Ejemplo n.º 1
0
        public async Task <IActionResult> Put([FromBody] EditUserRequest request)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            if (!await _userService.DoesUserExist(id: userId))
            {
                return(NotFound());
            }

            if (!await _userService.OldPasswordIsCorrect(userId, request))
            {
                return(BadRequest(Texts.PASSWORD_IS_NOT_CORRECT));
            }

            if (await _userService.EditUser(id: userId, request: request))
            {
                return(Ok());
            }

            return(StatusCode(statusCode: 500, value: Texts.ERROR_EDITING_THE_USER));
        }
Ejemplo n.º 2
0
        public async Task <ActionResult> LoginAsync([FromBody] Account account)
        {
            if (account is null)
            {
                return(BadRequest("Invalid client request"));
            }

            string jwtToken = await _authService.LoginAsync(account);

            if (jwtToken == string.Empty)
            {
                return(Unauthorized());
            }

            int accoundId = JWTUtility.GetIdFromToken(jwtToken);

            try
            {
                await _migService.RegisterOrRefreshGoogleDriveWebhook(accoundId);
            }
            catch (Exception)
            {
            }

            return(Ok(new { token = jwtToken }));
        }
Ejemplo n.º 3
0
        public IActionResult EditPost(PostPatch parameters)
        {
            var userID = JWTUtility.GetUserID(HttpContext);
            var role   = JWTUtility.GetRole(HttpContext);

            var post = (from posts in _context.Posts
                        where posts.Id == parameters.ID
                        select posts).Single();

            if (role != RoleType.Admin && post.Userid != userID)
            {
                return(BadRequest(new { error = "You do not have permission to edit this post" }));
            }

            if (parameters.Post.Count() > _maxPostCharacterCount)
            {
                return(BadRequest(new { error = "Your post has too many characters" }));
            }

            post.Editdate = DateTime.Now;
            post.Post     = parameters.Post;

            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 4
0
        public async Task <ActionResult <IEnumerable <Song> > > GetAllAsync()
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            var songs = await _songService.GetAllAsync(accountId);

            if (songs is null)
            {
                return(NotFound());
            }

            var result = new List <SongWeb>();

            foreach (var song in songs)
            {
                result.Add(new SongWeb()
                {
                    Id        = song.Id,
                    FileName  = song.FileName,
                    Name      = song.Name,
                    Author    = song.Author,
                    LengthSec = song.LengthSec,
                    Playlists = song.Playlists,
                    StorageID = song.StorageID
                });
            }

            return(Ok(result));
        }
Ejemplo n.º 5
0
        public async Task <IActionResult> DownloadRegister(int id)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            // Check is the register does belong to the user
            if (!await _registerService.DoesRegisterBelongToUser(userId, registerId: id))
            {
                return(BadRequest());
            }

            // IMPORTANT: At this time, only file downloads are allowed.
            // ToDo: Download a complete folder.
            var fileToSend = await _registerService.GetFile(userId, registerId : id);

            if (fileToSend == null)
            {
                return(BadRequest(Texts.ERROR_PREPARING_ELEMENT_TO_DOWNLOAD));
            }

            return(File(
                       fileContents: fileToSend.Bytes,
                       contentType: fileToSend.MimeType,
                       fileDownloadName: fileToSend.Name
                       ));
        }
Ejemplo n.º 6
0
        public IActionResult DeletePost(PostDelete parameters)
        {
            var userID = JWTUtility.GetUserID(HttpContext);
            var role   = JWTUtility.GetRole(HttpContext);

            var post = (from posts in _context.Posts
                        where posts.Id == parameters.ID
                        select posts).Single();

            if (role != RoleType.Admin && post.Userid != userID)
            {
                return(BadRequest(new { error = "You do not have permission to delete this post" }));
            }

            var comments = from cmts in _context.Comments
                           where cmts.Postid == parameters.ID
                           select cmts;

            var likes = from lks in _context.Likes
                        where lks.Postid == parameters.ID
                        select lks;

            _context.Likes.RemoveRange(likes);
            _context.Comments.RemoveRange(comments);
            _context.Posts.Remove(post);

