601 lines
		
	
	
		
			21 KiB
		
	
	
	
		
			C#
		
	
	
	
	
	
			
		
		
	
	
			601 lines
		
	
	
		
			21 KiB
		
	
	
	
		
			C#
		
	
	
	
	
	
| using System.ComponentModel.DataAnnotations;
 | |
| using DysonNetwork.Shared.Models;
 | |
| using DysonNetwork.Shared.Permission;
 | |
| using DysonNetwork.Shared.Services;
 | |
| using DysonNetwork.Sphere.Realm;
 | |
| using DysonNetwork.Sphere.Storage;
 | |
| using Microsoft.AspNetCore.Authorization;
 | |
| using Microsoft.AspNetCore.Mvc;
 | |
| using Microsoft.EntityFrameworkCore;
 | |
| using NodaTime;
 | |
| 
 | |
| namespace DysonNetwork.Sphere.Publisher;
 | |
| 
 | |
| [ApiController]
 | |
| [Route("/publishers")]
 | |
| public class PublisherController(
 | |
|     AppDatabase db,
 | |
|     PublisherService ps,
 | |
|     FileReferenceService fileRefService,
 | |
|     IAccountService accounts,
 | |
|     IActionLogService als
 | |
| )
 | |
|     : ControllerBase
 | |
| {
 | |
|     [HttpGet("{name}")]
 | |
|     public async Task<ActionResult<Shared.Models.Publisher>> GetPublisher(string name)
 | |
|     {
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(e => e.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
|         if (publisher.AccountId is null) return Ok(publisher);
 | |
| 
 | |
|         var account = await accounts.GetAccountById(publisher.AccountId.Value, true);
 | |
|         publisher.Account = account;
 | |
| 
 | |
|         return Ok(publisher);
 | |
|     }
 | |
| 
 | |
|     [HttpGet("{name}/stats")]
 | |
|     public async Task<ActionResult<PublisherService.PublisherStats>> GetPublisherStats(string name)
 | |
|     {
 | |
|         var stats = await ps.GetPublisherStats(name);
 | |
|         if (stats is null) return NotFound();
 | |
|         return Ok(stats);
 | |
|     }
 | |
| 
 | |
|     [HttpGet]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<List<Shared.Models.Publisher>>> ListManagedPublishers()
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var members = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.JoinedAt != null)
 | |
|             .Include(e => e.Publisher)
 | |
|             .ToListAsync();
 | |
| 
 | |
|         return members.Select(m => m.Publisher).ToList();
 | |
|     }
 | |
| 
 | |
|     [HttpGet("invites")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<List<PublisherMember>>> ListInvites()
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var members = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.JoinedAt == null)
 | |
|             .Include(e => e.Publisher)
 | |
|             .ToListAsync();
 | |
| 
 | |
|         return members.ToList();
 | |
|     }
 | |
| 
 | |
|     public class PublisherMemberRequest
 | |
|     {
 | |
|         [Required] public Guid RelatedUserId { get; set; }
 | |
|         [Required] public PublisherMemberRole Role { get; set; }
 | |
|     }
 | |
| 
 | |
|     [HttpPost("invites/{name}")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<PublisherMember>> InviteMember(string name,
 | |
|         [FromBody] PublisherMemberRequest request)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var relatedUser = await accounts.GetAccountById(request.RelatedUserId);
 | |
|         if (relatedUser is null) return BadRequest("Related user was not found");
 | |
| 
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         if (!await ps.IsMemberWithRole(publisher.Id, currentUser.Id, request.Role))
 | |
|             return StatusCode(403, "You cannot invite member has higher permission than yours.");
 | |
| 
 | |
|         var newMember = new PublisherMember
 | |
|         {
 | |
|             AccountId = relatedUser.Id,
 | |
|             PublisherId = publisher.Id,
 | |
|             Role = request.Role,
 | |
|         };
 | |
| 
 | |
|         db.PublisherMembers.Add(newMember);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherMemberInvite,
 | |
|             new Dictionary<string, object>
 | |
|             {
 | |
|                 { "publisher_id", publisher.Id },
 | |
|                 { "account_id", relatedUser.Id }
 | |
|             },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return Ok(newMember);
 | |
|     }
 | |
| 
 | |
