using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using System.Net.Mail; using System.Net; using System.Security.Claims; using Microsoft.EntityFrameworkCore; using static Microsoft.EntityFrameworkCore.DbLoggerCategory; namespace asg_form.Controllers { [ApiController] public class news : ControllerBase { private readonly RoleManager roleManager; private readonly UserManager userManager; public news( RoleManager roleManager, UserManager userManager) { this.roleManager = roleManager; this.userManager = userManager; } /// /// 通过密码获得管理员 /// /// 密码 /// [Authorize] [Route("api/v1/getadmin/")] [HttpPost] public async Task> Post(string password) { if (password == "luolanzuishuai") { string id = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value; var user = await userManager.FindByIdAsync(id); await userManager.AddToRoleAsync(user, "admin"); await userManager.AddToRoleAsync(user, "nbadmin"); return "ok"; } else { return BadRequest("无权访问!"); } } /// /// 获得所有新闻 /// /// [Route("api/v1/news/")] [HttpGet] public async Task>> getnews([FromQuery] string type = null) { TestDbContext test =new TestDbContext(); var query = test.news.AsQueryable(); if (!string.IsNullOrEmpty(type)) { query = query.Where(n => n.Type == type); } return query.OrderBy(a => a.Id).ToList(); } [Authorize] [Route("api/v1/admin/news/")] [HttpDelete] public async Task> delnews(long newid) { string id = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value; var user = await userManager.FindByIdAsync(id); bool a = await userManager.IsInRoleAsync(user, "admin"); if (a) { TestDbContext ctx = new TestDbContext(); T_news delnew= ctx.news.FirstOrDefault(a => a.Id == newid); ctx.news.Remove(delnew); await ctx.SaveChangesAsync(); return "ok"; } else { return "无权访问"; } } /// /// 发布新闻 /// /// 新闻内容 /// [Authorize] [Route("api/v1/admin/news/")] [HttpPost] public async Task> Post([FromBody]req_news req_News) { string id = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value; var user = await userManager.FindByIdAsync(id); bool a = await userManager.IsInRoleAsync(user, "admin"); if (a) { try { using (TestDbContext ctx = new TestDbContext()) { ctx.news.Add(new T_news { Title = req_News.Title, msg = req_News.msg, Type = req_News.Type, FormName = user.chinaname, time = DateTime.Now.ToString() }); await ctx.SaveChangesAsync(); return Ok(new TReturn() { code=200,msg="添加成功!"}); } } catch (Exception ex) { return Ok(new { code = 500, message = "服务器错误", ex }); } } else { return "无权访问"; } } /// /// 修改新闻 /// /// 新闻内容 /// [Authorize] [Route("api/v1/admin/news/")] [HttpPut] public async Task> Put([FromBody] req_news req_News,long newsid) { string id = this.User.FindFirst(ClaimTypes.NameIdentifier)!.Value; var user = await userManager.FindByIdAsync(id); bool a = await userManager.IsInRoleAsync(user, "admin"); if (a) { using (TestDbContext ctx = new TestDbContext()) { try { var qwq= await ctx.news.FindAsync(newsid); if (qwq == null) { return NotFound("News item not found or type mismatch."); } qwq.msg=req_News.msg; qwq.Title=req_News.Title; qwq.FormName = user.UserName; qwq.Type = req_News.Type; ctx.SaveChanges(); } catch (Exception ex) { return Ok(new { code = 500, message = "服务器错误", ex }); } } return "ok!"; } else { return "无权访问"; } } } } public class T_news { public long Id { get; set; } public string Title { get; set; } public string FormName { get; set; } public string? time { get; set; } public string msg { get; set; } public string Type { get; set; } } public class req_news { /// /// 标题 /// public string Title { get; set; } /// /// 内容,推荐使用markdown格式 /// public string msg { get; set; } public string Type { get; set; } }