public async Task <IActionResult> CreateItem([FromRoute] ulong guildId, [FromRoute] int caseId, [FromBody] ModCaseCommentForCreateDto comment) { await RequirePermission(guildId, caseId, APIActionPermission.View); Identity currentIdentity = await GetIdentity(); IUser currentUser = currentIdentity.GetCurrentUser(); ModCase modCase = await ModCaseRepository.CreateDefault(_serviceProvider, currentIdentity).GetModCase(guildId, caseId); // suspects can only comment if last comment was not by him. if (!await currentIdentity.HasPermissionOnGuild(DiscordPermission.Moderator, guildId)) { if (modCase.Comments.Any()) { if (modCase.Comments.Last().UserId == currentUser.Id) { throw new BaseAPIException("Already commented", APIError.LastCommentAlreadyFromSuspect); } } } ModCaseComment createdComment = await ModCaseCommentRepository.CreateDefault(_serviceProvider, currentIdentity).CreateComment(guildId, caseId, comment.Message); return(StatusCode(201, new CommentsView(createdComment))); }
public async Task <IActionResult> CreateItem([FromRoute] string guildid, [FromRoute] string caseid, [FromBody] ModCaseCommentForCreateDto comment) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | Incoming request."); Identity currentIdentity = await identityManager.GetIdentity(HttpContext); User currentUser = await currentIdentity.GetCurrentDiscordUser(); if (currentUser == null) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | 401 Unauthorized."); return(Unauthorized()); } ModCase modCase = await database.SelectSpecificModCase(guildid, caseid); if (!await currentIdentity.HasModRoleOrHigherOnGuild(guildid, this.database) && !config.Value.SiteAdminDiscordUserIds.Contains(currentUser.Id)) { if (modCase == null) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | 401 Unauthorized."); return(Unauthorized()); } else { if (modCase.UserId != currentUser.Id) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | 401 Unauthorized."); return(Unauthorized()); } } } // ======================================================== if (await database.SelectSpecificGuildConfig(guildid) == null) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | 400 Guild not registered."); return(BadRequest("Guild not registered.")); } if (modCase == null) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | 404 ModCase not found."); return(NotFound()); } // normal user can only comment if no comments are there yet or last comment was not by him. if (!await currentIdentity.HasModRoleOrHigherOnGuild(guildid, this.database) && !config.Value.SiteAdminDiscordUserIds.Contains(currentUser.Id)) { if (modCase.Comments.Any()) { if (modCase.Comments.Last().UserId == currentUser.Id) { logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | 400 Already commented."); return(BadRequest("Already commented. Please wait for a response.")); } } } ModCaseComment commentToCreate = new ModCaseComment(); commentToCreate.ModCase = modCase; commentToCreate.UserId = currentUser.Id; commentToCreate.Message = comment.Message.Trim(); commentToCreate.CreatedAt = DateTime.UtcNow; await database.SaveModCaseComment(commentToCreate); await database.SaveChangesAsync(); logger.LogInformation($"{HttpContext.Request.Method} {HttpContext.Request.Path} | Sending notification."); try { await discordAnnouncer.AnnounceComment(commentToCreate, currentUser, RestAction.Created); } catch (Exception e) { logger.LogError(e, "Failed to announce comment."); } logger.LogInformation(HttpContext.Request.Method + " " + HttpContext.Request.Path + " | 201 Resource created."); return(StatusCode(201, new { id = commentToCreate.Id })); }