public async Task <ActionResult <CommentLarge> > AddComment(int postId, [FromBody] string content)
{
var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (!int.TryParse(userId, out int uid))
{
return(BadRequest(new { error = "Unknow user ID." }));
}
return(CreatedAtAction(nameof(AddComment), CommentLarge.FromComment(await _repo.SaveComment(postId, uid, content), _imageServer)));
}
public async Task <ActionResult <CommentLarge> > DeleteComment(int postId, string commentId)
{
var userGroup = User.FindFirst(ClaimTypes.Role)?.Value;
if (userGroup == "1")
{
var item = await _repo.GetPost(postId);
if (item == null)
{
return(NotFound());
}
var comment = item.Comment.FirstOrDefault(it => it.CommentId == commentId);
if (comment == null)
{
return(NotFound());
}
}
else
{
var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (!int.TryParse(userId, out int uid))
{
return(BadRequest(new { error = "Unknow user ID." }));
}
var item = await _repo.GetPost(postId);
if (item == null)
{
return(NotFound());
}
var comment = item.Comment.FirstOrDefault(it => it.CommentId == commentId);
if (comment == null)
{
return(NotFound());
}
if (comment.UserId != uid && item.UserId != uid)
{
return(Forbid());
}
}
return(CommentLarge.FromComment(await _repo.DeleteComment(commentId), _imageServer));
}