public async Task <ResultResponse> IsInRole(int userId, params string[] roles)
{
try
{
var user = await _userRepository.GetAsync(userId);
if (user != null)
{
var roleIds = (await _userToRolesRepository.GetAsync($"where user_id = {userId}")).Select(x => x.role_id);
IEnumerable <string> roleNames = new List <string>();
if (roleIds.Count() > 0)
{
roleNames = (await _rolesRepository.GetAsync($"where id IN ({string.Join(", ", roleIds)})")).Select(x => x.name);
}
var isInRole = false;
foreach (var r in roleNames)
{
if (roles.Any(x => x.ToLower() == r.ToLower()))
{
isInRole = true;
break;
}
}
return(new ResultResponse(isSuccess: isInRole, statusCode: isInRole ? StatusCode.OK : StatusCode.NotFound));
}
return(ResultResponse.GetBadResponse(StatusCode.NotFound));
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { userId, roles }, GetType().Name, nameof(IsInRole));
return(ResultResponse.GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse <AdvertisementDto> > EditAdvertisementAsync(int id, AdvertisementEditDto dto)
{
try
{
var advertisement = await _advertisementsRepository.GetAsync(id);
if (advertisement == null)
{
return(ResultResponse <AdvertisementDto> .GetBadResponse(StatusCode.NotFound, "Объявление не найдено"));
}
advertisement.text = dto.Text;
advertisement.title = dto.Title;
advertisement.price = dto.Price;
advertisement.square = dto.Square;
advertisement.is_privatizated = dto.IsPrivatizated;
var edited = await _advertisementsRepository.UpdateAsync(advertisement);
if (edited != null)
{
var editedView = await _advertisementViewsRepository.GetAsync(edited.id);
var editedDto = _mapper.Map <AdvertisementDto>(editedView);
return(ResultResponse <AdvertisementDto> .GetSuccessResponse(editedDto));
}
else
{
return(ResultResponse <AdvertisementDto> .GetInternalServerErrorResponse("Произошла неизвестная ошибка при редактировании объявления"));
}
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { id, dto }, GetType().Name, nameof(EditAdvertisementAsync));
return(ResultResponse <AdvertisementDto> .GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse <IEnumerable <QuestionDto> > > GetQuestionListAsync(int userId)
{
try
{
var user = await _usersRepository.GetAsync(userId);
if (user == null)
{
return(ResultResponse <IEnumerable <QuestionDto> > .GetBadResponse(StatusCode.NotFound, "Пользователь не найден"));
}
var questionViews = await _questionsViewRepository.GetAsync("WHERE is_active = TRUE");
var questionMiddleDtos = _mapper.Map <IEnumerable <QuestionFullDto> >(questionViews); // Конвертируем в промежуточный ДТО
var questionDtos = _mapper.Map <IEnumerable <QuestionDto> >(questionMiddleDtos);
foreach (var q in questionDtos)
{
q.IsVoted = await IsUserVotedInQuestion(userId, q.Id);
}
return(ResultResponse <IEnumerable <QuestionDto> > .GetSuccessResponse(questionDtos));
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { userId }, GetType().Name, nameof(GetQuestionListAsync));
return(ResultResponse <IEnumerable <QuestionDto> > .GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse> DeleteMemberAsync(int userId)
{
try
{
var user = await _usersRepository.GetAsync(userId);
if (user != null)
{
user.is_government_member = false;
var updated = await _usersRepository.UpdateAsync(user);
if (updated == null)
{
return(ResultResponse.GetInternalServerErrorResponse());
}
return(ResultResponse.GetSuccessResponse());
}
else
{
return(ResultResponse.GetBadResponse(StatusCode.NotFound));
}
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { userId }, GetType().Name, nameof(DeleteMemberAsync));
return(ResultResponse.GetInternalServerErrorResponse());
}
}
public async Task<ResultResponse<PostGetDto>> CreatePostAsync(PostCreateDto dto, int creatorId)
{
try
{
var creator = await _usersRepository.GetAsync(creatorId);
if (creator == null)
{
return ResultResponse<PostGetDto>.GetBadResponse(StatusCode.NotFound, "Пользователь не найден");
}
var post = _mapper.Map<Post>(dto);
post.creator_id = creatorId;
post.created = DateTime.Now;
var added = await _postsRepository.AddAsync(post);
if (added == null)
{
