From 9df5a86786ac2dcb8bc0f34f69501abfffd0dc9c Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Mon, 4 Nov 2019 22:58:24 +0800 Subject: Add controller primarily and of course redesign the service accordingly. --- Timeline/Controllers/PersonalTimelineController.cs | 141 +++++++++++++++++++++ 1 file changed, 141 insertions(+) create mode 100644 Timeline/Controllers/PersonalTimelineController.cs (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs new file mode 100644 index 00000000..1535a0b2 --- /dev/null +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -0,0 +1,141 @@ +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; +using System; +using System.Collections.Generic; +using System.ComponentModel.DataAnnotations; +using System.Linq; +using System.Threading.Tasks; +using Timeline.Auth; +using Timeline.Entities; +using Timeline.Filters; +using Timeline.Models; +using Timeline.Models.Http; +using Timeline.Models.Validation; +using Timeline.Services; +using static Timeline.Resources.Controllers.TimelineController; + +namespace Timeline +{ + public static partial class ErrorCodes + { + public static partial class Http + { + public static class Timeline // ccc = 004 + { + public const int PostsGetForbid = 10040101; + public const int PostsCreateForbid = 10040102; + } + } + } +} + +namespace Timeline.Controllers +{ + [ApiController] + public class PersonalTimelineController : Controller + { + private readonly IPersonalTimelineService _service; + + private bool IsAdmin() + { + if (User != null) + { + return User.IsAdministrator(); + } + return false; + } + + private string? GetAuthUsername() + { + if (User == null) + { + return null; + } + else + { + return User.Identity.Name; + } + } + + public PersonalTimelineController(IPersonalTimelineService service) + { + _service = service; + } + + [HttpGet("users/{username}/timeline")] + public async Task> TimelineGet([FromRoute][Username] string username) + { + return await _service.GetTimeline(username); + } + + [HttpGet("users/{username}/timeline/posts")] + public async Task>> PostsGet([FromRoute][Username] string username) + { + if (!IsAdmin() && !await _service.HasReadPermission(username, GetAuthUsername())) + { + return StatusCode(StatusCodes.Status403Forbidden, + new CommonResponse(ErrorCodes.Http.Timeline.PostsGetForbid, MessagePostsGetForbid)); + } + + return await _service.GetPosts(username); + } + + [HttpPost("user/{username}/timeline/posts/create")] + [Authorize] + public async Task PostsCreate([FromRoute][Username] string username, [FromBody] TimelinePostCreateRequest body) + { + if (!IsAdmin() && !await _service.IsMemberOf(username, GetAuthUsername()!)) + { + return StatusCode(StatusCodes.Status403Forbidden, + new CommonResponse(ErrorCodes.Http.Timeline.PostsCreateForbid, MessagePostsCreateForbid)); + } + + await _service.CreatePost(username, User.Identity.Name!, body.Content, body.Time); + return Ok(); + } + + [HttpPut("user/{username}/timeline/description")] + [Authorize] + [SelfOrAdmin] + public async Task TimelinePutDescription([FromRoute][Username] string username, [FromBody] string body) + { + await _service.SetDescription(username, body); + return Ok(); + } + + private static TimelineVisibility StringToVisibility(string s) + { + if ("public".Equals(s, StringComparison.InvariantCultureIgnoreCase)) + { + return TimelineVisibility.Public; + } + else if ("register".Equals(s, StringComparison.InvariantCultureIgnoreCase)) + { + return TimelineVisibility.Register; + } + else if ("private".Equals(s, StringComparison.InvariantCultureIgnoreCase)) + { + return TimelineVisibility.Private; + } + throw new ArgumentException(ExceptionStringToVisibility); + } + + [HttpPut("user/{username}/timeline/visibility")] + [Authorize] + [SelfOrAdmin] + public async Task TimelinePutVisibility([FromRoute][Username] string username, [FromBody][RegularExpression("public|register|private")] string body) + { + await _service.SetVisibility(username, StringToVisibility(body)); + return Ok(); + } + + [HttpPost("user/{username}/timeline/members/change")] + [Authorize] + [SelfOrAdmin] + public async Task TimelineMembersChange([FromRoute][Username] string username, [FromBody] TimelineMemberChangeRequest body) + { + //TODO! + } + } +} -- cgit v1.2.3 From 5f9f9a9e40306f83bf360c3d27e4e33e78565fce Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Thu, 7 Nov 2019 22:06:06 +0800 Subject: Complete PersonalTimelineController and write attribute test. --- .../Controllers/PersonalTimelineControllerTest.cs | 111 +++++++++++++++++++++ Timeline/Controllers/PersonalTimelineController.cs | 86 +++++++++------- Timeline/Filters/Timeline.cs | 47 +++++++++ Timeline/Models/Http/Timeline.cs | 21 ++++ .../Controllers/TimelineController.Designer.cs | 27 +++++ .../Resources/Controllers/TimelineController.resx | 9 ++ .../Controllers/TimelineController.zh.resx | 6 ++ Timeline/Resources/Filters.Designer.cs | 18 ++++ Timeline/Resources/Filters.resx | 6 ++ Timeline/Resources/Filters.zh.resx | 6 ++ Timeline/Resources/Services/Exception.Designer.cs | 15 ++- Timeline/Resources/Services/Exception.resx | 7 +- .../TimelineMemberOperationUserException.cs | 15 ++- Timeline/Services/TimelinePostNotExistException.cs | 23 +++++ Timeline/Services/TimelineService.cs | 62 ++++++++++-- 15 files changed, 406 insertions(+), 53 deletions(-) create mode 100644 Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs create mode 100644 Timeline/Filters/Timeline.cs create mode 100644 Timeline/Services/TimelinePostNotExistException.cs (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs new file mode 100644 index 00000000..d5c470ee --- /dev/null +++ b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs @@ -0,0 +1,111 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Threading.Tasks; +using Timeline.Controllers; +using Timeline.Services; +using Moq; +using Microsoft.Extensions.Logging.Abstractions; +using Xunit; +using FluentAssertions; +using Microsoft.AspNetCore.Mvc; +using Timeline.Filters; +using Timeline.Tests.Helpers; +using Timeline.Models.Validation; +using System.Reflection; +using Microsoft.AspNetCore.Authorization; +using Timeline.Models.Http; + +namespace Timeline.Tests.Controllers +{ + public class PersonalTimelineControllerTest : IDisposable + { + private readonly Mock _service; + + private readonly PersonalTimelineController _controller; + + public PersonalTimelineControllerTest() + { + _service = new Mock(); + _controller = new PersonalTimelineController(NullLogger.Instance, _service.Object); + } + + public void Dispose() + { + _controller.Dispose(); + } + + [Fact] + public void AttributeTest() + { + static void AssertUsernameParameter(MethodInfo m) + { + m.GetParameter("username") + .Should().BeDecoratedWith() + .And.BeDecoratedWith(); + } + + static void AssertBodyParamter(MethodInfo m) + { + var p = m.GetParameter("body"); + p.Should().BeDecoratedWith(); + p.ParameterType.Should().Be(typeof(TBody)); + } + + var type = typeof(PersonalTimelineController); + type.Should().BeDecoratedWith(); + + { + var m = type.GetMethod(nameof(PersonalTimelineController.TimelineGet)); + m.Should().BeDecoratedWith() + .And.BeDecoratedWith(); + AssertUsernameParameter(m); + } + + { + var m = type.GetMethod(nameof(PersonalTimelineController.PostsGet)); + m.Should().BeDecoratedWith() + .And.BeDecoratedWith(); + AssertUsernameParameter(m); + } + + { + var m = type.GetMethod(nameof(PersonalTimelineController.TimelinePost)); + m.Should().BeDecoratedWith() + .And.BeDecoratedWith() + .And.BeDecoratedWith(); + AssertUsernameParameter(m); + AssertBodyParamter(m); + } + + { + var m = type.GetMethod(nameof(PersonalTimelineController.TimelinePostDelete)); + m.Should().BeDecoratedWith() + .And.BeDecoratedWith() + .And.BeDecoratedWith(); + AssertUsernameParameter(m); + AssertBodyParamter(m); + } + + { + var m = type.GetMethod(nameof(PersonalTimelineController.TimelineChangeProperty)); + m.Should().BeDecoratedWith() + .And.BeDecoratedWith() + .And.BeDecoratedWith() + .And.BeDecoratedWith(); + AssertUsernameParameter(m); + AssertBodyParamter(m); + } + + { + var m = type.GetMethod(nameof(PersonalTimelineController.TimelineChangeMember)); + m.Should().BeDecoratedWith() + .And.BeDecoratedWith() + .And.BeDecoratedWith() + .And.BeDecoratedWith(); + AssertUsernameParameter(m); + AssertBodyParamter(m); + } + } + } +} diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index 1535a0b2..f006ad47 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -1,13 +1,11 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using System; +using Microsoft.Extensions.Logging; using System.Collections.Generic; -using System.ComponentModel.DataAnnotations; -using System.Linq; +using System.Globalization; using System.Threading.Tasks; using Timeline.Auth; -using Timeline.Entities; using Timeline.Filters; using Timeline.Models; using Timeline.Models.Http; @@ -25,6 +23,7 @@ namespace Timeline { public const int