public async Task <MainCommentDTO> InsertMainCommentAsync(CommentCreationDTO commentCreationDTO) { Preconditions.NotNull(commentCreationDTO, nameof(commentCreationDTO)); if (!commentCreationDTO.IsMain) { throw new InvalidOperationException("Can not insert the SubComment into MainComment Table"); } var mainCommentEntity = _mapper.Map <MainComment>(commentCreationDTO); mainCommentEntity.ApplicationUserID = await _currentUserProvider.GetCurrentUserIDAsync(); var insertedMainComment = await _commentRepository.InsertMainCommentAsync(mainCommentEntity); return(_mapper.Map <MainCommentDTO>(insertedMainComment)); }
public async Task CheckManageAccess(int blogApplicationUserID) { bool isAdmin = await _currentUserProvider.IsCurrentUserAdmin(); int currentUserID = await _currentUserProvider.GetCurrentUserIDAsync(); if (!isAdmin && currentUserID != blogApplicationUserID) { throw new UserAccessException("Only admins or authors can manage blogs"); } }