The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

BlogController.cs 20KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data;
  4. using System.Data.Entity;
  5. using System.Linq;
  6. using System.Net;
  7. using System.Web;
  8. using System.Web.Mvc;
  9. using Teknik.Areas.Blog.Models;
  10. using Teknik.Areas.Blog.ViewModels;
  11. using Teknik.Areas.Users.Models;
  12. using Teknik.Areas.Users.Utility;
  13. using Teknik.Controllers;
  14. using Teknik.Filters;
  15. using Teknik.Helpers;
  16. using Teknik.Models;
  17. namespace Teknik.Areas.Blog.Controllers
  18. {
  19. public class BlogController : DefaultController
  20. {
  21. private TeknikEntities db = new TeknikEntities();
  22. // GET: Blogs/Details/5
  23. [TrackPageView]
  24. [AllowAnonymous]
  25. public ActionResult Blog(string username)
  26. {
  27. BlogViewModel model = new BlogViewModel();
  28. // The blog is the main site's blog
  29. if (string.IsNullOrEmpty(username))
  30. {
  31. ViewBag.Title = Config.BlogConfig.Title + " - " + Config.Title;
  32. ViewBag.Description = Config.BlogConfig.Description;
  33. bool isAuth = User.IsInRole("Admin");
  34. var foundPosts = db.BlogPosts.Where(p => ((p.System || isAuth) && p.Published));
  35. model = new BlogViewModel();
  36. model.BlogId = Config.BlogConfig.ServerBlogId;
  37. User user = (User.IsInRole("Admin")) ? UserHelper.GetUser(db, User.Identity.Name) : null;
  38. model.UserId = (user != null) ? user.UserId : 0;
  39. model.User = user;
  40. model.Title = Config.BlogConfig.Title;
  41. model.Description = Config.BlogConfig.Description;
  42. model.HasPosts = (foundPosts != null && foundPosts.Any());
  43. return View(model);
  44. }
  45. else // A user specific blog
  46. {
  47. Models.Blog blog = db.Blogs.Where(p => p.User.Username == username && p.BlogId != Config.BlogConfig.ServerBlogId).FirstOrDefault();
  48. // find the blog specified
  49. if (blog != null)
  50. {
  51. ViewBag.Title = blog.User.Username + "'s Blog - " + Config.Title;
  52. if (!string.IsNullOrEmpty(blog.User.BlogSettings.Title))
  53. {
  54. ViewBag.Title = blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  55. }
  56. ViewBag.Description = blog.User.BlogSettings.Description;
  57. bool isAuth = User.IsInRole("Admin");
  58. var foundPosts = db.BlogPosts.Where(p => (p.BlogId == blog.BlogId && !p.System) &&
  59. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  60. model = new BlogViewModel();
  61. model.BlogId = blog.BlogId;
  62. model.UserId = blog.UserId;
  63. model.User = blog.User;
  64. model.Title = blog.User.BlogSettings.Title;
  65. model.Description = blog.User.BlogSettings.Description;
  66. model.HasPosts = (foundPosts != null);
  67. return View(model);
  68. }
  69. }
  70. model.Error = true;
  71. return View(model);
  72. }
  73. #region Posts
  74. [TrackPageView]
  75. [AllowAnonymous]
  76. public ActionResult Post(string username, int id)
  77. {
  78. if (string.IsNullOrEmpty(username))
  79. {
  80. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  81. }
  82. PostViewModel model = new PostViewModel();
  83. // find the post specified
  84. bool isAuth = User.IsInRole("Admin");
  85. var post = db.BlogPosts.Where(p => (p.Blog.User.Username == username && p.BlogPostId == id) &&
  86. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  87. if (post != null)
  88. {
  89. model = new PostViewModel(post);
  90. if (post.System)
  91. {
  92. ViewBag.Title = model.Title + " - " + Config.BlogConfig.Title + " - " + Config.Title;
  93. ViewBag.Description = Config.BlogConfig.Description;
  94. }
  95. else
  96. {
  97. ViewBag.Title = username + "'s Blog - " + Config.Title;
  98. if (!string.IsNullOrEmpty(post.Blog.User.BlogSettings.Title))
  99. {
  100. ViewBag.Title = post.Blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  101. }
  102. ViewBag.Title = model.Title + " - " + ViewBag.Title;
  103. ViewBag.Description = post.Blog.User.BlogSettings.Description;
  104. }
