The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

BlogController.cs 16KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data;
  4. using System.Data.Entity;
  5. using System.Linq;
  6. using System.Net;
  7. using System.Web;
  8. using System.Web.Mvc;
  9. using Teknik.Areas.Blog.Models;
  10. using Teknik.Areas.Blog.ViewModels;
  11. using Teknik.Areas.Users.Models;
  12. using Teknik.Controllers;
  13. using Teknik.Filters;
  14. using Teknik.Helpers;
  15. using Teknik.Models;
  16. namespace Teknik.Areas.Blog.Controllers
  17. {
  18. public class BlogController : DefaultController
  19. {
  20. private TeknikEntities db = new TeknikEntities();
  21. // GET: Blogs/Details/5
  22. [TrackPageView]
  23. [AllowAnonymous]
  24. public ActionResult Blog(string username)
  25. {
  26. BlogViewModel model = new BlogViewModel();
  27. // The blog is the main site's blog
  28. if (string.IsNullOrEmpty(username))
  29. {
  30. ViewBag.Title = Config.BlogConfig.Title + " - " + Config.Title;
  31. ViewBag.Description = Config.BlogConfig.Description;
  32. bool isAuth = User.IsInRole("Admin");
  33. var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => ((p.System || isAuth) && p.Published));
  34. model = new BlogViewModel();
  35. model.BlogId = Config.BlogConfig.ServerBlogId;
  36. User user = (User.IsInRole("Admin")) ? db.Users.Where(u => u.Username == User.Identity.Name).First() : null;
  37. model.UserId = (user != null) ? user.UserId : 0;
  38. model.User = user;
  39. model.Title = Config.BlogConfig.Title;
  40. model.Description = Config.BlogConfig.Description;
  41. model.HasPosts = (foundPosts != null && foundPosts.Any());
  42. return View(model);
  43. }
  44. else // A user specific blog
  45. {
  46. Models.Blog blog = db.Blogs.Include("User").Where(p => p.User.Username == username && p.BlogId != Config.BlogConfig.ServerBlogId).FirstOrDefault();
  47. // find the blog specified
  48. if (blog != null)
  49. {
  50. ViewBag.Title = blog.User.Username + "'s Blog - " + Config.Title;
  51. if (!string.IsNullOrEmpty(blog.User.BlogSettings.Title))
  52. {
  53. ViewBag.Title = blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  54. }
  55. ViewBag.Description = blog.User.BlogSettings.Description;
  56. bool isAuth = User.IsInRole("Admin");
  57. var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.BlogId == blog.BlogId && !p.System) &&
  58. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  59. model = new BlogViewModel();
  60. model.BlogId = blog.BlogId;
  61. model.UserId = blog.UserId;
  62. model.User = blog.User;
  63. model.Title = blog.User.BlogSettings.Title;
  64. model.Description = blog.User.BlogSettings.Description;
  65. model.HasPosts = (foundPosts != null);
  66. return View(model);
  67. }
  68. }
  69. model.Error = true;
  70. return View(model);
  71. }
  72. #region Posts
  73. [TrackPageView]
  74. [AllowAnonymous]
  75. public ActionResult Post(string username, int id)
  76. {
  77. if (string.IsNullOrEmpty(username))
  78. {
  79. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  80. }
  81. PostViewModel model = new PostViewModel();
  82. // find the post specified
  83. bool isAuth = User.IsInRole("Admin");
  84. var post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.Blog.User.Username == username && p.BlogPostId == id) &&
  85. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  86. if (post != null)
  87. {
  88. model = new PostViewModel(post);
  89. if (post.System)
  90. {
  91. ViewBag.Title = model.Title + " - " + Config.BlogConfig.Title + " - " + Config.Title;
  92. ViewBag.Description = Config.BlogConfig.Description;
  93. }
  94. else
  95. {
  96. ViewBag.Title = username + "'s Blog - " + Config.Title;
  97. if (!string.IsNullOrEmpty(post.Blog.User.BlogSettings.Title))
  98. {
  99. ViewBag.Title = post.Blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  100. }
  101. ViewBag.Title = model.Title + " - " + ViewBag.Title;
  102. ViewBag.Description = post.Blog.User.BlogSettings.Description;
  103. }
  104. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  105. }
  106. model.Error = true;
  107. model.ErrorMessage = "Blog Post does not exist.";
  108. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  109. }