PostsGetForbid = 10040101; public const int PostsCreateForbid = 10040102; + public const int MemberAddNotExist = 10040201; } } } @@ -35,6 +34,8 @@ namespace Timeline.Controllers [ApiController] public class PersonalTimelineController : Controller { + private readonly ILogger _logger; + private readonly IPersonalTimelineService _service; private bool IsAdmin() @@ -58,18 +59,21 @@ namespace Timeline.Controllers } } - public PersonalTimelineController(IPersonalTimelineService service) + public PersonalTimelineController(ILogger logger, IPersonalTimelineService service) { + _logger = logger; _service = service; } [HttpGet("users/{username}/timeline")] + [CatchTimelineNotExistException] public async Task> TimelineGet([FromRoute][Username] string username) { return await _service.GetTimeline(username); } [HttpGet("users/{username}/timeline/posts")] + [CatchTimelineNotExistException] public async Task>> PostsGet([FromRoute][Username] string username) { if (!IsAdmin() && !await _service.HasReadPermission(username, GetAuthUsername())) @@ -81,9 +85,10 @@ namespace Timeline.Controllers return await _service.GetPosts(username); } - [HttpPost("user/{username}/timeline/posts/create")] + [HttpPost("user/{username}/timeline/postop/create")] [Authorize] - public async Task PostsCreate([FromRoute][Username] string username, [FromBody] TimelinePostCreateRequest body) + [CatchTimelineNotExistException] + public async Task> TimelinePost([FromRoute][Username] string username, [FromBody] TimelinePostCreateRequest body) { if (!IsAdmin() && !await _service.IsMemberOf(username, GetAuthUsername()!)) { @@ -91,51 +96,62 @@ namespace Timeline.Controllers new CommonResponse(ErrorCodes.Http.Timeline.PostsCreateForbid, MessagePostsCreateForbid)); } - await _service.CreatePost(username, User.Identity.Name!, body.Content, body.Time); - return Ok(); + var res = await _service.CreatePost(username, User.Identity.Name!, body.Content, body.Time); + return res; } - [HttpPut("user/{username}/timeline/description")] + [HttpPost("user/{username}/timeline/postop/delete")] [Authorize] - [SelfOrAdmin] - public async Task TimelinePutDescription([FromRoute][Username] string username, [FromBody] string body) - { - await _service.SetDescription(username, body); - return Ok(); - } - - private static TimelineVisibility StringToVisibility(string s) + [CatchTimelineNotExistException] + public async Task TimelinePostDelete([FromRoute][Username] string username, [FromBody] TimelinePostDeleteRequest body) { - if ("public".Equals(s, StringComparison.InvariantCultureIgnoreCase)) + var postId = body.Id!.Value; + if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!)) { - return TimelineVisibility.Public; - } - else if ("register".Equals(s, StringComparison.InvariantCultureIgnoreCase)) - { - return TimelineVisibility.Register; - } - else if ("private".Equals(s, StringComparison.InvariantCultureIgnoreCase)) - { - return TimelineVisibility.Private; + return StatusCode(StatusCodes.Status403Forbidden, + new CommonResponse(ErrorCodes.Http.Timeline.PostsCreateForbid, MessagePostsCreateForbid)); } - throw new ArgumentException(ExceptionStringToVisibility); + await _service.DeletePost(username, postId); + return Ok(); } - [HttpPut("user/{username}/timeline/visibility")] + [HttpPost("user/{username}/timeline/op/property")] [Authorize] [SelfOrAdmin] - public async Task TimelinePutVisibility([FromRoute][Username] string username, [FromBody][RegularExpression("public|register|private")] string body) + [CatchTimelineNotExistException] + public async Task TimelineChangeProperty([FromRoute][Username] string username, [FromBody] TimelinePropertyChangeRequest body) { - await _service.SetVisibility(username, StringToVisibility(body)); + await _service.ChangeProperty(username, body); return Ok(); } - [HttpPost("user/{username}/timeline/members/change")] + [HttpPost("user/{username}/timeline/op/member")] [Authorize] [SelfOrAdmin] - public async Task TimelineMembersChange([FromRoute][Username] string username, [FromBody] TimelineMemberChangeRequest body) + [CatchTimelineNotExistException] + public async Task TimelineChangeMember([FromRoute][Username] string username, [FromBody] TimelineMemberChangeRequest body) { - //TODO! + try + { + await _service.ChangeMember(username, body.Add, body.Remove); + return Ok(); + } + catch (TimelineMemberOperationUserException e) + { + if (e.InnerException is UsernameBadFormatException) + { + return BadRequest(CommonResponse.InvalidModel( + string.Format(CultureInfo.CurrentCulture, MessageMemberUsernameBadFormat, e.Index, e.Operation))); + } + else if (e.InnerException is UserNotExistException) + { + return BadRequest(new CommonResponse(ErrorCodes.Http.Timeline.MemberAddNotExist, + string.Format(CultureInfo.CurrentCulture, MessageMemberUserNotExist, e.Index, e.Operation))); + } + + _logger.LogError(e, LogUnknownTimelineMemberOperationUserException); + throw; + } } } } diff --git a/Timeline/Filters/Timeline.cs b/Timeline/Filters/Timeline.cs new file mode 100644 index 00000000..7859d409 --- /dev/null +++ b/Timeline/Filters/Timeline.cs @@ -0,0 +1,47 @@ +using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Mvc.Filters; +using Timeline.Models.Http; +using Timeline.Services; +using static Timeline.Resources.Filters; + +namespace Timeline +{ + public static partial class ErrorCodes + { + public static partial class Http + { + public static partial class Filter // bxx = 1xx + { + public static class Timeline // bbb = 102 + { + public const int UserNotExist = 11020101; + public const int NameNotExist = 11020102; + } + } + } + } +} + +namespace Timeline.Filters +{ + public class CatchTimelineNotExistExceptionAttribute : ExceptionFilterAttribute + { + [System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1062:Validate arguments of public methods")] + public override void OnException(ExceptionContext context) + { + if (context.Exception is TimelineNotExistException e) + { + if (e.InnerException is UserNotExistException) + { + context.Result = new BadRequestObjectResult( + new CommonResponse(ErrorCodes.Http.Filter.Timeline.UserNotExist, MessageTimelineNotExistUser)); + } + else + { + context.Result = new BadRequestObjectResult( + new CommonResponse(ErrorCodes.Http.Filter.Timeline.NameNotExist, MessageTimelineNotExist)); + } + } + } + } +} diff --git a/Timeline/Models/Http/Timeline.cs b/Timeline/Models/Http/Timeline.cs index 37de9e58..f676afa0 100644 --- a/Timeline/Models/Http/Timeline.cs +++ b/Timeline/Models/Http/Timeline.cs @@ -3,6 +3,7 @@ using System.Collections.Generic; using System.ComponentModel.DataAnnotations; using System.Linq; using System.Threading.Tasks; +using Timeline.Entities; namespace Timeline.Models.Http { @@ -14,6 +15,26 @@ namespace Timeline.Models.Http public DateTime? Time { get; set; } } + public class TimelinePostCreateResponse + { + public long Id { get; set; } + + public DateTime Time { get; set; } + } + + public class TimelinePostDeleteRequest + { + [Required] + public long? Id { get; set; } + } + + public class TimelinePropertyChangeRequest + { + public string? Description { get; set; } + + public TimelineVisibility? Visibility { get; set; } + } + [System.Diagnostics.CodeAnalysis.SuppressMessage("Usage", "CA2227:Collection properties should be read only", Justification = "This is a DTO class.")] public class TimelineMemberChangeRequest { diff --git a/Timeline/Resources/Controllers/TimelineController.Designer.cs b/Timeline/Resources/Controllers/TimelineController.Designer.cs index 1e56f651..5a4209c3 100644 --- a/Timeline/Resources/Controllers/TimelineController.Designer.cs +++ b/Timeline/Resources/Controllers/TimelineController.Designer.cs @@ -69,6 +69,33 @@ namespace Timeline.Resources.Controllers { } } + /// + /// Looks up a localized string similar to An unknown TimelineMemberOperationUserException is thrown. Can't recognize its inner exception. It is rethrown.. + /// + internal static string LogUnknownTimelineMemberOperationUserException { + get { + return ResourceManager.GetString("LogUnknownTimelineMemberOperationUserException", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to The {0}-st username to do operation {1} on is of bad format.. + /// + internal static string MessageMemberUsernameBadFormat { + get { + return ResourceManager.GetString("MessageMemberUsernameBadFormat", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to The {0}-st user to do operation {1} on does not exist.. + /// + internal static string MessageMemberUserNotExist { + get { + return ResourceManager.GetString("MessageMemberUserNotExist", resourceCulture); + } + } + /// /// Looks up a localized string similar to You have no permission to create posts in the timeline.. /// diff --git a/Timeline/Resources/Controllers/TimelineController.resx b/Timeline/Resources/Controllers/TimelineController.resx index 420ac419..7e323164 100644 --- a/Timeline/Resources/Controllers/TimelineController.resx +++ b/Timeline/Resources/Controllers/TimelineController.resx @@ -120,6 +120,15 @@ An unknown timeline visibility value. Can't convert it. + + An unknown TimelineMemberOperationUserException is thrown. Can't recognize its inner exception. It is rethrown. + + + The {0}-st username to do operation {1} on is of bad format. + + + The {0}-st user to do operation {1} on does not exist. + You have no permission to create posts in the timeline. diff --git a/Timeline/Resources/Controllers/TimelineController.zh.resx b/Timeline/Resources/Controllers/TimelineController.zh.resx index e22f44fa..cacce5fa 100644 --- a/Timeline/Resources/Controllers/TimelineController.zh.resx +++ b/Timeline/Resources/Controllers/TimelineController.zh.resx @@ -117,6 +117,12 @@ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + 第{0}个做{1}操作的用户名格式错误。 + + + 第{0}个做{1}操作的用户不存在。 + 你没有权限在这个时间线中创建消息。 diff --git a/Timeline/Resources/Filters.Designer.cs b/Timeline/Resources/Filters.Designer.cs index 3481e4ae..5576190d 100644 --- a/Timeline/Resources/Filters.Designer.cs +++ b/Timeline/Resources/Filters.Designer.cs @@ -123,6 +123,24 @@ namespace Timeline.Resources { } } + /// + /// Looks up a localized string similar to The requested timeline does not exist.. + /// + internal static string MessageTimelineNotExist { + get { + return ResourceManager.GetString("MessageTimelineNotExist", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to The requested personal timeline does not exist because the user does not exist.. + /// + internal static string MessageTimelineNotExistUser { + get { + return ResourceManager.GetString("MessageTimelineNotExistUser", resourceCulture); + } + } + /// /// Looks up a localized string similar to The user does not exist.. /// diff --git a/Timeline/Resources/Filters.resx b/Timeline/Resources/Filters.resx index b91d4612..7bfbc703 100644 --- a/Timeline/Resources/Filters.resx +++ b/Timeline/Resources/Filters.resx @@ -138,6 +138,12 @@ You can't access the resource unless you are the owner or administrator. + + The requested timeline does not exist. + + + The requested personal timeline does not exist because the user does not exist. + The user does not exist. diff --git a/Timeline/Resources/Filters.zh.resx b/Timeline/Resources/Filters.zh.resx index 159ac04a..36aac788 100644 --- a/Timeline/Resources/Filters.zh.resx +++ b/Timeline/Resources/Filters.zh.resx @@ -129,6 +129,12 @@ 你无权访问该资源除非你是资源的拥有者或者管理员。 + + 请求的时间线不存在。 + + + 请求的个人时间线不存在因为该用户不存在。 + 用户不存在。 diff --git a/Timeline/Resources/Services/Exception.Designer.cs b/Timeline/Resources/Services/Exception.Designer.cs index 1f6493cb..970c306d 100644 --- a/Timeline/Resources/Services/Exception.Designer.cs +++ b/Timeline/Resources/Services/Exception.Designer.cs @@ -286,11 +286,11 @@ namespace Timeline.Resources.Services { } /// - /// Looks up a localized string similar to An exception happened when operating on the {} member on timeline.. + /// Looks up a localized string similar to An exception happened when do operation {} on the {} member on timeline.. /// - internal static string TimelineMemberOperationExceptionIndex { + internal static string TimelineMemberOperationExceptionDetail { get { - return ResourceManager.GetString("TimelineMemberOperationExceptionIndex", resourceCulture); + return ResourceManager.GetString("TimelineMemberOperationExceptionDetail", resourceCulture); } } @@ -312,6 +312,15 @@ namespace Timeline.Resources.Services { } } + /// + /// Looks up a localized string similar to The timeline post does not exist. You can't do operation on it.. + /// + internal static string TimelinePostNotExistException { + get { + return ResourceManager.GetString("TimelinePostNotExistException", resourceCulture); + } + } + /// /// Looks up a localized string similar to The use is not a member of the timeline.. /// diff --git a/Timeline/Resources/Services/Exception.resx b/Timeline/Resources/Services/Exception.resx index 3e9d3747..c8f6676a 100644 --- a/Timeline/Resources/Services/Exception.resx +++ b/Timeline/Resources/Services/Exception.resx @@ -192,8 +192,8 @@ An exception happened when add or remove member on timeline. - - An exception happened when operating on the {} member on timeline. + + An exception happened when do operation {} on the {} member on timeline. Timeline name is of bad format. If this is a personal timeline, it means the username is of bad format and inner exception should be a UsernameBadFormatException. @@ -201,6 +201,9 @@ Timeline does not exist. If this is a personal timeline, it means the user does not exist and inner exception should be a UserNotExistException. + + The timeline post does not exist. You can't do operation on it. + The use is not a member of the timeline. diff --git a/Timeline/Services/TimelineMemberOperationUserException.cs b/Timeline/Services/TimelineMemberOperationUserException.cs index 998f1a6e..543ee160 100644 --- a/Timeline/Services/TimelineMemberOperationUserException.cs +++ b/Timeline/Services/TimelineMemberOperationUserException.cs @@ -6,6 +6,12 @@ namespace Timeline.Services [Serializable] public class TimelineMemberOperationUserException : Exception { + public enum MemberOperation + { + Add, + Remove + } + public TimelineMemberOperationUserException() : base(Resources.Services.Exception.TimelineMemberOperationException) { } public TimelineMemberOperationUserException(string message) : base(message) { } public TimelineMemberOperationUserException(string message, Exception inner) : base(message, inner) { } @@ -13,10 +19,13 @@ namespace Timeline.Services System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) : base(info, context) { } - public TimelineMemberOperationUserException(int index, string username, Exception inner) : base(MakeIndexMessage(index), inner) { Index = index; Username = username; } + public TimelineMemberOperationUserException(int index, MemberOperation operation, string username, Exception inner) + : base(MakeMessage(operation, index), inner) { Operation = operation; Index = index; Username = username; } + + private static string MakeMessage(MemberOperation operation, int index) => string.Format(CultureInfo.CurrentCulture, + Resources.Services.Exception.TimelineMemberOperationExceptionDetail, operation, index); - private static string MakeIndexMessage(int index) => string.Format(CultureInfo.CurrentCulture, - Resources.Services.Exception.TimelineMemberOperationExceptionIndex, index); + public MemberOperation? Operation { get; set; } /// /// The index of the member on which the operation failed. diff --git a/Timeline/Services/TimelinePostNotExistException.cs b/Timeline/Services/TimelinePostNotExistException.cs new file mode 100644 index 00000000..97e5d550 --- /dev/null +++ b/Timeline/Services/TimelinePostNotExistException.cs @@ -0,0 +1,23 @@ +using System; + +namespace Timeline.Services +{ + [Serializable] + public class TimelinePostNotExistException : Exception + { + public TimelinePostNotExistException() { } + public TimelinePostNotExistException(string message) : base(message) { } + public TimelinePostNotExistException(string message, Exception inner) : base(message, inner) { } + protected TimelinePostNotExistException( + System.Runtime.Serialization.SerializationInfo info, + System.Runtime.Serialization.StreamingContext context) : base(info, context) { } + + public TimelinePostNotExistException(long id) : base(Resources.Services.Exception.TimelinePostNotExistException) { Id = id; } + + public TimelinePostNotExistException(long id, string message) : base(message) { Id = id; } + + public TimelinePostNotExistException(long id, string message, Exception inner) : base(message, inner) { Id = id; } + + public long Id { get; set; } + } +} diff --git a/Timeline/Services/TimelineService.cs b/Timeline/Services/TimelineService.cs index 7fe32cac..28b1f91d 100644 --- a/Timeline/Services/TimelineService.cs +++ b/Timeline/Services/TimelineService.cs @@ -4,6 +4,7 @@ using System.Linq; using System.Threading.Tasks; using Timeline.Entities; using Timeline.Models; +using Timeline.Models.Http; namespace Timeline.Services { @@ -45,7 +46,7 @@ namespace Timeline.Services /// The author's username. /// The content. /// The time of the post. If null, then use current time. - /// + /// The info of the created post. /// Thrown when or or is null. /// /// Thrown when timeline name is of bad format. @@ -61,14 +62,14 @@ namespace Timeline.Services /// /// Thrown if is of bad format. /// Thrown if does not exist. - Task CreatePost(string name, string author, string content, DateTime? time); + Task CreatePost(string name, string author, string content, DateTime? time); /// - /// Set the visibility permission of a timeline. + /// Delete a post /// /// Username or the timeline name. See remarks of . - /// The new visibility. - /// Thrown when is null. + /// The id of the post to delete. + /// Thrown when or is null. /// /// Thrown when timeline name is of bad format. /// For normal timeline, it means name is an