  105. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  106. }
  107. model.Error = true;
  108. model.ErrorMessage = "Blog Post does not exist.";
  109. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  110. }
  111. public ActionResult NewPost(string username)
  112. {
  113. if (string.IsNullOrEmpty(username))
  114. {
  115. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  116. }
  117. BlogViewModel model = new BlogViewModel();
  118. // find the post specified
  119. bool isAuth = User.IsInRole("Admin");
  120. var blog = db.Blogs.Where(p => (p.User.Username == username) && (p.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  121. if (blog != null)
  122. {
  123. model = new BlogViewModel(blog);
  124. if (blog.User.Username == Constants.SERVERUSER)
  125. {
  126. ViewBag.Title = model.Title + " - " + Config.BlogConfig.Title + " - " + Config.Title;
  127. ViewBag.Description = Config.BlogConfig.Description;
  128. }
  129. else
  130. {
  131. ViewBag.Title = username + "'s Blog - " + Config.Title;
  132. if (!string.IsNullOrEmpty(blog.User.BlogSettings.Title))
  133. {
  134. ViewBag.Title = blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  135. }
  136. ViewBag.Title = model.Title + " - " + ViewBag.Title;
  137. ViewBag.Description = blog.User.BlogSettings.Description;
  138. }
  139. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  140. }
  141. model.Error = true;
  142. model.ErrorMessage = "Blog does not exist.";
  143. return View("~/Areas/Blog/Views/Blog/Blog.cshtml", model);
  144. }
  145. public ActionResult EditPost(string username, int id)
  146. {
  147. if (string.IsNullOrEmpty(username))
  148. {
  149. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  150. }
  151. PostViewModel model = new PostViewModel();
  152. // find the post specified
  153. bool isAuth = User.IsInRole("Admin");
  154. var post = db.BlogPosts.Where(p => (p.Blog.User.Username == username && p.BlogPostId == id) &&
  155. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  156. if (post != null)
  157. {
  158. model = new PostViewModel(post);
  159. if (post.System)
  160. {
  161. ViewBag.Title = model.Title + " - " + Config.BlogConfig.Title + " - " + Config.Title;
  162. ViewBag.Description = Config.BlogConfig.Description;
  163. }
  164. else
  165. {
  166. ViewBag.Title = username + "'s Blog - " + Config.Title;
  167. if (!string.IsNullOrEmpty(post.Blog.User.BlogSettings.Title))
  168. {
  169. ViewBag.Title = post.Blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  170. }
  171. ViewBag.Title = model.Title + " - " + ViewBag.Title;
  172. ViewBag.Description = post.Blog.User.BlogSettings.Description;
  173. }
  174. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  175. }
  176. model.Error = true;
  177. model.ErrorMessage = "Blog Post does not exist.";
  178. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  179. }
  180. [HttpPost]
  181. [AllowAnonymous]
  182. public ActionResult GetPosts(int blogID, int startPostID, int count)
  183. {
  184. bool isAuth = User.IsInRole("Admin");
  185. var posts = db.BlogPosts.Where(p => ((p.BlogId == blogID && !p.System) || (p.System && blogID == Config.BlogConfig.ServerBlogId)) &&
  186. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).OrderByDescending(p => p.DatePosted).Skip(startPostID).Take(count).ToList();
  187. List<PostViewModel> postViews = new List<PostViewModel>();
  188. if (posts != null)
  189. {
  190. foreach (BlogPost post in posts)
  191. {
  192. postViews.Add(new PostViewModel(post));
  193. }
  194. }
  195. return PartialView("~/Areas/Blog/Views/Blog/Posts.cshtml", postViews);
  196. }
  197. [HttpPost]
  198. public ActionResult CreatePost(int blogID, string title, string article)
  199. {
  200. BlogViewModel model = new BlogViewModel();
  201. if (ModelState.IsValid)
  202. {
  203. bool isAuth = User.IsInRole("Admin");
  204. var blog = db.Blogs.Where(p => (p.BlogId == blogID) && (p.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  205. if (blog != null)
