diff --git a/NpgsqlBlogProvider/BlogHelper.cs b/NpgsqlBlogProvider/BlogHelper.cs index b08e339e..aa4f8e76 100644 --- a/NpgsqlBlogProvider/BlogHelper.cs +++ b/NpgsqlBlogProvider/BlogHelper.cs @@ -3,6 +3,7 @@ using System.Configuration; using System.Reflection; using System.Collections.Specialized; using Npgsql.Web.Blog.Configuration; +using yavscModel.Blogs; namespace Npgsql.Web.Blog { diff --git a/NpgsqlBlogProvider/BlogManager.cs b/NpgsqlBlogProvider/BlogManager.cs index 594f7a40..2ebac0d7 100644 --- a/NpgsqlBlogProvider/BlogManager.cs +++ b/NpgsqlBlogProvider/BlogManager.cs @@ -1,5 +1,6 @@ using System; -using Npgsql.Web.Blog.DataModel; +using yavscModel.Blogs; + namespace Npgsql.Web.Blog { diff --git a/NpgsqlBlogProvider/BlogProvider.cs b/NpgsqlBlogProvider/BlogProvider.cs index fc579116..dfa4fee6 100644 --- a/NpgsqlBlogProvider/BlogProvider.cs +++ b/NpgsqlBlogProvider/BlogProvider.cs @@ -2,9 +2,8 @@ using System; using System.Configuration; using System.Configuration.Provider; using System.Collections.Generic; -using Npgsql.Web.Blog.DataModel; -namespace Npgsql.Web.Blog +namespace yavscModel.Blogs { public abstract class BlogProvider: ProviderBase { diff --git a/NpgsqlBlogProvider/NpgsqlBlogProvider.cs b/NpgsqlBlogProvider/NpgsqlBlogProvider.cs index cf811139..ad1c2e2f 100644 --- a/NpgsqlBlogProvider/NpgsqlBlogProvider.cs +++ b/NpgsqlBlogProvider/NpgsqlBlogProvider.cs @@ -2,8 +2,8 @@ using System; using System.Configuration; using System.Configuration.Provider; using Npgsql; -using Npgsql.Web.Blog.DataModel; using System.Collections.Generic; +using yavscModel.Blogs; namespace Npgsql.Web.Blog { diff --git a/NpgsqlBlogProvider/NpgsqlBlogProvider.csproj b/NpgsqlBlogProvider/NpgsqlBlogProvider.csproj index 41bd272a..c62f33dd 100644 --- a/NpgsqlBlogProvider/NpgsqlBlogProvider.csproj +++ b/NpgsqlBlogProvider/NpgsqlBlogProvider.csproj @@ -3,7 +3,7 @@ Debug AnyCPU - 10.0.0 + 8.0.30703 2.0 {C6E9E91B-97D3-48D9-8AA7-05356929E162} Library @@ -33,19 +33,13 @@ - - - - - - @@ -67,4 +61,10 @@ + + + {68F5B80A-616E-4C3C-91A0-828AA40000BD} + yavscModel + + \ No newline at end of file diff --git a/NpgsqlMRPProviders/NpgsqlMembershipProvider.cs b/NpgsqlMRPProviders/NpgsqlMembershipProvider.cs index bce01049..d3601fed 100644 --- a/NpgsqlMRPProviders/NpgsqlMembershipProvider.cs +++ b/NpgsqlMRPProviders/NpgsqlMembershipProvider.cs @@ -1123,10 +1123,13 @@ namespace Npgsql.Web { MembershipUserCollection users = new MembershipUserCollection (); using (NpgsqlConnection conn = new NpgsqlConnection (connectionString)) { + conn.Open (); using (NpgsqlCommand cmd = new NpgsqlCommand ("SELECT count(*)" + " FROM Users " + - " WHERE Username LIKE @UsernameSearch AND ApplicationName = @ApplicationName ", conn)) { - totalRecords = (int)cmd.ExecuteScalar (); + " WHERE Username LIKE @uns AND ApplicationName = @appn ", conn)) { + cmd.Parameters.Add ("@uns", usernameToMatch); + cmd.Parameters.Add ("@appn", ApplicationName); + totalRecords = (int)((long)cmd.ExecuteScalar ()); } if (totalRecords > 0) using (NpgsqlCommand cmd = new NpgsqlCommand ("SELECT PKID, Username, Email, PasswordQuestion," + @@ -1137,7 +1140,7 @@ namespace Npgsql.Web " ORDER BY Username Asc", conn)) { cmd.Parameters.Add ("@UsernameSearch", NpgsqlDbType.Varchar, 255).Value = usernameToMatch; cmd.Parameters.Add ("@ApplicationName", NpgsqlDbType.Varchar, 255).Value = pApplicationName; - conn.Open (); + using (NpgsqlDataReader reader = cmd.ExecuteReader ()) { int counter = 0; int startIndex = pageSize * pageIndex; diff --git a/WorkFlowProvider/NpgsqlContentProvider.cs b/WorkFlowProvider/NpgsqlContentProvider.cs index 1edc194b..98840a46 100644 --- a/WorkFlowProvider/NpgsqlContentProvider.cs +++ b/WorkFlowProvider/NpgsqlContentProvider.cs @@ -11,11 +11,67 @@ namespace WorkFlowProvider { public class NpgsqlContentProvider: ProviderBase, IContentProvider { - public Estimate GetEstimate (long estimid) + public bool[] FinalStatuses { + get { + throw new NotImplementedException (); + } + } + + public string Order (IWFOrder c) { throw new NotImplementedException (); } + public IContent GetBlob (string orderId) + { + throw new NotImplementedException (); + } + + public int GetStatus (string orderId) + { + throw new NotImplementedException (); + } + + public string[] StatusLabels { + get { + throw new NotImplementedException (); + } + } + + #region IDisposable implementation + public void Dispose () + { + + } + #endregion + + public Estimate GetEstimate (long estimid) + { + using (NpgsqlConnection cnx = CreateConnection ()) { + using (NpgsqlCommand cmd = cnx.CreateCommand ()) { + cmd.CommandText = + "select title,username from estimate where _id = @estid"; + + cmd.Parameters.Add ("@estid", estimid); + cnx.Open (); + Estimate est = null; + using (NpgsqlDataReader rdr = cmd.ExecuteReader ()) { + if (!rdr.Read ()) { + throw new Exception ( + string.Format("Estimate not found : {0}", estimid)); + } + est = new Estimate (); + est.Title = rdr.GetString( + rdr.GetOrdinal("title")); + est.Owner = rdr.GetString( + rdr.GetOrdinal("username")); + } + cnx.Close (); + return est; + } + } + } + public void SetTitle (long estid, string newTitle) { using (NpgsqlConnection cnx = CreateConnection ()) { @@ -66,39 +122,6 @@ namespace WorkFlowProvider } } - public bool[] FinalStatuses { - get { - throw new NotImplementedException (); - } - } - - public string Order (IWFOrder c) - { - throw new NotImplementedException (); - } - - public IContent GetBlob (string orderId) - { - throw new NotImplementedException (); - } - - public int GetStatus (string orderId) - { - throw new NotImplementedException (); - } - - public string[] StatusLabels { - get { - throw new NotImplementedException (); - } - } - - #region IDisposable implementation - public void Dispose () - { - - } - #endregion public long CreateEstimate (string client, string title) { diff --git a/web/Controllers/AccountController.cs b/web/Controllers/AccountController.cs index 8685a59c..f70ad920 100644 --- a/web/Controllers/AccountController.cs +++ b/web/Controllers/AccountController.cs @@ -163,7 +163,7 @@ namespace Yavsc.Controllers // ChangePassword will throw an exception rather // than return false in certain failure scenarios. - bool changePasswordSucceeded; + bool changePasswordSucceeded=false; try { var users = Membership.FindUsersByName (model.Username); @@ -172,9 +172,10 @@ namespace Yavsc.Controllers changePasswordSucceeded = user.ChangePassword (model.OldPassword, model.NewPassword); } else { changePasswordSucceeded = false; + ModelState.AddModelError ("Username", "The user name not found."); } - } catch (Exception) { - changePasswordSucceeded = false; + } catch (Exception ex) { + ViewData ["Error"] = ex.ToString (); } if (changePasswordSucceeded) { diff --git a/web/Controllers/BlogsApiController.cs b/web/Controllers/BlogsApiController.cs new file mode 100644 index 00000000..a9dab21a --- /dev/null +++ b/web/Controllers/BlogsApiController.cs @@ -0,0 +1,36 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Web; +using System.Web.Mvc; +using System.Web.Mvc.Ajax; +using System.Web.Security; +using Npgsql.Web.Blog; +using yavscModel.Blogs; + +namespace Yavsc.Controllers +{ + public class BlogsApiController : Controller + { + public static HttpStatusCodeResult RemovePost(string user, string title) { + if (!Roles.IsUserInRole ("Admin")) { + string rguser = Membership.GetUser ().UserName; + if (rguser != user) { + throw new AccessViolationException ( + string.Format ( + "Vous n'avez pas le droit de suprimer des billets du Blog de {0}", + user)); + } + } + BlogEntry e = BlogManager.GetPost (user, title); + if (e == null) { + return new HttpNotFoundResult ( + string.Format("Aucun post portant le titre \"{0}\" pour l'utilisateur {1}", + title, user)); + } + BlogManager.RemovePost (user, title); + return new HttpStatusCodeResult (200); + } + } +} + diff --git a/web/Controllers/BlogsController.cs b/web/Controllers/BlogsController.cs index 9d5fc9c2..4867b539 