public IActionResult Delete(string id)
{
//Get comment from table
var comment = _commentRepository.GetById(id);
//Check if such comment exists
if (comment == null)
{
return(BadRequest(new Message("The comment with id: " + id + " doesn't exist.")));
}
var tokenUser = HttpContext.User;
//If request is not sent by owner or by admin, finish here
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, comment.OwnerId) && !AuthorizationHelpers.IsAdmin(tokenUser))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Update table
if (_commentRepository.Delete(comment))
{
return(Ok(new Message("Comment with id: " + id + " deleted successfully")));
}
return(BadRequest(new Message("Error when deleting comment with id: " + id)));
}
public IActionResult Delete(string id)
{
//Check if token is given by admin or authorized user
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Find user in table
var user = _userRepository.Where(u => u.Id == id).Include(u => u.Posts).FirstOrDefault();
//Check if such user exists
if (user == null)
{
return(BadRequest(new Message("No such user with this id: " + id)));
}
if (_userRepository.Delete(user))
{
return(Ok(new Message("User with email: " + user.Email + ", id: " + id + " deleted successfully")));
}
return(BadRequest(new Message("Error when deleting user with id: " + id)));
}
public ActionResult <CommentOutDto> Update(string id, [FromBody] CommentUpdateDto commentInDto)
{
var comment = _commentRepository.GetById(id);
//Check if this comment exists
if (comment == null)
{
return(BadRequest(new Message("The comment with id: " + id + " doesn't exist.")));
}
var tokenUser = HttpContext.User;
//If request is not sent by owner, finish here
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, comment.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (!string.IsNullOrEmpty(commentInDto.Content))
{
comment.Content = commentInDto.Content;
}
//Update table
if (_commentRepository.Update(comment))
{
var commentOutDto = _mapper.Map <CommentOutDto>(comment);
return(Ok(commentOutDto));
}
return(BadRequest(new Message("Error when updating comment with id: " + id)));
}
public IActionResult Delete(string id)
{
var post = _postRepository.GetById(id);
if (post == null)
{
return(NotFound(new Message("No such post with this id: " + id)));
}
//Check if post is being deleted by its owner or by admin
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, post.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Update table
if (_postRepository.Delete(post))
{
return(Ok(new Message("Post with title: " + post.Title + " and with id: " + post.Id + " deleted Successfully")));
}
return(BadRequest(new Message("Error when updating post")));
}
public IActionResult GetByOwnerId(string ownerId,
[FromQuery] int limit,
[FromQuery] bool oldest)
{
//Check if request is sent by owner of the posts or by admin
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, ownerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Create queryable object for limitations and order specifications
var postsQueryable = _postRepository.Where(p => p.OwnerId == ownerId);
//Order
postsQueryable = oldest ? postsQueryable.OrderBy(p => p.SubmitTime) : postsQueryable.OrderByDescending(p => p.SubmitTime);
//Limitation
if (limit > 0)
{
postsQueryable = postsQueryable.Take(limit);
}
return(Ok(postsQueryable.Select(p => _mapper.Map <PostOutDto>(p))));
}
public IActionResult UnlikePost(UserLikePostInDto userLikePostDto)
{
//Check if inputs are valid
if (string.IsNullOrEmpty(userLikePostDto.UserId))
{
return(BadRequest(new Message("Please give valid user id.")));
}
if (string.IsNullOrEmpty(userLikePostDto.PostId))
{
return(BadRequest(new Message("Please give valid post id.")));
}
var userIn = _userRepository.GetById(userLikePostDto.UserId);
//Check if user is deleted
if (userIn == null)
{
return(BadRequest(new Message("User : "******" is no longer exists")));
}
var postIn = _postRepository.GetById(userLikePostDto.PostId);
//Check if post is deleted
if (postIn == null)
{
return(BadRequest(new Message("Post : " + userLikePostDto.PostId + " is no longer exists")));
}
//Check if token is given by authorized user
var tokenUser = HttpContext.User;
//If follower user is not authorized, finish here
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, userLikePostDto.UserId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Get the user like relation from table
var userLikePost = _userLikePostRepository
.Where(ulp => ulp.UserId == userLikePostDto.UserId && ulp.PostId == userLikePostDto.PostId)
.FirstOrDefault();
//Check if there exists such relation
if (userLikePost == null)
{
return(BadRequest(new Message("User : "******" hasn't been liked the post : " +
userLikePostDto.PostId)));
}
//Delete relation from table
if (_userLikePostRepository.Delete(userLikePost))
{
return(Ok(new Message("User : "******" is not being liked the post : " +
userLikePostDto.PostId + " anymore")));
}
return(BadRequest(new Message("Error when post unlike with user :"******" and post : " + userLikePostDto.PostId)));
}
public ActionResult <UserOutDto> Get(string id,
[FromQuery] bool posts,
[FromQuery] bool likedPosts,
[FromQuery] bool followings,
[FromQuery] bool followers,
[FromQuery] bool category)
{
//Check if token is given by admin or authorized user
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Initialize a queryable object for further include operations.
