermission && !await _service.HasReadPermission(name, this.GetOptionalUserId())) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -208,7 +210,7 @@ namespace Timeline.Controllers public async Task PostDataGet([FromRoute][GeneralTimelineName] string name, [FromRoute] long id, [FromHeader(Name = "If-None-Match")] string? ifNoneMatch) { _ = ifNoneMatch; - if (!this.IsAdministrator() && !await _service.HasReadPermission(name, this.GetOptionalUserId())) + if (!UserHasAllTimelineManagementPermission && !await _service.HasReadPermission(name, this.GetOptionalUserId())) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -246,7 +248,7 @@ namespace Timeline.Controllers public async Task> PostPost([FromRoute][GeneralTimelineName] string name, [FromBody] TimelinePostCreateRequest body) { var id = this.GetUserId(); - if (!this.IsAdministrator() && !await _service.IsMemberOf(name, id)) + if (!UserHasAllTimelineManagementPermission && !await _service.IsMemberOf(name, id)) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -313,7 +315,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task> PostDelete([FromRoute][GeneralTimelineName] string name, [FromRoute] long id) { - if (!this.IsAdministrator() && !await _service.HasPostModifyPermission(name, id, this.GetUserId())) + if (!UserHasAllTimelineManagementPermission && !await _service.HasPostModifyPermission(name, id, this.GetUserId())) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -342,7 +344,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task> TimelinePatch([FromRoute][GeneralTimelineName] string name, [FromBody] TimelinePatchRequest body) { - if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId()))) + if (!UserHasAllTimelineManagementPermission && !(await _service.HasManagePermission(name, this.GetUserId()))) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -365,7 +367,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task TimelineMemberPut([FromRoute][GeneralTimelineName] string name, [FromRoute][Username] string member) { - if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId()))) + if (!UserHasAllTimelineManagementPermission && !(await _service.HasManagePermission(name, this.GetUserId()))) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -393,7 +395,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task TimelineMemberDelete([FromRoute][GeneralTimelineName] string name, [FromRoute][Username] string member) { - if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId()))) + if (!UserHasAllTimelineManagementPermission && !(await _service.HasManagePermission(name, this.GetUserId()))) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -448,7 +450,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task> TimelineDelete([FromRoute][TimelineName] string name) { - if (!this.IsAdministrator() && !(await _service.HasManagePermission(name, this.GetUserId()))) + if (!UserHasAllTimelineManagementPermission && !(await _service.HasManagePermission(name, this.GetUserId()))) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } @@ -472,7 +474,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task> TimelineOpChangeName([FromBody] TimelineChangeNameRequest body) { - if (!this.IsAdministrator() && !(await _service.HasManagePermission(body.OldName, this.GetUserId()))) + if (!UserHasAllTimelineManagementPermission && !(await _service.HasManagePermission(body.OldName, this.GetUserId()))) { return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } diff --git a/BackEnd/Timeline/Controllers/UserAvatarController.cs b/BackEnd/Timeline/Controllers/UserAvatarController.cs index bc4afa30..44d45b76 100644 --- a/BackEnd/Timeline/Controllers/UserAvatarController.cs +++ b/BackEnd/Timeline/Controllers/UserAvatarController.cs @@ -86,7 +86,7 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task Put([FromRoute][Username] string username, [FromBody] ByteData body) { - if (!User.IsAdministrator() && User.Identity.Name != username) + if (!this.UserHasPermission(UserPermission.UserManagement) && User.Identity!.Name != username) { _logger.LogInformation(Log.Format(LogPutForbid, ("Operator Username", User.Identity.Name), ("Username To Put Avatar", username))); @@ -149,10 +149,10 @@ namespace Timeline.Controllers [Authorize] public async Task