aboutsummaryrefslogtreecommitdiff
path: root/Timeline/Controllers/UserController.cs
blob: d2708eeb91f796191e113034fa453c3912be5ad1 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Threading.Tasks;
using Timeline.Entities;
using Timeline.Services;

namespace Timeline.Controllers
{
    public class UserController : Controller
    {
        private readonly IUserService _userService;

        public UserController(IUserService userService)
        {
            _userService = userService;
        }

        [HttpGet("users"), Authorize(Roles = "admin")]
        public async Task<ActionResult<UserInfo[]>> List()
        {
            return Ok(await _userService.ListUsers());
        }

        [HttpGet("user/{username}"), Authorize]
        public async Task<IActionResult> Get([FromRoute] string username)
        {
            var user = await _userService.GetUser(username);
            if (user == null)
            {
                return NotFound();
            }
            return Ok(user);
        }

        [HttpPut("user/{username}"), Authorize(Roles = "admin")]
        public async Task<IActionResult> Put([FromBody] UserModifyRequest request, [FromRoute] string username)
        {
            var result = await _userService.PutUser(username, request.Password, request.Roles);
            switch (result)
            {
                case PutUserResult.Created:
                    return CreatedAtAction("Get", new { username }, UserPutResponse.Created);
                case PutUserResult.Modified:
                    return Ok(UserPutResponse.Modified);
                default:
                    throw new Exception("Unreachable code.");
            }
        }

        [HttpPatch("user/{username}"), Authorize]
        public async Task<IActionResult> Patch([FromBody] UserModifyRequest request, [FromRoute] string username)
        {
            if (User.IsInRole("admin"))
            {
                var result = await _userService.PatchUser(username, request.Password, request.Roles);
                switch (result)
                {
                    case PatchUserResult.Success:
                        return Ok();
                    case PatchUserResult.NotExists:
                        return NotFound();
                    default:
                        throw new Exception("Unreachable code.");
                }
            }
            else
            {
                if (User.Identity.Name != username)
                    return StatusCode(403, new MessageResponse("Can't patch other user when you are not admin."));
                if (request.Roles != null)
                    return StatusCode(403, new MessageResponse("Can't patch roles when you are not admin."));

                var result = await _userService.PatchUser(username, request.Password, null);
                switch (result)
                {
                    case PatchUserResult.Success:
                        return Ok();
                    case PatchUserResult.NotExists:
                        return NotFound(new MessageResponse("This username no longer exists. Please update your token."));
                    default:
                        throw new Exception("Unreachable code.");
                }
            }
        }

        [HttpDelete("user/{username}"), Authorize(Roles = "admin")]
        public async Task<ActionResult<UserDeleteResponse>> Delete([FromRoute] string username)
        {
            var result = await _userService.DeleteUser(username);
            switch (result)
            {
                case DeleteUserResult.Success:
                    return Ok(UserDeleteResponse.Success);
                case DeleteUserResult.NotExists:
                    return Ok(UserDeleteResponse.NotExists);
                default:
                    throw new Exception("Uncreachable code.");
            }
        }
    }
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-29 04:08:56 +0000