mirror of
https://github.com/D4M13N-D3V/art_platform.git
synced 2025-10-31 17:45:39 +00:00
added suspended and ban checks
This commit is contained in:
Damien Ostler
parent
82f24497b0
commit
ffbc57aded
@ -111,6 +111,9 @@ public class OrderController : Controller
|
||||
.FirstOrDefaultAsync(x=>x.Id==sellerId);
|
||||
if(seller==null)
|
||||
return NotFound("Seller not found.");
|
||||
if(seller.Suspended)
|
||||
return NotFound("Seller is suspended.");
|
||||
|
||||
var service = await _dbContext.SellerServices
|
||||
.Include(x=>x.Reviews)
|
||||
.FirstOrDefaultAsync(x=>x.Id==serviceId);
|
||||
|
||||
@ -33,6 +33,7 @@ public class SellerOrderController : Controller
|
||||
.Include(x=>x.Seller)
|
||||
.Where(x => x.Seller.UserId == userId && status==null ? true : status==x.Status)
|
||||
.Skip(offset).Take(pageSize).ToListAsync();
|
||||
|
||||
var result = orders.Select(x => x.ToModel()).ToList();
|
||||
return Ok(result);
|
||||
}
|
||||
@ -55,6 +56,11 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> CancelOrder(int orderId)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.SellerService)
|
||||
.FirstOrDefaultAsync(x=>x.Id==orderId && x.Seller.UserId==userId);
|
||||
@ -80,6 +86,11 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> AcceptOrder(int orderId)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.SellerService)
|
||||
.FirstOrDefaultAsync(x=>x.Id==orderId && x.Seller.UserId==userId);
|
||||
@ -104,6 +115,11 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> StartOrder(int orderId)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.SellerService)
|
||||
.FirstOrDefaultAsync(x=>x.Id==orderId && x.Seller.UserId==userId);
|
||||
@ -128,6 +144,12 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> AdjustPrice(int orderId,[FromQuery]double price)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.Seller)
|
||||
.Include(x=>x.SellerService)
|
||||
@ -159,6 +181,11 @@ public class SellerOrderController : Controller
|
||||
.Include(x=>x.Seller)
|
||||
.Include(x=>x.SellerService)
|
||||
.FirstOrDefaultAsync(x=>x.Id==orderId && x.Seller.UserId==userId);
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
if(order==null)
|
||||
return NotFound("Order not found.");
|
||||
if(order.Seller.UserId!=userId)
|
||||
@ -185,6 +212,11 @@ public class SellerOrderController : Controller
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.Seller)
|
||||
.FirstOrDefaultAsync(x=>x.Id==orderId && x.Seller.UserId==userId);
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
if(order==null)
|
||||
return NotFound("Order not found.");
|
||||
if(order.BuyerId!=userId && order.Seller.UserId!=userId)
|
||||
@ -204,6 +236,11 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> Message(int orderId, [FromBody] SellerServiceOrderMessageModel model)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.Messages)
|
||||
.Include(x=>x.Seller)
|
||||
@ -236,6 +273,11 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> MessageAttachment(int orderId, int messageId,IFormFile file)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.Messages)
|
||||
.Include(x=>x.Seller)
|
||||
@ -270,6 +312,11 @@ public class SellerOrderController : Controller
|
||||
public async Task<IActionResult> MessageAttachments(int orderId, int messageId)
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var seller = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(x=>x.UserId==userId);
|
||||
if(seller==null)
|
||||
return NotFound("User it not a seller.");
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var order = await _dbContext.SellerServiceOrders
|
||||
.Include(x=>x.Messages)
|
||||
.Include(x=>x.Seller)
|
||||
|
||||
@ -104,6 +104,8 @@ public class SellerProfileController : Controller
|
||||
return BadRequest("Account has requested to be a seller and not been approved yet.");
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var portfolio = await _dbContext.SellerProfilePortfolioPieces
|
||||
.FirstAsync(x => x.SellerProfileId == existingSellerProfile.Id && x.Id==portfolioId);
|
||||
@ -125,6 +127,8 @@ public class SellerProfileController : Controller
|
||||
return BadRequest("Account has requested to be a seller and not been approved yet.");
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var portfolio = await _dbContext.SellerProfilePortfolioPieces.Where(x=>x.SellerProfileId==existingSellerProfile.Id).ToListAsync();
|
||||
