Exemple #1
        public IActionResult Delete(string id)
            var post = _postRepository.GetById(id);

            if (post == null)
                return(NotFound(new Message("No such post with this id: " + id)));

            //Check if post is being deleted by its owner or by admin
            var tokenUser = HttpContext.User;

            if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, post.OwnerId))
                return(Unauthorized(new Message("Unauthorized user.")));

            //Update table
            if (_postRepository.Delete(post))
                return(Ok(new Message("Post with title: " + post.Title + " and with id: " + post.Id + " deleted Successfully")));

            return(BadRequest(new Message("Error when updating post")));
Exemple #2
        public IActionResult GetByOwnerId(string ownerId,
                                          [FromQuery] int limit,
                                          [FromQuery] bool oldest)
            //Check if request is sent by owner of the posts or by admin
            var tokenUser = HttpContext.User;

            if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, ownerId))
                return(Unauthorized(new Message("Unauthorized user.")));

            //Create queryable object for limitations and order specifications
            var postsQueryable = _postRepository.Where(p => p.OwnerId == ownerId);

            postsQueryable = oldest ? postsQueryable.OrderBy(p => p.SubmitTime) : postsQueryable.OrderByDescending(p => p.SubmitTime);

            if (limit > 0)
                postsQueryable = postsQueryable.Take(limit);

            return(Ok(postsQueryable.Select(p => _mapper.Map <PostOutDto>(p))));
Exemple #3
        public ActionResult <UserOutDto> Get(string id,
                                             [FromQuery] bool posts,
                                             [FromQuery] bool likedPosts,
                                             [FromQuery] bool followings,
                                             [FromQuery] bool followers,
                                             [FromQuery] bool category)
            //Check if token is given by admin or authorized user
            var tokenUser = HttpContext.User;

            if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
                return(Unauthorized(new Message("Unauthorized user.")));

            //Initialize a queryable object for further include operations.
            var userQueryable = _userRepository.Where(u => u.Id == id);

            var rawUser = userQueryable.FirstOrDefault();

            //Check if there exists a user with given id
            if (rawUser == null)
                return(NotFound(new Message("No such user with this id: " + id)));

            if (posts)
                userQueryable = userQueryable.Include(u => u.Posts);

            if (likedPosts)
                userQueryable = userQueryable.Include(u => u.LikedPosts).ThenInclude(lp => lp.Post);

            if (followings)
                userQueryable = userQueryable.Include(u => u.Followings).ThenInclude(uf => uf.Followed);

            if (followers)
                userQueryable = userQueryable.Include(u => u.Followers).ThenInclude(uf => uf.Follower);

            if (category)
                userQueryable = userQueryable.Include(u => u.InterestedCategories).ThenInclude(ic => ic.Category);

            //Get the user object
            var user = userQueryable.FirstOrDefault();

            //Prepare dto object
            var userOutDto = _mapper.Map <UserOutDto>(user);

        public IActionResult GetAll()
            //If request is not sent by admin, finish here
            if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
                return(Unauthorized(new Message("Unauthorized user.")));

            return(Ok(_commentRepository.All().Select(c => _mapper.Map <CommentOutDto>(c))));
Exemple #5
        public IActionResult GetAll()
            //Check if token is given by admin
            var tokenUser = HttpContext.User;

            if (!AuthorizationHelpers.IsAdmin(tokenUser))
                return(Unauthorized(new Message("Unauthorized user.")));

            return(Ok(_userRepository.All().Select(u => _mapper.Map <UserOutDto>(u))));
Exemple #6
        public IActionResult GetAll()
            //Check if request is sent by admin
            var tokenUser = HttpContext.User;

            //Check if request is sent by admin.
            if (!AuthorizationHelpers.IsAdmin(tokenUser))
                return(Unauthorized(new Message("Unauthorized user.")));

            return(Ok(_categoryRepository.All().OrderBy(c => c.Name).Select(c => _mapper.Map <CategoryOutDto>(c)).OrderBy(c => c.Name)));
Exemple #7
        public ActionResult <CategoryOutDto> Create([FromBody] CategoryInDto categoryInDto)
            //Check if inputs are valid
            if (string.IsNullOrEmpty(categoryInDto.ImageUrl))
                return(BadRequest(new Message("Please give valid image Url")));

            if (string.IsNullOrEmpty(categoryInDto.Name))
                return(BadRequest(new Message("Please give valid name")));

            if (string.IsNullOrEmpty(categoryInDto.ParentId))
                return(BadRequest(new Message("Please give valid parent Id")));

