public IActionResult Delete(string id)
{
var post = _postRepository.GetById(id);
if (post == null)
{
return(NotFound(new Message("No such post with this id: " + id)));
}
//Check if post is being deleted by its owner or by admin
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, post.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Update table
if (_postRepository.Delete(post))
{
return(Ok(new Message("Post with title: " + post.Title + " and with id: " + post.Id + " deleted Successfully")));
}
return(BadRequest(new Message("Error when updating post")));
}
public IActionResult GetByOwnerId(string ownerId,
[FromQuery] int limit,
[FromQuery] bool oldest)
{
//Check if request is sent by owner of the posts or by admin
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, ownerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Create queryable object for limitations and order specifications
var postsQueryable = _postRepository.Where(p => p.OwnerId == ownerId);
//Order
postsQueryable = oldest ? postsQueryable.OrderBy(p => p.SubmitTime) : postsQueryable.OrderByDescending(p => p.SubmitTime);
//Limitation
if (limit > 0)
{
postsQueryable = postsQueryable.Take(limit);
}
return(Ok(postsQueryable.Select(p => _mapper.Map <PostOutDto>(p))));
}
public ActionResult <UserOutDto> Get(string id,
[FromQuery] bool posts,
[FromQuery] bool likedPosts,
[FromQuery] bool followings,
[FromQuery] bool followers,
[FromQuery] bool category)
{
//Check if token is given by admin or authorized user
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Initialize a queryable object for further include operations.
var userQueryable = _userRepository.Where(u => u.Id == id);
var rawUser = userQueryable.FirstOrDefault();
//Check if there exists a user with given id
if (rawUser == null)
{
return(NotFound(new Message("No such user with this id: " + id)));
}
if (posts)
{
userQueryable = userQueryable.Include(u => u.Posts);
}
if (likedPosts)
{
userQueryable = userQueryable.Include(u => u.LikedPosts).ThenInclude(lp => lp.Post);
}
if (followings)
{
userQueryable = userQueryable.Include(u => u.Followings).ThenInclude(uf => uf.Followed);
}
if (followers)
{
userQueryable = userQueryable.Include(u => u.Followers).ThenInclude(uf => uf.Follower);
}
if (category)
{
userQueryable = userQueryable.Include(u => u.InterestedCategories).ThenInclude(ic => ic.Category);
}
//Get the user object
var user = userQueryable.FirstOrDefault();
//Prepare dto object
var userOutDto = _mapper.Map <UserOutDto>(user);
return(userOutDto);
}
public IActionResult GetAll()
{
//If request is not sent by admin, finish here
if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
return(Ok(_commentRepository.All().Select(c => _mapper.Map <CommentOutDto>(c))));
}
public IActionResult GetAll()
{
//Check if token is given by admin
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
return(Ok(_userRepository.All().Select(u => _mapper.Map <UserOutDto>(u))));
}
public IActionResult GetAll()
{
//Check if request is sent by admin
var tokenUser = HttpContext.User;
//Check if request is sent by admin.
if (!AuthorizationHelpers.IsAdmin(tokenUser))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
return(Ok(_categoryRepository.All().OrderBy(c => c.Name).Select(c => _mapper.Map <CategoryOutDto>(c)).OrderBy(c => c.Name)));
}
public ActionResult <CategoryOutDto> Create([FromBody] CategoryInDto categoryInDto)
{
//Check if inputs are valid
if (string.IsNullOrEmpty(categoryInDto.ImageUrl))
{
return(BadRequest(new Message("Please give valid image Url")));
}
if (string.IsNullOrEmpty(categoryInDto.Name))
{
return(BadRequest(new Message("Please give valid name")));
}
if (string.IsNullOrEmpty(categoryInDto.ParentId))
{
return(BadRequest(new Message("Please give valid parent Id")));
}
//Check if request is sent by admin.