  206. {
  207. if (User.IsInRole("Admin") || db.Blogs.Where(b => b.User.Username == User.Identity.Name).FirstOrDefault() != null)
  208. {
  209. // Validate the fields
  210. if (string.IsNullOrEmpty(title))
  211. {
  212. model.Error = true;
  213. model.ErrorMessage = "You must write something for the title";
  214. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  215. }
  216. if (string.IsNullOrEmpty(article))
  217. {
  218. model.Error = true;
  219. model.ErrorMessage = "You must write something for the article";
  220. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  221. }
  222. bool system = (blogID == Config.BlogConfig.ServerBlogId);
  223. if (system)
  224. {
  225. var user = db.Blogs.Where(b => b.User.Username == User.Identity.Name);
  226. if (user != null)
  227. {
  228. blogID = user.First().BlogId;
  229. }
  230. }
  231. BlogPost post = db.BlogPosts.Create();
  232. post.BlogId = blogID;
  233. post.Title = title;
  234. post.Article = article;
  235. post.System = system;
  236. post.DatePosted = DateTime.Now;
  237. post.DatePublished = DateTime.Now;
  238. post.DateEdited = DateTime.Now;
  239. db.BlogPosts.Add(post);
  240. db.SaveChanges();
  241. return Post(blog.User.Username, post.BlogPostId);
  242. }
  243. model.Error = true;
  244. model.ErrorMessage = "You are not authorized to create a post for this blog";
  245. return View("~/Areas/Blog/Views/Blog/Blog.cshtml", model);
  246. }
  247. model.Error = true;
  248. model.ErrorMessage = "Blog does not exist.";
  249. return View("~/Areas/Blog/Views/Blog/Blog.cshtml", model);
  250. }
  251. model.Error = true;
  252. model.ErrorMessage = "No post created";
  253. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  254. }
  255. [HttpPost]
  256. public ActionResult EditPost(int postID, string title, string article)
  257. {
  258. PostViewModel model = new PostViewModel();
  259. if (ModelState.IsValid)
  260. {
  261. BlogPost post = db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault();
  262. if (post != null)
  263. {
  264. model = new PostViewModel(post);
  265. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  266. {
  267. // Validate the fields
  268. if (string.IsNullOrEmpty(title))
  269. {
  270. model.Error = true;
  271. model.ErrorMessage = "You must write something for the title";
  272. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  273. }
  274. if (string.IsNullOrEmpty(article))
  275. {
  276. model.Error = true;
  277. model.ErrorMessage = "You must write something for the article";
  278. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  279. }
  280. post.Title = title;
  281. post.Article = article;
  282. post.DateEdited = DateTime.Now;
  283. db.Entry(post).State = EntityState.Modified;
  284. db.SaveChanges();
  285. return Post(post.Blog.User.Username, post.BlogPostId);
  286. }
  287. model.Error = true;
  288. model.ErrorMessage = "You are not authorized to edit this post";
  289. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  290. }
  291. model.Error = true;
  292. model.ErrorMessage = "Post does not exist.";
  293. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  294. }
  295. model.Error = true;
  296. model.ErrorMessage = "Invalid Parameters";
  297. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  298. }
  299. [HttpPost]
  300. public ActionResult PublishPost(int postID, bool publish)
  301. {
  302. if (ModelState.IsValid)
  303. {
  304. BlogPost post = db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault();
  305. if (post != null)
  306. {
  307. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  308. {
  309. post.Published = publish;
  310. if (publish)
  311. post.DatePublished = DateTime.Now;
  312. db.Entry(post).State = EntityState.Modified;
  313. db.SaveChanges();
  314. return Json(new { result = true });
  315. }
  316. return Json(new { error = "You are not authorized to publish this post" });
  317. }
  318. return Json(new { error = "No post found" });
