using AutoMapper; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using System; using System.Collections.Generic; using System.Globalization; using System.Linq; using System.Threading.Tasks; using Timeline.Entities; using Timeline.Models.Http; using Timeline.Models.Validation; using static Timeline.Resources.Services.TimelineService; namespace Timeline.Services { ///

/// This define the common interface of both personal timeline /// and normal timeline. ///

/// /// The "name" parameter in method means name of timeline in /// while username of the owner /// of the personal timeline in . /// public interface IBaseTimelineService { ///

/// Get all the posts in the timeline. ///

/// Username or the timeline name. See remarks of . /// A list of all posts. /// Thrown when is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// Task> GetPosts(string name); ///

/// Create a new post in timeline. ///

/// Username or the timeline name. See remarks of . /// The author's id. /// The content. /// The time of the post. If null, then use current time. /// The info of the created post. /// Thrown when or is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// Thrown if user with does not exist. Task CreatePost(string name, long authorId, string content, DateTime? time); ///

/// Delete a post ///

/// Username or the timeline name. See remarks of . /// The id of the post to delete. /// Thrown when or is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// /// Thrown when the post with given id does not exist or is deleted already. /// /// /// First use /// to check the permission. /// Task DeletePost(string name, long id); ///

/// Set the properties of a timeline. ///

/// Username or the timeline name. See remarks of . /// The new properties. Null member means not to change. /// Thrown when or is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// Task ChangeProperty(string name, TimelinePatchRequest newProperties); ///

/// Remove members to a timeline. ///

/// Username or the timeline name. See remarks of . /// A list of usernames of members to add. May be null. /// A list of usernames of members to remove. May be null. /// Thrown when is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// Thrown when names in or is not a valid username. /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// /// Thrown when one of the user to change does not exist. /// /// /// Operating on a username that is of bad format or does not exist always throws. /// Add a user that already is a member has no effects. /// Remove a user that is not a member also has not effects. /// Add and remove an identical user results in no effects. /// More than one same usernames are regarded as one. /// Task ChangeMember(string name, IList? add, IList? remove); ///

/// Verify whether a visitor has the permission to read a timeline. ///

/// Username or the timeline name. See remarks of . /// The id of the user to check on. Null means visitor without account. /// True if can read, false if can't read. /// Thrown when is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// /// This method does not check whether visitor is administrator. /// Return false if user with visitor id does not exist. /// Task HasReadPermission(string name, long? visitorId); ///

/// Verify whether a user has the permission to modify a post. ///

/// Username or the timeline name. See remarks of . /// The id of the user to check on. /// True if can modify, false if can't modify. /// Thrown when is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// /// Thrown when the post with given id does not exist or is deleted already. /// /// /// This method does not check whether the user is administrator. /// It only checks whether he is the author of the post or the owner of the timeline. /// Return false when user with modifier id does not exist. /// Task HasPostModifyPermission(string name, long id, long modifierId); ///

/// Verify whether a user is member of a timeline. ///

/// Username or the timeline name. See remarks of . /// The id of user to check on. /// True if it is a member, false if not. /// Thrown when is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// /// Timeline owner is also considered as a member. /// Return false when user with user id does not exist. /// Task IsMemberOf(string name, long userId); } ///

/// Service for normal timeline. ///

public interface ITimelineService : IBaseTimelineService { ///

/// Get the timeline info. ///

/// The name of the timeline. /// The timeline info. /// Thrown when is null. /// /// Thrown when timeline name is invalid. Currently it means it is an empty string. /// /// /// Thrown when timeline with the name does not exist. /// Task GetTimeline(string name); ///

/// Create a timeline. ///

/// The name of the timeline. /// The id of owner of the timeline. /// Thrown when or is null. /// Thrown when timeline name is invalid. Currently it means it is an empty string. /// Thrown when the timeline already exists. /// Thrown when the owner user does not exist. Task CreateTimeline(string name, long owner); } public interface IPersonalTimelineService : IBaseTimelineService { ///

/// Get the timeline info. ///

/// The username of the owner of the personal timeline. /// The timeline info. /// /// Thrown when is null. /// /// /// Thrown when is of bad format. /// /// /// Thrown when the user does not exist. Inner exception MUST be . /// Task GetTimeline(string username); } public abstract class BaseTimelineService : IBaseTimelineService { protected BaseTimelineService(ILoggerFactory loggerFactory, DatabaseContext database, IUserService userService, IMapper mapper, IClock clock) { Clock = clock; Database = database; UserService = userService; Mapper = mapper; } protected IClock Clock { get; } protected UsernameValidator UsernameValidator { get; } = new UsernameValidator(); protected DatabaseContext Database { get; } protected IUserService UserService { get; } protected IMapper Mapper { get; } ///

