public async Task <ActionResult <UserPageDTO> > PutAPage(UserPageDTO pageDTO, int pageId)
{
// Test to see if claim == page.UserId or policy is admin
// if so allow the update
// if not don't allow it
var page = await _userPage.GetASpecificPage(pageId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == page.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
var updatedPage = await _userPage.Update(pageDTO, pageId);
return(updatedPage);
}
catch (Exception e)
{
throw new Exception($"Update action exception message: {e.Message}");
}
}
throw new Exception("You are not authorized to Update that Page.");
}
public async Task <IActionResult> DeletePost(int postId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the delete
// if not don't allow it
var post = await _userPost.GetASpecificPost(postId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == post.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _userPost.Delete(postId);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Delete action exception message: {e.Message}");
}
}
throw new Exception("You are not authorized to Delete that Post.");
}
public async Task <IActionResult> PostAnImageToPost(int postId, int imageId)
{
// ====================== TODO: How are we going to deal with S3? =========================
// Do we have this controller call the PostImage Controller?
// Do we make the client do it?
// Cant test till this is completed
// ========================================================================================
var post = await _userPost.GetASpecificPost(postId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == post.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _userPost.AddAnImageToAPost(postId, imageId);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Cannot add the image to the post: {e.Message}");
}
}
throw new Exception("You are not authorized to Add that Image to the Post.");
}
public async Task <IActionResult> DeleteAnImageFromPost(int postId, int imageid)
{
// ====================== TODO: Same here how are we going to deal with S3 ===============
// Cant test till this is completed
// =======================================================================================
var post = await _userPost.GetASpecificPost(postId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == post.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _userPost.DeleteAnImageFromAPost(postId, imageid);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Cannot delete the image from the post: {e.Message}");
}
}
throw new Exception("You are not authorized to Delete that Image from the Post.");
}
public async Task <IActionResult> DeletePostComment(int commentId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the delete
// if not don't allow it
var comment = await _postComment.GetASpecificComment(commentId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
// TODO: Need to figure out how to allow the Post's owner is allowed to delete another user's comment
if (UserClaimsGetters.GetUserId(User) == comment.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _postComment.Delete(commentId);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Delete action exception message: {e.Message}");
}
}
throw new Exception("You are not authorized to Delete that Comment.");
}
public async Task <ActionResult <PostCommentDTO> > PostPostComment(PostCommentDTO newComment)
{
var comment = await _postComment.Create(newComment, UserClaimsGetters.GetUserId(User));
if (comment != null)
{
return(comment);
}
return(BadRequest());
}
public async Task <ActionResult <PostImageDTO> > PostPostImage(CreatePostImageDTO newImage)
{
var image = await _postImage.Create(newImage, UserClaimsGetters.GetUserId(User));
if (image != null)
{
return(Ok());
}
return(BadRequest());
}
public async Task <ActionResult <LikeDTO> > GetCommentLikes(int commentId)
{
var likeData = await _postComment.GetCommentsLikes(commentId, UserClaimsGetters.GetUserId(User));
if (likeData != null)
{
return(likeData);
}
return(BadRequest());
}
public async Task <ActionResult <LikeDTO> > GetPostLikes(int postId)
{
var likeData = await _userPost.GetPostLikes(postId, UserClaimsGetters.GetUserId(User));
if (likeData != null)
{
return(likeData);
}
return(BadRequest());
}
public async Task <IActionResult> PostPageLike(int pageId)
{
try
{
await _userPage.AddALikeToAPage(pageId, UserClaimsGetters.GetUserId(User));
return(Ok()); // Maybe resend the 'like' data
}
catch (Exception e)
{
throw new Exception($"Tried to add a like to a page: {e.Message}");
}
}
public async Task <IActionResult> DeletePostLike(int postId)
{
try
{
await _userPost.DeleteALike(postId, UserClaimsGetters.GetUserId(User));
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Cannot delete that like: {e.Message}");
}
}
public async Task <IActionResult> PostPostLike(int postId)
{
try
{
await _userPost.AddALikeToAPost(postId, UserClaimsGetters.GetUserId(User));
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Tried to add a like to a post: {e.Message}");
}
}
public async Task <IActionResult> PostCommentLike(int commentId)
{
try
{
await _postComment.AddLikeToComment(commentId, UserClaimsGetters.GetUserId(User));
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Tried to add a like to a post: {e.Message}");
}
}
public async Task <ActionResult <UserPostDTO> > PostUserPost(UserPostDTO newPost)
{
if (newPost.UserId == null)
{
newPost.UserId = UserClaimsGetters.GetUserId(User);
}
var post = await _userPost.Create(newPost);
if (post != null)
{
return(Ok());
}
return(BadRequest());
}
public async Task <IActionResult> DeletePageLike(int pageId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the delete
// if not don't allow it
try
{
await _userPage.DeleteALike(pageId, UserClaimsGetters.GetUserId(User));
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Cannot delete that like: {e.Message}");
}
}
public async Task <IActionResult> DeleteUserPostFromPage(int pageId, int postId)
{
var page = await _userPage.GetASpecificPage(pageId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == page.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _userPage.DeleteAPostFromAPage(pageId, postId);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Cannot delete that post from the page: {e.Message}");
}
}
throw new Exception("You are not authorized to delete that Page from that post.");
}
public async Task <ActionResult <PostCommentDTO> > PutPostComment(PostCommentDTO updateComment, int commentId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the update
// if not don't allow it
var comment = await _postComment.GetASpecificComment(commentId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == comment.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
var commentUpdate = await _postComment.Update(updateComment, commentId);
if (commentUpdate != null)
{
return(commentUpdate);
}
return(BadRequest());
}
throw new Exception("You are not authorized to Update that Comment.");
}
public async Task <IActionResult> DeleteACommentFromPost(int postId, int commentId)
{
var post = await _userPost.GetASpecificPost(postId);
var comment = await _postComment.GetASpecificComment(commentId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == post.UserId || UserClaimsGetters.GetUserId(User) == comment.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
await _userPost.DeleteACommentFromAPost(postId, commentId);
return(Ok());
}
catch (Exception e)
{
throw new Exception($"Cannot delete the comment from the post: {e.Message}");
}
}
throw new Exception("You are not authorized to Delete that Post.");
}
public async Task <ActionResult <UserPostDTO> > PutUserPost(UserPostDTO updatePost, int postId)
{
// Test to see if claim == post.UserId or policy is admin
// if so allow the update
// if not don't allow it
//if (postId != updatePost.Id)
//{
// return BadRequest();
//}
var post = await _userPost.GetASpecificPost(postId);
var usersRoles = UserClaimsGetters.GetUserRoles(User, _userManager);
if (UserClaimsGetters.GetUserId(User) == post.UserId || usersRoles.Contains("Admin") || usersRoles.Contains("Owner"))
{
try
{
var postUpdate = await _userPost.Update(updatePost, postId);
if (postUpdate != null)
{
return(postUpdate);
}
return(BadRequest());
}
catch (Exception e)
{
throw new Exception($"Update error message: {e.Message}");
}
}
throw new Exception("You are not authorized to Update that Post.");
}
