public IActionResult EditComment([FromBody] EditCommentDto editCommentDto)
{
try {
User loggedUser = _commService.GetLoggedUser(this.User.FindFirst(ClaimTypes.Name).Value);
if (loggedUser == null)
{
return(BadRequest(new { message = "Użytkownik nie jest zalogowany" }));
}
if (String.IsNullOrEmpty(editCommentDto.NewContent))
{
return(BadRequest(new { message = "Nie można dodać pustego komentarza" }));
}
var comm = _commService.GetById(editCommentDto.CommentId);
if (comm == null)
{
return(BadRequest(new { message = "Komentarz nie istnieje" }));
}
if (loggedUser != comm.Author && loggedUser.GroupId != 1)
{
return(BadRequest(new { message = "Brak uprawnień do edycji komentarza" }));
}
_commService.Edit(editCommentDto.CommentId, editCommentDto.NewContent);
return(Ok());
}
catch (AppException ex)
{
// return error message if there was an exception
return(BadRequest(new { message = ex.Message }));
}
}
public void Should_Throw_If_Comment_To_Be_Edited_Does_Not_Exist()
{
// Setup
var wall = new Wall {
Id = 1, OrganizationId = 2
};
var post = new Post {
Id = 1, Wall = wall, WallId = wall.Id
};
var comments = new List <Comment>
{
new Comment {
Id = 1, AuthorId = "user1", Post = post
}
};
_commentsDbSet.SetDbSetDataForAsync(comments.AsQueryable());
var editCommentDto = new EditCommentDto
{
Id = 2,
MessageBody = "edited comment",
UserId = "user1",
OrganizationId = 2
};
// Act
// Assert
var ex = Assert.ThrowsAsync <ValidationException>(async() => await _commentService.EditCommentAsync(editCommentDto));
Assert.AreEqual(ErrorCodes.ContentDoesNotExist, ex.ErrorCode);
}
public async Task EditCommentAsync(EditCommentDto commentDto)
{
var comment = await _commentsDbSet
.Include(x => x.Post.Wall)
.FirstOrDefaultAsync(c => c.Id == commentDto.Id && c.Post.Wall.OrganizationId == commentDto.OrganizationId);
if (comment == null)
{
throw new ValidationException(ErrorCodes.ContentDoesNotExist, "Comment does not exist");
}
var isWallModerator = await _wallModeratorsDbSet
.AnyAsync(x => x.UserId == commentDto.UserId && x.WallId == comment.Post.WallId) || commentDto.UserId == comment.CreatedBy;
var isAdministrator = await _permissionService.UserHasPermissionAsync(commentDto, AdministrationPermissions.Post);
if (!isAdministrator && !isWallModerator)
{
throw new UnauthorizedException();
}
comment.MessageBody = commentDto.MessageBody;
comment.PictureId = commentDto.PictureId;
comment.LastEdit = DateTime.UtcNow;
await _uow.SaveChangesAsync(commentDto.UserId);
}
public ActionResult Put(int id, [FromBody] EditCommentDto dto)
{
dto.Id = id;
try
{
_editComment.Execute(dto);
return(StatusCode(204));
}
catch (EntityNotFoundException e) { return(NotFound(e.Message)); }
catch (Exception e) { return(StatusCode(500, e.Message)); }
}
public ActionResult EditComment(long id)
{
if (!ModelState.IsValid)
{
return(View());
}
EditCommentDto commentDto = _commentService.GetCommentById(id);
EditCommentViewModel model = commentDto == null
? new EditCommentViewModel()
: _mapper.Map <EditCommentDto, EditCommentViewModel>(commentDto);
return(View(model));
}
public void Execute(EditCommentDto request)
{
var comment = _context.Comments.SingleOrDefault(w => w.UserId == request.UserId && w.Id == request.Id);
if (comment == null)
{
throw new EntityNotFoundException("Comment");
}
comment.Comments = request.Comment;
_context.SaveChanges();
}
public void Execute(EditCommentDto request)
{
var comment = _context.Commnets.Find(request.Id);
if (comment == null)
throw new EntityNotFoundException("Comment");
comment.Text = request.Text;
comment.ModifiedOn = DateTime.Now;
_context.SaveChanges();
}
public void Should_Throw_If_User_Edits_Other_User_Comment()
{
// Setup
var wall = new Wall {
Id = 1, OrganizationId = 2
};
var post = new Post {
Id = 1, Wall = wall, WallId = wall.Id
};
var comments = new List <Comment>
{
new Comment {
Id = 1, AuthorId = "user1", Post = post
}
};
_commentsDbSet.SetDbSetDataForAsync(comments.AsQueryable());
var wallModerators = new List <WallModerator>
{
new WallModerator {
WallId = wall.Id, UserId = "user2"
}
};
_wallModeratorsDbSet.SetDbSetDataForAsync(wallModerators.AsQueryable());
var editCommentDto = new EditCommentDto
{
Id = 1,
MessageBody = "edited comment",
UserId = "user3",
OrganizationId = 2
};
_permissionService.UserHasPermissionAsync(editCommentDto, AdministrationPermissions.Post).Returns(false);
// Act
// Assert
Assert.ThrowsAsync <UnauthorizedException>(async() => await _commentService.EditCommentAsync(editCommentDto));
}
public async Task <IActionResult> PutComment([FromRoute] int id, [FromBody] EditCommentDto editCommentDto)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var editComment = await context.Comments.SingleOrDefaultAsync(comment => comment.Id == id);
if (id != editComment.Id)
{
return(BadRequest());
}
mapper.Map(editCommentDto, editComment);
editComment.ModifiedAt = DateTime.Now;
context.Entry(editComment).State = EntityState.Modified;
try
{
await context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!CommentExists(id))
{
return(NotFound());
}
else
{
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
}
context.Entry(editComment).Reference(c => c.User).Load();
var commentDtoFromDataBase = mapper.Map <Comment, CommentDto>(editComment);
await hubContext.Clients.Group(commentDtoFromDataBase.NewsId.ToString()).SendAsync("EditComment", commentDtoFromDataBase);
return(NoContent());
}
public async Task <IActionResult> PutComment(string id, EditCommentDto comment)
{
if (id != comment.CommentId)
{
return(BadRequest());
}
var currentUserId = HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier);
var currentUser = await _authRepo.FindUser(currentUserId);
var existingComment = await _context.Comments.FindAsync(id);
if (currentUserId != existingComment.UserId && currentUser.Role != Role.Admin)
{
return(Unauthorized());
}
existingComment.Text = comment.Text;
existingComment.UpdatedAt = DateTime.Now;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!CommentExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
public void UpdateComment(EditCommentDto editCommentDto)
{
var comment = _mapper.Map <Comment>(editCommentDto);
_commentRepository.UpdateComment(comment);
}