100644 --- a/web/Controllers/BlogsController.cs +++ b/web/Controllers/BlogsController.cs @@ -13,9 +13,9 @@ using System.Web.Profile; using System.Web.Security; using CodeKicker.BBCode; using Npgsql.Web.Blog; -using Npgsql.Web.Blog.DataModel; using Yavsc; using yavscModel; +using yavscModel.Blogs; namespace Yavsc.Controllers { @@ -206,6 +206,8 @@ namespace Yavsc.Controllers { return string.Format ("{0}'s blog", user); } + + [Authorize] public ActionResult Comment (BlogEditCommentModel model) { string username = Membership.GetUser ().UserName; ViewData ["SiteName"] = sitename; @@ -231,30 +233,22 @@ namespace Yavsc.Controllers return File (fia.OpenRead (), defaultAvatarMimetype); } + /// + /// Remove the specified blog entry, by its author and title, + /// using returnUrl as the URL to return to, + /// and confirm as a proof you really know what you do. + /// + /// User. + /// Title. + /// Return URL. + /// If set to true confirm. [Authorize] - public ActionResult Remove (string user, string title, string returnUrl) + public ActionResult RemovePost (string user, string title, string returnUrl, bool confirm=false) { - if (!Roles.IsUserInRole ("Admin")) { - string rguser = Membership.GetUser ().UserName; - if (rguser != user) { - ModelState.AddModelError ( - "Title", string.Format ( - "Vous n'avez pas de droits sur le Blog de {0}", - user)); - return Return (returnUrl); - } - } - BlogEntry e = BlogManager.GetPost (user, title); - if (e == null) { - ModelState.AddModelError ( - "Title", - string.Format ( - "Aucun post portant le titre \"{0}\" pour l'utilisateur {1}", - title, user)); - return Return (returnUrl); - } - BlogManager.RemovePost (user, title); - return Return (returnUrl); + if (!confirm) + return View ("RemovePost"); + HttpStatusCodeResult res = BlogsApiController.RemovePost (user,title); + return (res.StatusCode==200? Return(returnUrl):res); } private ActionResult Return (string returnUrl) diff --git a/web/Controllers/WorkFlowController.cs b/web/Controllers/WorkFlowController.cs index 41c2b84b..bf136bd3 100644 --- a/web/Controllers/WorkFlowController.cs +++ b/web/Controllers/WorkFlowController.cs @@ -35,6 +35,17 @@ namespace Yavsc.ApiControllers return WFManager.Write(estid, desc, ucost, count, productid); } + [Authorize] + [HttpGet] + /// + /// Gets the estimate. + /// + /// The estimate. + /// Estid. + public Estimate GetEstimate (long estid) + { + return WFManager.ContentProvider.GetEstimate (estid); + } /* public object Details(int id) { diff --git a/web/Helpers/BBCodeHelper.cs b/web/Helpers/BBCodeHelper.cs index 2c9246f8..dd07834e 100644 --- a/web/Helpers/BBCodeHelper.cs +++ b/web/Helpers/BBCodeHelper.cs @@ -153,7 +153,9 @@ namespace Yavsc.Helpers static string DocPageContentTransformer (string instr) { - return TocContentTransformer(instr)+instr; + string toc = TocContentTransformer(instr); + Init (); + return toc+instr; } static string TagContentTransformer (string instr) @@ -286,7 +288,7 @@ namespace Yavsc.Helpers new BBAttribute ("title", "title", TitleContentTransformer), new BBAttribute ("para", "para", L1ContentTransformer)); BBTag bbdp=new BBTag ("docpage", - "
${content}
", "", + "
${content}", "
", false, false, DocPageContentTransformer); @@ -296,14 +298,14 @@ namespace Yavsc.Helpers new BBTag ("i", "", ""), new BBTag ("u", "", ""), new BBTag ("code", "", ""), - new BBTag ("img", "", "", false, true, new BBAttribute ("style", "style")), + new BBTag ("img", "", "", true, false, new BBAttribute ("style", "style")), new BBTag ("quote", "
", "
"), new BBTag ("div", "
", "
", new BBAttribute("style","style")), new BBTag ("p", "

", "

"), new BBTag ("h", "

", "

"), bblist, new BBTag ("*", "
  • ", "
    • ", true, false), - new BBTag ("url", "", "", new BBAttribute ("href", ""), new BBAttribute ("href", "href")), + new BBTag ("url", "", "", true, false, new BBAttribute ("href", ""), new BBAttribute ("href", "href")), new BBTag ("br", "
    ", "", true, false), new BBTag ("video", "