Beispiel #1
0
 private static string GetSlug(BlogPostRequest blogPost)
 {
     return(blogPost.BlogPost.Title
            .Replace(' ', '-')
            .Replace("?", "")
            .Replace("&", "")
            .Replace("\'", "")
            .Replace("\"", "")
            .ToLower());
 }
Beispiel #2
0
 public async Task<IEnumerable<BlogPost>> GetAll(int pageSize, int pageIndex, int skip = 0)
 {
     var blogPostRequest = new BlogPostRequest
     {
         PageSize = pageSize,
         PageIndex = pageIndex,
         Skip = skip
     };
         
     return await this.controller.GetAll(blogPostRequest);
 }
        public async Task <IEnumerable <BlogPost> > GetAll(BlogPostRequest blogPostRequest)
        {
            var blogs = await this.blogPostRepository.Query()
                        .Include(r => r.Author)
                        .OrderByDescending(b => b.CreatedOn)
                        .ThenBy(b => b.Title)
                        .Skip(blogPostRequest.Skip + (blogPostRequest.PageIndex * blogPostRequest.PageSize))
                        .Take(blogPostRequest.PageSize)
                        .ToListAsync();

            return(this.mapper.Map <IEnumerable <BlogPost> >(blogs));
        }
Beispiel #4
0
        public async Task <IActionResult> Put([FromRoute] Guid id, [FromBody] BlogPostRequest blogPostRequest)
        {
            BlogPost blogPost = _ctx.BlogPosts.SingleOrDefault(bp => bp.Id == id);

            if (blogPost == null)
            {
                return(NotFound("Blog Post not found."));
            }
            var authorId = new Guid(HttpContext.User.FindFirst("authorId").Value);

            if (blogPost.AuthorId != authorId)
            {
                return(Forbid("Authenticated user cannot update this blog post."));
            }
            blogPost.Update(blogPostRequest.Title, blogPostRequest.Text);
            await _ctx.SaveChangesAsync();

            return(NoContent());
        }
Beispiel #5
0
        public async Task <IActionResult> Post([FromBody] BlogPostRequest blogPostRequest)
        {
            var authorId = new Guid(HttpContext.User.FindFirst("authorId").Value);

            blogPostRequest.Title = _sanitizer.Sanitize(blogPostRequest.Title); // Post value: <div onload=alert('xss')>Title</div>
            blogPostRequest.Text  = _sanitizer.Sanitize(blogPostRequest.Text);  // Post value: <script type="text/javascript">alert('text')</script>
            var blogPost = blogPostRequest.CreateBlogPost(authorId);
            await _ctx.BlogPosts.AddAsync(blogPost);

            await _ctx.SaveChangesAsync();

            var blogPostResponse = BlogPostResponse.FromBlogPost(
                _blogPostProtector.Protect(blogPost.Id.ToString()),
                blogPost,
                true
                );

            return(CreatedAtAction(nameof(Get), new { id = _blogPostProtector.Protect(blogPost.Id.ToString()) }, blogPostResponse));
        }
Beispiel #6
0
        public async Task <IActionResult> PostBlogPost([FromBody] BlogPostRequest blogPost)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var entity = new BlogPost
            {
                Title        = blogPost.BlogPost.Title,
                Description  = blogPost.BlogPost.Description,
                Body         = blogPost.BlogPost.Body,
                Slug         = GetSlug(blogPost),
                CreatedAt    = DateTime.Now,
                UpdatedAt    = DateTime.Now,
                BlogPostTags = new List <BlogPostTag>()
            };


            foreach (var item in blogPost.BlogPost.TagList)
            {
                var tag = _context.Tags.FirstOrDefault(t => t.Name == item);
                if (tag == null)
                {
                    tag = new Tag
                    {
                        Name = item
                    };
                    _context.Tags.Add(tag);
                }
                entity.BlogPostTags.Add(new BlogPostTag
                {
                    Tag = tag
                });
            }

            _context.BlogPosts.Add(entity);
            await _context.SaveChangesAsync();

            return(await GetBlogPost(entity.Slug));
        }
Beispiel #7
0

        
Beispiel #8
0
 public async Task <ActionResult <BlogPostModel> > UpdateBlogPostAsync([FromRoute] Guid blogPostId, [FromBody] BlogPostRequest blogPost)
 {
     return(NoContent());
 }
Beispiel #9
0
 public async Task <ActionResult <BlogPostModel> > CreateNewBlogPostAsync([FromBody] BlogPostRequest blogPost)
 {
     throw new NotImplementedException();
 }
 // POST api/blogposts
 public BlogPostRequest Post([FromBody] BlogPostRequest request)
 {
     return(request);
 }
Beispiel #11
0
        public async Task <IActionResult> PutBlogPost([FromRoute] string slug, [FromBody] BlogPostRequest blogPost)
        {
            var entity = _context.BlogPosts.Where(a => a.Slug == slug).FirstOrDefault();

            if (entity == null)
            {
                return(NotFound());
            }

            if (!String.IsNullOrEmpty(blogPost.BlogPost.Title))
            {
                entity.Title = blogPost.BlogPost.Title;
                entity.Slug  = GetSlug(blogPost);
            }

            if (!String.IsNullOrEmpty(blogPost.BlogPost.Description))
            {
                entity.Description = blogPost.BlogPost.Description;
            }

            if (!String.IsNullOrEmpty(blogPost.BlogPost.Body))
            {
                entity.Body = blogPost.BlogPost.Body;
            }

            if (blogPost.BlogPost.TagList != null)
            {
                var oldTags = _context.BlogPostTags.Where(a => a.BlogPost.Slug == entity.Slug).ToList();

                foreach (var item in oldTags.ToList())
                {
                    _context.BlogPostTags.Remove(item);
                }

                foreach (var item in blogPost.BlogPost.TagList)
                {
                    var tag = _context.Tags.FirstOrDefault(t => t.Name == item);
                    if (tag == null)
                    {
                        tag = new Tag
                        {
                            Name = item
                        };
                        _context.Tags.Add(tag);
                    }

                    _context.BlogPostTags.Add(new BlogPostTag
                    {
                        BlogPostId = entity.ID,
                        TagId      = tag.ID
                    });
                }
            }

            entity.UpdatedAt = DateTime.Now;

            try
            {
                await _context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                return(BadRequest("Desila se greška"));
            }

            return(await GetBlogPost(entity.Slug));
        }