notazof
/
yavsc
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity
yavsc/Yavsc/Controllers/Deliver/BlogspotController.cs

259 lines
8.7 KiB
C#
Raw Blame History Unescape Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Mvc;
using Microsoft.Extensions.Logging;
using Microsoft.AspNet.Authorization;
using Microsoft.Data.Entity;
using Microsoft.Extensions.OptionsModel;
using Yavsc.Models;
using Yavsc.ViewModels.Auth;
using Microsoft.AspNet.Mvc.Rendering;
using Yavsc.Models.Blog;
// For more information on enabling Web API for empty projects, visit http://go.microsoft.com/fwlink/?LinkID=397860
namespace Yavsc.Controllers
{
public class BlogspotController : Controller
{
ILogger _logger;
private ApplicationDbContext _context;
private SiteSettings _siteSettings;
private IAuthorizationService _authorizationService;
public BlogspotController(
ApplicationDbContext context,
UserManager<ApplicationUser> userManager,
ILoggerFactory loggerFactory,
IAuthorizationService authorizationService,
IOptions<SiteSettings> siteSettings)
{
_context = context;
_logger = loggerFactory.CreateLogger<AccountController>();
_authorizationService = authorizationService;
_siteSettings = siteSettings.Value;
}
// GET: Blog
[AllowAnonymous]
public IActionResult Index(string id, int skip=0, int maxLen=25)
{
if (!string.IsNullOrEmpty(id))
return UserPosts(id);
string uid = User.GetUserId();
long[] usercircles = _context.Circle.Include(c=>c.Members).Where(c=>c.Members.Any(m=>m.MemberId == uid))
.Select(c=>c.Id).ToArray();
IQueryable<BlogPost> posts ;
var allposts = _context.Blogspot
.Include(b => b.Author)
.Include(p=>p.ACL)
.Include(p=>p.Tags)
.Include(p=>p.Comments)
.Where(p=>p.AuthorId == uid || p.Visible);
if (usercircles != null) {
posts = allposts.Where(p=> p.ACL.Count==0 || p.ACL.Any(a=> usercircles.Contains(a.CircleId)))
;
}
else {
posts = allposts.Where(p => p.ACL.Count == 0);
}
var data = posts.OrderByDescending( p=> p.DateCreated).ToArray();
var grouped = data.GroupBy(p=> p.Title).Skip(skip).Take(maxLen);
return View(grouped);
}
[Route("/Title/{id?}")]
[AllowAnonymous]
public IActionResult Title(string id)
{
var uid = User.GetUserId();
ViewData["Title"] = id;
return View("Title", _context.Blogspot.Include(
b => b.Author
).Where(x => x.Title == id && (x.Visible || x.AuthorId == uid )).OrderByDescending(
x => x.DateCreated
).ToList());
}
[Route("/Blog/{id?}")]
[AllowAnonymous]
public IActionResult UserPosts(string id)
{
if (string.IsNullOrEmpty(id)) return Index(null);
var uid = User.GetUserId();
long[] usercircles = _context.Circle.Include(c=>c.Members).Where(c=>c.Members.Any(m=>m.MemberId == uid))
.Select(c=>c.Id).ToArray();
var result = (User.IsSignedIn())?