  110. [HttpPost]
  111. [AllowAnonymous]
  112. public ActionResult GetPosts(int blogID, int startPostID, int count)
  113. {
  114. bool isAuth = User.IsInRole("Admin");
  115. var posts = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => ((p.BlogId == blogID && !p.System) || (p.System && blogID == Config.BlogConfig.ServerBlogId)) &&
  116. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).OrderByDescending(p => p.DatePosted).Skip(startPostID).Take(count).ToList();
  117. List<PostViewModel> postViews = new List<PostViewModel>();
  118. if (posts != null)
  119. {
  120. foreach (BlogPost post in posts)
  121. {
  122. postViews.Add(new PostViewModel(post));
  123. }
  124. }
  125. return PartialView("~/Areas/Blog/Views/Blog/Posts.cshtml", postViews);
  126. }
  127. [HttpPost]
  128. [AllowAnonymous]
  129. public ActionResult GetPostTitle(int postID)
  130. {
  131. bool isAuth = User.IsInRole("Admin");
  132. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.BlogPostId == postID) && (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  133. if (post != null)
  134. {
  135. return Json(new { result = post.Title });
  136. }
  137. return Json(new { error = "No title found" });
  138. }
  139. [HttpPost]
  140. [AllowAnonymous]
  141. public ActionResult GetPostArticle(int postID)
  142. {
  143. bool isAuth = User.IsInRole("Admin");
  144. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.BlogPostId == postID) && (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  145. if (post != null)
  146. {
  147. return Json(new { result = post.Article });
  148. }
  149. return Json(new { error = "No article found" });
  150. }
  151. [HttpPost]
  152. public ActionResult CreatePost(int blogID, string title, string article)
  153. {
  154. if (ModelState.IsValid)
  155. {
  156. if (User.IsInRole("Admin") || db.Blogs.Where(b => b.User.Username == User.Identity.Name).FirstOrDefault() != null)
  157. {
  158. bool system = (blogID == Config.BlogConfig.ServerBlogId);
  159. if (system)
  160. {
  161. var user = db.Blogs.Include("User").Where(b => b.User.Username == User.Identity.Name);
  162. if (user != null)
  163. {
  164. blogID = user.First().BlogId;
  165. }
  166. }
  167. BlogPost post = db.BlogPosts.Create();
  168. post.BlogId = blogID;
  169. post.Title = title;
  170. post.Article = article;
  171. post.System = system;
  172. post.DatePosted = DateTime.Now;
  173. post.DatePublished = DateTime.Now;
  174. post.DateEdited = DateTime.Now;
  175. db.BlogPosts.Add(post);
  176. db.SaveChanges();
  177. return Json(new { result = true });
  178. }
  179. return Json(new { error = "You are not authorized to create a post for this blog" });
  180. }
  181. return Json(new { error = "No post created" });
  182. }
  183. [HttpPost]
  184. public ActionResult EditPost(int postID, string title, string article)
  185. {
  186. if (ModelState.IsValid)
  187. {
  188. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => p.BlogPostId == postID).FirstOrDefault();
  189. if (post != null)
  190. {
  191. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  192. {
  193. post.Title = title;
  194. post.Article = article;
  195. post.DateEdited = DateTime.Now;
  196. db.Entry(post).State = EntityState.Modified;
  197. db.SaveChanges();
  198. return Json(new { result = true });
  199. }
  200. return Json(new { error = "You are not authorized to edit this post" });
  201. }
  202. return Json(new { error = "No post found" });
  203. }
  204. return Json(new { error = "Invalid Parameters" });
  205. }
  206. [HttpPost]
  207. public ActionResult PublishPost(int postID, bool publish)
  208. {
  209. if (ModelState.IsValid)
  210. {
  211. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => p.BlogPostId == postID).FirstOrDefault();
  212. if (post != null)
  213. {
  214. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  215. {
  216. post.Published = publish;
  217. if (publish)
  218. post.DatePublished = DateTime.Now;
  219. db.Entry(post).State = EntityState.Modified;
  220. db.SaveChanges();
  221. return Json(new { result = true });
  222. }
  223. return Json(new { error = "You are not authorized to publish this post" });