return ResultResponse<PostGetDto>.GetBadResponse(StatusCode.InternalServerError, "Не удалось добавить пост");
}
var addedView = await _postsViewRepository.GetAsync(post.id);
var addedViewDto = _mapper.Map<PostGetDto>(addedView);
return ResultResponse<PostGetDto>.GetSuccessResponse(addedViewDto);
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { dto, creatorId }, GetType().Name, nameof(CreatePostAsync));
return ResultResponse<PostGetDto>.GetInternalServerErrorResponse();
}
}
public async Task <ResultResponse <DebtorFileDto> > AddDebtorFile([FromForm] DebtorFileCreateDto dto)
{
if (await IsInRole(Roles.Admin))
{
if (dto != null && ModelState.IsValid)
{
if (dto.File == null)
{
if (Request?.HasFormContentType == true && Request?.Form?.Files?.Count != 0)
{
dto.File = Request.Form.Files[0];
}
}
if (dto.File == null)
{
return(ResultResponse <DebtorFileDto> .GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest, "Необходимо передать файл"));
}
else
{
return(await _debtorFilesService.AddDebtorFileAsync(dto, UserId.Value));
}
}
return(ResultResponse <DebtorFileDto> .GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(ResultResponse <DebtorFileDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse> RemoveDebtorFileAsync(int id)
{
try
{
var debtorFile = await _debtorFilesRepository.GetAsync(id);
if (debtorFile == null)
{
return(ResultResponse.GetBadResponse(StatusCode.NotFound, "Не найден файл по этому идентификатору"));
}
debtorFile.is_active = false;
var updated = await _debtorFilesRepository.UpdateAsync(debtorFile);
if (updated != null)
{
return(ResultResponse.GetSuccessResponse());
}
else
{
return(ResultResponse.GetInternalServerErrorResponse());
}
}
catch (Exception ex)
{
_progressLogger.Error(ex, id, GetType().Name, nameof(RemoveDebtorFileAsync));
return(ResultResponse.GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse <LegislationDto> > AddAsync(LegislationCreateDto createDto, int creatorId)
{
try
{
var creator = await _usersRepository.GetAsync(creatorId);
if (creator == null)
{
return(ResultResponse <LegislationDto> .GetBadResponse(StatusCode.NotFound, "Пользователь с таким идентификатором не найден"));
}
var legislation = _mapper.Map <Legislation>(createDto);
legislation.creator_id = creatorId;
legislation.created = DateTime.Now;
var added = await _legislationsRepository.AddAsync(legislation);
if (added == null)
{
return(ResultResponse <LegislationDto> .GetInternalServerErrorResponse());
}
var newLegislationDto = _mapper.Map <LegislationDto>(added);
return(ResultResponse <LegislationDto> .GetSuccessResponse(newLegislationDto));
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { createDto, creatorId }, GetType().Name, nameof(AddAsync));
return(ResultResponse <LegislationDto> .GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse <UserDto> > EditAsync(int userId, UserEditDto dto)
{
try
{
var user = await _userRepository.GetAsync(userId);
if (user == null)
{
return(ResultResponse <UserDto> .GetBadResponse(StatusCode.NotFound, "Пользователь с таким id не найден"));
}
user.fname = dto.FName;
user.lname = dto.LName;
user.mname = dto.MName;
user.age = dto.Age;
user.address = dto.Address;
user.area_number = dto.AreaNumber;
var updated = await _userRepository.UpdateAsync(user);
if (updated == null)
{
return(ResultResponse <UserDto> .GetInternalServerErrorResponse());
}
var updatedDto = _mapper.Map <UserDto>(updated);
return(ResultResponse <UserDto> .GetSuccessResponse(updatedDto));
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { userId, dto }, GetType().Name, nameof(EditAsync));
return(ResultResponse <UserDto> .GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse> RegisterAsync(UserRegisterDto dto)
{
try
{
var user = (await _userRepository.GetAsync($"where lower(email) = lower('{dto.Email}')")).FirstOrDefault();
if (user != null)
{
return(ResultResponse.GetBadResponse(StatusCode.BadRequest, "Пользователь с таким Email уже зарегистрирован"));
}
var newUser = _mapper.Map <User>(dto);
newUser.registered = DateTime.Now;
newUser.salt = GenerateSalt();