_context.Blogspot.Include(
b => b.Author
).Include(p=>p.ACL).Where(x => x.Author.UserName == id && (x.Visible && (x.ACL.Count==0 || x.ACL.Any(a=> usercircles.Contains(a.CircleId))))):
_context.Blogspot.Include(
b => b.Author
).Where(x => x.Author.UserName == id && x.Visible);
// BlogIndexKey
return View("Index", result.OrderByDescending(p => p.DateCreated).ToList().GroupBy(p=> p.Title ));
}
// GET: Blog/Details/5
[AllowAnonymous]
public async Task<IActionResult> Details(long? id)
{
if (id == null)
{
return HttpNotFound();
}
BlogPost blog = _context.Blogspot
.Include(p => p.Author)
.Include(p => p.Tags)
.Include(p => p.Comments)
.Include(p => p.ACL)
.Single(m => m.Id == id);
if (blog == null)
{
return HttpNotFound();
}
if (!await _authorizationService.AuthorizeAsync(User, blog, new ViewRequirement()))
{
return new ChallengeResult();
}
foreach (var c in blog.Comments) {
c.Author = _context.Users.First(u=>u.Id==c.AuthorId);
}
ViewData["apicmtctlr"] = "/api/blogcomments";
ViewData["moderatoFlag"] = User.IsInRole(Constants.BlogModeratorGroupName);
return View(blog);
}
// GET: Blog/Create
[Authorize()]
public IActionResult Create(string title)
{
var result = new BlogPost{Title=title};
ViewData["PostTarget"]="Create";
return View("Edit",result);
}
// POST: Blog/Create
[HttpPost, Authorize, ValidateAntiForgeryToken]
public IActionResult Create(Models.Blog.BlogPost blog)
{
blog.Rate = 0;
blog.AuthorId = User.GetUserId();
blog.Id=0;
if (ModelState.IsValid)
{
_context.Blogspot.Add(blog);
_context.SaveChanges(User.GetUserId());
return RedirectToAction("Index");
}
ModelState.AddModelError("Unknown","Invalid Blog posted ...");
ViewData["PostTarget"]="Create";
return View("Edit",blog);
}
[Authorize()]
// GET: Blog/Edit/5
public async Task<IActionResult> Edit(long? id)
{
if (id == null)
{
return HttpNotFound();
}
ViewData["PostTarget"]="Edit";
BlogPost blog = _context.Blogspot.Include(x => x.Author).Include(x => x.ACL).Single(m => m.Id == id);
if (blog == null)
{
return HttpNotFound();
}
if (await _authorizationService.AuthorizeAsync(User, blog, new EditRequirement()))
{
ViewBag.ACL = _context.Circle.Where(
c=>c.OwnerId == blog.AuthorId)
.Select(
c => new SelectListItem
{
Text = c.Name,
Value = c.Id.ToString(),
Selected = blog.AuthorizeCircle(c.Id)
} 
);
return View(blog);
}
else
{
return new ChallengeResult();
}
}
// POST: Blog/Edit/5
[HttpPost]
[ValidateAntiForgeryToken,Authorize()]
public IActionResult Edit(BlogPost blog)
{
if (ModelState.IsValid)
{
var auth = _authorizationService.AuthorizeAsync(User, blog, new EditRequirement());
if (auth.Result)
{
// saves the change
_context.Update(blog);
_context.SaveChanges(User.GetUserId());
ViewData["StatusMessage"] = "Post modified";
return RedirectToAction("Index");
}
else
{
ViewData["StatusMessage"] = "Accès restreint";
return new ChallengeResult();
}
}
ViewData["PostTarget"]="Edit";
return View(blog);
}
// GET: Blog/Delete/5
[ActionName("Delete"),Authorize()]
public IActionResult Delete(long? id)
{
if (id == null)
{
return HttpNotFound();
}
BlogPost blog = _context.Blogspot.Include(
b => b.Author
).Single(m => m.Id == id);
if (blog == null)
{
return HttpNotFound();
}
return View(blog);
}
// POST: Blog/Delete/5
[HttpPost, ActionName("Delete"), Authorize()]
[ValidateAntiForgeryToken]
public IActionResult DeleteConfirmed(long id)
{
BlogPost blog = _context.Blogspot.Single(m => m.Id == id);
var auth = _authorizationService.AuthorizeAsync(User, blog, new EditRequirement());
if (auth.Result)
{
_context.Blogspot.Remove(blog);
_context.SaveChanges(User.GetUserId());
}
return RedirectToAction("Index");
}
}
}
Reference in New Issue View Git Blame Copy Permalink