            //Check if request is sent by admin.
            if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
                return(Unauthorized(new Message("Unauthorized user.")));

            if (_mainCategoryRepository.GetById(categoryInDto.ParentId) == null)
                return(BadRequest(new Message("There is no main category with id: " + categoryInDto.ParentId)));

            var categoryIn = _mapper.Map <Category>(categoryInDto);

            if (_categoryRepository.Add(categoryIn))
                var categoryOutDto = _mapper.Map <CategoryOutDto>(categoryIn);


            return(BadRequest(new Message("Error when creating category")));
Exemple #8
        public ActionResult <CategoryOutDto> Update(string id, [FromBody] CategoryInDto categoryInDto)
            //Check if request is sent by admin.
            if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
                return(Unauthorized(new Message("Unauthorized user.")));

            //Check if there exists a category with given id
            var category = _categoryRepository.GetById(id);

            if (category == null)
                return(NotFound(new Message("No such category with this id: " + id)));

            if (!string.IsNullOrWhiteSpace(categoryInDto.ImageUrl))
                category.ImageUrl = categoryInDto.ImageUrl;

            if (!string.IsNullOrWhiteSpace(categoryInDto.Name))
                category.Name = categoryInDto.Name;

            if (!string.IsNullOrWhiteSpace(categoryInDto.ParentId))
                category.ParentId = categoryInDto.ParentId;

            //Update category
            if (_categoryRepository.Update(category))
                var categoryOutDto = _mapper.Map <CategoryOutDto>(category);

            return(BadRequest(new Message("Error when updating category")));
        public ActionResult <CommentOutDto> Get(string id,
                                                [FromQuery] bool owner,
                                                [FromQuery] bool post)
            //If request is not sent by admin, finish here
            if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
                return(Unauthorized(new Message("Unauthorized user.")));

            //Initialize a queryable object for further include operations.
            var commentQueryable = _commentRepository.Where(c => c.Id == id);

            var commentRaw = commentQueryable.FirstOrDefault();

            //Check if there exists a category with given id
            if (commentRaw == null)
                return(NotFound(new Message("No such comment with this id: " + id)));

            if (owner)
                commentQueryable = commentQueryable.Include(c => c.Owner);

            if (post)
                commentQueryable = commentQueryable.Include(c => c.Post);

            //Get comment object
            var comment = commentQueryable.FirstOrDefault();

            var commentOutDto = _mapper.Map <CommentOutDto>(comment);

Exemple #10
        public IActionResult Delete(string id)
            //Check if request is sent by admin.
            if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
                return(Unauthorized(new Message("Unauthorized user.")));

            var mainCategory = _mainCategoryRepository.GetById(id);

            if (mainCategory == null)
                return(NotFound(new Message("There is no main category with id: " + id)));

            if (_mainCategoryRepository.Delete(mainCategory))
                return(Ok(new Message("Main category with name: " + mainCategory.Name + " and with id: " + mainCategory.Id +
                                      " is deleted successfully")));

            return(BadRequest(new Message("Error when updating main category with id: " + id)));
Exemple #11
        public IActionResult Delete(string id)
            //Check if request is sent by admin.
            if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
                return(Unauthorized(new Message("Unauthorized user.")));

            var category = _categoryRepository.GetById(id);

            //Check if there exists a category with given id
            if (category == null)
                return(NotFound(new Message("No such category with this id: " + id)));

            //Update table
            if (_categoryRepository.Delete(category))
                return(Ok(new Message("Category with name: " + category.Name + " and id: " + category.Id + "Deleted Successfully")));

            return(BadRequest(new Message("Error when deleting category with id: " + id)));
        public IActionResult Delete(string id)
            //Get comment from table
            var comment = _commentRepository.GetById(id);

