aboutsummaryrefslogtreecommitdiff
path: root/src/DevHive.Services
diff options
context:
space:
mode:
authorDanail Dimitrov <danaildimitrov321@gmail.com>2021-01-03 21:49:47 +0200
committerDanail Dimitrov <danaildimitrov321@gmail.com>2021-01-03 21:49:47 +0200
commitbe9c9e7721610536259f1ea997c259956c894bbd (patch)
tree57db31d4fe42376d3e45cfba59d4b6bd21ec1329 /src/DevHive.Services
parent278130d86378a6b2db6ba443631f303fb7d7e207 (diff)
downloadDevHive-be9c9e7721610536259f1ea997c259956c894bbd.tar
DevHive-be9c9e7721610536259f1ea997c259956c894bbd.tar.gz
DevHive-be9c9e7721610536259f1ea997c259956c894bbd.zip
added user validation for deleting and updating comments
Diffstat (limited to 'src/DevHive.Services')
-rw-r--r--src/DevHive.Services/Services/PostService.cs43
1 files changed, 42 insertions, 1 deletions
diff --git a/src/DevHive.Services/Services/PostService.cs b/src/DevHive.Services/Services/PostService.cs
index 0c0fd5c..b2ea694 100644
--- a/src/DevHive.Services/Services/PostService.cs
+++ b/src/DevHive.Services/Services/PostService.cs
@@ -1,21 +1,26 @@
using System;
+using System.Collections.Generic;
using System.Threading.Tasks;
using AutoMapper;
using DevHive.Data.Models;
using DevHive.Data.Repositories;
using DevHive.Services.Models.Post.Comment;
using DevHive.Services.Models.Post.Post;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
namespace DevHive.Services.Services
{
public class PostService
{
private readonly PostRepository _postRepository;
+ private readonly UserRepository _userRepository;
private readonly IMapper _postMapper;
- public PostService(PostRepository postRepository, IMapper postMapper)
+ public PostService(PostRepository postRepository, UserRepository userRepository , IMapper postMapper)
{
this._postRepository = postRepository;
+ this._userRepository = userRepository;
this._postMapper = postMapper;
}
@@ -94,5 +99,41 @@ namespace DevHive.Services.Services
return result;
}
+
+ //Validate
+ public async Task<bool> ValidateJwtForComment(Guid commentId, string rawTokenData)
+ {
+ Comment comment = await this._postRepository.GetCommentByIdAsync(commentId);
+ User user = await this.GetUserForValidation(rawTokenData);
+
+ if (comment.IssuerId != user.Id)
+ return false;
+
+ return true;
+ }
+
+ private async Task<User> GetUserForValidation(string rawTokenData)
+ {
+ var jwt = new JwtSecurityTokenHandler().ReadJwtToken(rawTokenData.Remove(0, 7));
+
+ string jwtUserName = this.GetClaimTypeValues("unique_name", jwt.Claims)[0];
+ //List<string> jwtRoleNames = this.GetClaimTypeValues("role", jwt.Claims);
+
+ User user = await this._userRepository.GetByUsername(jwtUserName)
+ ?? throw new ArgumentException("User does not exist!");
+
+ return user;
+ }
+
+ private List<string> GetClaimTypeValues(string type, IEnumerable<Claim> claims)
+ {
+ List<string> toReturn = new();
+
+ foreach(var claim in claims)
+ if (claim.Type == type)
+ toReturn.Add(claim.Value);
+
+ return toReturn;
+ }
}
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-16 10:35:23 +0000