public async Task EditReplyContent(EditReplyServiceModel model)
{
var reply = await this.GetReplyById(model.ReplyId);
var content = new HtmlSanitizer().Sanitize(model.Content);
reply.Content = content;
this.repliesRepository.Update(reply);
await this.repliesRepository.SaveChangesAsync();
}
public async Task EditReplyContentEditsTheContent()
{
var obj = new EditReplyServiceModel()
{
ReplyId = this.testReply1.Id,
Content = "New content 1234",
};
await this.service.EditReplyContent(obj);
var replyContent = this.testReply1.Content;
Assert.True(replyContent == obj.Content);
}
public async Task EditReplyContentSanitizesTheContent()
{
var obj = new EditReplyServiceModel()
{
ReplyId = this.testReply1.Id,
Content = "<script>alert(\"Hacked!\")</script><p>New content 1234</p>",
};
await this.service.EditReplyContent(obj);
var replyContent = this.testReply1.Content;
var isSuccess = !replyContent.Contains("<script>") && replyContent.Contains("<p>");
Assert.True(isSuccess);
}
public async Task <IActionResult> Edit(EditReplyModel model)
{
if (!await this.postService.DoesItExist(model.PostId))
{
return(this.NotFound());
}
var serviceModel = new EditReplyServiceModel
{
ReplyId = model.ReplyId,
Content = model.Content,
};
await this.replyService.EditReplyContent(serviceModel);
return(this.RedirectToAction("Index", "Post", new { id = model.PostId }));
}
