From 12f85448cde94d70d9030b757b09caa5e2f53061 Mon Sep 17 00:00:00 2001 From: crupest Date: Sun, 2 Feb 2020 22:37:47 +0800 Subject: ... --- Timeline/Services/TimelineService.cs | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'Timeline/Services/TimelineService.cs') diff --git a/Timeline/Services/TimelineService.cs b/Timeline/Services/TimelineService.cs index b031297e..991669ad 100644 --- a/Timeline/Services/TimelineService.cs +++ b/Timeline/Services/TimelineService.cs @@ -138,6 +138,26 @@ namespace Timeline.Services /// Task ChangeMember(string name, IList? add, IList? remove); + /// + /// Check whether a user can manage(change timeline info, member, ...) a timeline. + /// + /// + /// + /// True if the user can manage the timeline, otherwise false. + /// Thrown when is null. + /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). + /// + /// Thrown when timeline does not exist. + /// For normal timeline, it means the name does not exist. + /// For personal timeline, it means the user of that username does not exist + /// and the inner exception should be a . + /// + /// + /// This method does not check whether visitor is administrator. + /// Return false if user with user id does not exist. + /// + Task HasManagePermission(string name, long userId); + /// /// Verify whether a visitor has the permission to read a timeline. /// @@ -490,6 +510,17 @@ namespace Timeline.Services await Database.SaveChangesAsync(); } + public async Task HasManagePermission(string name, long userId) + { + if (name == null) + throw new ArgumentNullException(nameof(name)); + + var timelineId = await FindTimelineId(name); + var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).Select(t => new { t.OwnerId }).SingleAsync(); + + return userId == timelineEntity.OwnerId; + } + public async Task HasReadPermission(string name, long? visitorId) { if (name == null) -- cgit v1.2.3