if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (_mainCategoryRepository.GetById(categoryInDto.ParentId) == null)
{
return(BadRequest(new Message("There is no main category with id: " + categoryInDto.ParentId)));
}
var categoryIn = _mapper.Map <Category>(categoryInDto);
if (_categoryRepository.Add(categoryIn))
{
var categoryOutDto = _mapper.Map <CategoryOutDto>(categoryIn);
return(Ok(categoryOutDto));
}
return(BadRequest(new Message("Error when creating category")));
}
public ActionResult <CategoryOutDto> Update(string id, [FromBody] CategoryInDto categoryInDto)
{
//Check if request is sent by admin.
if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Check if there exists a category with given id
var category = _categoryRepository.GetById(id);
if (category == null)
{
return(NotFound(new Message("No such category with this id: " + id)));
}
if (!string.IsNullOrWhiteSpace(categoryInDto.ImageUrl))
{
category.ImageUrl = categoryInDto.ImageUrl;
}
if (!string.IsNullOrWhiteSpace(categoryInDto.Name))
{
category.Name = categoryInDto.Name;
}
if (!string.IsNullOrWhiteSpace(categoryInDto.ParentId))
{
category.ParentId = categoryInDto.ParentId;
}
//Update category
if (_categoryRepository.Update(category))
{
var categoryOutDto = _mapper.Map <CategoryOutDto>(category);
return(Ok(categoryOutDto));
}
return(BadRequest(new Message("Error when updating category")));
}
public ActionResult <CommentOutDto> Get(string id,
[FromQuery] bool owner,
[FromQuery] bool post)
{
//If request is not sent by admin, finish here
if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Initialize a queryable object for further include operations.
var commentQueryable = _commentRepository.Where(c => c.Id == id);
var commentRaw = commentQueryable.FirstOrDefault();
//Check if there exists a category with given id
if (commentRaw == null)
{
return(NotFound(new Message("No such comment with this id: " + id)));
}
if (owner)
{
commentQueryable = commentQueryable.Include(c => c.Owner);
}
if (post)
{
commentQueryable = commentQueryable.Include(c => c.Post);
}
//Get comment object
var comment = commentQueryable.FirstOrDefault();
var commentOutDto = _mapper.Map <CommentOutDto>(comment);
return(Ok(commentOutDto));
}
public IActionResult Delete(string id)
{
//Check if request is sent by admin.
if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
var mainCategory = _mainCategoryRepository.GetById(id);
if (mainCategory == null)
{
return(NotFound(new Message("There is no main category with id: " + id)));
}
if (_mainCategoryRepository.Delete(mainCategory))
{
return(Ok(new Message("Main category with name: " + mainCategory.Name + " and with id: " + mainCategory.Id +
" is deleted successfully")));
}
return(BadRequest(new Message("Error when updating main category with id: " + id)));
}
public IActionResult Delete(string id)
{
//Check if request is sent by admin.