empty string. @@ -81,14 +82,21 @@ namespace Timeline.Services /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// - Task SetVisibility(string name, TimelineVisibility visibility); + /// + /// Thrown when the post with given id does not exist or is deleted already. + /// + /// + /// First use + /// to check the permission. + /// + Task DeletePost(string name, long id); /// - /// Set the description of a timeline. + /// Set the properties of a timeline. /// /// Username or the timeline name. See remarks of . - /// The new description. - /// Thrown when or is null. + /// The new properties. Null member means not to change. + /// Thrown when or is null. /// /// Thrown when timeline name is of bad format. /// For normal timeline, it means name is an empty string. @@ -101,7 +109,7 @@ namespace Timeline.Services /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// - Task SetDescription(string name, string description); + Task ChangeProperty(string name, TimelinePropertyChangeRequest newProperties); /// /// Remove members to a timeline. @@ -159,6 +167,40 @@ namespace Timeline.Services /// True if can read, false if can't read. Task HasReadPermission(string name, string? username); + /// + /// Verify whether a user has the permission to modify a post. + /// + /// Username or the timeline name. See remarks of . + /// The user to check on. + /// True if can modify, false if can't modify. + /// Thrown when or is null. + /// + /// Thrown when timeline name is of bad format. + /// For normal timeline, it means name is an empty string. + /// For personal timeline, it means the username is of bad format, + /// the inner exception should be a . + /// + /// + /// Thrown when timeline does not exist. + /// For normal timeline, it means the name does not exist. + /// For personal timeline, it means the user of that username does not exist + /// and the inner exception should be a . + /// + /// + /// Thrown when the post with given id does not exist or is deleted already. + /// + /// + /// Thrown when is of bad format. + /// + /// + /// Thrown when does not exist. + /// + /// + /// This method does not check whether the user is administrator. + /// It only checks whether he is the author of the post or the owner of the timeline. + /// + Task HasPostModifyPermission(string name, long id, string username); + /// /// Verify whether a user is member of a timeline. /// -- cgit v1.2.3 From ea8d82143c07afb38767d6afb4be0031452495fb Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Sat, 9 Nov 2019 23:44:20 +0800 Subject: Add PersonalTimelineController PostOperationCreate unit tests. --- .../Controllers/PersonalTimelineControllerTest.cs | 89 +++++++++++++++++++--- Timeline/Controllers/PersonalTimelineController.cs | 6 +- Timeline/Models/Http/Timeline.cs | 2 +- 3 files changed, 82 insertions(+), 15 deletions(-) (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs index 6857a27f..27b37f94 100644 --- a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs +++ b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs @@ -65,14 +65,14 @@ namespace Timeline.Tests.Controllers } { - var m = type.GetMethod(nameof(PersonalTimelineController.PostsGet)); + var m = type.GetMethod(nameof(PersonalTimelineController.PostListGet)); m.Should().BeDecoratedWith() .And.BeDecoratedWith(); AssertUsernameParameter(m); } { - var m = type.GetMethod(nameof(PersonalTimelineController.TimelinePost)); + var m = type.GetMethod(nameof(PersonalTimelineController.PostOperationCreate)); m.Should().BeDecoratedWith() .And.BeDecoratedWith() .And.BeDecoratedWith(); @@ -81,7 +81,7 @@ namespace Timeline.Tests.Controllers } { - var m = type.GetMethod(nameof(PersonalTimelineController.TimelinePostDelete)); + var m = type.GetMethod(nameof(PersonalTimelineController.PostOperationDelete)); m.Should().BeDecoratedWith() .And.BeDecoratedWith() .And.BeDecoratedWith(); @@ -133,43 +133,110 @@ namespace Timeline.Tests.Controllers } [Fact] - public async Task PostsGet_Forbid() + public async Task PostListGet_Forbid() { const string username = "username"; SetUser(false); _service.Setup(s => s.HasReadPermission(username, authUsername)).ReturnsAsync(false); - (await _controller.PostsGet(username)).Result + var result = (await _controller.PostListGet(username)).Result .Should().BeAssignableTo() - .Which.Value.Should().BeAssignableTo() - .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostsGetForbid); + .Which; + result.StatusCode.Should().Be(StatusCodes.Status403Forbidden); + result.Value.Should().BeAssignableTo() + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostsGetForbid); _service.VerifyAll(); } [Fact] - public async Task PostsGet_Admin_Success() + public async Task PostListGet_Admin_Success() { const string username = "username"; SetUser(true); _service.Setup(s => s.GetPosts(username)).ReturnsAsync(new List()); - (await _controller.PostsGet(username)).Value + (await _controller.PostListGet(username)).Value .Should().BeAssignableTo>() .Which.Should().NotBeNull().And.BeEmpty(); _service.VerifyAll(); } [Fact] - public async Task PostsGet_User_Success() + public async Task PostListGet_User_Success() { const string username = "username"; SetUser(false); _service.Setup(s => s.HasReadPermission(username, authUsername)).ReturnsAsync(true); _service.Setup(s => s.GetPosts(username)).ReturnsAsync(new List()); - (await _controller.PostsGet(username)).Value + (await _controller.PostListGet(username)).Value .Should().BeAssignableTo>() .Which.Should().NotBeNull().And.BeEmpty(); _service.VerifyAll(); } + [Fact] + public async Task PostOperationCreate_Forbid() + { + const string username = "username"; + const string content = "cccc"; + SetUser(false); + _service.Setup(s => s.IsMemberOf(username, authUsername)).ReturnsAsync(false); + var result = (await _controller.PostOperationCreate(username, new TimelinePostCreateRequest + { + Content = content, + Time = null + })).Result.Should().NotBeNull().And.BeAssignableTo().Which; + result.StatusCode.Should().Be(StatusCodes.Status403Forbidden); + result.Value.Should().BeAssignableTo() + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostsCreateForbid); + _service.VerifyAll(); + } + + [Fact] + public async Task PostOperationCreate_Admin_Success() + { + const string username = "username"; + const string content = "cccc"; + var response = new TimelinePostCreateResponse + { + Id = 3, + Time = DateTime.Now + }; + SetUser(true); + _service.Setup(s => s.CreatePost(username, authUsername, content, null)).ReturnsAsync(response); + var resultValue = (await _controller.PostOperationCreate(username, new TimelinePostCreateRequest + { + Content = content, + Time = null + })).Value; + resultValue.Should().NotBeNull() + .And.BeAssignableTo() + .And.BeEquivalentTo(response); + _service.VerifyAll(); + } + + [Fact] + public async Task PostOperationCreate_User_Success() + { + const string username = "username"; + const string content = "cccc"; + var response = new TimelinePostCreateResponse + { + Id = 3, + Time = DateTime.Now + }; + SetUser(false); + _service.Setup(s => s.IsMemberOf(username, authUsername)).ReturnsAsync(true); + _service.Setup(s => s.CreatePost(username, authUsername, content, null)).ReturnsAsync(response); + var resultValue = (await _controller.PostOperationCreate(username, new TimelinePostCreateRequest + { + Content = content, + Time = null + })).Value; + resultValue.Should().NotBeNull() + .And.BeAssignableTo() + .And.BeEquivalentTo(response); + _service.VerifyAll(); + } + //TODO! Write all the other tests. } } diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index f006ad47..f41e354b 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -74,7 +74,7 @@ namespace Timeline.Controllers [HttpGet("users/{username}/timeline/posts")] [CatchTimelineNotExistException] - public async Task>> PostsGet([FromRoute][Username] string username) + public async Task>> PostListGet([FromRoute][Username] string username) { if (!IsAdmin() && !await _service.HasReadPermission(username, GetAuthUsername())) { @@ -88,7 +88,7 @@ namespace Timeline.Controllers [HttpPost("user/{username}/timeline/postop/create")] [Authorize] [CatchTimelineNotExistException] - public async Task> TimelinePost([FromRoute][Username] string username, [FromBody] TimelinePostCreateRequest body) + public async Task> PostOperationCreate([FromRoute][Username] string username, [FromBody] TimelinePostCreateRequest body) { if (!IsAdmin() && !await _service.IsMemberOf(username, GetAuthUsername()!)) { @@ -103,7 +103,7 @@ namespace Timeline.Controllers [HttpPost("user/{username}/timeline/postop/delete")] [Authorize] [CatchTimelineNotExistException] - public async Task TimelinePostDelete([FromRoute][Username] string username, [FromBody] TimelinePostDeleteRequest body) + public async Task PostOperationDelete([FromRoute][Username] string username, [FromBody] TimelinePostDeleteRequest body) { var postId = body.Id!.Value; if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!)) diff --git a/Timeline/Models/Http/Timeline.cs b/Timeline/Models/Http/Timeline.cs index f676afa0..06b88ad1 100644 --- a/Timeline/Models/Http/Timeline.cs +++ b/Timeline/Models/Http/Timeline.cs @@ -9,7 +9,7 @@ namespace Timeline.Models.Http { public class TimelinePostCreateRequest { - [Required(AllowEmptyStrings = false)] + [Required(AllowEmptyStrings = true)] public string Content { get; set; } = default!; public DateTime? Time { get; set; } -- cgit v1.2.3 From c348cd3972aa30eb3f09ae61ba99374527a01af8 Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Tue, 12 Nov 2019 20:09:41 +0800 Subject: Complete personal timeline controller unit tests. --- .../Controllers/PersonalTimelineControllerTest.cs | 153 ++++++++++++++++++++- Timeline/Controllers/PersonalTimelineController.cs | 25 +++- .../Controllers/TimelineController.Designer.cs | 28 +++- .../Resources/Controllers/TimelineController.resx | 12 +- .../Controllers/TimelineController.zh.resx | 12 +- 5 files changed, 209 insertions(+), 21 deletions(-) (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs index 27b37f94..aecd10af 100644 --- a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs +++ b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs @@ -143,7 +143,7 @@ namespace Timeline.Tests.Controllers .Which; result.StatusCode.Should().Be(StatusCodes.Status403Forbidden); result.Value.Should().BeAssignableTo() - .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostsGetForbid); + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostListGetForbid); _service.VerifyAll(); } @@ -186,7 +186,7 @@ namespace Timeline.Tests.Controllers })).Result.Should().NotBeNull().And.BeAssignableTo().Which; result.StatusCode.Should().Be(StatusCodes.Status403Forbidden); result.Value.Should().BeAssignableTo() - .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostsCreateForbid); + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostOperationCreateForbid); _service.VerifyAll(); } @@ -237,6 +237,153 @@ namespace Timeline.Tests.Controllers _service.VerifyAll(); } - //TODO! Write all the other tests. + [Fact] + public async Task PostOperationDelete_Forbid() + { + const string username = "username"; + const long postId = 2; + SetUser(false); + _service.Setup(s => s.HasPostModifyPermission(username, postId, authUsername)).ReturnsAsync(false); + var result = (await _controller.PostOperationDelete(username, new TimelinePostDeleteRequest + { + Id = postId + })).Should().NotBeNull().And.BeAssignableTo().Which; + result.StatusCode.Should().Be(StatusCodes.Status403Forbidden); + result.Value.Should().BeAssignableTo() + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostOperationDeleteForbid); + _service.VerifyAll(); + } + + [Fact] + public async Task PostOperationDelete_NotExist() + { + const string username = "username"; + const long postId = 2; + SetUser(true); + _service.Setup(s => s.DeletePost(username, postId)).ThrowsAsync(new TimelinePostNotExistException()); + var result = (await _controller.PostOperationDelete(username, new TimelinePostDeleteRequest + { + Id = postId + })).Should().NotBeNull().And.BeAssignableTo().Which; + result.StatusCode.Should().Be(StatusCodes.Status400BadRequest); + result.Value.Should().BeAssignableTo() + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostOperationDeleteNotExist); + _service.VerifyAll(); + } + + [Fact] + public async Task PostOperationDelete_Admin_Success() + { + const string username = "username"; + const long postId = 2; + SetUser(true); + _service.Setup(s => s.DeletePost(username, postId)).Returns(Task.CompletedTask); + var result = await _controller.PostOperationDelete(username, new TimelinePostDeleteRequest + { + Id = postId + }); + result.Should().NotBeNull().And.BeAssignableTo(); + _service.VerifyAll(); + } + + [Fact] + public async Task PostOperationDelete_User_Success() + { + const string username = "username"; + const long postId = 2; + SetUser(false); + _service.Setup(s => s.DeletePost(username, postId)).Returns(Task.CompletedTask); + _service.Setup(s => s.HasPostModifyPermission(username, postId, authUsername)).ReturnsAsync(true); + var result = await _controller.PostOperationDelete(username, new TimelinePostDeleteRequest + { + Id = postId + }); + result.Should().NotBeNull().And.BeAssignableTo(); + _service.VerifyAll(); + } + + [Fact] + public async Task TimelineChangeProperty_Success() + { + const string username = "username"; + var req = new TimelinePropertyChangeRequest + { + Description = "", + Visibility = Entities.TimelineVisibility.Private + }; + _service.Setup(s => s.ChangeProperty(username, req)).Returns(Task.CompletedTask); + var result = await _controller.TimelineChangeProperty(username, req); + result.Should().NotBeNull().And.BeAssignableTo(); + _service.VerifyAll(); + } + + [Fact] + public async Task TimelineChangeMember_Success() + { + const string username = "username"; + var add = new List { "aaa" }; + var remove = new List { "rrr" }; + _service.Setup(s => s.ChangeMember(username, add, remove)).Returns(Task.CompletedTask); + var result = await _controller.TimelineChangeMember(username, new TimelineMemberChangeRequest + { + Add = add, + Remove = remove + }); + result.Should().NotBeNull().And.BeAssignableTo(); + _service.VerifyAll(); + } + + [Fact] + public async Task TimelineChangeMember_UsernameBadFormat() + { + const string username = "username"; + var add = new List { "aaa" }; + var remove = new List { "rrr" }; + _service.Setup(s => s.ChangeMember(username, add, remove)).ThrowsAsync( + new TimelineMemberOperationUserException("test", new UsernameBadFormatException())); + var result = await _controller.TimelineChangeMember(username, new TimelineMemberChangeRequest + { + Add = add, + Remove = remove + }); + result.Should().NotBeNull().And.BeAssignableTo() + .Which.Value.Should().BeAssignableTo() + .Which.Code.Should().Be(ErrorCodes.Http.Common.InvalidModel); + _service.VerifyAll(); + } + + [Fact] + public async Task TimelineChangeMember_AddNotExist() + { + const string username = "username"; + var add = new List { "aaa" }; + var remove = new List { "rrr" }; + _service.Setup(s => s.ChangeMember(username, add, remove)).ThrowsAsync( + new TimelineMemberOperationUserException("test", new UserNotExistException())); + var result = await _controller.TimelineChangeMember(username, new TimelineMemberChangeRequest + { + Add = add, + Remove = remove + }); + result.Should().NotBeNull().And.BeAssignableTo() + .Which.Value.Should().BeAssignableTo() + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.MemberAddNotExist); + _service.VerifyAll(); + } + + [Fact] + public async Task TimelineChangeMember_UnknownTimelineMemberOperationUserException() + { + const string username = "username"; + var add = new List { "aaa" }; + var remove = new List { "rrr" }; + _service.Setup(s => s.ChangeMember(username, add, remove)).ThrowsAsync( + new TimelineMemberOperationUserException("test", null)); + await _controller.Awaiting(c => c.TimelineChangeMember(username, new TimelineMemberChangeRequest + { + Add = add, + Remove = remove + })).Should().ThrowAsync(); // Should rethrow. + } } } diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index f41e354b..f0f4e4c2 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -21,9 +21,11 @@ namespace Timeline { public static class Timeline // ccc = 004 { - public const int PostsGetForbid = 10040101; - public const int PostsCreateForbid = 10040102; - public const int MemberAddNotExist = 10040201; + public const int PostListGetForbid = 10040101; + public const int PostOperationCreateForbid = 10040102; + public const int PostOperationDeleteForbid = 10040103; + public const int PostOperationDeleteNotExist = 10040201; + public const int MemberAddNotExist = 10040301; } } } @@ -79,7 +81,7 @@ namespace Timeline.Controllers if (!IsAdmin() && !await _service.HasReadPermission(username, GetAuthUsername())) { return StatusCode(StatusCodes.Status403Forbidden, - new CommonResponse(ErrorCodes.Http.Timeline.PostsGetForbid, MessagePostsGetForbid)); + new CommonResponse(ErrorCodes.Http.Timeline.PostListGetForbid, MessagePostListGetForbid)); } return await _service.GetPosts(username); @@ -93,7 +95,7 @@ namespace Timeline.Controllers if (!IsAdmin() && !await _service.IsMemberOf(username, GetAuthUsername()!)) { return StatusCode(StatusCodes.Status403Forbidden, - new CommonResponse(ErrorCodes.Http.Timeline.PostsCreateForbid, MessagePostsCreateForbid)); + new CommonResponse(ErrorCodes.Http.Timeline.PostOperationCreateForbid, MessagePostOperationCreateForbid)); } var res = await _service.CreatePost(username, User.Identity.Name!, body.Content, body.Time); @@ -109,9 +111,18 @@ namespace Timeline.Controllers if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!)) { return StatusCode(StatusCodes.Status403Forbidden, - new CommonResponse(ErrorCodes.Http.Timeline.PostsCreateForbid, MessagePostsCreateForbid)); + new