IQBall
/
Dotnet-WebAPI
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add canEdit route
continuous-integration/drone/push Build is passing Details

Browse Source
shared-tactic
maxime 1 year ago
parent 2d6a7be4f2
commit 7714126252
3 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File

23
API/Controllers/TacticsController.cs
Unescape View File

@ -26,7 +26,7 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
[FromBody] UpdateNameRequest req) [FromBody] UpdateNameRequest req)
{ {
var userId = accessor.CurrentUserId(HttpContext); var userId = accessor.CurrentUserId(HttpContext);
if (!await service.HasAnyRights(userId, tacticId)) if (!await service.IsOwnerOf(userId, tacticId))
{ {
return Unauthorized(); return Unauthorized();
} }
@ -41,7 +41,7 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
public async Task<IActionResult> GetTacticInfo(int tacticId) public async Task<IActionResult> GetTacticInfo(int tacticId)
{ {
var userId = accessor.CurrentUserId(HttpContext); var userId = accessor.CurrentUserId(HttpContext);
if (!await service.HasAnyRights(userId, tacticId)) if (!await service.IsOwnerOf(userId, tacticId))
{ {
return Unauthorized(); return Unauthorized();
} }
@ -57,7 +57,7 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
public async Task<IActionResult> GetTacticStepsRoot(int tacticId) public async Task<IActionResult> GetTacticStepsRoot(int tacticId)
{ {
var userId = accessor.CurrentUserId(HttpContext); var userId = accessor.CurrentUserId(HttpContext);
if (!await service.HasAnyRights(userId, tacticId)) if (!await service.IsOwnerOf(userId, tacticId))
{ {
return Unauthorized(); return Unauthorized();
} }
@ -110,7 +110,7 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
{ {
var userId = accessor.CurrentUserId(HttpContext); var userId = accessor.CurrentUserId(HttpContext);
if (!await service.HasAnyRights(userId, tacticId)) if (!await service.IsOwnerOf(userId, tacticId))
{ {
return Unauthorized(); return Unauthorized();
} }
@ -125,7 +125,7 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
{ {
var userId = accessor.CurrentUserId(HttpContext); var userId = accessor.CurrentUserId(HttpContext);
if (!await service.HasAnyRights(userId, tacticId)) if (!await service.IsOwnerOf(userId, tacticId))
{ {
return Unauthorized(); return Unauthorized();
} }
@ -142,7 +142,7 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
public async Task<IActionResult> SaveStepContent(int tacticId, int stepId, [FromBody] SaveStepContentRequest req) public async Task<IActionResult> SaveStepContent(int tacticId, int stepId, [FromBody] SaveStepContentRequest req)
{ {
var userId = accessor.CurrentUserId(HttpContext); var userId = accessor.CurrentUserId(HttpContext);
if (!await service.HasAnyRights(userId, tacticId)) if (!await service.IsOwnerOf(userId, tacticId))
{ {
return Unauthorized(); return Unauthorized();
} }
@ -150,5 +150,14 @@ public class TacticController(ITacticService service, IContextAccessor accessor)
var found = await service.SetTacticStepContent(tacticId, stepId, JsonSerializer.Serialize(req.Content)); var found = await service.SetTacticStepContent(tacticId, stepId, JsonSerializer.Serialize(req.Content));
return found ? Ok() : NotFound(); return found ? Ok() : NotFound();
} }
public record CanEditResponse(bool CanEdit);
[HttpGet("/tactics/{tacticId:int}/can-edit")]
[Authorize]
public async Task<CanEditResponse> CanEdit(int tacticId)
{
var userId = accessor.CurrentUserId(HttpContext);
return new CanEditResponse(await service.IsOwnerOf(userId, tacticId));
}
} }

2
DbServices/DbTacticService.cs
Unescape View File

@ -18,7 +18,7 @@ public class DbTacticService(AppContext.AppContext context) : ITacticService
); );
} }
public async Task<bool> HasAnyRights(int userId, int tacticId) public async Task<bool> IsOwnerOf(int userId, int tacticId)
{ {
var tacticEntity = await context.Tactics.FirstOrDefaultAsync(u => u.Id == tacticId); var tacticEntity = await context.Tactics.FirstOrDefaultAsync(u => u.Id == tacticId);
if (tacticEntity == null) if (tacticEntity == null)

4
Services/ITacticService.cs
Unescape View File

@ -15,12 +15,12 @@ public interface ITacticService
Task<IEnumerable<Tactic>> ListTacticsOf(int userId); Task<IEnumerable<Tactic>> ListTacticsOf(int userId);
/// <summary> /// <summary>
/// Checks if the user has any rights to access the specified tactic. /// Checks if the userId corresponds to the tactic's owner identifier
/// </summary> /// </summary>
/// <param name="userId">The ID of the user.</param> /// <param name="userId">The ID of the user.</param>
/// <param name="tacticId">The ID of the tactic.</param> /// <param name="tacticId">The ID of the tactic.</param>
/// <returns>A task that represents the asynchronous operation. The task result contains a boolean indicating whether the user has rights.</returns> /// <returns>A task that represents the asynchronous operation. The task result contains a boolean indicating whether the user has rights.</returns>
Task<bool> HasAnyRights(int userId, int tacticId); Task<bool> IsOwnerOf(int userId, int tacticId);
/// <summary> /// <summary>
/// Adds a new tactic for the specified user. /// Adds a new tactic for the specified user.

Write Preview
Loading…
Cancel
Save