if (!AuthorizationHelpers.IsAdmin(HttpContext.User))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
var category = _categoryRepository.GetById(id);
//Check if there exists a category with given id
if (category == null)
{
return(NotFound(new Message("No such category with this id: " + id)));
}
//Update table
if (_categoryRepository.Delete(category))
{
return(Ok(new Message("Category with name: " + category.Name + " and id: " + category.Id + "Deleted Successfully")));
}
return(BadRequest(new Message("Error when deleting category with id: " + id)));
}
public IActionResult Delete(string id)
{
//Get comment from table
var comment = _commentRepository.GetById(id);
//Check if such comment exists
if (comment == null)
{
return(BadRequest(new Message("The comment with id: " + id + " doesn't exist.")));
}
var tokenUser = HttpContext.User;
//If request is not sent by owner or by admin, finish here
if (!AuthorizationHelpers.IsAuthorizedUser(tokenUser, comment.OwnerId) && !AuthorizationHelpers.IsAdmin(tokenUser))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
//Update table
if (_commentRepository.Delete(comment))
{
return(Ok(new Message("Comment with id: " + id + " deleted successfully")));
}
return(BadRequest(new Message("Error when deleting comment with id: " + id)));
}
public ActionResult <UserOutDto> Update(string id, [FromBody] UserUpdateDto userDto)
{
var userOld = _userRepository.GetById(id);
if (userOld == null)
{
return(NotFound(new Message("No such user with this id: " + id)));
}
//Check if token is given by admin or authorized user
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, id))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (!string.IsNullOrWhiteSpace(userDto.BirthDate))
{
userOld.BirthDate = userDto.BirthDate;
}
if (!string.IsNullOrWhiteSpace(userDto.Description))
{
userOld.Description = userDto.Description;
}
if (!string.IsNullOrWhiteSpace(userDto.FacebookLink))
{
userOld.FacebookLink = userDto.FacebookLink;
}
if (!string.IsNullOrWhiteSpace(userDto.InstagramLink))
{
userOld.InstagramLink = userDto.InstagramLink;
}
if (!string.IsNullOrWhiteSpace(userDto.LinkedinLink))
{
userOld.LinkedinLink = userDto.LinkedinLink;
}
if (!string.IsNullOrWhiteSpace(userDto.Theme))
{
userOld.Theme = userDto.Theme;
}
if (!string.IsNullOrWhiteSpace(userDto.TwitterLink))
{
userOld.TwitterLink = userDto.TwitterLink;
}
if (!string.IsNullOrWhiteSpace(userDto.Password))
{
UserHelpers.CreatePasswordHash(userDto.Password, out var passwordHash, out var passwordSalt);
userOld.PasswordHash = passwordHash;
userOld.PasswordSalt = passwordSalt;
}
if (_userRepository.Update(userOld))
{
var userOutDto = _mapper.Map <UserOutDto>(userOld);
return(userOutDto);
}
return(BadRequest(new Message("Error when updating user.")));
}
public ActionResult <PostOutDto> Get(string id,
[FromQuery] bool owner,
[FromQuery] bool comment,
[FromQuery] bool category,
[FromQuery] bool like)
{
//Initialize a queryable object for further include operations.
var postQueryable = _postRepository.Where(p => p.Id == id);
var rawPost = postQueryable.FirstOrDefault();
//Check if there exists a post with given id
if (rawPost == null)
{
return(NotFound(new Message("No such post with this id: " + id)));
}
//Check if token is given by admin or owner of the post
var tokenUser = HttpContext.User;
if (!AuthorizationHelpers.IsAdmin(tokenUser) && !AuthorizationHelpers.IsAuthorizedUser(tokenUser, rawPost.OwnerId))
{
return(Unauthorized(new Message("Unauthorized user.")));
}
if (owner)
{
postQueryable = postQueryable.Include(p => p.Owner);
}
if (comment)
{
postQueryable = postQueryable.Include(p => p.Comments);
}
if (category)
{
postQueryable = postQueryable.Include(p => p.Category);
}
if (like)
{
postQueryable = postQueryable.Include(p => p.LikedUsers).ThenInclude(lu => lu.User);
}
//Get the post object
var post = postQueryable.FirstOrDefault();
//Find previous post with submit date
var prevPost = _postRepository.Where(p => p.OwnerId == post.OwnerId && p.SubmitTime < post.SubmitTime)
.FirstOrDefault();
var prevPostOutDto = _mapper.Map <PostOutDto>(prevPost);
//Find next post with submit date
var nextPost = _postRepository.Where(p => p.OwnerId == post.OwnerId && p.SubmitTime > post.SubmitTime)
.FirstOrDefault();
var nextPostOutDto = _mapper.Map <PostOutDto>(nextPost);
//Prepare post dto
var postOutDto = _mapper.Map <PostOutDto>(post);
postOutDto.PreviousPost = prevPostOutDto;
postOutDto.NextPost = nextPostOutDto;
return(postOutDto);
}