var userQueryable = _userRepository.Where(u => u.Id == id);
var rawUser = userQueryable.FirstOrDefault();
//Check if there exists a user with given id
if (rawUser == null)
{
return(NotFound(new Message("No such user with this id: " + id)));
}
if (posts)
{
userQueryable = userQueryable.Include(u => u.Posts);
}
if (likedPosts)
{
userQueryable = userQueryable.Include(u => u.LikedPosts).ThenInclude(lp => lp.Post);
}
if (followings)
{
userQueryable = userQueryable.Include(u => u.Followings).ThenInclude(uf => uf.Followed);
}
if (followers)
{
userQueryable = userQueryable.Include(u => u.Followers).ThenInclude(uf => uf.Follower);
}
if (category)
{
userQueryable = userQueryable.Include(u => u.InterestedCategories).ThenInclude(ic => ic.Category);
}
//Get the user object
var user = userQueryable.FirstOrDefault();
//Prepare dto object
var userOutDto = _mapper.Map <UserOutDto>(user);
return(userOutDto);
}
public IActionResult RemoveUser([FromBody] UserCategoryInDto userCategoryDto)
{
//Check if inputs are valid
if (string.IsNullOrEmpty(userCategoryDto.UserId))
{
return(BadRequest(new Message("Please give valid user id")));
}
if (string.IsNullOrEmpty(userCategoryDto.CategoryId))
{
return(BadRequest(new Message("Please give valid category id")));
}
//Check if user is deleted
var userIn = _userRepository.GetById(userCategoryDto.UserId);
if (userIn == null)
{
return(BadRequest(new Message("User: "******" no longer exists")));
}
//Check if category is deleted
var categoryIn = _categoryRepository.GetById(userCategoryDto.CategoryId);
if (categoryIn == null)
{
return(BadRequest(new Message("Category: " + userCategoryDto.CategoryId + " no longer exists")));
}
var tokenUser = HttpContext.User;
//Check if request is sent by user (follower of the category) .
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, userCategoryDto.UserId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Get user-category relation from table
var userCategory = _userCategoryRepository
.Where(uc => uc.CategoryId == userCategoryDto.CategoryId && uc.UserId == userCategoryDto.UserId)
.FirstOrDefault();
//If such relation doesn't exist
if (userCategory == null)
{
return(BadRequest(new Message("User : "******" is not following Category : " + userCategoryDto.CategoryId)));
}
//Update table
if (_userCategoryRepository.Delete(userCategory))
{
return(Ok(new Message("User : "******" is deleted from Category : " + userCategory.CategoryId)));
}
return(BadRequest(new Message("Error when deleting user-category relation")));
}
public IActionResult UnFollow(UserDoFollowDto userFollowDto)
{
//Check if inputs are valid
if (string.IsNullOrEmpty(userFollowDto.FollowerId))
{
return(BadRequest(new Message("Please give valid follower id.")));
}
if (string.IsNullOrEmpty(userFollowDto.FollowedId))
{
return(BadRequest(new Message("Please give valid followed id.")));
}
//Check if any of the users is deleted
if (_userRepository.GetById(userFollowDto.FollowerId) == null)
{
return(BadRequest(new Message("Follower user : "******" is no longer exists")));
}
if (_userRepository.GetById(userFollowDto.FollowedId) == null)
{
return(BadRequest(new Message("Followed user : "******" is no longer exists")));
}
//Check if token is given by authorized user
var tokenUser = HttpContext.User;
//If follower user is not authorized, finish here
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, userFollowDto.FollowerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Get follow relation from table
var userFollow = _userFollowRepository.Where(uf =>
uf.FollowerId == userFollowDto.FollowerId && uf.FollowedId == userFollowDto.FollowedId)
.FirstOrDefault();
//If such relation doesn't exist , finish here.