            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 7
0
        public async Task <IActionResult> GetRegister(int id)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            // Check is the register does belong to the user
            if (!await _registerService.DoesRegisterBelongToUser(userId, registerId: id))
            {
                return(BadRequest());
            }

            var register = await _registerService.GetRegister(userId, registerId : id);

            if (register == null)
            {
                return(NotFound());
            }

            return(Ok(register));
        }
Ejemplo n.º 8
0
        public async Task <IActionResult> DeleteRegister(int id)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            // Check if the register with that Id belongs to the user.
            if (!await _registerService.DoesRegisterBelongToUser(userId, registerId: id))
            {
                return(BadRequest());
            }

            var registerDeleted = await _registerService.DeleteRegister(userId, registerId : id);

            if (registerDeleted == null)
            {
                return(StatusCode(statusCode: 500, value: Texts.ERROR_DELETING_ELEMENT));
            }

            return(Ok(registerDeleted));
        }
Ejemplo n.º 9
0
        public async Task <ActionResult> RegisterGoogleDrive(string gdCode)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            using var stream = new FileStream("googleDriveSecrets.json", FileMode.Open, FileAccess.Read);

            IAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
            {
                ClientSecretsStream = stream,
                Scopes    = _gdScopes,
                DataStore = _dataStore
            });

            var response = await flow.ExchangeCodeForTokenAsync(
                accountId.ToString(),
                gdCode,
                _config.GetValue <string>("GDRedirectURL"),
                CancellationToken.None
                );

            await _migService.GoogleDriveMigrationAsync(accountId);

            return(Ok());
        }
Ejemplo n.º 10
0
        public IActionResult PatchPassword(UpdateProfilePatch parameters)
        {
            if (parameters.New.Count() < 8)
            {
                return(BadRequest(new { error = "Password must be at least 8 characters long" }));
            }

            if (parameters.New != parameters.Confirm)
            {
                return(BadRequest(new { error = "Passwords do not match" }));
            }

            var userID = JWTUtility.GetUserID(HttpContext);

            var user = (from users in _context.Users
                        where users.Id == userID
                        select users).Single();

            if (!BCrypt.Net.BCrypt.Verify(parameters.Current, user.Hash))
            {
                return(BadRequest(new { error = "Current password incorrect" }));
            }

            var newHash = BCrypt.Net.BCrypt.HashPassword(parameters.New);

            user.Hash = newHash;
            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 11
0
        public async Task <ActionResult> GetFileByIdAsync(int id)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }
            var result = await _songService.GetFileByIdAsync(id, accountId);

            return(File(result, "audio/mpeg"));
        }
Ejemplo n.º 12
0
        public async Task <ActionResult <AccountWeb> > GetByIdAsync()
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            var result = await _accountService.GetByIdAsync(accountId);

            return(result is not null?Ok(result) : NotFound());
        }
Ejemplo n.º 13
0
        public async Task <ActionResult <string> > SignOutGoogleDrive()
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            await _authService.SignOutGoogleDrive(accountId);

            return(Ok());
        }
Ejemplo n.º 14
0
        public async Task <ActionResult> Put([FromBody] Playlist playlist)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            await _playlistService.PutAsync(playlist);

            return(Ok());
        }
Ejemplo n.º 15
0
        public async Task <ActionResult <IEnumerable <Playlist> > > GetAllAsync()
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            var result = await _playlistService.GetAllAsync(accountId);

            return(Ok(result));
        }
Ejemplo n.º 16
0
        public async Task <ActionResult <IEnumerable <Song> > > GetSongsById(int id)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest(null));
            }

            var result = await _playlistService.GetSongsByPlIdAsync(id);

            return(Ok(result));
        }
Ejemplo n.º 17
0
        public async Task <ActionResult> RegisterDropboxAsync(string dbxCode)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            using var client = new HttpClient();

            string dbxKeys = _authService.GetDropboxKeys();

            var dict = new Dictionary <string, string>();

            dict.Add("grant_type", "authorization_code");
            dict.Add("code", dbxCode);
            dict.Add("redirect_uri", _config.GetValue <string>("DropboxRedirectURL"));

            client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic", dbxKeys);

            var req = new HttpRequestMessage(HttpMethod.Post, "https://api.dropbox.com/1/oauth2/token")
            {
                Content = new FormUrlEncodedContent(dict)
            };

            var response = await client.SendAsync(req);

            if (!response.IsSuccessStatusCode)
            {
                return(BadRequest());
            }

            var resBody = await response.Content.ReadAsStringAsync();

            var db = JsonConvert.DeserializeObject <DbxOAuthResponse>(resBody);

            var json = new DropboxJson()
            {
                Cursor    = string.Empty,
                DropboxID = db.Account_id,
                JwtToken  = db.Access_token
            };

            await _authService.RegisterDropboxAsync(accountId, json);

