1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using System;
using System.Threading.Tasks;
using Timeline.Authenticate;
using Timeline.Models.Http;
using Timeline.Services;
namespace Timeline.Controllers
{
[ApiController]
public class UserAvatarController : Controller
{
public static class ErrorCodes
{
public const int Get_UserNotExist = -1001;
public const int Put_UserNotExist = -2001;
public const int Put_Forbid = -2002;
public const int Delete_UserNotExist = -3001;
public const int Delete_Forbid = -3002;
}
private readonly ILogger<UserAvatarController> _logger;
private readonly IUserAvatarService _service;
public UserAvatarController(ILogger<UserAvatarController> logger, IUserAvatarService service)
{
_logger = logger;
_service = service;
}
[HttpGet("users/{username}/avatar")]
[Authorize]
public async Task<IActionResult> Get(string username)
{
try
{
var avatar = await _service.GetAvatar(username);
return File(avatar.Data, avatar.Type);
}
catch (UserNotExistException)
{
_logger.LogInformation($"Attempt to get a avatar of a non-existent user failed. Username: {username} .");
return NotFound(new CommonResponse(ErrorCodes.Get_UserNotExist, "User does not exist."));
}
}
[HttpPut("users/{username}/avatar")]
[Authorize]
[Consumes("image/png", "image/jpeg", "image/gif", "image/webp")]
public async Task<IActionResult> Put(string username)
{
if (!User.IsAdmin() && User.Identity.Name != username)
{
_logger.LogInformation($"Attempt to put a avatar of other user as a non-admin failed. Operator Username: {User.Identity.Name} ; Username To Put Avatar: {username} .");
return StatusCode(StatusCodes.Status403Forbidden,
new CommonResponse(ErrorCodes.Put_Forbid, "Normal user can't change other's avatar."));
}
try
{
var data = new byte[Convert.ToInt32(Request.ContentLength)];
await Request.Body.ReadAsync(data, 0, data.Length);
await _service.SetAvatar(username, new Avatar
{
Data = data,
Type = Request.ContentType
});
_logger.LogInformation($"Succeed to put a avatar of a user. Username: {username} ; Mime Type: {Request.ContentType} .");
return Ok();
}
catch (UserNotExistException)
{
_logger.LogInformation($"Attempt to put a avatar of a non-existent user failed. Username: {username} .");
return BadRequest(new CommonResponse(ErrorCodes.Put_UserNotExist, "User does not exist."));
}
}
[HttpDelete("users/{username}/avatar")]
[Authorize]
public async Task<IActionResult> Delete(string username)
{
if (!User.IsAdmin() && User.Identity.Name != username)
{
_logger.LogInformation($"Attempt to delete a avatar of other user as a non-admin failed. Operator Username: {User.Identity.Name} ; Username To Put Avatar: {username} .");
return StatusCode(StatusCodes.Status403Forbidden,
new CommonResponse(ErrorCodes.Delete_Forbid, "Normal user can't delete other's avatar."));
}
try
{
await _service.SetAvatar(username, null);
_logger.LogInformation($"Succeed to delete a avatar of a user. Username: {username} .");
return Ok();
}
catch (UserNotExistException)
{
_logger.LogInformation($"Attempt to delete a avatar of a non-existent user failed. Username: {username} .");
return BadRequest(new CommonResponse(ErrorCodes.Delete_UserNotExist, "User does not exist."));
}
}
}
}
|
