예제 #1
0
        public IActionResult Get(string uuid)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (!SecureGuid.VerifyGuid(uuid, out _))
            {
                _logger.LogInformation("Invalid Topic UUID");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection.RemoteIpAddress.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            var topicInfo = _database.GetTopics(uuid);

            if (topicInfo.Count != 1)
            {
                _logger.LogInformation("Topic UUID does nto exist");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection.RemoteIpAddress.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
            }

            var posts = _database.GetPostByTopic(new Guid(uuid));

            topicInfo[0].Posts = posts;
            return(Ok(topicInfo[0]));
        }
예제 #2
0
        public IActionResult Get(string uuid)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (!SecureGuid.VerifyGuid(uuid, out var postGuid))
            {
                _logger.LogInformation("Post UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }


            var postInfo = _database.GetPostInfo(postGuid);

            if (postInfo == null)
            {
                _logger.LogInformation("Post does not exist.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection.RemoteIpAddress.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            var comments = _database.GetCommentsByPost(postGuid);

            postInfo.Comments = comments;

            return(Ok(postInfo));
        }
예제 #3
0
        public bool CreateComment(Comment comment, User user)
        {
            if (!SecureGuid.VerifyGuid(comment.Post, out var postGuid))
            {
                return(false);
            }

            using var conn = new MySqlConnection(_connectionStringBuilder.ConnectionString);
            conn.Open();
            using var command   = conn.CreateCommand();
            command.CommandText = "newComment";
            command.CommandType = CommandType.StoredProcedure;
            command.Parameters.Add("@postUUID", MySqlDbType.Binary, 16).Value    = postGuid.ToByteArray();
            command.Parameters.Add("@userUUID", MySqlDbType.Binary, 16).Value    = user.Uuid.ToByteArray();
            command.Parameters.Add("@commentUUID", MySqlDbType.Binary, 16).Value =
                SecureGuid.CreateSecureRfc4122Guid().ToByteArray();
            command.Parameters.AddWithValue("@commentContent", comment.Content);
            try
            {
                command.ExecuteNonQuery();
                return(true);
            }
            catch (MySqlException)
            {
                return(false);
            }
        }
예제 #4
0
        public IActionResult Delete(string postUuid)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (!SecureGuid.VerifyGuid(postUuid, out _))
            {
                _logger.LogInformation("Post UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }


            var post = new Post
            {
                Uuid = postUuid
            };

            if (_database.DeletePost(post, user))
            {
                _activityLogger.LogDeletePost(Request.HttpContext.Connection.RemoteIpAddress, user, post);
                return(Ok());
            }

            _logger.LogInformation("DB failed to delete post.");
            _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                   $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
            _authHandler.TerminateSession(user);

            return(BadRequest());
        }
예제 #5
0
        public IActionResult NewComment([FromBody] Comment comment)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (string.IsNullOrWhiteSpace(comment.Content) || string.IsNullOrWhiteSpace(comment.Post) ||
                string.IsNullOrWhiteSpace(comment.Captcha))
            {
                _logger.LogInformation("Comment content, post or captcha is missing.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (!_captcha.VerifyCaptcha(comment.Captcha, HttpContext.Connection.RemoteIpAddress, "newComment"))
            {
                _logger.LogInformation("Captcha failed verification.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }


            if (comment.Content.Length > 128)
            {
                _logger.LogInformation("Comment content length exceeds the permitted limit.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (!SecureGuid.VerifyGuid(comment.Post, out _))
            {
                _logger.LogInformation("Post UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }


            if (_database.CreateComment(comment, user))
            {
                _activityLogger.LogNewComment(Request.HttpContext.Connection.RemoteIpAddress, user, comment);
                return(Ok());
            }

            _logger.LogInformation("Database failed to create new comment.");
            _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                   $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
            _authHandler.TerminateSession(user);

            return(BadRequest());
        }
예제 #6
0
        public IActionResult UpdatePost(Post post)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (string.IsNullOrWhiteSpace(post.Content) || string.IsNullOrWhiteSpace(post.Uuid))
            {
                _logger.LogInformation("Post content or uuid is null or empty.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
                return(BadRequest());
            }

            if (!SecureGuid.VerifyGuid(post.Uuid, out _))
            {
                _logger.LogInformation("Post UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
                return(BadRequest());
            }


            if (!_database.VerifyPostUser(user, post))
            {
                _logger.LogInformation("Requester is not post creator.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (_database.UpdatePost(post, user))
            {
                _activityLogger.LogEditPost(Request.HttpContext.Connection.RemoteIpAddress, user, post);
                return(Ok());
            }