if (userFollow == null)
{
return(BadRequest(new Message("User : "******" is not following user : "******"User : "******" is not following user : "******" anymore.")));
}
return(BadRequest(new Message("Error when unfollow, with follower :" + userFollowDto.FollowerId + " and followed : " + userFollowDto.FollowedId)));
}
public ActionResult <PostOutDto> Update(string id, [FromBody] PostUpdateDto postInDto)
{
if (!ModelState.IsValid || postInDto == null)
{
return(BadRequest(new Message("Post not valid or null")));
}
//Check if there exist a post with {id}
var post = _postRepository.GetById(id);
if (post == null)
{
return(NotFound(new Message("No such post with this id: " + id)));
}
//Check if post is being updated by its owner
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, post.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (!string.IsNullOrWhiteSpace(postInDto.Title))
{
post.Title = postInDto.Title;
}
if (!string.IsNullOrWhiteSpace(postInDto.Content))
{
post.Content = postInDto.Content;
}
if (!string.IsNullOrWhiteSpace(postInDto.CategoryId))
{
post.Content = postInDto.CategoryId;
}
//Save changes
if (!_postRepository.Update(post))
{
return(BadRequest(new Message("Error when updating post")));
}
var postOutDto = _mapper.Map <PostOutDto>(post);
return(postOutDto);
}
public ActionResult <PostOutDto> Create([FromBody] PostCreateDto postInDto)
{
if (!ModelState.IsValid || postInDto == null)
{
return(BadRequest(new Message("Post not valid or null")));
}
if (string.IsNullOrEmpty(postInDto.OwnerId))
{
return(BadRequest(new Message("Please give valid owner Id")));
}
if (string.IsNullOrEmpty(postInDto.CategoryId))
{
return(BadRequest(new Message("Please give valid category Id")));
}
if (string.IsNullOrEmpty(postInDto.Content))
{
return(BadRequest(new Message("Please give valid content")));
}
if (string.IsNullOrEmpty(postInDto.Title))
{
return(BadRequest(new Message("Please give valid title")));
}
var postIn = _mapper.Map <Post>(postInDto);
//Check if post is being created by its owner
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, postInDto.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Update previous post, current post and owner.
if (!_postRepository.Add(postIn))
{
return(BadRequest(new Message("Error when adding post into table. Please check owner Id")));
}
var postOutDto = _mapper.Map <PostOutDto>(postIn);
return(postOutDto);
}
public ActionResult <CommentOutDto> Create([FromBody] CommentCreateDto commentInDto)
{
var tokenUser = HttpContext.User;
//If request is not sent by owner, finish here
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, commentInDto.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
var commentIn = _mapper.Map <Comment>(commentInDto);
if (_commentRepository.Add(commentIn))
{
var commentOutDto = _mapper.Map <CommentOutDto>(commentIn);
return(Ok(commentOutDto));
}
return(BadRequest(new Message("Error when creating comment")));
}
public ActionResult <UserOutDto> Update(string id, [FromBody] UserUpdateDto userDto)
{
var userOld = _userRepository.GetById(id);
if (userOld == null)
{
return(NotFound(new Message("No such user with this id: " + id)));
}
//Check if token is given by admin or authorized user
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (!string.IsNullOrWhiteSpace(userDto.BirthDate))
{
userOld.BirthDate = userDto.BirthDate;
}
if (!string.IsNullOrWhiteSpace(userDto.Description))
{
userOld.Description = userDto.Description;
}
if (!string.IsNullOrWhiteSpace(userDto.FacebookLink))
{
userOld.FacebookLink = userDto.FacebookLink;
}
if (!string.IsNullOrWhiteSpace(userDto.InstagramLink))
{
userOld.InstagramLink = userDto.InstagramLink;
}
if (!string.IsNullOrWhiteSpace(userDto.LinkedinLink))
{
userOld.LinkedinLink = userDto.LinkedinLink;
}
if (!string.IsNullOrWhiteSpace(userDto.Theme))
{
userOld.Theme = userDto.Theme;
}
if (!string.IsNullOrWhiteSpace(userDto.TwitterLink))
{
userOld.TwitterLink = userDto.TwitterLink;
}
if (!string.IsNullOrWhiteSpace(userDto.Password))
{
UserHelpers.CreatePasswordHash(userDto.Password, out var passwordHash, out var passwordSalt);
userOld.PasswordHash = passwordHash;
userOld.PasswordSalt = passwordSalt;
}
if (_userRepository.Update(userOld))
{
var userOutDto = _mapper.Map <UserOutDto>(userOld);
return(userOutDto);
}
return(BadRequest(new Message("Error when updating user.")));
}
public ActionResult <PostOutDto> Get(string id,
[FromQuery] bool owner,
[FromQuery] bool comment,
[FromQuery] bool category,
[FromQuery] bool like)
{
//Initialize a queryable object for further include operations.