newUser.password_hash = await _passwordHashService.GetPasswordHashWithSalt(dto.Password, newUser.salt);
var added = await _userRepository.AddAsync(newUser);
if (added != null)
{
return(ResultResponse.GetSuccessResponse());
}
else
{
return(ResultResponse.GetInternalServerErrorResponse());
}
}
catch (Exception ex)
{
_progressLogger.Error(ex, dto, GetType().Name, nameof(RegisterAsync));
return(ResultResponse.GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse> ChangePasswordAsync(int userId, ChangePasswordDto dto)
{
try
{
var user = await _userRepository.GetAsync(userId);
if (user == null)
{
return(ResultResponse.GetBadResponse(StatusCode.NotFound, "Пользователь с таким id не найден"));
}
var oldHash = user.password_hash;
var oldConfirmHash = await _passwordHashService.GetPasswordHashWithSalt(dto.OldPassword, user.salt);
if (oldHash == oldConfirmHash) // Если хеши равны, то и пароли равны (если не менялся алгоритм хеширования и соль)
{
var newHash = await _passwordHashService.GetPasswordHashWithSalt(dto.NewPassword, user.salt);
user.password_hash = newHash;
var updated = await _userRepository.UpdateAsync(user);
if (updated != null)
{
return(ResultResponse.GetSuccessResponse());
}
}
return(ResultResponse.GetBadResponse(StatusCode.BadRequest, "Неверный старый пароль"));
}
catch (Exception ex)
{
_progressLogger.Error(ex, userId, GetType().Name, nameof(ChangePasswordAsync));
return(ResultResponse.GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse> DeleteQuestion([FromRoute] int id)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
return(await _questionsService.RemoveQuestionAsync(id));
}
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <LegislationDto> > AddLegislation([FromBody] LegislationCreateDto createDto)
{
if (await IsInRole(Roles.Admin))
{
return(await _legislationService.AddAsync(createDto, UserId.Value));
}
return(ResultResponse <LegislationDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <string[]> > GetAccess()
{
if (IsAuthorized())
{
return(await _usersService.GetUserAccess(UserId.Value));
}
return(ResultResponse <string[]> .GetBadResponse(BussinesLogic.Models.StatusCode.Unauthorized));
}
public async Task <ResultResponse <UserDto> > AboutUser()
{
if (IsAuthorized())
{
return(await _usersService.GetAsync(UserId.Value));
}
return(ResultResponse <UserDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Unauthorized));
}
public async Task <ResultResponse <QuestionDto> > AddQuestion(QuestionCreateDto dto)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
return(await _questionsService.AddQuestionAsync(dto, UserId.Value));
}
return(ResultResponse <QuestionDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <IEnumerable <QuestionDto> > > GetQuestionList()
{
if (IsAuthorized())
{
return(await _questionsService.GetQuestionListAsync(UserId.Value));
}
return(ResultResponse <IEnumerable <QuestionDto> > .GetBadResponse(BussinesLogic.Models.StatusCode.Unauthorized));
}
public async Task <ResultResponse> DeleteMember([FromRoute] int legislationId)
{
if (await IsInRole(Roles.Admin))
{
return(await _legislationService.DeleteAsync(legislationId));
}
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse> Register(UserRegisterDto dto)
{
if (dto == null || !ModelState.IsValid)
{
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(await _usersService.RegisterAsync(dto));
}
public async Task <ResultResponse <QuestionDto> > VoteOnQuestion([FromRoute] int id, [FromBody] int voteId)
{
if (IsAuthorized())
{
return(await _questionsService.VoteAsync(id, voteId, UserId.Value));
}
return(ResultResponse <QuestionDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Unauthorized));
}
public async Task <ResultResponse> RemoveDocument([FromRoute] int id)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
return(await _advertisementsService.RemoveAdvertisementAsync(id));
}
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <string> > GetDefaultImage()
{
if (IsAuthorized())
{
return(await _valuePairsService.GetValueAsync(ValuePairsKeys.DefaultImagePath));
}
