public async Task <ActionResult> EditMessage([FromRoute] int messageId, [FromBody] EditMessageBody body, CancellationToken cancellationToken = default)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check if the message exists
MessageExistsQuery existsQuery = new MessageExistsQuery {
MessageId = messageId
};
bool exists = await _mediator.Send(existsQuery, cancellationToken);
if (!exists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"Message with ID '{messageId}' does not exist"
}));
}
// Check if the user is the author of the message and thus allowed to update it
IsAuthorOfMessageQuery isAuthorQuery = new IsAuthorOfMessageQuery {
MessageId = messageId
};
bool isAuthor = await _mediator.Send(isAuthorQuery, cancellationToken);
if (!isAuthor)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "Only the author of a message is allowed to update a message"
}));
}
// Update the message
EditMessageCommand editCommand = new EditMessageCommand {
MessageId = messageId, HtmlContent = body.HtmlContent
};
await _mediator.Send(editCommand, cancellationToken);
return(NoContent());
}
public async Task MessageExistsQueryHandler_ShouldReturnFalse_WhenMessageDoesNotExist()
{
// Arrange
MessageExistsQuery request = new MessageExistsQuery {
MessageId = 442
};
_unitOfWorkMock
.Setup(m => m.Messages.Exists(request.MessageId, It.IsAny <CancellationToken>()))
.ReturnsAsync(false);
MessageExistsQuery.Handler handler = new MessageExistsQuery.Handler(_unitOfWorkMock.Object);
// Act
bool exists = await handler.Handle(request);
// Assert
Assert.False(exists);
}
public async Task <ActionResult> DeleteMessage([FromRoute] int messageId, CancellationToken cancellationToken = default)
{
// Check if the message exists
MessageExistsQuery existsQuery = new MessageExistsQuery {
MessageId = messageId
};
bool exists = await _mediator.Send(existsQuery, cancellationToken);
if (!exists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"Message with ID '{messageId}' does not exist"
}));
}
// Check if the user is the author of the message and thus allowed to update it
IsAuthorOfMessageQuery isAuthorQuery = new IsAuthorOfMessageQuery {
MessageId = messageId
};
bool isAuthor = await _mediator.Send(isAuthorQuery, cancellationToken);
if (!isAuthor)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "Only the author of a message is allowed to delete a message"
}));
}
// Delete the message
DeleteMessageCommand deleteCommand = new DeleteMessageCommand {
MessageId = messageId
};
await _mediator.Send(deleteCommand, cancellationToken);
return(NoContent());
}
public async Task <ActionResult <MessageResource> > GetMessageById([FromRoute] int messageId, CancellationToken cancellationToken = default)
{
// Check if the message exists
MessageExistsQuery existsQuery = new MessageExistsQuery {
MessageId = messageId
};
bool exists = await _mediator.Send(existsQuery, cancellationToken);
if (!exists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"Message with ID '{messageId}' does not exist"
}));
}
// Check if the user is allowed to see the message
CanAccessMessageQuery canAccessQuery = new CanAccessMessageQuery {
MessageId = messageId
};
bool canAccess = await _mediator.Send(canAccessQuery, cancellationToken);
if (!canAccess)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "The user is not permitted to see this message. He may only see messages that he received or wrote himself"
}));
}
// Get the message
GetMessageByIdQuery fetchQuery = new GetMessageByIdQuery {
MessageId = messageId
};
MessageResource message = await _mediator.Send(fetchQuery, cancellationToken);
return(Ok(message));
}
public async Task <ActionResult <ChatMessageResource> > SendMessage([FromBody] SendMessageBody body, CancellationToken cancellationToken = default)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check if recipient exists
RecipientExistsQuery recipientExistsQuery = new RecipientExistsQuery {
RecipientId = body.RecipientId
};
bool recipientExists = await _mediator.Send(recipientExistsQuery, cancellationToken);
if (!recipientExists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"Recipient with ID '{body.RecipientId}' does not exist"
}));
}
// Check if the the user wants to message himself
IsOwnRecipientQuery isOwnRecipientQuery = new IsOwnRecipientQuery {
RecipientId = body.RecipientId
};
bool isOwnRecipient = await _mediator.Send(isOwnRecipientQuery, cancellationToken);
if (isOwnRecipient)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "You cannot write messages to yourself"
}));
}
if (body.ParentId != null)
{
// Check if parent message exists
MessageExistsQuery parentMessageExistsQuery = new MessageExistsQuery {
MessageId = body.ParentId.Value
};
bool parentMessageExists = await _mediator.Send(parentMessageExistsQuery, cancellationToken);
if (!parentMessageExists)
{
return(NotFound(new ErrorResource
{
StatusCode = StatusCodes.Status404NotFound,
Message = $"Parent message with ID '{body.ParentId}' does not exist"
}));
}
// Check if the user should have access to the parent message
CanAccessMessageQuery canAccessParentMessageQuery = new CanAccessMessageQuery {
MessageId = body.ParentId.Value
};
bool canAccessParentMessage = await _mediator.Send(canAccessParentMessageQuery, cancellationToken);
if (!canAccessParentMessage)
{
return(StatusCode(StatusCodes.Status403Forbidden, new ErrorResource
{
StatusCode = StatusCodes.Status403Forbidden,
Message = "You cannot answer messages from a foreign chat"
}));
}
}
// Send message to their recipients
SendMessageCommand sendMessageCommand = _mapper.Map <SendMessageBody, SendMessageCommand>(body);
ChatMessageResource message = await _mediator.Send(sendMessageCommand, cancellationToken);
return(CreatedAtAction(nameof(GetMessageById), new { messageId = message.MessageId }, message));
}