  319. }
  320. return Json(new { error = "Invalid Parameters" });
  321. }
  322. [HttpPost]
  323. public ActionResult DeletePost(int postID)
  324. {
  325. if (ModelState.IsValid)
  326. {
  327. BlogPost post = db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault();
  328. if (post != null)
  329. {
  330. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  331. {
  332. db.BlogPosts.Remove(post);
  333. db.SaveChanges();
  334. return Json(new { result = true });
  335. }
  336. return Json(new { error = "You are not authorized to delete this post" });
  337. }
  338. return Json(new { error = "No post found" });
  339. }
  340. return Json(new { error = "Invalid Parameters" });
  341. }
  342. #endregion
  343. #region Comments
  344. [HttpPost]
  345. [AllowAnonymous]
  346. public ActionResult GetComments(int postID, int startCommentID, int count)
  347. {
  348. var comments = db.BlogComments.Where(p => (p.BlogPostId == postID)).OrderByDescending(p => p.DatePosted).Skip(startCommentID).Take(count).ToList();
  349. List<CommentViewModel> commentViews = new List<CommentViewModel>();
  350. if (comments != null)
  351. {
  352. foreach (BlogPostComment comment in comments)
  353. {
  354. commentViews.Add(new CommentViewModel(comment));
  355. }
  356. }
  357. return PartialView("~/Areas/Blog/Views/Blog/Comments.cshtml", commentViews);
  358. }
  359. [HttpPost]
  360. [AllowAnonymous]
  361. public ActionResult GetCommentArticle(int commentID)
  362. {
  363. BlogPostComment comment = db.BlogComments.Where(p => (p.BlogPostCommentId == commentID)).First();
  364. if (comment != null)
  365. {
  366. return Json(new { result = comment.Article });
  367. }
  368. return Json(new { error = "No article found" });
  369. }
  370. [HttpPost]
  371. public ActionResult CreateComment(int postID, string article)
  372. {
  373. if (ModelState.IsValid)
  374. {
  375. if (db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault() != null)
  376. {
  377. BlogPostComment comment = db.BlogComments.Create();
  378. comment.BlogPostId = postID;
  379. comment.UserId = UserHelper.GetUser(db, User.Identity.Name).UserId;
  380. comment.Article = article;
  381. comment.DatePosted = DateTime.Now;
  382. comment.DateEdited = DateTime.Now;
  383. db.BlogComments.Add(comment);
  384. db.SaveChanges();
  385. return Json(new { result = true });
  386. }
  387. return Json(new { error = "The post does not exist" });
  388. }
  389. return Json(new { error = "Invalid Parameters" });
  390. }
  391. [HttpPost]
  392. public ActionResult EditComment(int commentID, string article)
  393. {
  394. if (ModelState.IsValid)
  395. {
  396. BlogPostComment comment = db.BlogComments.Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  397. if (comment != null)
  398. {
  399. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  400. {
  401. comment.Article = article;
  402. comment.DateEdited = DateTime.Now;
  403. db.Entry(comment).State = EntityState.Modified;
  404. db.SaveChanges();
  405. return Json(new { result = true });
  406. }
  407. return Json(new { error = "You don't have permission to edit this comment" });
  408. }
  409. return Json(new { error = "No comment found" });
  410. }
  411. return Json(new { error = "Invalid Parameters" });
  412. }
  413. [HttpPost]
  414. public ActionResult DeleteComment(int commentID)
  415. {
  416. if (ModelState.IsValid)
  417. {
  418. BlogPostComment comment = db.BlogComments.Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  419. if (comment != null)
  420. {
  421. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  422. {
  423. db.BlogComments.Remove(comment);
  424. db.SaveChanges();
  425. return Json(new { result = true });
  426. }
  427. return Json(new { error = "You don't have permission to delete this comment" });
  428. }
  429. return Json(new { error = "No comment found" });
  430. }
  431. return Json(new { error = "Invalid Parameters" });
  432. }
  433. #endregion
  434. }
  435. }