|     [HttpPost("invites/{name}/accept")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<Shared.Models.Publisher>> AcceptMemberInvite(string name)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var member = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.Publisher.Name == name)
 | |
|             .Where(m => m.JoinedAt == null)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (member is null) return NotFound();
 | |
| 
 | |
|         member.JoinedAt = Instant.FromDateTimeUtc(DateTime.UtcNow);
 | |
|         db.Update(member);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherMemberJoin,
 | |
|             new Dictionary<string, object> { { "account_id", member.AccountId } },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return Ok(member);
 | |
|     }
 | |
| 
 | |
|     [HttpPost("invites/{name}/decline")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult> DeclineMemberInvite(string name)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var member = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.Publisher.Name == name)
 | |
|             .Where(m => m.JoinedAt == null)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (member is null) return NotFound();
 | |
| 
 | |
|         db.PublisherMembers.Remove(member);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherMemberLeave,
 | |
|             new Dictionary<string, object> { { "account_id", member.AccountId } },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return NoContent();
 | |
|     }
 | |
| 
 | |
|     [HttpDelete("{name}/members/{memberId:guid}")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult> RemoveMember(string name, Guid memberId)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
| 
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var member = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == memberId)
 | |
|             .Where(m => m.PublisherId == publisher.Id)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (member is null) return NotFound("Member was not found");
 | |
|         if (!await ps.IsMemberWithRole(publisher.Id, currentUser.Id, PublisherMemberRole.Manager))
 | |
|             return StatusCode(403, "You need at least be a manager to remove members from this publisher.");
 | |
| 
 | |
|         db.PublisherMembers.Remove(member);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherMemberKick,
 | |
|             new Dictionary<string, object>
 | |
|             {
 | |
|                 { "publisher_id", publisher.Id },
 | |
|                 { "account_id", memberId }
 | |
|             },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return NoContent();
 | |
|     }
 | |
| 
 | |
|     public class PublisherRequest
 | |
|     {
 | |
|         [MaxLength(256)] public string? Name { get; set; }
 | |
|         [MaxLength(256)] public string? Nick { get; set; }
 | |
|         [MaxLength(4096)] public string? Bio { get; set; }
 | |
| 
 | |
|         public string? PictureId { get; set; }
 | |
|         public string? BackgroundId { get; set; }
 | |
|     }
 | |
| 
 | |
|     [HttpPost("individual")]
 | |
|     [Authorize]
 | |
|     [DysonNetwork.Shared.Permission.RequiredPermission("global", "publishers.create")]
 | |
|     public async Task<ActionResult<Shared.Models.Publisher>> CreatePublisherIndividual(
 | |
|         [FromBody] PublisherRequest request)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
| 
 | |
|         var takenName = request.Name ?? currentUser.Name;
 | |
|         var duplicateNameCount = await db.Publishers
 | |
|             .Where(p => p.Name == takenName)
 | |
|             .CountAsync();
 | |
|         if (duplicateNameCount > 0)
 | |
|             return BadRequest(
 | |
|                 "The name you requested has already be taken, " +
 | |
|                 "if it is your account name, " +
 | |
|                 "you can request a taken down to the publisher which created with " +
 | |
|                 "your name firstly to get your name back."
 | |
|             );
 | |
| 
 | |
|         CloudFile? picture = null, background = null;
 | |
|         if (request.PictureId is not null)
 | |
|         {
 | |
|             picture = await db.Files.Where(f => f.Id == request.PictureId).FirstOrDefaultAsync();
