public async Task <ActionResult <PostLarge> > DeletePost(int postId) { var userGroup = User.FindFirst(ClaimTypes.Role)?.Value; if (userGroup == "1") { var item = await _repo.GetPost(postId); if (item == null) { return(NotFound()); } } else { var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value; if (!int.TryParse(userId, out int uid)) { return(BadRequest(new { error = "Unknow user ID." })); } var item = await _repo.GetPost(postId); if (item == null) { return(NotFound()); } if (item.UserId != uid) { return(Forbid()); } } return(PostLarge.FromPost(await _repo.DeletePost(postId), _imageServer)); }
public async Task <ActionResult <PostLarge> > GetPost(int postId) { var item = await _repo.GetPost(postId); if (item == null) { return(NotFound()); } return(PostLarge.FromPost(await _repo.GetPost(postId), _imageServer)); }
public async Task <ActionResult <PostLarge> > PostNew([FromBody] PostForUpload post) { var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value; if (!int.TryParse(userId, out int uid)) { return(BadRequest(new { error = "Unknow user ID." })); } post.UserId = uid; return(PostLarge.FromPost(await _repo.SavePost(post), _imageServer)); }
public async Task <ActionResult <PostLarge> > EditPost(int postId, [FromBody] PostForUpload post) { var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value; if (!int.TryParse(userId, out int uid)) { return(BadRequest(new { error = "Unknow user ID." })); } var item = await _repo.GetPost(postId); if (item == null) { return(NotFound()); } if (item.UserId != uid) { return(Forbid()); } return(PostLarge.FromPost(await _repo.UpdatePost(postId, post), _imageServer)); }