Added initial implmementation of AddFriendfix_friends_authorization

1 files changed, 20 insertions, 0 deletions

diff --git a/src/Web/DevHive.Web/Controllers/UserController.cs b/src/Web/DevHive.Web/Controllers/UserController.cs
index 4d01447..2ed8e54 100644
--- a/src/Web/DevHive.Web/Controllers/UserController.cs
+++ b/src/Web/DevHive.Web/Controllers/UserController.cs
@@ -133,6 +133,26 @@ namespace DevHive.Web.Controllers
 		}
 		#endregion
 
+		#region Friends
+		[HttpPost]
+		[Route("AddFriend")]
+		[Authorize(Roles = "User,Admin")]
+		public async Task<IActionResult> AddFriend(Guid id, [FromBody] UpdateFriendWebModel updateFriendWebModel, [FromHeader] string authorization)
+		{
+			if (!this._jwtService.ValidateToken(id, authorization))
+				return new UnauthorizedResult();
+
+			UpdateFriendServiceModel updateFriendServiceModel = this._userMapper.Map<UpdateFriendServiceModel>(updateFriendWebModel);
+
+			bool result = await this._userService.AddFriend(id, updateFriendServiceModel);
+
+			if (!result)
+				return new BadRequestObjectResult("Could not add User as a friend");
+
+			return new OkResult();
+		}
+		#endregion
+
 		#region Delete
 		/// <summary>
 		/// Delete a User with his Id. A PUSTINQK can only delete his account. An Admin can delete all accounts