/// Find the timeline id by the name. /// For details, see remarks. ///

/// The username or the timeline name. See remarks. /// The id of the timeline entity. /// Thrown when is null. /// Thrown when is illegal. It is not a valid timeline name (for normal timeline service) or a valid username (for personal timeline service). /// /// Thrown when timeline does not exist. /// For normal timeline, it means the name does not exist. /// For personal timeline, it means the user of that username does not exist /// and the inner exception should be a . /// /// /// This is the common but different part for both types of timeline service. /// For class that implements , this method should /// find the timeline entity id by the given as the username of the owner. /// For class that implements , this method should /// find the timeline entity id by the given as the timeline name. /// This method should be called by many other method that follows the contract. /// protected abstract Task FindTimelineId(string name); public async Task> GetPosts(string name) { if (name == null) throw new ArgumentNullException(nameof(name)); var timelineId = await FindTimelineId(name); var postEntities = await Database.TimelinePosts.OrderBy(p => p.Time).Where(p => p.TimelineId == timelineId && p.Content != null).ToListAsync(); var posts = new List(); foreach (var entity in postEntities) { if (entity.Content != null) // otherwise it is deleted { var author = Mapper.Map(await UserService.GetUserById(entity.AuthorId)); posts.Add(new TimelinePostInfo { Id = entity.Id, Content = entity.Content, Author = author, Time = entity.Time, LastUpdated = entity.LastUpdated }); } } return posts; } public async Task CreatePost(string name, long authorId, string content, DateTime? time) { if (name == null) throw new ArgumentNullException(nameof(name)); if (content == null) throw new ArgumentNullException(nameof(content)); var timelineId = await FindTimelineId(name); var author = Mapper.Map(await UserService.GetUserById(authorId)); var currentTime = Clock.GetCurrentTime(); var finalTime = time ?? currentTime; var postEntity = new TimelinePostEntity { Content = content, AuthorId = authorId, TimelineId = timelineId, Time = finalTime, LastUpdated = currentTime }; Database.TimelinePosts.Add(postEntity); await Database.SaveChangesAsync(); return new TimelinePostInfo { Id = postEntity.Id, Content = content, Author = author, Time = finalTime, LastUpdated = currentTime }; } public async Task DeletePost(string name, long id) { if (name == null) throw new ArgumentNullException(nameof(name)); var post = await Database.TimelinePosts.Where(p => p.Id == id).SingleOrDefaultAsync(); if (post == null) throw new TimelinePostNotExistException(id); post.Content = null; post.LastUpdated = Clock.GetCurrentTime(); await Database.SaveChangesAsync(); } public async Task ChangeProperty(string name, TimelinePatchRequest newProperties) { if (name == null) throw new ArgumentNullException(nameof(name)); if (newProperties == null) throw new ArgumentNullException(nameof(newProperties)); var timelineId = await FindTimelineId(name); var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).SingleAsync(); if (newProperties.Description != null) { timelineEntity.Description = newProperties.Description; } if (newProperties.Visibility.HasValue) { timelineEntity.Visibility = newProperties.Visibility.Value; } await Database.SaveChangesAsync(); } public async Task ChangeMember(string name, IList? add, IList? remove) { if (name == null) throw new ArgumentNullException(nameof(name)); List? RemoveDuplicateAndCheckFormat(IList? list, string paramName) { if (list != null) { List result = new List(); var count = list.Count; for (var index = 0; index < count; index++) { var username = list[index]; if (result.Contains(username)) { continue; } var (validationResult, message) = UsernameValidator.Validate(username); if (!validationResult) throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, ExceptionChangeMemberUsernameBadFormat, index), nameof(paramName)); result.Add(username); } return result; } else { return null; } } var simplifiedAdd = RemoveDuplicateAndCheckFormat(add, nameof(add)); var simplifiedRemove = RemoveDuplicateAndCheckFormat(remove, nameof(remove)); // remove those both in add and remove if (simplifiedAdd != null && simplifiedRemove != null) { var usersToClean = simplifiedRemove.Where(u => simplifiedAdd.Contains(u)).ToList(); foreach (var u in usersToClean) { simplifiedAdd.Remove(u); simplifiedRemove.Remove(u); } } var timelineId = await FindTimelineId(name); async Task?