CommonResponse(ErrorCodes.Http.Timeline.PostOperationDeleteForbid, MessagePostOperationCreateForbid)); + } + try + { + await _service.DeletePost(username, postId); + } + catch (TimelinePostNotExistException) + { + return BadRequest(new CommonResponse( + ErrorCodes.Http.Timeline.PostOperationDeleteNotExist, + MessagePostOperationDeleteNotExist)); } - await _service.DeletePost(username, postId); return Ok(); } diff --git a/Timeline/Resources/Controllers/TimelineController.Designer.cs b/Timeline/Resources/Controllers/TimelineController.Designer.cs index 5a4209c3..47c43fa2 100644 --- a/Timeline/Resources/Controllers/TimelineController.Designer.cs +++ b/Timeline/Resources/Controllers/TimelineController.Designer.cs @@ -96,21 +96,39 @@ namespace Timeline.Resources.Controllers { } } + /// + /// Looks up a localized string similar to You have no permission to read posts of the timeline.. + /// + internal static string MessagePostListGetForbid { + get { + return ResourceManager.GetString("MessagePostListGetForbid", resourceCulture); + } + } + /// /// Looks up a localized string similar to You have no permission to create posts in the timeline.. /// - internal static string MessagePostsCreateForbid { + internal static string MessagePostOperationCreateForbid { get { - return ResourceManager.GetString("MessagePostsCreateForbid", resourceCulture); + return ResourceManager.GetString("MessagePostOperationCreateForbid", resourceCulture); } } /// - /// Looks up a localized string similar to You have no permission to read posts of the timeline.. + /// Looks up a localized string similar to You have no permission to delete posts in the timeline.. + /// + internal static string MessagePostOperationDeleteForbid { + get { + return ResourceManager.GetString("MessagePostOperationDeleteForbid", resourceCulture); + } + } + + /// + /// Looks up a localized string similar to The post to delete does not exist.. /// - internal static string MessagePostsGetForbid { + internal static string MessagePostOperationDeleteNotExist { get { - return ResourceManager.GetString("MessagePostsGetForbid", resourceCulture); + return ResourceManager.GetString("MessagePostOperationDeleteNotExist", resourceCulture); } } } diff --git a/Timeline/Resources/Controllers/TimelineController.resx b/Timeline/Resources/Controllers/TimelineController.resx index 7e323164..0cf7e881 100644 --- a/Timeline/Resources/Controllers/TimelineController.resx +++ b/Timeline/Resources/Controllers/TimelineController.resx @@ -129,10 +129,16 @@ The {0}-st user to do operation {1} on does not exist. - + + You have no permission to read posts of the timeline. + + You have no permission to create posts in the timeline. - - You have no permission to read posts of the timeline. + + You have no permission to delete posts in the timeline. + + + The post to delete does not exist. \ No newline at end of file diff --git a/Timeline/Resources/Controllers/TimelineController.zh.resx b/Timeline/Resources/Controllers/TimelineController.zh.resx index cacce5fa..170ab4cd 100644 --- a/Timeline/Resources/Controllers/TimelineController.zh.resx +++ b/Timeline/Resources/Controllers/TimelineController.zh.resx @@ -123,10 +123,16 @@ 第{0}个做{1}操作的用户不存在。 - + + 你没有权限读取这个时间线消息。 + + 你没有权限在这个时间线中创建消息。 - - 你没有权限读取这个时间线消息。 + + 你没有权限在这个时间线中删除消息。 + + + 要删除的消息不存在。 \ No newline at end of file -- cgit v1.2.3 From a1e6182c205f726b33c47438a8334449ca92d411 Mon Sep 17 00:00:00 2001 From: 杨宇千 Date: Wed, 13 Nov 2019 22:55:31 +0800 Subject: WIP : Write timeline service. --- .../Controllers/PersonalTimelineControllerTest.cs | 2 +- Timeline/Controllers/PersonalTimelineController.cs | 4 +- Timeline/Entities/DatabaseContext.cs | 1 + Timeline/Services/TimelineService.cs | 336 ++++++++++++++++++++- Timeline/Services/UsernameBadFormatException.cs | 4 +- 5 files changed, 336 insertions(+), 11 deletions(-) (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs index aecd10af..a7cbb37e 100644 --- a/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs +++ b/Timeline.Tests/Controllers/PersonalTimelineControllerTest.cs @@ -367,7 +367,7 @@ namespace Timeline.Tests.Controllers }); result.Should().NotBeNull().And.BeAssignableTo() .Which.Value.Should().BeAssignableTo() - .Which.Code.Should().Be(ErrorCodes.Http.Timeline.MemberAddNotExist); + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.ChangeMemberUserNotExist); _service.VerifyAll(); } diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index f0f4e4c2..af6a70f8 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -25,7 +25,7 @@ namespace Timeline public const int PostOperationCreateForbid = 10040102; public const int PostOperationDeleteForbid = 10040103; public const int PostOperationDeleteNotExist = 10040201; - public const int MemberAddNotExist = 10040301; + public const int ChangeMemberUserNotExist = 10040301; } } } @@ -156,7 +156,7 @@ namespace Timeline.Controllers } else if (e.InnerException is UserNotExistException) { - return BadRequest(new CommonResponse(ErrorCodes.Http.Timeline.MemberAddNotExist, + return BadRequest(new CommonResponse(ErrorCodes.Http.Timeline.ChangeMemberUserNotExist, string.Format(CultureInfo.CurrentCulture, MessageMemberUserNotExist, e.Index, e.Operation))); } diff --git a/Timeline/Entities/DatabaseContext.cs b/Timeline/Entities/DatabaseContext.cs index 19df32c6..123ae0f3 100644 --- a/Timeline/Entities/DatabaseContext.cs +++ b/Timeline/Entities/DatabaseContext.cs @@ -22,5 +22,6 @@ namespace Timeline.Entities public DbSet UserDetails { get; set; } = default!; public DbSet Timelines { get; set; } = default!; public DbSet TimelinePosts { get; set; } = default!; + public DbSet TimelineMembers { get; set; } = default!; } } diff --git a/Timeline/Services/TimelineService.cs b/Timeline/Services/TimelineService.cs index 28b1f91d..eff0c3fc 100644 --- a/Timeline/Services/TimelineService.cs +++ b/Timeline/Services/TimelineService.cs @@ -1,10 +1,12 @@ -using System; +using Microsoft.EntityFrameworkCore; +using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Timeline.Entities; using Timeline.Models; using Timeline.Models.Http; +using Timeline.Models.Validation; namespace Timeline.Services { @@ -135,14 +137,14 @@ namespace Timeline.Services /// The inner exception is /// when one of the username is invalid. /// The inner exception is - /// when one of the user to add does not exist. + /// when one of the user to change does not exist. /// /// - /// Operating on a username that is of bad format always throws. + /// Operating on a username that is of bad format or does not exist always throws. /// Add a user that already is a member has no effects. /// Remove a user that is not a member also has not effects. - /// Add a user that does not exist will throw . - /// But remove one does not throw. + /// Add and remove an identical user results in no effects. + /// More than one same usernames are regarded as one. /// Task ChangeMember(string name, IList? add, IList? remove); @@ -151,6 +153,7 @@ namespace Timeline.Services /// /// Username or the timeline name. See remarks of . /// The user to check on. Null means visitor without account. + /// True if can read, false if can't read. /// Thrown when is null. /// /// Thrown when timeline name is of bad format. @@ -164,7 +167,12 @@ namespace Timeline.Services /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// - /// True if can read, false if can't read. + /// + /// Thrown when is of bad format. + /// + /// + /// Thrown when does not exist. + /// Task HasReadPermission(string name, string? username); /// @@ -285,4 +293,320 @@ namespace Timeline.Services /// Task GetTimeline(string username); } + + public abstract class BaseTimelineService : IBaseTimelineService + { + protected BaseTimelineService(DatabaseContext database, IClock clock) + { + Clock = clock; + Database = database; + } + + protected IClock Clock { get; } + + protected UsernameValidator UsernameValidator { get; } = new UsernameValidator(); + + protected DatabaseContext Database { get; } + + /// + /// Find the timeline id by the name. + /// For details, see remarks. + /// + /// The username or the timeline name. See remarks. + /// The id of the timeline entity. + /// Thrown when is null. + /// + /// Thrown when timeline name is of bad format. + /// For normal timeline, it means name is an empty string. + /// For personal timeline, it means the username is of bad format, + /// the inner exception should be a . + /// + /// + /// Thrown when timeline does not exist. + /// For normal timeline, it means the name does not exist. + /// For personal timeline, it means the user of that username does not exist + /// and the inner exception should be a . + /// + /// + /// This is the common but different part for both types of timeline service. + /// For class that implements , this method should + /// find the timeline entity id by the given as the username of the owner. + /// For class that implements , this method should + /// find the timeline