 | |
|             if (picture is null) return BadRequest("Invalid picture id, unable to find the file on cloud.");
 | |
|         }
 | |
| 
 | |
|         if (request.BackgroundId is not null)
 | |
|         {
 | |
|             background = await db.Files.Where(f => f.Id == request.BackgroundId).FirstOrDefaultAsync();
 | |
|             if (background is null) return BadRequest("Invalid background id, unable to find the file on cloud.");
 | |
|         }
 | |
| 
 | |
|         var publisher = await ps.CreateIndividualPublisher(
 | |
|             currentUser,
 | |
|             request.Name,
 | |
|             request.Nick,
 | |
|             request.Bio,
 | |
|             picture,
 | |
|             background
 | |
|         );
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherCreate,
 | |
|             new Dictionary<string, object> { { "publisher_id", publisher.Id } },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return Ok(publisher);
 | |
|     }
 | |
| 
 | |
|     [HttpPost("organization/{realmSlug}")]
 | |
|     [Authorize]
 | |
|     [DysonNetwork.Shared.Permission.RequiredPermission("global", "publishers.create")]
 | |
|     public async Task<ActionResult<Shared.Models.Publisher>> CreatePublisherOrganization(string realmSlug,
 | |
|         [FromBody] PublisherRequest request)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
| 
 | |
|         var realm = await db.Realms.FirstOrDefaultAsync(r => r.Slug == realmSlug);
 | |
|         if (realm == null) return NotFound("Realm not found");
 | |
| 
 | |
|         var isAdmin = await db.RealmMembers
 | |
|             .AnyAsync(m =>
 | |
|                 m.RealmId == realm.Id && m.AccountId == currentUser.Id && m.Role >= RealmMemberRole.Moderator);
 | |
|         if (!isAdmin)
 | |
|             return StatusCode(403, "You need to be a moderator of the realm to create an organization publisher");
 | |
| 
 | |
|         var takenName = request.Name ?? realm.Slug;
 | |
|         var duplicateNameCount = await db.Publishers
 | |
|             .Where(p => p.Name == takenName)
 | |
|             .CountAsync();
 | |
|         if (duplicateNameCount > 0)
 | |
|             return BadRequest("The name you requested has already been taken");
 | |
| 
 | |
|         CloudFile? picture = null, background = null;
 | |
|         if (request.PictureId is not null)
 | |
|         {
 | |
|             picture = await db.Files.Where(f => f.Id == request.PictureId).FirstOrDefaultAsync();
 | |
|             if (picture is null) return BadRequest("Invalid picture id, unable to find the file on cloud.");
 | |
|         }
 | |
| 
 | |
|         if (request.BackgroundId is not null)
 | |
|         {
 | |
|             background = await db.Files.Where(f => f.Id == request.BackgroundId).FirstOrDefaultAsync();
 | |
|             if (background is null) return BadRequest("Invalid background id, unable to find the file on cloud.");
 | |
|         }
 | |
| 
 | |
|         var publisher = await ps.CreateOrganizationPublisher(
 | |
|             realm,
 | |
|             currentUser,
 | |
|             request.Name,
 | |
|             request.Nick,
 | |
|             request.Bio,
 | |
|             picture,
 | |
|             background
 | |
|         );
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherCreate,
 | |
|             new Dictionary<string, object> { { "publisher_id", publisher.Id } },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return Ok(publisher);
 | |
|     }
 | |
| 
 | |
| 
 | |
|     [HttpPatch("{name}")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<Shared.Models.Publisher>> UpdatePublisher(string name, PublisherRequest request)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var member = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.PublisherId == publisher.Id)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (member is null) return StatusCode(403, "You are not even a member of the targeted publisher.");
 | |
|         if (member.Role < PublisherMemberRole.Manager)
 | |
|             return StatusCode(403, "You need at least be the manager to update the publisher profile.");
 | |
| 
 | |
