public async Task <User> createUser(Int64 tokenId, string email, string displayName, string password, int role)
{
var token = await quickGetToken(tokenId);
var userRole = new UserRole(token.User.RawRole);
if (!userRole.IsAdmin)
{
throw AutoApiError.Unauthorised();
}
if (string.IsNullOrWhiteSpace(email))
{
throw AutoApiError.InvalidParam("email");
}
if (string.IsNullOrWhiteSpace(password))
{
throw AutoApiError.InvalidParam("password");
}
if (!UserRole.RoleIsValid(role))
{
throw AutoApiError.InvalidParam("role");
}
try
{
var user = await UserTasks.CreateUserAsync(_context, token, email, displayName, password, role);
if (user == null)
{
throw AutoApiError.ServerError("Create user failed unexpectedly.");
}
return(user.CloneForExport());
}
catch (Exception ex)
{
if (ex.Message == "Unauthorised")
{
throw AutoApiError.Unauthorised();
}
throw;
}
}
private async Task <Post> ChangePostAsync(Int64 tokenId, int postId, Action <Post, bool> callback)
{
var token = await quickGetToken(tokenId);
var role = new UserRole(token.User.RawRole);
var post = await(from p in _context.posts
where p.Id == postId
select p).FirstOrDefaultAsync();
if (post == null)
{
throw AutoApiError.NotFound();
}
bool mayChange = (post.UserId != null && post.UserId == token.UserId) ||
role.IsAdmin;
if (!mayChange)
{
throw AutoApiError.Unauthorised();
}
try
{
callback(post, role.IsAdmin);
}
catch (Exception ex)
{
if (ex is AutoApiError)
{
throw;
}
throw AutoApiError.ServerError(ex.Message);
}
post.Modified = DateTime.Now;
_context.Update(post);
await _context.SaveChangesAsync();
return(post.CloneForExport());
}