entity id by the given as the timeline name. + /// This method should be called by many other method that follows the contract. + /// + protected abstract Task FindTimelineId(string name); + + public async Task> GetPosts(string name) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + + var timelineId = await FindTimelineId(name); + var postEntities = await Database.TimelinePosts.Where(p => p.TimelineId == timelineId).ToListAsync(); + var posts = new List(await Task.WhenAll(postEntities.Select(async p => new TimelinePostInfo + { + Id = p.Id, + Content = p.Content, + Author = (await Database.Users.Where(u => u.Id == p.AuthorId).Select(u => new { u.Name }).SingleAsync()).Name, + Time = p.Time + }))); + return posts; + } + + public async Task CreatePost(string name, string author, string content, DateTime? time) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + if (author == null) + throw new ArgumentNullException(nameof(author)); + if (content == null) + throw new ArgumentNullException(nameof(content)); + + { + var (result, message) = UsernameValidator.Validate(author); + if (!result) + { + throw new UsernameBadFormatException(author, message); + } + } + + var timelineId = await FindTimelineId(name); + + var authorEntity = Database.Users.Where(u => u.Name == author).Select(u => new { u.Id }).SingleOrDefault(); + if (authorEntity == null) + { + throw new UserNotExistException(author); + } + var authorId = authorEntity.Id; + + var currentTime = Clock.GetCurrentTime(); + + var postEntity = new TimelinePostEntity + { + Content = content, + AuthorId = authorId, + TimelineId = timelineId, + Time = time ?? currentTime, + LastUpdated = currentTime + }; + + Database.TimelinePosts.Add(postEntity); + await Database.SaveChangesAsync(); + + return new TimelinePostCreateResponse + { + Id = postEntity.Id, + Time = postEntity.Time + }; + } + + public async Task DeletePost(string name, long id) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + + var timelineId = FindTimelineId(name); + + var post = await Database.TimelinePosts.Where(p => p.Id == id).SingleOrDefaultAsync(); + + if (post == null) + throw new TimelinePostNotExistException(id); + + Database.TimelinePosts.Remove(post); + await Database.SaveChangesAsync(); + } + + public async Task ChangeProperty(string name, TimelinePropertyChangeRequest newProperties) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + if (newProperties == null) + throw new ArgumentNullException(nameof(newProperties)); + + var timelineId = await FindTimelineId(name); + + var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).SingleAsync(); + + if (newProperties.Description != null) + { + timelineEntity.Description = newProperties.Description; + } + + if (newProperties.Visibility.HasValue) + { + timelineEntity.Visibility = newProperties.Visibility.Value; + } + + await Database.SaveChangesAsync(); + } + + public async Task ChangeMember(string name, IList? add, IList? remove) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + + // remove duplication and check the format of each username. + // Return a username->index map. + Dictionary? RemoveDuplicateAndCheckFormat(IList? list, TimelineMemberOperationUserException.MemberOperation operation) + { + if (list != null) + { + Dictionary result = new Dictionary(); + var count = 0; + for (var index = 0; index < count; index++) + { + var username = list[index]; + if (result.ContainsKey(username)) + { + continue; + } + var (validationResult, message) = UsernameValidator.Validate(username); + if (!validationResult) + throw new TimelineMemberOperationUserException( + index, operation, username, + new UsernameBadFormatException(username, message)); + result.Add(username, index); + } + return result; + } + else + { + return null; + } + } + var simplifiedAdd = RemoveDuplicateAndCheckFormat(add, TimelineMemberOperationUserException.MemberOperation.Add); + var simplifiedRemove = RemoveDuplicateAndCheckFormat(remove, TimelineMemberOperationUserException.MemberOperation.Remove); + + // remove those both in add and remove + if (simplifiedAdd != null && simplifiedRemove != null) + { + var usersToClean = simplifiedRemove.Keys.Where(u => simplifiedAdd.ContainsKey(u)); + foreach (var u in usersToClean) + { + simplifiedAdd.Remove(u); + simplifiedRemove.Remove(u); + } + } + + var timelineId = await FindTimelineId(name); + + async Task?> CheckExistenceAndGetId(Dictionary? map, TimelineMemberOperationUserException.MemberOperation operation) + { + if (map == null) + return null; + + List result = new List(); + foreach (var (username, index) in map) + { + var user = await Database.Users.Where(u => u.Name == username).Select(u => new { u.Id }).SingleOrDefaultAsync(); + if (user == null) + { + throw new TimelineMemberOperationUserException(index, operation, username, + new UserNotExistException(username)); + } + result.Add(user.Id); + } + return result; + } + var userIdsAdd = await CheckExistenceAndGetId(simplifiedAdd, TimelineMemberOperationUserException.MemberOperation.Add); + var userIdsRemove = await CheckExistenceAndGetId(simplifiedRemove, TimelineMemberOperationUserException.MemberOperation.Remove); + + if (userIdsAdd != null) + { + var membersToAdd = userIdsAdd.Select(id => new TimelineMemberEntity { UserId = id, TimelineId = timelineId }).ToList(); + Database.TimelineMembers.AddRange(membersToAdd); + } + + if (userIdsRemove != null) + { + var membersToRemove = await Database.TimelineMembers.Where(m => m.TimelineId == timelineId && userIdsRemove.Contains(m.UserId)).ToListAsync(); + Database.TimelineMembers.RemoveRange(membersToRemove); + } + + await Database.SaveChangesAsync(); + } + + public async Task HasReadPermission(string name, string? username) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + + long? userId = null; + if (username != null) + { + var (result, message) = UsernameValidator.Validate(username); + if (!result) + { + throw new UsernameBadFormatException(username); + } + + var user = await Database.Users.Where(u => u.Name == username).Select(u => new { u.Id }).SingleOrDefaultAsync(); + + if (user == null) + { + throw new UserNotExistException(username); + } + + userId = user.Id; + } + + var timelineId = await FindTimelineId(name); + + var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).Select(t => new { t.Visibility }).SingleAsync(); + + if (timelineEntity.Visibility == TimelineVisibility.Public) + return true; + + if (timelineEntity.Visibility == TimelineVisibility.Register && username != null) + return true; + + if (userId == null) + { + return false; + } + else + { + var memberEntity = await Database.TimelineMembers.Where(m => m.UserId == userId && m.TimelineId == timelineId).SingleOrDefaultAsync(); + return memberEntity != null; + } + } + + public async Task HasPostModifyPermission(string name, long id, string username) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + if (username == null) + throw new ArgumentNullException(nameof(username)); + + { + var (result, message) = UsernameValidator.Validate(username); + if (!result) + { + throw new UsernameBadFormatException(username); + } + } + + var user = await Database.Users.Where(u => u.Name == username).Select(u => new { u.Id }).SingleOrDefaultAsync(); + + if (user == null) + { + throw new UserNotExistException(username); + } + + var userId = user.Id; + + var timelineId = await FindTimelineId(name); + + var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).Select(t => new { t.OwnerId }).SingleAsync(); + + var postEntitu = await Database.Timelines. // TODO! + + if (timelineEntity.OwnerId == userId) + { + return true; + } + } + + } } diff --git a/Timeline/Services/UsernameBadFormatException.cs b/Timeline/Services/UsernameBadFormatException.cs index 04354d22..d82bf962 100644 --- a/Timeline/Services/UsernameBadFormatException.cs +++ b/Timeline/Services/UsernameBadFormatException.cs @@ -9,8 +9,8 @@ namespace Timeline.Services public class UsernameBadFormatException : Exception { public UsernameBadFormatException() : base(Resources.Services.Exception.UsernameBadFormatException) { } - public UsernameBadFormatException(string message) : base(message) { } - public UsernameBadFormatException(string message, Exception inner) : base(message, inner) { } + public UsernameBadFormatException(string username) : this() { Username = username; } + public UsernameBadFormatException(string username, Exception inner) : base(Resources.Services.Exception.UsernameBadFormatException, inner) { Username = username; } public UsernameBadFormatException(string username, string message) : base(message) { Username = username; } public UsernameBadFormatException(string username, string message, Exception inner) : base(message, inner) { Username = username; } -- cgit v1.2.3 From 5b5bb69c3ba2150816f120860be46d49c5bc37aa Mon Sep 17 00:00:00 2001 From: crupest Date: Sun, 17 Nov 2019 23:04:21 +0800 Subject: Fix typo in path of personal timeline controller actions. Add