            //Check if such comment exists
            if (comment == null)
                return(BadRequest(new Message("The comment with id: " + id + " doesn't exist.")));

            var tokenUser = HttpContext.User;

            //If request is not sent by owner or by admin, finish here
            if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, comment.OwnerId) && !AuthorizationHelpers.IsAdmin(tokenUser))
                return(Unauthorized(new Message("Unauthorized user.")));

            //Update table
            if (_commentRepository.Delete(comment))
                return(Ok(new Message("Comment with id: " + id + " deleted successfully")));

            return(BadRequest(new Message("Error when deleting comment with id: " + id)));
Exemple #13
        public ActionResult <UserOutDto> Update(string id, [FromBody] UserUpdateDto userDto)
            var userOld = _userRepository.GetById(id);

            if (userOld == null)
                return(NotFound(new Message("No such user with this id: " + id)));

            //Check if token is given by admin or authorized user
            var tokenUser = HttpContext.User;

            if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
                return(Unauthorized(new Message("Unauthorized user.")));

            if (!string.IsNullOrWhiteSpace(userDto.BirthDate))
                userOld.BirthDate = userDto.BirthDate;

            if (!string.IsNullOrWhiteSpace(userDto.Description))
                userOld.Description = userDto.Description;

            if (!string.IsNullOrWhiteSpace(userDto.FacebookLink))
                userOld.FacebookLink = userDto.FacebookLink;

            if (!string.IsNullOrWhiteSpace(userDto.InstagramLink))
                userOld.InstagramLink = userDto.InstagramLink;

            if (!string.IsNullOrWhiteSpace(userDto.LinkedinLink))
                userOld.LinkedinLink = userDto.LinkedinLink;

            if (!string.IsNullOrWhiteSpace(userDto.Theme))
                userOld.Theme = userDto.Theme;

            if (!string.IsNullOrWhiteSpace(userDto.TwitterLink))
                userOld.TwitterLink = userDto.TwitterLink;

            if (!string.IsNullOrWhiteSpace(userDto.Password))
                UserHelpers.CreatePasswordHash(userDto.Password, out var passwordHash, out var passwordSalt);
                userOld.PasswordHash = passwordHash;
                userOld.PasswordSalt = passwordSalt;

            if (_userRepository.Update(userOld))
                var userOutDto = _mapper.Map <UserOutDto>(userOld);


            return(BadRequest(new Message("Error when updating user.")));
Exemple #14
        public ActionResult <PostOutDto> Get(string id,
                                             [FromQuery] bool owner,
                                             [FromQuery] bool comment,
                                             [FromQuery] bool category,
                                             [FromQuery] bool like)
            //Initialize a queryable object for further include operations.
            var postQueryable = _postRepository.Where(p => p.Id == id);

            var rawPost = postQueryable.FirstOrDefault();

            //Check if there exists a post with given id
            if (rawPost == null)
                return(NotFound(new Message("No such post with this id: " + id)));

            //Check if token is given by admin or owner of the post
            var tokenUser = HttpContext.User;

            if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, rawPost.OwnerId))
                return(Unauthorized(new Message("Unauthorized user.")));

            if (owner)
                postQueryable = postQueryable.Include(p => p.Owner);

            if (comment)
                postQueryable = postQueryable.Include(p => p.Comments);

            if (category)
                postQueryable = postQueryable.Include(p => p.Category);

            if (like)
                postQueryable = postQueryable.Include(p => p.LikedUsers).ThenInclude(lu => lu.User);

            //Get the post object
            var post = postQueryable.FirstOrDefault();

            //Find previous post with submit date
            var prevPost = _postRepository.Where(p => p.OwnerId == post.OwnerId && p.SubmitTime < post.SubmitTime)
            var prevPostOutDto = _mapper.Map <PostOutDto>(prevPost);

            //Find next post with submit date
            var nextPost = _postRepository.Where(p => p.OwnerId == post.OwnerId && p.SubmitTime > post.SubmitTime)
            var nextPostOutDto = _mapper.Map <PostOutDto>(nextPost);

            //Prepare post dto
            var postOutDto = _mapper.Map <PostOutDto>(post);

            postOutDto.PreviousPost = prevPostOutDto;
            postOutDto.NextPost     = nextPostOutDto;