var postQueryable = _postRepository.Where(p => p.Id == id);
var rawPost = postQueryable.FirstOrDefault();
//Check if there exists a post with given id
if (rawPost == null)
{
return(NotFound(new Message("No such post with this id: " + id)));
}
//Check if token is given by admin or owner of the post
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, rawPost.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (owner)
{
postQueryable = postQueryable.Include(p => p.Owner);
}
if (comment)
{
postQueryable = postQueryable.Include(p => p.Comments);
}
if (category)
{
postQueryable = postQueryable.Include(p => p.Category);
}
if (like)
{
postQueryable = postQueryable.Include(p => p.LikedUsers).ThenInclude(lu => lu.User);
}
//Get the post object
var post = postQueryable.FirstOrDefault();
//Find previous post with submit date
var prevPost = _postRepository.Where(p => p.OwnerId == post.OwnerId && p.SubmitTime < post.SubmitTime)
.FirstOrDefault();
var prevPostOutDto = _mapper.Map <PostOutDto>(prevPost);
//Find next post with submit date
var nextPost = _postRepository.Where(p => p.OwnerId == post.OwnerId && p.SubmitTime > post.SubmitTime)
.FirstOrDefault();
var nextPostOutDto = _mapper.Map <PostOutDto>(nextPost);
//Prepare post dto
var postOutDto = _mapper.Map <PostOutDto>(post);
postOutDto.PreviousPost = prevPostOutDto;
postOutDto.NextPost = nextPostOutDto;
return(postOutDto);
}
public ActionResult <UserCategoryOutDto> AddUser([FromBody] UserCategoryInDto userCategoryDto)
{
//Check if inputs are valid
if (string.IsNullOrEmpty(userCategoryDto.UserId))
{
return(BadRequest(new Message("Please give valid user id")));
}
if (string.IsNullOrEmpty(userCategoryDto.CategoryId))
{
return(BadRequest(new Message("Please give valid category id")));
}
//Check if user is deleted
var userIn = _userRepository.GetById(userCategoryDto.UserId);
if (userIn == null)
{
return(BadRequest(new Message("User: "******" no longer exists")));
}
//Check if category is deleted
var categoryIn = _categoryRepository.GetById(userCategoryDto.CategoryId);
if (categoryIn == null)
{
return(BadRequest(new Message("Category: " + userCategoryDto.CategoryId + " no longer exists")));
}
var tokenUser = HttpContext.User;
//Check if request is sent by user (who is being follower of the category) .
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, userCategoryDto.UserId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Get user-category relation from table
var userCategory = _userCategoryRepository
.Where(uc => uc.CategoryId == userCategoryDto.CategoryId && uc.UserId == userCategoryDto.UserId)
.FirstOrDefault();
//If such relation exists
if (userCategory != null)
{
return(BadRequest(new Message("User : "******" is already following Category : " + userCategoryDto.CategoryId)));
}
//Create new relation
var userCategoryIn = new UserCategory(userCategoryDto.UserId, userCategoryDto.CategoryId);
//Update table
if (_userCategoryRepository.Add(userCategoryIn))
{
var userCategoryOutDto = _mapper.Map <UserCategoryOutDto>(userCategoryIn);
return(Ok(userCategoryOutDto));
}
return(BadRequest(new Message("Error when adding user-category relation")));
}