public IActionResult EditComment([FromBody] EditCommentDto editCommentDto)
        {
            try {
                User loggedUser = _commService.GetLoggedUser(this.User.FindFirst(ClaimTypes.Name).Value);
                if (loggedUser == null)
                {
                    return(BadRequest(new { message = "Użytkownik nie jest zalogowany" }));
                }
                if (String.IsNullOrEmpty(editCommentDto.NewContent))
                {
                    return(BadRequest(new { message = "Nie można dodać pustego komentarza" }));
                }

                var comm = _commService.GetById(editCommentDto.CommentId);

                if (comm == null)
                {
                    return(BadRequest(new { message = "Komentarz nie istnieje" }));
                }
                if (loggedUser != comm.Author && loggedUser.GroupId != 1)
                {
                    return(BadRequest(new { message = "Brak uprawnień do edycji komentarza" }));
                }
                _commService.Edit(editCommentDto.CommentId, editCommentDto.NewContent);
                return(Ok());
            }
            catch (AppException ex)
            {
                // return error message if there was an exception
                return(BadRequest(new { message = ex.Message }));
            }
        }
        public void Should_Throw_If_Comment_To_Be_Edited_Does_Not_Exist()
        {
            // Setup
            var wall = new Wall {
                Id = 1, OrganizationId = 2
            };
            var post = new Post {
                Id = 1, Wall = wall, WallId = wall.Id
            };
            var comments = new List <Comment>
            {
                new Comment {
                    Id = 1, AuthorId = "user1", Post = post
                }
            };

            _commentsDbSet.SetDbSetDataForAsync(comments.AsQueryable());

            var editCommentDto = new EditCommentDto
            {
                Id             = 2,
                MessageBody    = "edited comment",
                UserId         = "user1",
                OrganizationId = 2
            };

            // Act
            // Assert
            var ex = Assert.ThrowsAsync <ValidationException>(async() => await _commentService.EditCommentAsync(editCommentDto));

            Assert.AreEqual(ErrorCodes.ContentDoesNotExist, ex.ErrorCode);
        }
Esempio n. 3
0
        public async Task EditCommentAsync(EditCommentDto commentDto)
        {
            var comment = await _commentsDbSet
                          .Include(x => x.Post.Wall)
                          .FirstOrDefaultAsync(c => c.Id == commentDto.Id && c.Post.Wall.OrganizationId == commentDto.OrganizationId);

            if (comment == null)
            {
                throw new ValidationException(ErrorCodes.ContentDoesNotExist, "Comment does not exist");
            }

            var isWallModerator = await _wallModeratorsDbSet
                                  .AnyAsync(x => x.UserId == commentDto.UserId && x.WallId == comment.Post.WallId) || commentDto.UserId == comment.CreatedBy;

            var isAdministrator = await _permissionService.UserHasPermissionAsync(commentDto, AdministrationPermissions.Post);

            if (!isAdministrator && !isWallModerator)
            {
                throw new UnauthorizedException();
            }

            comment.MessageBody = commentDto.MessageBody;
            comment.PictureId   = commentDto.PictureId;
            comment.LastEdit    = DateTime.UtcNow;

            await _uow.SaveChangesAsync(commentDto.UserId);
        }
        public ActionResult Put(int id, [FromBody] EditCommentDto dto)
        {
            dto.Id = id;
            try
            {
                _editComment.Execute(dto);
                return(StatusCode(204));
            }
            catch (EntityNotFoundException e) { return(NotFound(e.Message)); }

            catch (Exception e) { return(StatusCode(500, e.Message)); }
        }
Esempio n. 5
0
        public ActionResult EditComment(long id)
        {
            if (!ModelState.IsValid)
            {
                return(View());
            }
            EditCommentDto       commentDto = _commentService.GetCommentById(id);
            EditCommentViewModel model      = commentDto == null
                ? new EditCommentViewModel()
                : _mapper.Map <EditCommentDto, EditCommentViewModel>(commentDto);

            return(View(model));
        }
        public void Execute(EditCommentDto request)
        {
            var comment = _context.Comments.SingleOrDefault(w => w.UserId == request.UserId && w.Id == request.Id);

            if (comment == null)
            {
                throw new EntityNotFoundException("Comment");
            }

            comment.Comments = request.Comment;

            _context.SaveChanges();
        }
        public void Execute(EditCommentDto request)
        {
            var comment = _context.Commnets.Find(request.Id);

            if (comment == null)
                throw new EntityNotFoundException("Comment");


            comment.Text = request.Text;
            comment.ModifiedOn = DateTime.Now;
                     
            _context.SaveChanges();
        }
        public void Should_Throw_If_User_Edits_Other_User_Comment()
        {
            // Setup
            var wall = new Wall {
                Id = 1, OrganizationId = 2
            };
            var post = new Post {
                Id = 1, Wall = wall, WallId = wall.Id
            };
            var comments = new List <Comment>
            {
                new Comment {
                    Id = 1, AuthorId = "user1", Post = post
                }
            };

            _commentsDbSet.SetDbSetDataForAsync(comments.AsQueryable());

            var wallModerators = new List <WallModerator>
            {
                new WallModerator {
                    WallId = wall.Id, UserId = "user2"
                }
            };

            _wallModeratorsDbSet.SetDbSetDataForAsync(wallModerators.AsQueryable());

            var editCommentDto = new EditCommentDto
            {
                Id             = 1,
                MessageBody    = "edited comment",
                UserId         = "user3",
                OrganizationId = 2
            };

            _permissionService.UserHasPermissionAsync(editCommentDto, AdministrationPermissions.Post).Returns(false);

            // Act
            // Assert
            Assert.ThrowsAsync <UnauthorizedException>(async() => await _commentService.EditCommentAsync(editCommentDto));
        }
Esempio n. 9
0
        public async Task <IActionResult> PutComment([FromRoute] int id, [FromBody] EditCommentDto editCommentDto)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            var editComment = await context.Comments.SingleOrDefaultAsync(comment => comment.Id == id);

            if (id != editComment.Id)
            {
                return(BadRequest());
            }

            mapper.Map(editCommentDto, editComment);
            editComment.ModifiedAt           = DateTime.Now;
            context.Entry(editComment).State = EntityState.Modified;

            try
            {
                await context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!CommentExists(id))
                {
                    return(NotFound());
                }
                else
                {
                    return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
                }
            }
            context.Entry(editComment).Reference(c => c.User).Load();
            var commentDtoFromDataBase = mapper.Map <Comment, CommentDto>(editComment);
            await hubContext.Clients.Group(commentDtoFromDataBase.NewsId.ToString()).SendAsync("EditComment", commentDtoFromDataBase);

            return(NoContent());
        }
        public async Task <IActionResult> PutComment(string id, EditCommentDto comment)
        {
            if (id != comment.CommentId)
            {
                return(BadRequest());
            }

            var currentUserId = HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier);
            var currentUser   = await _authRepo.FindUser(currentUserId);

            var existingComment = await _context.Comments.FindAsync(id);

            if (currentUserId != existingComment.UserId && currentUser.Role != Role.Admin)
            {
                return(Unauthorized());
            }

            existingComment.Text      = comment.Text;
            existingComment.UpdatedAt = DateTime.Now;

            try
            {
                await _context.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!CommentExists(id))
                {
                    return(NotFound());
                }
                else
                {
                    throw;
                }
            }

            return(NoContent());
        }
Esempio n. 11
0
        public void UpdateComment(EditCommentDto editCommentDto)
        {
            var comment = _mapper.Map <Comment>(editCommentDto);

            _commentRepository.UpdateComment(comment);
        }