return(ResultResponse <string> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse> DeleteMember([FromBody] int userId)
{
if (await IsInRole(Roles.Admin))
{
return(await _governmentService.DeleteMemberAsync(userId));
}
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <JwtAuthorizationDto> > Login([FromBody] LoginPasswordDto dto)
{
if (dto == null || ModelState.IsValid == false)
{
return(ResultResponse <JwtAuthorizationDto> .GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(await _authService.LoginAsync(dto.Login, dto.Password));
}
public async Task <ResultResponse> RemoveDebtorFile([FromRoute] int id)
{
if (await IsInRole(Roles.Admin))
{
return(await _debtorFilesService.RemoveDebtorFileAsync(id));
}
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <DocumentDto> > AddDocumentAsync(DocumentCreateDto dto, int userId)
{
try
{
var uploader = await _usersRepository.GetAsync(userId);
if (uploader == null)
{
return(ResultResponse <DocumentDto> .GetBadResponse(StatusCode.NotFound, "Не найден пользователь"));
}
byte[] bytes = new byte[dto.File.Length];
using (var stream = dto.File.OpenReadStream())
{
await stream.ReadAsync(bytes, 0, (int)dto.File.Length);
}
var fileManager = new FileManager.Infrasructure.FileManager(
baseAddress: _configurationService.WebAppSettings.BaseAddress,
folder: _configurationService.UploadedFilesSettings.DocumentsFilesFolderRelativePath,
progressLogger: _progressLogger);
var uploadingResult = await fileManager.UploadFileAsync(new FileDto(dto.File.FileName, bytes),
new string[] { "png", "jpg", "gif", "jpeg", "bmp" });
if (uploadingResult.IsSuccess)
{
var document = await _documentsRepository.AddAsync(new Document
{
length = (int)dto.File.Length,
name = dto.Name,
native_name = dto.File.FileName,
path = uploadingResult.FilePath,
created = DateTime.Now,
creator_id = userId,
});
if (document != null)
{
var documentView = await _documentViewsRepository.GetAsync(document.id);
var documentDto = _mapper.Map <DocumentDto>(documentView);
return(ResultResponse <DocumentDto> .GetSuccessResponse(documentDto));
}
else
{
return(ResultResponse <DocumentDto> .GetInternalServerErrorResponse());
}
}
else
{
return(ResultResponse <DocumentDto> .GetInternalServerErrorResponse(uploadingResult.ErrorDescription));
}
}
catch (Exception ex)
{
_progressLogger.Error(ex, new { dto, userId }, GetType().Name, nameof(AddDocumentAsync));
return(ResultResponse <DocumentDto> .GetInternalServerErrorResponse());
}
}
public async Task <ResultResponse <AdvertisementDto> > EditAdvertisement([FromRoute] int id, [FromBody] AdvertisementEditDto dto)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
if (dto != null && ModelState.IsValid)
{
return(await _advertisementsService.EditAdvertisementAsync(id, dto));
}
return(ResultResponse <AdvertisementDto> .GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(ResultResponse <AdvertisementDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <AdvertisementDto> > AddAdvertisement([FromForm] AdvertisementCreateDto dto)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
if (dto != null && ModelState.IsValid)
{
return(await _advertisementsService.AddAdvertisementAsync(dto, UserId.Value));
}
return(ResultResponse <AdvertisementDto> .GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(ResultResponse <AdvertisementDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse <PostGetDto> > EditPost([FromRoute] int id, [FromBody] PostEditDto dto)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
if (dto == null || !ModelState.IsValid)
{
return(ResultResponse <PostGetDto> .GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(await _postsService.UpdatePostAsync(id, dto, UserId.Value));
}
return(ResultResponse <PostGetDto> .GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
public async Task <ResultResponse> DeletePost([FromRoute] int id)
{
if (await IsInRole(Roles.Admin, Roles.Moderator))
{
if (!ModelState.IsValid)
{
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.BadRequest));
}
return(await _postsService.DeletePostAsync(id));
}
return(ResultResponse.GetBadResponse(BussinesLogic.Models.StatusCode.Forbidden));
}