Delete([FromRoute][Username] string username) { - if (!User.IsAdministrator() && User.Identity.Name != username) + if (!this.UserHasPermission(UserPermission.UserManagement) && User.Identity!.Name != username) { _logger.LogInformation(Log.Format(LogDeleteForbid, - ("Operator Username", User.Identity.Name), ("Username To Delete Avatar", username))); + ("Operator Username", User.Identity!.Name), ("Username To Delete Avatar", username))); return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.Forbid()); } diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs index 02c09aab..524e5559 100644 --- a/BackEnd/Timeline/Controllers/UserController.cs +++ b/BackEnd/Timeline/Controllers/UserController.cs @@ -65,7 +65,8 @@ namespace Timeline.Controllers { try { - var user = await _userService.GetUserByUsername(username); + var id = await _userService.GetUserIdByUsername(username); + var user = await _userService.GetUser(id); return Ok(ConvertToUserInfo(user)); } catch (UserNotExistException e) @@ -89,11 +90,12 @@ namespace Timeline.Controllers [ProducesResponseType(StatusCodes.Status404NotFound)] public async Task> Patch([FromBody] UserPatchRequest body, [FromRoute][Username] string username) { - if (this.IsAdministrator()) + if (this.UserHasPermission(UserPermission.UserManagement)) { try { - var user = await _userService.ModifyUser(username, _mapper.Map(body)); + var id = await _userService.GetUserIdByUsername(username); + var user = await _userService.ModifyUser(id, _mapper.Map(body)); return Ok(ConvertToUserInfo(user)); } catch (UserNotExistException e) @@ -108,7 +110,7 @@ namespace Timeline.Controllers } else { - if (User.Identity.Name != username) + if (User.Identity!.Name != username) return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.CustomMessage_Forbid(Common_Forbid_NotSelf)); @@ -120,11 +122,7 @@ namespace Timeline.Controllers return StatusCode(StatusCodes.Status403Forbidden, ErrorResponse.Common.CustomMessage_Forbid(UserController_Patch_Forbid_Password)); - if (body.Administrator != null) - return StatusCode(StatusCodes.Status403Forbidden, - ErrorResponse.Common.CustomMessage_Forbid(UserController_Patch_Forbid_Administrator)); - - var user = await _userService.ModifyUser(this.GetUserId(), _mapper.Map(body)); + var user = await _userService.ModifyUser(this.GetUserId(), _mapper.Map(body)); return Ok(ConvertToUserInfo(user)); } } @@ -134,7 +132,7 @@ namespace Timeline.Controllers /// /// Username of the user to delete. /// Info of deletion. - [HttpDelete("users/{username}"), AdminAuthorize] + [HttpDelete("users/{username}"), PermissionAuthorize(UserPermission.UserManagement)] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status401Unauthorized)] [ProducesResponseType(StatusCodes.Status403Forbidden)] @@ -151,7 +149,7 @@ namespace Timeline.Controllers /// Create a new user. You have to be administrator. /// /// The new user's info. - [HttpPost("userop/createuser"), AdminAuthorize] + [HttpPost("userop/createuser"), PermissionAuthorize(UserPermission.UserManagement)] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status401Unauthorized)] @@ -160,7 +158,7 @@ namespace Timeline.Controllers { try { - var user = await _userService.CreateUser(_mapper.Map(body)); + var user = await _userService.CreateUser(body.Username, body.Password); return Ok(ConvertToUserInfo(user)); } catch (EntityAlreadyExistException e) when (e.EntityName == EntityNames.User) @@ -186,7 +184,7 @@ namespace Timeline.Controllers catch (BadPasswordException e) { _logger.LogInformation(e, Log.Format(LogChangePasswordBadPassword, - ("Username", User.Identity.Name), ("Old Password", request.OldPassword))); + ("Username", User.Identity!.Name), ("Old Password", request.OldPassword))); return BadRequest(ErrorResponse.UserController.ChangePassword_BadOldPassword()); } // User can't be non-existent or the token is bad. diff --git a/BackEnd/Timeline/Models/Http/UserController.cs b/BackEnd/Timeline/Models/Http/UserController.cs index 6bc5a66e..92a63874 100644 --- a/BackEnd/Timeline/Models/Http/UserController.cs +++ b/BackEnd/Timeline/Models/Http/UserController.cs @@ -2,6 +2,7 @@ using AutoMapper; using System.ComponentModel.DataAnnotations; using Timeline.Controllers; using Timeline.Models.Validation; +using