aboutsummaryrefslogtreecommitdiff
path: root/Timeline/Controllers/UserController.cs
blob: a18e36e927ee9ae40660dc9893784d543a652b21 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
using System.IO;
using System.Threading.Tasks;
using Timeline.Entities;
using Timeline.Entities.Http;
using Timeline.Services;

namespace Timeline.Controllers
{
    public class UserController : Controller
    {
        private readonly IUserService _userService;

        public UserController(IUserService userService)
        {
            _userService = userService;
        }

        [HttpGet("users"), Authorize(Roles = "admin")]
        public async Task<ActionResult<UserInfo[]>> List()
        {
            return Ok(await _userService.ListUsers());
        }

        [HttpGet("user/{username}"), Authorize]
        public async Task<IActionResult> Get([FromRoute] string username)
        {
            var user = await _userService.GetUser(username);
            if (user == null)
            {
                return NotFound();
            }
            return Ok(user);
        }

        [HttpPut("user/{username}"), Authorize(Roles = "admin")]
        public async Task<IActionResult> Put([FromBody] UserModifyRequest request, [FromRoute] string username)
        {
            var result = await _userService.PutUser(username, request.Password, request.Roles);
            switch (result)
            {
                case PutUserResult.Created:
                    return CreatedAtAction("Get", new { username }, UserPutResponse.Created);
                case PutUserResult.Modified:
                    return Ok(UserPutResponse.Modified);
                default:
                    throw new Exception("Unreachable code.");
            }
        }

        [HttpPatch("user/{username}"), Authorize(Roles = "admin")]
        public async Task<IActionResult> Patch([FromBody] UserModifyRequest request, [FromRoute] string username)
        {
            var result = await _userService.PatchUser(username, request.Password, request.Roles);
            switch (result)
            {
                case PatchUserResult.Success:
                    return Ok();
                case PatchUserResult.NotExists:
                    return NotFound();
                default:
                    throw new Exception("Unreachable code.");
            }
        }

        [HttpDelete("user/{username}"), Authorize(Roles = "admin")]
        public async Task<IActionResult> Delete([FromRoute] string username)
        {
            var result = await _userService.DeleteUser(username);
            switch (result)
            {
                case DeleteUserResult.Deleted:
                    return Ok(UserDeleteResponse.Deleted);
                case DeleteUserResult.NotExists:
                    return Ok(UserDeleteResponse.NotExists);
                default:
                    throw new Exception("Uncreachable code.");
            }
        }

        [HttpGet("user/{username}/avatar"), Authorize]
        public async Task<IActionResult> GetAvatar([FromRoute] string username)
        {
            var url = await _userService.GetAvatarUrl(username);
            if (url == null)
                return NotFound();
            return Redirect(url);
        }

        [HttpPut("user/{username}/avatar"), Authorize]
        [Consumes("image/png", "image/gif", "image/jpeg", "image/svg+xml")]
        public async Task<IActionResult> PutAvatar([FromRoute] string username, [FromHeader(Name="Content-Type")] string contentType)
        {
            bool isAdmin = User.IsInRole("admin");
            if (!isAdmin)
            {
                if (username != User.Identity.Name)
                    return StatusCode(StatusCodes.Status403Forbidden, PutAvatarResponse.Forbidden);
            }

            var stream = new MemoryStream();
            await Request.Body.CopyToAsync(stream);
            var result = await _userService.PutAvatar(username, stream.ToArray(), contentType);
            switch (result)
            {
                case PutAvatarResult.Success:
                    return Ok(PutAvatarResponse.Success);
                case PutAvatarResult.UserNotExists:
                    return BadRequest(PutAvatarResponse.NotExists);
                default:
                    throw new Exception("Unknown put avatar result.");
            }
        }


        [HttpPost("userop/changepassword"), Authorize]
        public async Task<IActionResult> ChangePassword([FromBody] ChangePasswordRequest request)
        {
            var result = await _userService.ChangePassword(User.Identity.Name, request.OldPassword, request.NewPassword);
            switch (result)
            {
                case ChangePasswordResult.Success:
                    return Ok(ChangePasswordResponse.Success);
                case ChangePasswordResult.BadOldPassword:
                    return Ok(ChangePasswordResponse.BadOldPassword);
                case ChangePasswordResult.NotExists:
                    return Ok(ChangePasswordResponse.NotExists);
                default:
                    throw new Exception("Uncreachable code.");
            }
        }
    }
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-28 23:14:45 +0000