            await _migService.DropboxMigrationAsync(accountId);

            return(Ok());
        }
Ejemplo n.º 18
0
        public async Task <ActionResult <Playlist> > GetByIdAsync(int plId)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            var pls = await _playlistService.GetAllAsync(accountId);

            var result = pls.FirstOrDefault(pls => pls.Id == plId);

            return(Ok(result));
        }
Ejemplo n.º 19
0
        public async Task <IActionResult> MoveRegister([FromBody] MoveRegisterRequest request)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            // Check if the register and destiny folder belong to the user.
            if (!await _registerService.DoesRegisterBelongToUser(userId, registerId: request.RegisterId) ||
                (request.DestinyFolderId.HasValue &&
                 !await _registerService.DoesFolderBelongToUser(userId, folderId: request.DestinyFolderId.Value)))
            {
                return(BadRequest());
            }

            // Check if the destiny folder is a sub folder of the origin folder
            if (request.DestinyFolderId.HasValue &&
                await _registerService.IsDestinyFolderASubFolderOfFolderToMove(folderToMoveId: request.RegisterId, destinyFolderId: request.DestinyFolderId.Value))
            {
                return(BadRequest(Texts.DESTINY_FOLDER_IS_SUB_FOLDER_OF_ORIGIN_FOLDER));
            }

            var nameOfRegister = await _registerService.GetNameOfRegister(registerId : request.RegisterId);

            if (nameOfRegister == null)
            {
                return(StatusCode(statusCode: 500, value: Texts.ERROR_MOVING_REGISTER));
            }

            // Check if the name of the register to move already exists in the destiny folder.
            if (await _registerService.DoesFileOrFolderAlreadyExist(userId, name: nameOfRegister, parentFolder: request.DestinyFolderId))
            {
                return(BadRequest(Texts.FILE_FOLDER_ALREADY_EXISTS_IN_DESTINY));
            }

            var registerChanged = await _registerService.MoveRegister(userId, request);

            if (registerChanged == null)
            {
                return(StatusCode(statusCode: 500, value: Texts.ERROR_MOVING_REGISTER));
            }

            return(Ok(registerChanged));
        }
Ejemplo n.º 20
0
        public IActionResult PostComment(CommentPost parameters)
        {
            var userID = JWTUtility.GetUserID(HttpContext);

            var comment = new Comments
            {
                Comment   = parameters.Comment,
                Userid    = userID,
                Postid    = parameters.PostID,
                Createdon = DateTime.Now
            };

            _context.Comments.Add(comment);
            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 21
0
        public IActionResult RemoveLike(LikesDelete parameters)
        {
            var userID = JWTUtility.GetUserID(HttpContext);

            var like = (from likes in _context.Likes
                        where likes.Userid == userID &&
                        likes.Postid == parameters.PostID
                        select likes).FirstOrDefault();

            if (like == null)
            {
                return(Ok()); // Ignore. Probably a UI problem.
            }
            _context.Likes.Remove(like);
            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 22
0
        public async Task <ActionResult> DeleteAsync(int sID)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            if (!await _songService.CanModifyAsync(accountId, sID))
            {
                return(Unauthorized());
            }

            await _songService.DeleteAsync(sID, accountId);

            return(Ok());
        }
Ejemplo n.º 23
0
        public async Task <ActionResult> DeleteAsync(int pID)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            if (!await _playlistService.CanModifyAsync(accountId, pID))
            {
                return(Unauthorized());
            }

            await _playlistService.RemoveAsync(pID);

            return(Ok());
        }
Ejemplo n.º 24
0
        public async Task <ActionResult> Put()
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            // Method cant handle parameter
            // This is a replacement
            using StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8);

            string json = await reader.ReadToEndAsync();

            if (json.Length <= 2)
            {
                return(BadRequest());
            }

            var parsedJson = json.Remove(json.Length - 1).Substring(json.IndexOf(':') + 1);

            var playlistsWatch = JsonConvert.DeserializeObject <List <PlaylistWatch> >(parsedJson);

            var playlists = new List <Playlist>();

            foreach (var plw in playlistsWatch)
            {
                playlists.Add(new Playlist()
                {
                    Id   = plw.Id,
                    Sync = plw.Sync
                });
            }

            if (playlists.Count == 0)
            {
                return(BadRequest());
            }

            await _playlistService.UpdateSyncAsync(playlists);

            return(Ok());
        }
Ejemplo n.º 25
0
        public IActionResult DeleteComment(CommentDelete parameters)
        {
            var userID = JWTUtility.GetUserID(HttpContext);
            var role   = JWTUtility.GetRole(HttpContext);

            var comment = (from comments in _context.Comments
                           where comments.Id == parameters.CommentID
                           select comments).Single();

            if (role != RoleType.Admin && comment.Userid != userID)
            {
                return(BadRequest(new { error = "You do not have permission to delete this post" }));
            }

