public async Task <IActionResult> EditComment(int commentId, [FromBody] Comment comment)
{
try
{
var token = Request.Headers["Authorization"].ToString();
var updatedEntry = await CommentService.GetByIdAsync <Comment>(commentId);
if (updatedEntry == null)
{
return(NotFound());
}
if (JwtHelper.CheckIfUserIsMember(token) && updatedEntry.PublishedById != JwtHelper.GetUserIdFromJwt(token))
{
return(Forbid());
}
if (JwtHelper.CheckIfUserIsModerator(token))
{
var news = await NewsService.GetByIdAsync <News>(comment.NewsId);
if (news.PublishedById != JwtHelper.GetUserIdFromJwt(token))
{
return(Forbid());
}
}
await CommentService.UpdateAsync(commentId, comment);
if (!string.IsNullOrEmpty(token))
{
await CommentService.UpdateLastEdit <Comment>(commentId, JwtHelper.GetUserIdFromJwt(token), JwtHelper.GetUserNameFromJwt(token));
}
return(Ok(new Response
{
Status = ResponseType.Successful,
Value = comment
}));
}
catch
{
return(Ok(new Response {
Status = ResponseType.Failed
}));
}
}
public async Task <IActionResult> DeleteComment(int commentId)
{
try
{
var token = Request.Headers["Authorization"].ToString();
var deletedEntry = await CommentService.GetByIdAsync <Comment>(commentId);
if (deletedEntry == null)
{
return(NotFound());
}
if (JwtHelper.CheckIfUserIsMember(token) && deletedEntry.PublishedById != JwtHelper.GetUserIdFromJwt(token))
{
return(Forbid());
}
if (JwtHelper.CheckIfUserIsModerator(token))
{
var news = await NewsService.GetByIdAsync <News>(deletedEntry.NewsId);
if (news.PublishedById != JwtHelper.GetUserIdFromJwt(token))
{
return(Forbid());
}
}
await CommentService.Delete <Comment>(commentId);
return(Ok(new Response {
Status = ResponseType.Successful
}));
}
catch
{
return(Ok(new Response {
Status = ResponseType.Failed
}));
}
}