public async Task <ActionResult <PostLarge> > DeletePost(int postId)
{
var userGroup = User.FindFirst(ClaimTypes.Role)?.Value;
if (userGroup == "1")
{
var item = await _repo.GetPost(postId);
if (item == null)
{
return(NotFound());
}
}
else
{
var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (!int.TryParse(userId, out int uid))
{
return(BadRequest(new { error = "Unknow user ID." }));
}
var item = await _repo.GetPost(postId);
if (item == null)
{
return(NotFound());
}
if (item.UserId != uid)
{
return(Forbid());
}
}
return(PostLarge.FromPost(await _repo.DeletePost(postId), _imageServer));
}
public async Task <ActionResult <PostLarge> > GetPost(int postId)
{
var item = await _repo.GetPost(postId);
if (item == null)
{
return(NotFound());
}
return(PostLarge.FromPost(await _repo.GetPost(postId), _imageServer));
}
public async Task <ActionResult <PostLarge> > PostNew([FromBody] PostForUpload post)
{
var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (!int.TryParse(userId, out int uid))
{
return(BadRequest(new { error = "Unknow user ID." }));
}
post.UserId = uid;
return(PostLarge.FromPost(await _repo.SavePost(post), _imageServer));
}
public async Task <ActionResult <PostLarge> > EditPost(int postId, [FromBody] PostForUpload post)
{
var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (!int.TryParse(userId, out int uid))
{
return(BadRequest(new { error = "Unknow user ID." }));
}
var item = await _repo.GetPost(postId);
if (item == null)
{
return(NotFound());
}
if (item.UserId != uid)
{
return(Forbid());
}
return(PostLarge.FromPost(await _repo.UpdatePost(postId, post), _imageServer));
}