|         if (request.Name is not null) publisher.Name = request.Name;
 | |
|         if (request.Nick is not null) publisher.Nick = request.Nick;
 | |
|         if (request.Bio is not null) publisher.Bio = request.Bio;
 | |
|         if (request.PictureId is not null)
 | |
|         {
 | |
|             var picture = await db.Files.Where(f => f.Id == request.PictureId).FirstOrDefaultAsync();
 | |
|             if (picture is null) return BadRequest("Invalid picture id.");
 | |
| 
 | |
|             // Remove old references for the publisher picture
 | |
|             if (publisher.Picture is not null)
 | |
|             {
 | |
|                 await fileRefService.DeleteResourceReferencesAsync(publisher.ResourceIdentifier, "publisher.picture");
 | |
|             }
 | |
| 
 | |
|             publisher.Picture = picture.ToReferenceObject();
 | |
| 
 | |
|             // Create a new reference
 | |
|             await fileRefService.CreateReferenceAsync(
 | |
|                 picture.Id,
 | |
|                 "publisher.picture",
 | |
|                 publisher.ResourceIdentifier
 | |
|             );
 | |
|         }
 | |
| 
 | |
|         if (request.BackgroundId is not null)
 | |
|         {
 | |
|             var background = await db.Files.Where(f => f.Id == request.BackgroundId).FirstOrDefaultAsync();
 | |
|             if (background is null) return BadRequest("Invalid background id.");
 | |
| 
 | |
|             // Remove old references for the publisher background
 | |
|             if (publisher.Background is not null)
 | |
|             {
 | |
|                 await fileRefService.DeleteResourceReferencesAsync(publisher.ResourceIdentifier,
 | |
|                     "publisher.background");
 | |
|             }
 | |
| 
 | |
|             publisher.Background = background.ToReferenceObject();
 | |
| 
 | |
|             // Create a new reference
 | |
|             await fileRefService.CreateReferenceAsync(
 | |
|                 background.Id,
 | |
|                 "publisher.background",
 | |
|                 publisher.ResourceIdentifier
 | |
|             );
 | |
|         }
 | |
| 
 | |
|         db.Update(publisher);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherUpdate,
 | |
|             new Dictionary<string, object> { { "publisher_id", publisher.Id } },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return Ok(publisher);
 | |
|     }
 | |
| 
 | |
|     [HttpDelete("{name}")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<Shared.Models.Publisher>> DeletePublisher(string name)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .Include(publisher => publisher.Picture)
 | |
|             .Include(publisher => publisher.Background)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var member = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.PublisherId == publisher.Id)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (member is null) return StatusCode(403, "You are not even a member of the targeted publisher.");
 | |
|         if (member.Role < PublisherMemberRole.Owner)
 | |
|             return StatusCode(403, "You need to be the owner to delete the publisher.");
 | |
| 
 | |
|         var publisherResourceId = $"publisher:{publisher.Id}";
 | |
| 
 | |
|         // Delete all file references for this publisher
 | |
|         await fileRefService.DeleteResourceReferencesAsync(publisherResourceId);
 | |
| 
 | |
|         db.Publishers.Remove(publisher);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         await als.CreateActionLogFromRequest(
 | |
|             ActionLogType.PublisherDelete,
 | |
|             new Dictionary<string, object> { { "publisher_id", publisher.Id } },
 | |
|             Request.HttpContext.Connection.RemoteIpAddress?.ToString(),
 | |
|             Request.Headers.UserAgent.ToString(),
 | |
|             currentUser
 | |
|         );
 | |
| 
 | |
|         return NoContent();
 | |
|     }
 | |
| 
 | |
|     [HttpGet("{name}/members")]
 | |
|     public async Task<ActionResult<List<PublisherMember>>> ListMembers(
 | |
|         string name,
 | |
|         [FromQuery] int offset = 0,
 | |
|         [FromQuery] int take = 20
 | |
|     )
 | |
|     {