timeline permission test. --- .../Authentication/AuthenticationExtensions.cs | 19 +++++++ .../IntegratedTests/IntegratedTestBase.cs | 27 ++++++++++ .../IntegratedTests/PersonalTimelineTest.cs | 62 ++++++++++++++++++++++ Timeline/Controllers/PersonalTimelineController.cs | 8 +-- Timeline/Startup.cs | 2 + Timeline/Timeline.csproj | 10 ++-- 6 files changed, 120 insertions(+), 8 deletions(-) create mode 100644 Timeline.Tests/IntegratedTests/IntegratedTestBase.cs create mode 100644 Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline.Tests/Helpers/Authentication/AuthenticationExtensions.cs b/Timeline.Tests/Helpers/Authentication/AuthenticationExtensions.cs index 34d7e460..6a78be7a 100644 --- a/Timeline.Tests/Helpers/Authentication/AuthenticationExtensions.cs +++ b/Timeline.Tests/Helpers/Authentication/AuthenticationExtensions.cs @@ -1,5 +1,6 @@ using Microsoft.AspNetCore.Mvc.Testing; using Newtonsoft.Json; +using System; using System.Net.Http; using System.Threading.Tasks; using Timeline.Models.Http; @@ -7,6 +8,13 @@ using Timeline.Tests.Mock.Data; namespace Timeline.Tests.Helpers.Authentication { + public enum AuthType + { + None, + User, + Admin + } + public static class AuthenticationExtensions { private const string CreateTokenUrl = "/token/create"; @@ -36,5 +44,16 @@ namespace Timeline.Tests.Helpers.Authentication { return factory.CreateClientWithCredential(MockUser.Admin.Username, MockUser.Admin.Password); } + + public static Task CreateClientAs(this WebApplicationFactory factory, AuthType authType) where T : class + { + return authType switch + { + AuthType.None => Task.FromResult(factory.CreateDefaultClient()), + AuthType.User => factory.CreateClientAsUser(), + AuthType.Admin => factory.CreateClientAsAdmin(), + _ => throw new InvalidOperationException("Unknown auth type.") + }; + } } } diff --git a/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs b/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs new file mode 100644 index 00000000..c4d72faf --- /dev/null +++ b/Timeline.Tests/IntegratedTests/IntegratedTestBase.cs @@ -0,0 +1,27 @@ +using Microsoft.AspNetCore.Mvc.Testing; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Threading.Tasks; +using Timeline.Tests.Helpers; +using Xunit; + +namespace Timeline.Tests.IntegratedTests +{ + public abstract class IntegratedTestBase : IClassFixture>, IDisposable + { + protected TestApplication TestApp { get; } + + protected WebApplicationFactory Factory => TestApp.Factory; + + public IntegratedTestBase(WebApplicationFactory factory) + { + TestApp = new TestApplication(factory); + } + + public virtual void Dispose() + { + TestApp.Dispose(); + } + } +} diff --git a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs new file mode 100644 index 00000000..9629fc0a --- /dev/null +++ b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs @@ -0,0 +1,62 @@ +using FluentAssertions; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc.Testing; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net.Http; +using System.Text.Json; +using System.Threading.Tasks; +using Timeline.Models.Http; +using Timeline.Tests.Helpers; +using Timeline.Tests.Helpers.Authentication; +using Xunit; + +namespace Timeline.Tests.IntegratedTests +{ + public class PersonalTimelineTest : IntegratedTestBase + { + public PersonalTimelineTest(WebApplicationFactory factory) + : base(factory) + { + + } + + [Theory] + [InlineData(AuthType.None, 200, 401, 401, 401, 401)] + [InlineData(AuthType.User, 200, 200, 403, 200, 403)] + [InlineData(AuthType.Admin, 200, 200, 200, 200, 200)] + public async Task Permission_Timeline(AuthType authType, int get, int opPropertyUser, int opPropertyAdmin, int opMemberUser, int opMemberAdmin) + { + using var client = await Factory.CreateClientAs(authType); + { + var res = await client.GetAsync("users/user/timeline"); + res.Should().HaveStatusCode(get); + } + + { + var res = await client.PostAsJsonAsync("users/user/timeline/op/property", + new TimelinePropertyChangeRequest { Description = "hahaha" }); + res.Should().HaveStatusCode(opPropertyUser); + } + + { + var res = await client.PostAsJsonAsync("users/admin/timeline/op/property", + new TimelinePropertyChangeRequest { Description = "hahaha" }); + res.Should().HaveStatusCode(opPropertyAdmin); + } + + { + var res = await client.PostAsJsonAsync("users/user/timeline/op/member", + new TimelineMemberChangeRequest { Add = new List { "admin" } }); + res.Should().HaveStatusCode(opMemberUser); + } + + { + var res = await client.PostAsJsonAsync("users/admin/timeline/op/member", + new TimelineMemberChangeRequest { Add = new List { "user" } }); + res.Should().HaveStatusCode(opMemberAdmin); + } + } + } +} diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index af6a70f8..88f5ba00 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -87,7 +87,7 @@ namespace Timeline.Controllers return await _service.GetPosts(username); } - [HttpPost("user/{username}/timeline/postop/create")] + [HttpPost("users/{username}/timeline/postop/create")] [Authorize] [CatchTimelineNotExistException] public async Task> PostOperationCreate([FromRoute][Username] string username, [FromBody] TimelinePostCreateRequest body) @@ -102,7 +102,7 @@ namespace Timeline.Controllers return res; } - [HttpPost("user/{username}/timeline/postop/delete")] + [HttpPost("users/{username}/timeline/postop/delete")] [Authorize] [CatchTimelineNotExistException] public async Task PostOperationDelete([FromRoute][Username] string username, [FromBody] TimelinePostDeleteRequest body) @@ -126,7 +126,7 @@ namespace Timeline.Controllers return Ok(); } - [HttpPost("user/{username}/timeline/op/property")] + [HttpPost("users/{username}/timeline/op/property")] [Authorize] [SelfOrAdmin] [CatchTimelineNotExistException] @@ -136,7 +136,7 @@ namespace Timeline.Controllers return Ok(); } - [HttpPost("user/{username}/timeline/op/member")] + [HttpPost("users/{username}/timeline/op/member")] [Authorize] [SelfOrAdmin] [CatchTimelineNotExistException] diff --git a/Timeline/Startup.cs b/Timeline/Startup.cs index f6abf36d..b2e958f9 100644 --- a/Timeline/Startup.cs +++ b/Timeline/Startup.cs @@ -71,6 +71,8 @@ namespace Timeline services.AddUserAvatarService(); services.AddScoped(); + services.AddScoped(); + var databaseConfig = Configuration.GetSection(nameof(DatabaseConfig)).Get(); services.AddDbContext(options => diff --git a/Timeline/Timeline.csproj b/Timeline/Timeline.csproj index 7e1dd4ef..6b4a2d6e 100644 --- a/Timeline/Timeline.csproj +++ b/Timeline/Timeline.csproj @@ -8,6 +8,12 @@ 8.0 enable + + + + + + @@ -174,8 +180,4 @@ UserService.Designer.cs - - - - -- cgit v1.2.3 From eb35c608b3d73db2cd819a8280fa1cdce1f59dc2 Mon Sep 17 00:00:00 2001 From: crupest Date: Wed, 20 Nov 2019 00:32:32 +0800 Subject: Add delete nonexist post test, and fix the bug. --- Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs | 7 +++++++ Timeline/Controllers/PersonalTimelineController.cs | 12 ++++++------ 2 files changed, 13 insertions(+), 6 deletions(-) (limited to 'Timeline/Controllers/PersonalTimelineController.cs') diff --git a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs index 9dae4c3e..43549d1a 100644 --- a/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs +++ b/Timeline.Tests/IntegratedTests/PersonalTimelineTest.cs @@ -441,6 +441,13 @@ namespace Timeline.Tests.IntegratedTests new TimelinePostDeleteRequest { Id = createRes.Id }); res.Should().HaveStatusCode(200); } + { + var res = await client.PostAsJsonAsync("users/user/timeline/postop/delete", + new TimelinePostDeleteRequest { Id = 30000 }); + res.Should().HaveStatusCode(400) + .And.HaveCommonBody() + .Which.Code.Should().Be(ErrorCodes.Http.Timeline.PostOperationDeleteNotExist); + } { var res = await client.GetAsync("users/user/timeline/posts"); res.Should().HaveStatusCode(200) diff --git a/Timeline/Controllers/PersonalTimelineController.cs b/Timeline/Controllers/PersonalTimelineController.cs index 88f5ba00..c864ed39 100644 --- a/Timeline/Controllers/PersonalTimelineController.cs +++ b/Timeline/Controllers/PersonalTimelineController.cs @@ -107,14 +107,14 @@ namespace Timeline.Controllers [CatchTimelineNotExistException] public async Task PostOperationDelete([FromRoute][Username] string username, [FromBody] TimelinePostDeleteRequest body) { - var postId = body.Id!.Value; - if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!)) - { - return StatusCode(StatusCodes.Status403Forbidden, - new CommonResponse(ErrorCodes.Http.Timeline.PostOperationDeleteForbid, MessagePostOperationCreateForbid)); - } try { + var postId = body.Id!.Value; + if (!IsAdmin() && !await _service.HasPostModifyPermission(username, postId, GetAuthUsername()!)) + { + return StatusCode(StatusCodes.Status403Forbidden, + new CommonResponse(ErrorCodes.Http.Timeline.PostOperationDeleteForbid, MessagePostOperationCreateForbid)); + } await _service.DeletePost(username, postId); } catch (TimelinePostNotExistException) -- cgit v1.2.3