> CheckExistenceAndGetId(List? list) { if (list == null) return null; List result = new List(); foreach (var username in list) { result.Add(await UserService.GetUserIdByUsername(username)); } return result; } var userIdsAdd = await CheckExistenceAndGetId(simplifiedAdd); var userIdsRemove = await CheckExistenceAndGetId(simplifiedRemove); if (userIdsAdd != null) { var membersToAdd = userIdsAdd.Select(id => new TimelineMemberEntity { UserId = id, TimelineId = timelineId }).ToList(); Database.TimelineMembers.AddRange(membersToAdd); } if (userIdsRemove != null) { var membersToRemove = await Database.TimelineMembers.Where(m => m.TimelineId == timelineId && userIdsRemove.Contains(m.UserId)).ToListAsync(); Database.TimelineMembers.RemoveRange(membersToRemove); } await Database.SaveChangesAsync(); } public async Task HasReadPermission(string name, long? visitorId) { if (name == null) throw new ArgumentNullException(nameof(name)); var timelineId = await FindTimelineId(name); var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).Select(t => new { t.Visibility }).SingleAsync(); if (timelineEntity.Visibility == TimelineVisibility.Public) return true; if (timelineEntity.Visibility == TimelineVisibility.Register && visitorId != null) return true; if (visitorId == null) { return false; } else { var memberEntity = await Database.TimelineMembers.Where(m => m.UserId == visitorId && m.TimelineId == timelineId).SingleOrDefaultAsync(); return memberEntity != null; } } public async Task HasPostModifyPermission(string name, long id, long modifierId) { if (name == null) throw new ArgumentNullException(nameof(name)); var timelineId = await FindTimelineId(name); var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).Select(t => new { t.OwnerId }).SingleAsync(); var postEntity = await Database.TimelinePosts.Where(p => p.Id == id).Select(p => new { p.AuthorId }).SingleOrDefaultAsync(); if (postEntity == null) throw new TimelinePostNotExistException(id); return timelineEntity.OwnerId == modifierId || postEntity.AuthorId == modifierId; } public async Task IsMemberOf(string name, long userId) { if (name == null) throw new ArgumentNullException(nameof(name)); var timelineId = await FindTimelineId(name); var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).Select(t => new { t.OwnerId }).SingleAsync(); if (userId == timelineEntity.OwnerId) return true; return await Database.TimelineMembers.AnyAsync(m => m.TimelineId == timelineId && m.UserId == userId); } } public class PersonalTimelineService : BaseTimelineService, IPersonalTimelineService { public PersonalTimelineService(ILoggerFactory loggerFactory, DatabaseContext database, IUserService userService, IMapper mapper, IClock clock) : base(loggerFactory, database, userService, mapper, clock) { } protected override async Task FindTimelineId(string name) { long userId; try { userId = await UserService.GetUserIdByUsername(name); } catch (ArgumentException e) { throw new ArgumentException(ExceptionFindTimelineUsernameBadFormat, nameof(name), e); } catch (UserNotExistException e) { throw new TimelineNotExistException(name, e); } var timelineEntity = await Database.Timelines.Where(t => t.OwnerId == userId && t.Name == null).Select(t => new { t.Id }).SingleOrDefaultAsync(); if (timelineEntity != null) { return timelineEntity.Id; } else { var newTimelineEntity = new TimelineEntity { Name = null, Description = null, OwnerId = userId, Visibility = TimelineVisibility.Register, CreateTime = Clock.GetCurrentTime(), }; Database.Timelines.Add(newTimelineEntity); await Database.SaveChangesAsync(); return newTimelineEntity.Id; } } public async Task GetTimeline(string username) { if (username == null) throw new ArgumentNullException(nameof(username)); var timelineId = await FindTimelineId(username); var timelineEntity = await Database.Timelines.Where(t => t.Id == timelineId).SingleAsync(); var timelineMemberEntities = await Database.TimelineMembers.Where(m => m.TimelineId == timelineId).Select(m => new { m.UserId }).ToListAsync(); var owner = Mapper.Map(await UserService.GetUserById(timelineEntity.OwnerId)); var members = new List(); foreach (var memberEntity in timelineMemberEntities) { members.Add(Mapper.Map(await UserService.GetUserById(memberEntity.UserId))); } return new BaseTimelineInfo { Description = timelineEntity.Description ?? "", Owner = owner, Visibility = timelineEntity.Visibility, Members = members }; } } }