  224. }
  225. return Json(new { error = "No post found" });
  226. }
  227. return Json(new { error = "Invalid Parameters" });
  228. }
  229. [HttpPost]
  230. public ActionResult DeletePost(int postID)
  231. {
  232. if (ModelState.IsValid)
  233. {
  234. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => p.BlogPostId == postID).FirstOrDefault();
  235. if (post != null)
  236. {
  237. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  238. {
  239. db.BlogPosts.Remove(post);
  240. db.SaveChanges();
  241. return Json(new { result = true });
  242. }
  243. return Json(new { error = "You are not authorized to delete this post" });
  244. }
  245. return Json(new { error = "No post found" });
  246. }
  247. return Json(new { error = "Invalid Parameters" });
  248. }
  249. #endregion
  250. #region Comments
  251. [HttpPost]
  252. [AllowAnonymous]
  253. public ActionResult GetComments(int postID, int startCommentID, int count)
  254. {
  255. var comments = db.BlogComments.Include("BlogPost").Include("BlogPost.Blog").Include("BlogPost.Blog.User").Include("User").Where(p => (p.BlogPostId == postID)).OrderByDescending(p => p.DatePosted).Skip(startCommentID).Take(count).ToList();
  256. List<CommentViewModel> commentViews = new List<CommentViewModel>();
  257. if (comments != null)
  258. {
  259. foreach (BlogPostComment comment in comments)
  260. {
  261. commentViews.Add(new CommentViewModel(comment));
  262. }
  263. }
  264. return PartialView("~/Areas/Blog/Views/Blog/Comments.cshtml", commentViews);
  265. }
  266. [HttpPost]
  267. [AllowAnonymous]
  268. public ActionResult GetCommentArticle(int commentID)
  269. {
  270. BlogPostComment comment = db.BlogComments.Where(p => (p.BlogPostCommentId == commentID)).First();
  271. if (comment != null)
  272. {
  273. return Json(new { result = comment.Article });
  274. }
  275. return Json(new { error = "No article found" });
  276. }
  277. [HttpPost]
  278. public ActionResult CreateComment(int postID, string article)
  279. {
  280. if (ModelState.IsValid)
  281. {
  282. if (db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault() != null)
  283. {
  284. BlogPostComment comment = db.BlogComments.Create();
  285. comment.BlogPostId = postID;
  286. comment.UserId = db.Users.Where(u => u.Username == User.Identity.Name).First().UserId;
  287. comment.Article = article;
  288. comment.DatePosted = DateTime.Now;
  289. comment.DateEdited = DateTime.Now;
  290. db.BlogComments.Add(comment);
  291. db.SaveChanges();
  292. return Json(new { result = true });
  293. }
  294. return Json(new { error = "The post does not exist" });
  295. }
  296. return Json(new { error = "Invalid Parameters" });
  297. }
  298. [HttpPost]
  299. public ActionResult EditComment(int commentID, string article)
  300. {
  301. if (ModelState.IsValid)
  302. {
  303. BlogPostComment comment = db.BlogComments.Include("User").Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  304. if (comment != null)
  305. {
  306. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  307. {
  308. comment.Article = article;
  309. comment.DateEdited = DateTime.Now;
  310. db.Entry(comment).State = EntityState.Modified;
  311. db.SaveChanges();
  312. return Json(new { result = true });
  313. }
  314. return Json(new { error = "You don't have permission to edit this comment" });
  315. }
  316. return Json(new { error = "No comment found" });
  317. }
  318. return Json(new { error = "Invalid Parameters" });
  319. }
  320. [HttpPost]
  321. public ActionResult DeleteComment(int commentID)
  322. {
  323. if (ModelState.IsValid)
  324. {
  325. BlogPostComment comment = db.BlogComments.Include("User").Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  326. if (comment != null)
  327. {
  328. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  329. {
  330. db.BlogComments.Remove(comment);
  331. db.SaveChanges();
  332. return Json(new { result = true });
  333. }
  334. return Json(new { error = "You don't have permission to delete this comment" });
  335. }
  336. return Json(new { error = "No comment found" });
  337. }
  338. return Json(new { error = "Invalid Parameters" });
  339. }
  340. #endregion
  341. }
  342. }