var result = portfolio.Select(x=>x.ToModel()).ToList();
|
||||
return Ok(result);
|
||||
@ -145,6 +149,8 @@ public class SellerProfileController : Controller
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var url = await _storageService.UploadImageAsync(file, Guid.NewGuid().ToString());
|
||||
var portfolio = new SellerProfilePortfolioPiece()
|
||||
{
|
||||
@ -172,6 +178,8 @@ public class SellerProfileController : Controller
|
||||
return BadRequest("Account has requested to be a seller and not been approved yet.");
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var portfolio = await _dbContext.SellerProfilePortfolioPieces.FirstOrDefaultAsync(x=>x.Id==portfolioId);
|
||||
if(portfolio==null)
|
||||
return NotFound("Portfolio piece not found.");
|
||||
@ -197,6 +205,8 @@ public class SellerProfileController : Controller
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
if(existingSellerProfile.StripeAccountId!=null)
|
||||
return BadRequest("Account already have a payment account.");
|
||||
|
||||
@ -222,6 +232,8 @@ public class SellerProfileController : Controller
|
||||
return BadRequest("Account has requested to be a seller and not been approved yet.");
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
if(existingSellerProfile.StripeAccountId==null)
|
||||
return BadRequest("Account does not have a payment account.");
|
||||
|
||||
|
||||
@ -36,6 +36,9 @@ public class SellerServiceController : Controller
|
||||
if(seller==null)
|
||||
return BadRequest("Account is not a seller.");
|
||||
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var sellerServices = await _dbContext.SellerServices.Where(x=>x.Archived==false).Include(x=>x.Reviews)
|
||||
.Skip(offset).Take(pageSize).ToListAsync();
|
||||
var result = sellerServices.Select(x=>x.ToModel()).ToList();
|
||||
@ -53,6 +56,9 @@ public class SellerServiceController : Controller
|
||||
if(seller==null)
|
||||
return BadRequest("Account is not a seller.");
|
||||
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var sellerServices = await _dbContext.SellerServices.Where(x=>x.Archived==false).Include(x => x.Reviews).ToListAsync();
|
||||
var result = sellerServices.Count;
|
||||
return Ok(result);
|
||||
@ -68,6 +74,9 @@ public class SellerServiceController : Controller
|
||||
if(seller==null)
|
||||
return BadRequest("Account is not a seller.");
|
||||
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
if(seller.StripeAccountId==null)
|
||||
return BadRequest("Account does not have a payment account.");
|
||||
|
||||
@ -98,6 +107,9 @@ public class SellerServiceController : Controller
|
||||
if(seller==null)
|
||||
return BadRequest("Account is not a seller.");
|
||||
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var sellerService = await _dbContext.SellerServices.FirstOrDefaultAsync(sellerService=>sellerService.Id==sellerServiceId);
|
||||
|
||||
if(sellerService==null)
|
||||
@ -124,6 +136,9 @@ public class SellerServiceController : Controller
|
||||
if(seller==null)
|
||||
return BadRequest("Account is not a seller.");
|
||||
|
||||
if(seller.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var sellerService = await _dbContext.SellerServices.FirstOrDefaultAsync(sellerService=>sellerService.Id==sellerServiceId);
|
||||
|
||||
if(sellerService==null)
|
||||
@ -141,6 +156,8 @@ public class SellerServiceController : Controller
|
||||
{
|
||||
var userId = User.GetUserId();
|
||||
var existingSellerProfile = await _dbContext.UserSellerProfiles.FirstOrDefaultAsync(sellerProfile=>sellerProfile.UserId==userId);
|
||||
|
||||
|
||||
if (existingSellerProfile == null)
|
||||
{
|
||||
var sellerProfileRequest = await _dbContext.SellerProfileRequests.FirstOrDefaultAsync(request=>request.UserId==userId && request.Accepted==false);
|
||||
@ -148,6 +165,8 @@ public class SellerServiceController : Controller
|
||||
return BadRequest("Account has requested to be a seller and not been approved yet.");
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var portfolio = await _dbContext.SellerProfilePortfolioPieces.Where(x=>x.SellerProfileId==existingSellerProfile.Id && x.SellerServiceId==sellerServiceId).ToListAsync();
|
||||
var result = portfolio.Select(x=>x.ToModel()).ToList();
|
||||
return Ok(result);
|
||||
@ -169,6 +188,9 @@ public class SellerServiceController : Controller
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var portfolio = await _dbContext.SellerProfilePortfolioPieces