            _logger.LogInformation("DB failed to edit post.");
            _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                   $", IP: {HttpContext?.Connection.RemoteIpAddress.ToString() ?? "Unknown IP"}");
            _authHandler.TerminateSession(user);

            return(BadRequest());
        }
예제 #7
0
        public IActionResult Put(Comment comment)
        {
            var user = _authHandler.UserFromClaimsPrincipal(User);

            if (string.IsNullOrWhiteSpace(comment.Uuid) || string.IsNullOrWhiteSpace(comment.Content))
            {
                _logger.LogInformation("Comment uuid or content is empty.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
                return(BadRequest());
            }

            if (!SecureGuid.VerifyGuid(comment.Uuid, out _))
            {
                _logger.LogInformation("Comment UUID is invalid.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);

                return(BadRequest());
            }

            if (!_database.VerifyCommentUser(user, comment))
            {
                _logger.LogInformation("Requester is not comment creator.");
                _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                       $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
                _authHandler.TerminateSession(user);
                return(BadRequest());
            }

            if (_database.UpdateComment(comment, user))
            {
                _activityLogger.LogEditComment(Request.HttpContext.Connection.RemoteIpAddress, user, comment);
                return(Ok());
            }

            _logger.LogInformation("Database failed to update comment.");
            _logger.LogInformation($"Terminating session. User: {user.Uuid}" +
                                   $", IP: {HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? "Unknown IP"}");
            _authHandler.TerminateSession(user);
            return(BadRequest());
        }
예제 #8
0
        public bool VerifyCommentUser(User user, Comment comment)
        {
            if (!SecureGuid.VerifyGuid(comment.Uuid, out var commentGuid))
            {
                return(false);
            }

            using var conn = new MySqlConnection(_connectionStringBuilder.ConnectionString);
            conn.Open();
            using var command = conn.CreateCommand();

            command.CommandText = "verifyCommentUser";
            command.CommandType = CommandType.StoredProcedure;
            command.Parameters.Add("@commentUUID", MySqlDbType.Binary, 16).Value = commentGuid.ToByteArray();
            command.Parameters.Add("@userUUID", MySqlDbType.Binary, 16).Value    = user.Uuid.ToByteArray();
            var result = command.ExecuteReader();

            return(result.HasRows);
        }
예제 #9
0
        public bool UpdateComment(Comment comment, User user)
        {
            if (!SecureGuid.VerifyGuid(comment.Uuid, out var commentGuid))
            {
                return(false);
            }

            using var conn = new MySqlConnection(_connectionStringBuilder.ConnectionString);
            conn.Open();
            using var command = conn.CreateCommand();

            command.CommandText = "editComment";
            command.CommandType = CommandType.StoredProcedure;
            command.Parameters.Add("@commentUUID", MySqlDbType.Binary, 16).Value = commentGuid.ToByteArray();
            command.Parameters.Add("@userUUID", MySqlDbType.Binary, 16).Value    = user.Uuid.ToByteArray();
            command.Parameters.Add("@updatedContent", MySqlDbType.Text).Value    = comment.Content;
            var response = command.ExecuteNonQuery();

            return(response == 2);
        }
예제 #10
0
        public bool DeletePost(Post post, User user)
        {
            if (!SecureGuid.VerifyGuid(post.Uuid, out var postGuid))
            {
                return(false);
            }


            using var conn = new MySqlConnection(_connectionStringBuilder.ConnectionString);
            conn.Open();
            using var command = conn.CreateCommand();

            command.CommandText = "deletePost";
            command.CommandType = CommandType.StoredProcedure;
            command.Parameters.Add("@postUUID", MySqlDbType.Binary, 16).Value = postGuid.ToByteArray();
            command.Parameters.Add("@userUUID", MySqlDbType.Binary, 16).Value = user.Uuid.ToByteArray();
            var result = command.ExecuteNonQuery();

            return(result == 2);
        }