private bool ValidateRequest(UserReportRequest req)
{
if (req.ReportingUserId <= 0)
{
return(false);
}
if (req.LoginToken == null || req.LoginToken.Equals("") || req.LoginToken.Equals("x''"))
{
return(false);
}
if (req.AuthToken == null || req.AuthToken.Equals("") || req.AuthToken.Equals("x''"))
{
return(false);
}
return(!(req.ReportedDisplayName == null || req.ReportedDisplayName.Equals("")));
}
/// <summary>
/// Request for reporting a user's display name. Documention is found in the Web API Enumeration file
/// in the /User/Report tab, starting at row 1
/// </summary>
/// <param name="ctx">The HttpListenerContext to respond to</param>
private void HandlePostRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body");
return;
}
UserReportRequest req = JsonDataObjectUtil <UserReportRequest> .ParseObject(ctx);
if (req == null)
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format");
return;
}
if (!ValidateRequest(req))
{
WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
return;
}
#region User Validation
var user = connection.GetUserById(req.ReportingUserId);
if (user == null)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server");
return;
}
if (!UserVerificationUtil.LoginTokenValid(user, req.LoginToken))
{
WriteBodyResponse(ctx, 401, "Unauthorized", "Login Token was expired or incorrect");
return;
}
if (!UserVerificationUtil.AuthTokenValid(user, req.AuthToken))
{
WriteBodyResponse(ctx, 401, "Unauthorized", "Auth Token was expired or incorrect");
return;
}
#endregion
#region Action Handling
var users = connection.GetUsersWhere("Settings like \"%Value\\\":\\\"" + req.ReportedDisplayName + "%\"");
if (users == null)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message);
return;
}
foreach (OverallUser reportedUser in users)
{
reportedUser.UpdateSettings(UserSettingsEntryKeys.DisplayName, "Default User " + reportedUser.UserId);
connection.UpdateUsersSettings(reportedUser);
}
WriteBodylessResponse(ctx, 200, "OK");
#endregion
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
}
}
