From 1bbc60966cea77ec6ed7895bea1a01ad9c090c3a Mon Sep 17 00:00:00 2001 From: crupest Date: Sun, 15 Nov 2020 20:48:28 +0800 Subject: feat: Deleting root user now returns 400. --- BackEnd/Timeline/Controllers/UserController.cs | 18 +++++++++++++----- BackEnd/Timeline/Models/Http/ErrorResponse.cs | 10 ++++++++++ BackEnd/Timeline/Resources/Messages.Designer.cs | 9 +++++++++ BackEnd/Timeline/Resources/Messages.resx | 3 +++ BackEnd/Timeline/Services/UserDeleteService.cs | 5 +++++ BackEnd/Timeline/Services/UserPermissionService.cs | 4 ++-- 6 files changed, 42 insertions(+), 7 deletions(-) (limited to 'BackEnd/Timeline') diff --git a/BackEnd/Timeline/Controllers/UserController.cs b/BackEnd/Timeline/Controllers/UserController.cs index da34cb1b..8edae139 100644 --- a/BackEnd/Timeline/Controllers/UserController.cs +++ b/BackEnd/Timeline/Controllers/UserController.cs @@ -138,15 +138,23 @@ namespace Timeline.Controllers /// Info of deletion. [HttpDelete("users/{username}"), PermissionAuthorize(UserPermission.UserManagement)] [ProducesResponseType(StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status401Unauthorized)] [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task> Delete([FromRoute][Username] string username) { - var delete = await _userDeleteService.DeleteUser(username); - if (delete) - return Ok(CommonDeleteResponse.Delete()); - else - return Ok(CommonDeleteResponse.NotExist()); + try + { + var delete = await _userDeleteService.DeleteUser(username); + if (delete) + return Ok(CommonDeleteResponse.Delete()); + else + return Ok(CommonDeleteResponse.NotExist()); + } + catch (InvalidOperationOnRootUserException) + { + return BadRequest(ErrorResponse.UserController.Delete_RootUser()); + } } /// diff --git a/BackEnd/Timeline/Models/Http/ErrorResponse.cs b/BackEnd/Timeline/Models/Http/ErrorResponse.cs index 616a0037..10755fd1 100644 --- a/BackEnd/Timeline/Models/Http/ErrorResponse.cs +++ b/BackEnd/Timeline/Models/Http/ErrorResponse.cs @@ -166,6 +166,16 @@ namespace Timeline.Models.Http return new CommonResponse(ErrorCodes.UserController.ChangePermission_RootUser, string.Format(message, formatArgs)); } + public static CommonResponse Delete_RootUser(params object?[] formatArgs) + { + return new CommonResponse(ErrorCodes.UserController.Delete_RootUser, string.Format(UserController_Delete_RootUser, formatArgs)); + } + + public static CommonResponse CustomMessage_Delete_RootUser(string message, params object?[] formatArgs) + { + return new CommonResponse(ErrorCodes.UserController.Delete_RootUser, string.Format(message, formatArgs)); + } + } public static class UserAvatar diff --git a/BackEnd/Timeline/Resources/Messages.Designer.cs b/BackEnd/Timeline/Resources/Messages.Designer.cs index fd3e1848..c6b7d5e7 100644 --- a/BackEnd/Timeline/Resources/Messages.Designer.cs +++ b/BackEnd/Timeline/Resources/Messages.Designer.cs @@ -366,6 +366,15 @@ namespace Timeline.Resources { } } + /// + /// Looks up a localized string similar to You can't delete root user.. + /// + internal static string UserController_Delete_RootUser { + get { + return ResourceManager.GetString("UserController_Delete_RootUser", resourceCulture); + } + } + /// /// Looks up a localized string similar to You can't set permission unless you are administrator.. /// diff --git a/BackEnd/Timeline/Resources/Messages.resx b/BackEnd/Timeline/Resources/Messages.resx index d808499b..2386d1eb 100644 --- a/BackEnd/Timeline/Resources/Messages.resx +++ b/BackEnd/Timeline/Resources/Messages.resx @@ -219,6 +219,9 @@ You can't change permission of root user. + + You can't delete root user. + You can't set permission unless you are administrator. diff --git a/BackEnd/Timeline/Services/UserDeleteService.cs b/BackEnd/Timeline/Services/UserDeleteService.cs index b6306682..5365313b 100644 --- a/BackEnd/Timeline/Services/UserDeleteService.cs +++ b/BackEnd/Timeline/Services/UserDeleteService.cs @@ -7,6 +7,7 @@ using System.Threading.Tasks; using Timeline.Entities; using Timeline.Helpers; using Timeline.Models.Validation; +using Timeline.Services.Exceptions; using static Timeline.Resources.Services.UserService; namespace Timeline.Services @@ -20,6 +21,7 @@ namespace Timeline.Services /// True if user is deleted, false if user not exist. /// Thrown if is null. /// Thrown when is of bad format. + /// Thrown when deleting root user. Task DeleteUser(string username); } @@ -54,6 +56,9 @@ namespace Timeline.Services if (user == null) return false; + if (user.Id == 1) + throw new InvalidOperationOnRootUserException("Can't delete root user."); + await _timelineService.DeleteAllPostsOfUser(user.Id); _databaseContext.Users.Remove(user); diff --git a/BackEnd/Timeline/Services/UserPermissionService.cs b/BackEnd/Timeline/Services/UserPermissionService.cs index 2fdf3d2d..42c93283 100644 --- a/BackEnd/Timeline/Services/UserPermissionService.cs +++ b/BackEnd/Timeline/Services/UserPermissionService.cs @@ -127,7 +127,7 @@ namespace Timeline.Services /// The id of the user. /// The new permission. /// Thrown when user does not exist. - /// Thrown when change root user's permission. + /// Thrown when change root user's permission. Task AddPermissionToUserAsync(long userId, UserPermission permission); /// @@ -137,7 +137,7 @@ namespace Timeline.Services /// The permission. /// Whether check the user's existence. /// Thrown when is true and user does not exist. - /// Thrown when change root user's permission. + /// Thrown when change root user's permission. Task RemovePermissionFromUserAsync(long userId, UserPermission permission, bool checkUserExistence = true); } -- cgit v1.2.3