public async Task LockAsync(LockTopic command) { var topic = await _dbContext.Posts .FirstOrDefaultAsync(x => x.Id == command.Id && x.TopicId == null && x.ForumId == command.ForumId && x.Forum.Category.SiteId == command.SiteId && x.Status != StatusType.Deleted); if (topic == null) { throw new DataException($"Topic with Id {command.Id} not found."); } topic.Lock(command.Locked); _dbContext.Events.Add(new Event(command.SiteId, command.UserId, EventType.Locked, typeof(Post), command.Id)); await _dbContext.SaveChangesAsync(); }
public async Task <ActionResult> LockTopic(Guid forumId, Guid topicId, [FromBody] bool locked) { var site = await _contextService.CurrentSiteAsync(); var user = await _contextService.CurrentUserAsync(); var command = new LockTopic { Id = topicId, ForumId = forumId, Locked = locked, SiteId = site.Id, UserId = user.Id }; var permissions = await _permissionModelBuilder.BuildPermissionModelsByForumId(site.Id, forumId); var canModerate = _securityService.HasPermission(PermissionType.Moderate, permissions) && !user.IsSuspended; if (!canModerate) { _logger.LogWarning("Unauthorized access to lock topic", new { SiteId = site.Id, ForumId = forumId, TopicId = topicId, User = User.Identity.Name }); return(Unauthorized()); } await _topicService.LockAsync(command); return(Ok()); }