            _context.Comments.Remove(comment);
            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 26
0
        public async Task <IActionResult> AddFolder([FromBody] AddFolderRequest request)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            if (request.ParentFolder != null)
            {
                // Check if the parent folder does belong to the user
                if (!await _registerService.DoesFolderBelongToUser(
                        userId, folderId: request.ParentFolder.Value))
                {
                    return(BadRequest());
                }
            }

            // Check if the folder name is valid
            if (!FileNameUtility.FileFolderNameIsValid(request.Name))
            {
                return(BadRequest(Texts.INVALID_FILE_NAME));
            }

            // Check if the folder does not exist
            if (await _registerService.DoesFileOrFolderAlreadyExist(userId, name: request.Name, parentFolder: request.ParentFolder))
            {
                return(BadRequest(Texts.FILE_FOLDER_ALREADY_EXISTS));
            }

            var folderAdded = await _registerService.AddFolder(userId, parentFolder : request.ParentFolder, request);

            if (folderAdded == null)
            {
                return(StatusCode(statusCode: 500, value: Texts.ERROR_CREATING_FOLDER));
            }

            return(Ok(folderAdded));
        }
Ejemplo n.º 27
0
        public IActionResult EditComment(CommentEditPatch parameters)
        {
            var userID = JWTUtility.GetUserID(HttpContext);
            var role   = JWTUtility.GetRole(HttpContext);

            var comment = (from comments in _context.Comments
                           where comments.Id == parameters.CommentID
                           select comments).Single();

            if (role != RoleType.Admin && comment.Userid != userID)
            {
                return(BadRequest(new { error = "You do not have permission to edit this post" }));
            }

            comment.Editdate = DateTime.Now;
            comment.Comment  = parameters.Comment;

            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 28
0
        public IActionResult SubmitPost([FromBody] PostPost post)
        {
            if (post.Post.Count() > _maxPostCharacterCount)
            {
                return(BadRequest());
            }

            var userID = JWTUtility.GetUserID(HttpContext);

            var newPost = new Posts()
            {
                Createdon = DateTime.Now,
                Userid    = userID,
                Post      = post.Post
            };

            _context.Posts.Add(newPost);
            _context.SaveChanges();

            return(Ok());
        }
Ejemplo n.º 29
0
        public async Task <ActionResult> DeleteRangeAsync([FromBody] List <int> sIDs)
        {
            int accountId = JWTUtility.GetIdFromRequestHeaders(Request.Headers);

            if (accountId == -1)
            {
                return(BadRequest());
            }

            foreach (var id in sIDs)
            {
                if (!await _songService.CanModifyAsync(accountId, id))
                {
                    return(Unauthorized());
                }
            }

            await _songService.DeleteRangeAsync(sIDs, accountId);

            return(Ok());
        }
Ejemplo n.º 30
0
        public async Task <IActionResult> ChangeRegisterName([FromBody] ChangeRegisterNameRequest request)
        {
            var userIdString = JWTUtility.GetUserId(User);

            if (userIdString == null)
            {
                return(BadRequest());
            }

            var userId = int.Parse(userIdString);

            // Check if the register does belong to the user.
            if (!await _registerService.DoesRegisterBelongToUser(userId, registerId: request.RegisterId))
            {
                return(BadRequest());
            }

            // Check if the new name is valid.
            if (!FileNameUtility.FileFolderNameIsValid(request.NewName))
            {
                return(BadRequest(Texts.INVALID_FILE_NAME));
            }

            // Check if the new name already exists in the parent folder.
            var parentFolderId = await _registerService.GetParentFolderForRegister(request.RegisterId);

            if (await _registerService.DoesFileOrFolderAlreadyExist(userId, name: request.NewName, parentFolder: parentFolderId))
            {
                return(BadRequest(Texts.FILE_FOLDER_ALREADY_EXISTS));
            }

            var registerChanged = await _registerService.ChangeRegisterName(userId, request);

            if (registerChanged == null)
            {
                return(StatusCode(statusCode: 500, value: Texts.ERROR_MODIFYING_REGISTER));
            }

            return(Ok(registerChanged));
        }