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         IQueryable<PublisherMember> query = db.PublisherMembers
 | |
|             .Where(m => m.PublisherId == publisher.Id)
 | |
|             .Where(m => m.JoinedAt != null)
 | |
|             .Include(m => m.Account)
 | |
|             .ThenInclude(m => m.Profile);
 | |
| 
 | |
|         var total = await query.CountAsync();
 | |
|         Response.Headers["X-Total"] = total.ToString();
 | |
| 
 | |
|         var members = await query
 | |
|             .OrderBy(m => m.CreatedAt)
 | |
|             .Skip(offset)
 | |
|             .Take(take)
 | |
|             .ToListAsync();
 | |
| 
 | |
|         return Ok(members);
 | |
|     }
 | |
| 
 | |
|     [HttpGet("{name}/members/me")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<PublisherMember>> GetCurrentIdentity(string name)
 | |
|     {
 | |
|         if (HttpContext.Items["CurrentUser"] is not Shared.Models.Account currentUser) return Unauthorized();
 | |
|         var userId = currentUser.Id;
 | |
| 
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var member = await db.PublisherMembers
 | |
|             .Where(m => m.AccountId == userId)
 | |
|             .Where(m => m.PublisherId == publisher.Id)
 | |
|             .Include(m => m.Account)
 | |
|             .ThenInclude(m => m.Profile)
 | |
|             .FirstOrDefaultAsync();
 | |
| 
 | |
|         if (member is null) return NotFound();
 | |
|         return Ok(member);
 | |
|     }
 | |
| 
 | |
|     [HttpGet("{name}/features")]
 | |
|     [Authorize]
 | |
|     public async Task<ActionResult<Dictionary<string, bool>>> ListPublisherFeatures(string name)
 | |
|     {
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var features = await db.PublisherFeatures
 | |
|             .Where(f => f.PublisherId == publisher.Id)
 | |
|             .ToListAsync();
 | |
| 
 | |
|         var dict = PublisherFeatureFlag.AllFlags.ToDictionary(
 | |
|             flag => flag,
 | |
|             _ => false
 | |
|         );
 | |
| 
 | |
|         foreach (
 | |
|             var feature in features.Where(feature =>
 | |
|                 feature.ExpiredAt == null || !(feature.ExpiredAt < SystemClock.Instance.GetCurrentInstant())
 | |
|             )
 | |
|         )
 | |
|         {
 | |
|             dict[feature.Flag] = true;
 | |
|         }
 | |
| 
 | |
|         return Ok(dict);
 | |
|     }
 | |
| 
 | |
|     public class PublisherFeatureRequest
 | |
|     {
 | |
|         [Required] public string Flag { get; set; } = null!;
 | |
|         public Instant? ExpiredAt { get; set; }
 | |
|     }
 | |
| 
 | |
|     [HttpPost("{name}/features")]
 | |
|     [Authorize]
 | |
|     [DysonNetwork.Shared.Permission.RequiredPermission("maintenance", "publishers.features")]
 | |
|     public async Task<ActionResult<PublisherFeature>> AddPublisherFeature(string name,
 | |
|         [FromBody] PublisherFeatureRequest request)
 | |
|     {
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var feature = new PublisherFeature
 | |
|         {
 | |
|             PublisherId = publisher.Id,
 | |
|             Flag = request.Flag,
 | |
|             ExpiredAt = request.ExpiredAt
 | |
|         };
 | |
| 
 | |
|         db.PublisherFeatures.Add(feature);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         return Ok(feature);
 | |
|     }
 | |
| 
 | |
|     [HttpDelete("{name}/features/{flag}")]
 | |
|     [Authorize]
 | |
|     [RequiredPermission("maintenance", "publishers.features")]
 | |
|     public async Task<ActionResult> RemovePublisherFeature(string name, string flag)
 | |
|     {
 | |
|         var publisher = await db.Publishers
 | |
|             .Where(p => p.Name == name)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (publisher is null) return NotFound();
 | |
| 
 | |
|         var feature = await db.PublisherFeatures
 | |
|             .Where(f => f.PublisherId == publisher.Id)
 | |
|             .Where(f => f.Flag == flag)
 | |
|             .FirstOrDefaultAsync();
 | |
|         if (feature is null) return NotFound();
 | |
| 
 | |
|         db.PublisherFeatures.Remove(feature);
 | |
|         await db.SaveChangesAsync();
 | |
| 
 | |
|         return NoContent();
 | |
|     }
 | |
| } |