FrigaT/PlaylistShared
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
37c997dbe09d1037fc4dad6c480dcb3d211523b1
PlaylistShared/PlaylistShared.Api/Controllers/SharedPlaylistController.cs
FrigaT 37c997dbe0 Добавьте файлы проекта.
2026-04-13 14:16:44 +03:00

71 lines
3.1 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using PlaylistShared.Api.Extensions;
using PlaylistShared.Api.Services;
using PlaylistShared.Shared.DTO;
using PlaylistShared.Shared.Models;
namespace PlaylistShared.Api.Controllers;
[ApiController]
[Route("api/[controller]")]
public class SharedPlaylistController : ControllerBase
{
private readonly SharedPlaylistService _sharedService;
private readonly YandexMusicService _yandexService;
public SharedPlaylistController(SharedPlaylistService sharedService, YandexMusicService yandexService)
{
_sharedService = sharedService;
_yandexService = yandexService;
}
[HttpPost]
[Authorize]
public async Task<ActionResult<ApiResponse<SharedPlaylistDto>>> Create([FromBody] SharePlaylistDto dto)
{
var userId = User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value;
if (string.IsNullOrEmpty(userId) || !Guid.TryParse(userId, out var guid))
return Unauthorized();
var result = await _sharedService.CreateAsync(guid, dto);
return Ok(ApiResponse<SharedPlaylistDto>.Ok(result));
}
[HttpGet("{token}")]
public async Task<ActionResult<ApiResponse<SharedPlaylistDto>>> GetByToken(string token)
{
var playlist = await _sharedService.GetByTokenAsync(token);
if (playlist == null)
return NotFound(ApiResponse<SharedPlaylistDto>.Fail(new ErrorResponse { StatusCode = 404, Message = "Плейлист не найден" }));
var currentUserId = User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value;
var userIdGuid = !string.IsNullOrEmpty(currentUserId) ? Guid.Parse(currentUserId) : (Guid?)null;
// Проверка прав просмотра (требует доступа к сущности)
var entity = await _sharedService.GetEntityByTokenAsync(token);
if (entity == null || !await _sharedService.CanViewAsync(entity, userIdGuid))
return Unauthorized(ApiResponse<SharedPlaylistDto>.Fail(new ErrorResponse { StatusCode = 401, Message = "Недостаточно прав" }));
return Ok(ApiResponse<SharedPlaylistDto>.Ok(playlist));
}
[HttpPut("{token}/permissions")]
[Authorize]
public async Task<ActionResult<ApiResponse<SharedPlaylistDto>>> UpdatePermissions(string token, [FromBody] UpdatePermissionsDto dto)
{
var userId = User.GetUserId();
var playlist = await _sharedService.GetEntityByTokenAsync(token);
if (playlist == null)
return NotFound(ApiResponse<SharedPlaylistDto>.Fail(new ErrorResponse { StatusCode = 404, Message = "Плейлист не найден" }));
if (playlist.CreatorUserId != userId)
return Forbid();
var updated = await _sharedService.UpdatePermissionsAsync(playlist.Id, dto);
if (updated == null)
return BadRequest(ApiResponse<SharedPlaylistDto>.Fail(new ErrorResponse { StatusCode = 400, Message = "Ошибка обновления прав" }));
return Ok(ApiResponse<SharedPlaylistDto>.Ok(updated));
}
}
Reference in New Issue View Git Blame Copy Permalink