public async Task <Guid> CreateCommentReplyAsync(Guid userId, string slug, Guid parentEntityId, Guid replyingToComment, Comment comment, CancellationToken cancellationToken)
{
if (Guid.Empty == userId)
{
throw new ArgumentOutOfRangeException(nameof(userId));
}
if (string.IsNullOrEmpty(slug))
{
throw new ArgumentOutOfRangeException(nameof(slug));
}
var now = _systemClock.UtcNow.UtcDateTime;
var userCanPerformAction = await _permissionsService.UserCanPerformActionAsync(userId, slug, AddCommentRole, cancellationToken);
if (!userCanPerformAction)
{
_logger.LogError($"Error: CreateCommentAsync - User:{0} does not have access to group:{1}", userId, slug);
throw new SecurityException($"Error: User does not have access");
}
var threadId = await _commentCommand.GetThreadIdForComment(replyingToComment, cancellationToken);
if (!threadId.HasValue)
{
_logger.LogError($"Error: CreateCommentReplyAsync - Cannot find the original comment when replying to comment:{0} in discussion: {1}", replyingToComment, parentEntityId);
throw new SecurityException($"Error: User does not have access");
}
var entityId = Guid.NewGuid();
var commentDto = new CommentDto()
{
EntityId = entityId,
Content = comment.Content,
CreatedAtUTC = now,
CreatedBy = userId,
ModifiedBy = null,
ModifiedAtUTC = null,
FlaggedAsSpam = false,
InReplyTo = replyingToComment,
ThreadId = threadId,
IsDeleted = false,
DiscussionId = parentEntityId
};
var validator = new CommentValidator();
var validationResult = await validator.ValidateAsync(commentDto, cancellationToken);
if (validationResult.Errors.Count > 0)
{
throw new ValidationException(validationResult);
}
var createdComment = await _commentCommand.CreateCommentAsync(commentDto, cancellationToken);
_ = Task.Run(() => _commentNotificationService.SendNotificationToCommentCreatorAsync(userId, replyingToComment, cancellationToken), cancellationToken);
return(createdComment);
}
public async Task UpdateCommentAsync(Guid userId, string slug, Guid parentEntityId, Guid commentId, Comment comment, byte[] rowVersion, CancellationToken cancellationToken)
{
if (Guid.Empty == userId)
{
throw new ArgumentOutOfRangeException(nameof(userId));
}
if (string.IsNullOrEmpty(slug))
{
throw new ArgumentOutOfRangeException(nameof(slug));
}
if (Guid.Empty == parentEntityId)
{
throw new ArgumentOutOfRangeException(nameof(parentEntityId));
}
if (Guid.Empty == commentId)
{
throw new ArgumentOutOfRangeException(nameof(commentId));
}
var now = _systemClock.UtcNow.UtcDateTime;
var userCanAddComment = await _permissionsService.UserCanPerformActionAsync(userId, slug, AddCommentRole, cancellationToken);
if (!userCanAddComment)
{
_logger.LogError($"Forbidden: UpdateCommentAsync - User:{0} does not have access to group:{1}", userId, slug);
throw new ForbiddenException($"Forbidden: User does not have access to this group");
}
var userCanEditComment = await _permissionsService.UserCanPerformActionAsync(userId, slug, EditCommentRole, cancellationToken);
var databaseCommentDto = await _commentCommand.GetCommentAsync(commentId, cancellationToken);
if (databaseCommentDto.CreatedById != userId && !userCanEditComment)
{
_logger.LogError($"Forbidden: UpdateCommentAsync - User:{0} does not have permission to edit comment:{1}", userId, commentId);
throw new ForbiddenException("Forbidden: User does not have permission to edit this comment");
}
if (!databaseCommentDto.RowVersion.SequenceEqual(rowVersion))
{
_logger.LogError($"Precondition Failed: UpdateCommentAsync - Comment:{0} has changed prior to submission ", commentId);
throw new PreconditionFailedExeption("Precondition Failed: Comment has changed prior to submission");
}
var commentDto = new CommentDto()
{
EntityId = databaseCommentDto.Id,
Content = comment.Content,
ModifiedBy = userId,
ModifiedAtUTC = now,
};
var validator = new CommentValidator();
var validationResult = await validator.ValidateAsync(commentDto, cancellationToken);
if (validationResult.Errors.Count > 0)
{
throw new ValidationException(validationResult);
}
await _commentCommand.UpdateCommentAsync(commentDto, rowVersion, cancellationToken);
}