Exemple #1
0
        public IActionResult UpdatePost(Post post)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (string.IsNullOrWhiteSpace(post.Content) || string.IsNullOrWhiteSpace(post.Uuid))
            {
                _logger.LogInformation("Post content or uuid is null or empty.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
                return(BadRequest());
            }

            if (!SecureGuid.VerifyGuid(post.Uuid, out _))
            {
                _logger.LogInformation("Post UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
                return(BadRequest());
            }


            if (!_database.VerifyPostUser(user, post))
            {
                _logger.LogInformation("Requester is not post creator.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (_database.UpdatePost(post, user))
            {
                _activityLogger.LogEditPost(Request.HttpContext.Connection.RemoteIpAddress, user, post);
                return(Ok());
            }

            _logger.LogInformation("DB failed to edit post.");
            _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                   $", IP: {HttpContext?.Connection.RemoteIpAddress.ToString() ?? "Unknown IP"}");
            _authHandler.TerminateSession(user);

            return(BadRequest());
        }