private static string GetSlug(BlogPostRequest blogPost) { return(blogPost.BlogPost.Title .Replace(' ', '-') .Replace("?", "") .Replace("&", "") .Replace("\'", "") .Replace("\"", "") .ToLower()); }
public async Task<IEnumerable<BlogPost>> GetAll(int pageSize, int pageIndex, int skip = 0) { var blogPostRequest = new BlogPostRequest { PageSize = pageSize, PageIndex = pageIndex, Skip = skip }; return await this.controller.GetAll(blogPostRequest); }
public async Task <IEnumerable <BlogPost> > GetAll(BlogPostRequest blogPostRequest) { var blogs = await this.blogPostRepository.Query() .Include(r => r.Author) .OrderByDescending(b => b.CreatedOn) .ThenBy(b => b.Title) .Skip(blogPostRequest.Skip + (blogPostRequest.PageIndex * blogPostRequest.PageSize)) .Take(blogPostRequest.PageSize) .ToListAsync(); return(this.mapper.Map <IEnumerable <BlogPost> >(blogs)); }
public async Task <IActionResult> Put([FromRoute] Guid id, [FromBody] BlogPostRequest blogPostRequest) { BlogPost blogPost = _ctx.BlogPosts.SingleOrDefault(bp => bp.Id == id); if (blogPost == null) { return(NotFound("Blog Post not found.")); } var authorId = new Guid(HttpContext.User.FindFirst("authorId").Value); if (blogPost.AuthorId != authorId) { return(Forbid("Authenticated user cannot update this blog post.")); } blogPost.Update(blogPostRequest.Title, blogPostRequest.Text); await _ctx.SaveChangesAsync(); return(NoContent()); }
public async Task <IActionResult> Post([FromBody] BlogPostRequest blogPostRequest) { var authorId = new Guid(HttpContext.User.FindFirst("authorId").Value); blogPostRequest.Title = _sanitizer.Sanitize(blogPostRequest.Title); // Post value: <div onload=alert('xss')>Title</div> blogPostRequest.Text = _sanitizer.Sanitize(blogPostRequest.Text); // Post value: <script type="text/javascript">alert('text')</script> var blogPost = blogPostRequest.CreateBlogPost(authorId); await _ctx.BlogPosts.AddAsync(blogPost); await _ctx.SaveChangesAsync(); var blogPostResponse = BlogPostResponse.FromBlogPost( _blogPostProtector.Protect(blogPost.Id.ToString()), blogPost, true ); return(CreatedAtAction(nameof(Get), new { id = _blogPostProtector.Protect(blogPost.Id.ToString()) }, blogPostResponse)); }
public async Task <IActionResult> PostBlogPost([FromBody] BlogPostRequest blogPost) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var entity = new BlogPost { Title = blogPost.BlogPost.Title, Description = blogPost.BlogPost.Description, Body = blogPost.BlogPost.Body, Slug = GetSlug(blogPost), CreatedAt = DateTime.Now, UpdatedAt = DateTime.Now, BlogPostTags = new List <BlogPostTag>() }; foreach (var item in blogPost.BlogPost.TagList) { var tag = _context.Tags.FirstOrDefault(t => t.Name == item); if (tag == null) { tag = new Tag { Name = item }; _context.Tags.Add(tag); } entity.BlogPostTags.Add(new BlogPostTag { Tag = tag }); } _context.BlogPosts.Add(entity); await _context.SaveChangesAsync(); return(await GetBlogPost(entity.Slug)); }
public async Task <ActionResult <BlogPostModel> > UpdateBlogPostAsync([FromRoute] Guid blogPostId, [FromBody] BlogPostRequest blogPost) { return(NoContent()); }
public async Task <ActionResult <BlogPostModel> > CreateNewBlogPostAsync([FromBody] BlogPostRequest blogPost) { throw new NotImplementedException(); }
// POST api/blogposts public BlogPostRequest Post([FromBody] BlogPostRequest request) { return(request); }
public async Task <IActionResult> PutBlogPost([FromRoute] string slug, [FromBody] BlogPostRequest blogPost) { var entity = _context.BlogPosts.Where(a => a.Slug == slug).FirstOrDefault(); if (entity == null) { return(NotFound()); } if (!String.IsNullOrEmpty(blogPost.BlogPost.Title)) { entity.Title = blogPost.BlogPost.Title; entity.Slug = GetSlug(blogPost); } if (!String.IsNullOrEmpty(blogPost.BlogPost.Description)) { entity.Description = blogPost.BlogPost.Description; } if (!String.IsNullOrEmpty(blogPost.BlogPost.Body)) { entity.Body = blogPost.BlogPost.Body; } if (blogPost.BlogPost.TagList != null) { var oldTags = _context.BlogPostTags.Where(a => a.BlogPost.Slug == entity.Slug).ToList(); foreach (var item in oldTags.ToList()) { _context.BlogPostTags.Remove(item); } foreach (var item in blogPost.BlogPost.TagList) { var tag = _context.Tags.FirstOrDefault(t => t.Name == item); if (tag == null) { tag = new Tag { Name = item }; _context.Tags.Add(tag); } _context.BlogPostTags.Add(new BlogPostTag { BlogPostId = entity.ID, TagId = tag.ID }); } } entity.UpdatedAt = DateTime.Now; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { return(BadRequest("Desila se greška")); } return(await GetBlogPost(entity.Slug)); }