Timeline.Services; namespace Timeline.Models.Http { @@ -27,11 +28,6 @@ namespace Timeline.Models.Http /// [Nickname] public string? Nickname { get; set; } - - /// - /// Whether to be administrator. Null if not change. Need to be administrator. - /// - public bool? Administrator { get; set; } } /// @@ -50,18 +46,6 @@ namespace Timeline.Models.Http /// [Required, MinLength(1)] public string Password { get; set; } = default!; - - /// - /// Whether the new user is administrator. - /// - [Required] - public bool? Administrator { get; set; } - - /// - /// Nickname of the new user. - /// - [Nickname] - public string? Nickname { get; set; } } /// @@ -86,8 +70,7 @@ namespace Timeline.Models.Http { public UserControllerAutoMapperProfile() { - CreateMap(MemberList.Source); - CreateMap(MemberList.Source); + CreateMap(); } } } diff --git a/BackEnd/Timeline/Services/TimelineService.cs b/BackEnd/Timeline/Services/TimelineService.cs index 4bcae596..04870dcf 100644 --- a/BackEnd/Timeline/Services/TimelineService.cs +++ b/BackEnd/Timeline/Services/TimelineService.cs @@ -414,12 +414,12 @@ namespace Timeline.Services /// Remember to include Members when query. private async Task MapTimelineFromEntity(TimelineEntity entity) { - var owner = await _userService.GetUserById(entity.OwnerId); + var owner = await _userService.GetUser(entity.OwnerId); var members = new List(); foreach (var memberEntity in entity.Members) { - members.Add(await _userService.GetUserById(memberEntity.UserId)); + members.Add(await _userService.GetUser(memberEntity.UserId)); } var name = entity.Name ?? ("@" + owner.Username); @@ -441,7 +441,7 @@ namespace Timeline.Services private async Task MapTimelinePostFromEntity(TimelinePostEntity entity, string timelineName) { - User? author = entity.AuthorId.HasValue ? await _userService.GetUserById(entity.AuthorId.Value) : null; + User? author = entity.AuthorId.HasValue ? await _userService.GetUser(entity.AuthorId.Value) : null; ITimelinePostContent? content = null; @@ -699,7 +699,7 @@ namespace Timeline.Services var timelineId = await FindTimelineId(timelineName); var timelineEntity = await _database.Timelines.Where(t => t.Id == timelineId).SingleAsync(); - var author = await _userService.GetUserById(authorId); + var author = await _userService.GetUser(authorId); var currentTime = _clock.GetCurrentTime(); var finalTime = time ?? currentTime; @@ -742,7 +742,7 @@ namespace Timeline.Services var timelineId = await FindTimelineId(timelineName); var timelineEntity = await _database.Timelines.Where(t => t.Id == timelineId).SingleAsync(); - var author = await _userService.GetUserById(authorId); + var author = await _userService.GetUser(authorId); var imageFormat = await _imageValidator.Validate(data); @@ -1098,14 +1098,14 @@ namespace Timeline.Services ValidateTimelineName(name, nameof(name)); - var user = await _userService.GetUserById(owner); + var user = await _userService.GetUser(owner); var conflict = await _database.Timelines.AnyAsync(t => t.Name == name); if (conflict) throw new EntityAlreadyExistException(EntityNames.Timeline, null, ExceptionTimelineNameConflict); - var newEntity = CreateNewTimelineEntity(name, user.Id!.Value); + var newEntity = CreateNewTimelineEntity(name, user.Id); _database.Timelines.Add(newEntity); await _database.SaveChangesAsync(); diff --git a/BackEnd/Timeline/Services/UserService.cs b/BackEnd/Timeline/Services/UserService.cs index ed637ba3..b925742e 100644 --- a/BackEnd/Timeline/Services/UserService.cs +++ b/BackEnd/Timeline/Services/UserService.cs @@ -17,7 +17,7 @@ namespace Timeline.Services /// /// Null means not change. /// - public record ModifyUserParams(string? Username, string? Password, string? Nickname); + public record ModifyUserParams(string? Username = null, string? Password = null, string? Nickname = null); public interface IUserService { @@ -74,7 +74,7 @@ namespace Timeline.Services /// The id of the user. /// The new information. /// The new user info. - /// Thrown when some fields in is bad. + /// Thrown when some fields in is bad. /// Thrown when user with given id does not exist. /// /// Version will increase if password is changed. -- cgit v1.2.3 From b635b4453756d9a33c173c9b9f2ae0ab7c830d3b Mon Sep 17 00:00:00 2001 From: crupest Date: Fri, 13 Nov 2020 16:17:17 +0800 Subject: Run code clean. --- BackEnd/Timeline.Tests/Helpers/TestApplication.cs | 1 - BackEnd/Timeline.Tests/Helpers/TestClock.cs | 3 --- BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs | 1 - BackEnd/Timeline.Tests/IntegratedTests/UserAvatarTest.cs | 1 - BackEnd/Timeline/Controllers/UserAvatarController.cs | 1 - BackEnd/Timeline/Migrations/20200105150407_Initialize.cs | 4 ++-- BackEnd/Timeline/Migrations/20200221064341_AddJwtToken.cs | 3 +-- BackEnd/Timeline/Migrations/20200229103848_AddPostLocalId.cs | 3 +-- BackEnd/Timeline/Migrations/20200306110049_AddDataTable.cs | 3 +-- .../Timeline/Migrations/20200618064936_TimelineAddModifiedTime.cs | 4 ++-- BackEnd/Timeline/Migrations/20200810155908_AddTimesToUser.cs | 3 +-- BackEnd/Timeline/Models/Http/Common.cs | 4 ++-- BackEnd/Timeline/Services/EntityNames.cs | 7 +------ BackEnd/Timeline/Services/TimelineService.cs | 1 - BackEnd/Timeline/Services/UserDeleteService.cs | 1 - BackEnd/Timeline/Swagger/DocumentDescriptionDocumentProcessor.cs | 2 -- 16 files changed, 11 insertions(+), 31 deletions(-) (limited to 'BackEnd/Timeline/Models/Http') diff --git a/BackEnd/Timeline.Tests/Helpers/TestApplication.cs b/BackEnd/Timeline.Tests/Helpers/TestApplication.cs index 684ffe2c..33d8b318 100644 --- a/BackEnd/Timeline.Tests/Helpers/TestApplication.cs +++ b/BackEnd/Timeline.Tests/Helpers/TestApplication.cs @@ -1,6 +1,5 @@ using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.TestHost; -using Microsoft.Data.Sqlite; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; diff --git a/BackEnd/Timeline.Tests/Helpers/TestClock.cs b/BackEnd/Timeline.Tests/Helpers/TestClock.cs index 34adb245..a04a3eb6 100644 --- a/BackEnd/Timeline.Tests/Helpers/TestClock.cs +++ b/BackEnd/Timeline.Tests/Helpers/TestClock.cs @@ -1,7 +1,4 @@ using System; -using System.Collections.Generic; -using System.Linq; -using System.Threading.Tasks; using Timeline.Services; namespace Timeline.Tests.Helpers diff --git a/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs b/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs index f4a406d1..9aac8188 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests/TokenTest.cs @@ -3,7 +3,6 @@ using Microsoft.Extensions.DependencyInjection; using System.Collections.Generic; using System.Net.Http; using System.Threading.Tasks; -using Timeline.Models; using Timeline.Models.Http; using Timeline.Services; using Timeline.Tests.Helpers; diff --git a/BackEnd/Timeline.Tests/IntegratedTests/UserAvatarTest.cs b/BackEnd/Timeline.Tests/IntegratedTests/UserAvatarTest.cs index 66a12573..854a4ee6 100644 --- a/BackEnd/Timeline.Tests/IntegratedTests/UserAvatarTest.cs +++ b/BackEnd/Timeline.Tests/IntegratedTests/UserAvatarTest.cs @@ -10,7 +10,6 @@ using System.IO; using System.Net; using System.Net.Http; using System.Net.Http.Headers; -using System.Net.Mime; using System.Threading.Tasks; using Timeline.Models.Http; using Timeline.Services; diff --git a/BackEnd/Timeline/Controllers/UserAvatarController.cs b/BackEnd/Timeline/Controllers/UserAvatarController.cs index 44d45b76..f3b7fff8 100644 --- a/BackEnd/Timeline/Controllers/UserAvatarController.cs +++ b/BackEnd/Timeline/Controllers/UserAvatarController.cs @@ -5,7 +5,6 @@ using Microsoft.Extensions.Logging; using Microsoft.Net.Http.Headers; using System; using System.Threading.Tasks; -using Timeline.Auth; using Timeline.Filters; using Timeline.Helpers; using Timeline.Models; diff --git a/BackEnd/Timeline/Migrations/20200105150407_Initialize.cs b/BackEnd/Timeline/Migrations/20200105150407_Initialize.cs index 4e12ef83..420cc13d 100644 --- a/BackEnd/Timeline/Migrations/20200105150407_Initialize.cs +++ b/BackEnd/Timeline/Migrations/20200105150407_Initialize.cs @@ -1,5 +1,5 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Migrations; +using System; namespace Timeline.Migrations { diff --git a/BackEnd/Timeline/Migrations/20200221064341_AddJwtToken.cs b/BackEnd/Timeline/Migrations/20200221064341_AddJwtToken.cs index 628970c6..a16fcf4d 100644 --- a/BackEnd/Timeline/Migrations/20200221064341_AddJwtToken.cs +++ b/BackEnd/Timeline/Migrations/20200221064341_AddJwtToken.cs @@ -1,6 +1,5 @@ -using System; +using Microsoft.EntityFrameworkCore.Migrations; using System.Security.Cryptography; -using