|
||||
.FirstAsync(x => x.SellerProfileId == existingSellerProfile.Id
|
||||
&& x.SellerServiceId == sellerServiceId && x.Id==portfolioId);
|
||||
@ -191,6 +213,9 @@ public class SellerServiceController : Controller
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
|
||||
var url = await _storageService.UploadImageAsync(file, Guid.NewGuid().ToString());
|
||||
var portfolio = new SellerProfilePortfolioPiece()
|
||||
{
|
||||
@ -219,6 +244,8 @@ public class SellerServiceController : Controller
|
||||
return BadRequest("Account has requested to be a seller and not been approved yet.");
|
||||
return Unauthorized("Account is not a seller.");
|
||||
}
|
||||
if(existingSellerProfile.Suspended)
|
||||
return BadRequest("Seller is suspended.");
|
||||
var portfolio = await _dbContext.SellerProfilePortfolioPieces.FirstOrDefaultAsync(x=>x.Id==portfolioId);
|
||||
if(portfolio==null)
|
||||
return NotFound("Portfolio piece not found.");
|
||||
|
||||
@ -2,6 +2,7 @@ using System.Security.Claims;
|
||||
using ArtPlatform.API.Services.Payment;
|
||||
using ArtPlatform.Database;
|
||||
using ArtPlatform.Database.Entities;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace ArtPlatform.API.Middleware;
|
||||
|
||||
@ -21,7 +22,7 @@ public class UserMiddleware
|
||||
{
|
||||
var userId = context.User.Claims.First(c => c.Type == ClaimTypes.NameIdentifier).Value;
|
||||
|
||||
var user = await dbContext.Users.FindAsync(userId);
|
||||
var user = await dbContext.Users.Include(x=>x.UserSellerProfile).FirstOrDefaultAsync(x=>x.Id==userId);
|
||||
|
||||
if (user == null)
|
||||
{
|
||||
@ -41,6 +42,72 @@ public class UserMiddleware
|
||||
dbContext.Users.Update(user);
|
||||
await dbContext.SaveChangesAsync();
|
||||
}
|
||||
|
||||
if (user.Suspended)
|
||||
{
|
||||
if (user.UnsuspendDate < DateTime.UtcNow)
|
||||
{
|
||||
user.Suspended = false;
|
||||
user.SuspendedDate = null;
|
||||
user.UnsuspendDate = null;
|
||||
user.SuspendedReason = null;
|
||||
user.SuspendAdminId = null;
|
||||
dbContext.Users.Update(user);
|
||||
await dbContext.SaveChangesAsync();
|
||||
}
|
||||
else
|
||||
{
|
||||
var suspendDate = user.SuspendedDate.Value.ToString("MM/dd/yyyy");
|
||||
var unsuspendDate = user.UnsuspendDate.Value.ToString("MM/dd/yyyy");
|
||||
await context.Response.WriteAsync($"Suspended on {suspendDate} until {unsuspendDate} for {user.SuspendedReason} by {user.SuspendAdminId}.");
|
||||
context.Response.StatusCode = StatusCodes.Status403Forbidden;
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (user.Banned)
|
||||
{
|
||||
if (user.UnsuspendDate < DateTime.UtcNow)
|
||||
{
|
||||
user.Banned = false;
|
||||
user.BannedDate = null;
|
||||
user.BannedDate = null;
|
||||
user.BannedReason = null;
|
||||
user.BanAdminId = null;
|
||||
dbContext.Users.Update(user);
|
||||
await dbContext.SaveChangesAsync();
|
||||
}
|
||||
else
|
||||
{
|
||||
var suspendDate = user.BannedDate.Value.ToString("MM/dd/yyyy");
|
||||
var unsuspendDate = user.UnbanDate.Value.ToString("MM/dd/yyyy");
|
||||
await context.Response.WriteAsync($"Banned on {suspendDate} until {unsuspendDate} for {user.BannedReason} by {user.BanAdminId}.");
|
||||
context.Response.StatusCode = StatusCodes.Status403Forbidden;
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (user.UserSellerProfile != null && user.UserSellerProfile.Suspended)
|
||||
{
|
||||
if (user.UserSellerProfile.UnsuspendDate < DateTime.UtcNow)
|
||||
{
|
||||
user.UserSellerProfile.Suspended = false;
|
||||
user.UserSellerProfile.SuspendedDate = null;
|
||||
user.UserSellerProfile.UnsuspendDate = null;
|
||||
user.UserSellerProfile.SuspendedReason = null;
|
||||
user.UserSellerProfile.SuspendAdminId = null;
|
||||
dbContext.Users.Update(user);
|
||||
await dbContext.SaveChangesAsync();
|
||||
}
|
||||
else
|
||||
{
|
||||
var suspendDate = user.UserSellerProfile.SuspendedDate.Value.ToString("MM/dd/yyyy");
|
||||
var unsuspendDate = user.UserSellerProfile.UnsuspendDate.Value.ToString("MM/dd/yyyy");
|
||||
await context.Response.WriteAsync($"Banned on {suspendDate} until {unsuspendDate} for {user.UserSellerProfile.SuspendedReason} by {user.UserSellerProfile.SuspendAdminId}.");
|
||||
context.Response.StatusCode = StatusCodes.Status403Forbidden;
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
await _next(context);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user