Microsoft.EntityFrameworkCore.Migrations; namespace Timeline.Migrations { diff --git a/BackEnd/Timeline/Migrations/20200229103848_AddPostLocalId.cs b/BackEnd/Timeline/Migrations/20200229103848_AddPostLocalId.cs index 497b38a1..e4e41ade 100644 --- a/BackEnd/Timeline/Migrations/20200229103848_AddPostLocalId.cs +++ b/BackEnd/Timeline/Migrations/20200229103848_AddPostLocalId.cs @@ -1,5 +1,4 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Migrations; namespace Timeline.Migrations { diff --git a/BackEnd/Timeline/Migrations/20200306110049_AddDataTable.cs b/BackEnd/Timeline/Migrations/20200306110049_AddDataTable.cs index e33bf4c9..ddd3a908 100644 --- a/BackEnd/Timeline/Migrations/20200306110049_AddDataTable.cs +++ b/BackEnd/Timeline/Migrations/20200306110049_AddDataTable.cs @@ -1,5 +1,4 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Migrations; namespace Timeline.Migrations { diff --git a/BackEnd/Timeline/Migrations/20200618064936_TimelineAddModifiedTime.cs b/BackEnd/Timeline/Migrations/20200618064936_TimelineAddModifiedTime.cs index c277fe39..84879ef9 100644 --- a/BackEnd/Timeline/Migrations/20200618064936_TimelineAddModifiedTime.cs +++ b/BackEnd/Timeline/Migrations/20200618064936_TimelineAddModifiedTime.cs @@ -1,6 +1,6 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Migrations; using Microsoft.EntityFrameworkCore.Storage.ValueConversion; +using System; namespace Timeline.Migrations { diff --git a/BackEnd/Timeline/Migrations/20200810155908_AddTimesToUser.cs b/BackEnd/Timeline/Migrations/20200810155908_AddTimesToUser.cs index 369f85e6..55721a59 100644 --- a/BackEnd/Timeline/Migrations/20200810155908_AddTimesToUser.cs +++ b/BackEnd/Timeline/Migrations/20200810155908_AddTimesToUser.cs @@ -1,5 +1,4 @@ -using System; -using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Migrations; namespace Timeline.Migrations { diff --git a/BackEnd/Timeline/Models/Http/Common.cs b/BackEnd/Timeline/Models/Http/Common.cs index 5fa22c9e..2101a1bb 100644 --- a/BackEnd/Timeline/Models/Http/Common.cs +++ b/BackEnd/Timeline/Models/Http/Common.cs @@ -94,13 +94,13 @@ namespace Timeline.Models.Http public bool Delete { get; set; } } - /// + /// public CommonDeleteResponse() { } - /// + /// public CommonDeleteResponse(int code, string message, bool delete) : base(code, message, new ResponseData(delete)) { diff --git a/BackEnd/Timeline/Services/EntityNames.cs b/BackEnd/Timeline/Services/EntityNames.cs index 0ce1de3b..7dae6a4a 100644 --- a/BackEnd/Timeline/Services/EntityNames.cs +++ b/BackEnd/Timeline/Services/EntityNames.cs @@ -1,9 +1,4 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Threading.Tasks; - -namespace Timeline.Services +namespace Timeline.Services { public static class EntityNames { diff --git a/BackEnd/Timeline/Services/TimelineService.cs b/BackEnd/Timeline/Services/TimelineService.cs index 04870dcf..769e8bed 100644 --- a/BackEnd/Timeline/Services/TimelineService.cs +++ b/BackEnd/Timeline/Services/TimelineService.cs @@ -5,7 +5,6 @@ using System; using System.Collections.Generic; using System.Globalization; using System.Linq; -using System.Threading; using System.Threading.Tasks; using Timeline.Entities; using Timeline.Helpers; diff --git a/BackEnd/Timeline/Services/UserDeleteService.cs b/BackEnd/Timeline/Services/UserDeleteService.cs index 845de573..b6306682 100644 --- a/BackEnd/Timeline/Services/UserDeleteService.cs +++ b/BackEnd/Timeline/Services/UserDeleteService.cs @@ -1,7 +1,6 @@ using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using System; -using System.Collections.Generic; using System.Globalization; using System.Linq; using System.Threading.Tasks; diff --git a/BackEnd/Timeline/Swagger/DocumentDescriptionDocumentProcessor.cs b/BackEnd/Timeline/Swagger/DocumentDescriptionDocumentProcessor.cs index dc5ddd96..a3452cea 100644 --- a/BackEnd/Timeline/Swagger/DocumentDescriptionDocumentProcessor.cs +++ b/BackEnd/Timeline/Swagger/DocumentDescriptionDocumentProcessor.cs @@ -1,12 +1,10 @@ using NSwag.Generation.Processors; using NSwag.Generation.Processors.Contexts; using System; -using System.Collections; using System.Collections.Generic; using System.Linq; using System.Reflection; using System.Text; -using System.Threading.Tasks; using Timeline.Models.Http; namespace Timeline.Swagger -- cgit v1.2.3