The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

BlogController.cs 15KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data;
  4. using System.Data.Entity;
  5. using System.Linq;
  6. using System.Net;
  7. using System.Web;
  8. using System.Web.Mvc;
  9. using Teknik.Areas.Blog.Models;
  10. using Teknik.Areas.Blog.ViewModels;
  11. using Teknik.Areas.Profile.Models;
  12. using Teknik.Controllers;
  13. using Teknik.Helpers;
  14. using Teknik.Models;
  15. namespace Teknik.Areas.Blog.Controllers
  16. {
  17. public class BlogController : DefaultController
  18. {
  19. private TeknikEntities db = new TeknikEntities();
  20. // GET: Blogs/Details/5
  21. [AllowAnonymous]
  22. public ActionResult Blog(string username)
  23. {
  24. BlogViewModel model = new BlogViewModel();
  25. // The blog is the main site's blog
  26. if (string.IsNullOrEmpty(username))
  27. {
  28. ViewBag.Title = "Teknik Blog - " + Config.Title;
  29. bool isAuth = User.IsInRole("Admin");
  30. var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => ((p.System || isAuth) && p.Published));
  31. model = new BlogViewModel();
  32. model.BlogId = Constants.SERVERBLOGID;
  33. User user = (User.IsInRole("Admin")) ? db.Users.Where(u => u.Username == User.Identity.Name).First() : null;
  34. model.UserId = (user != null) ? user.UserId : 0;
  35. model.User = user;
  36. model.Title = Config.BlogConfig.Title;
  37. model.Description = Config.BlogConfig.Description;
  38. model.HasPosts = (foundPosts != null && foundPosts.Any());
  39. return View(model);
  40. }
  41. else // A user specific blog
  42. {
  43. Models.Blog blog = db.Blogs.Include("User").Where(p => p.User.Username == username && p.BlogId != Constants.SERVERBLOGID).FirstOrDefault();
  44. // find the blog specified
  45. if (blog != null)
  46. {
  47. ViewBag.Title = blog.User.Username + "'s Blog - " + Config.Title;
  48. bool isAuth = User.IsInRole("Admin");
  49. var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.BlogId == blog.BlogId && !p.System) &&
  50. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  51. model = new BlogViewModel();
  52. model.BlogId = blog.BlogId;
  53. model.UserId = blog.UserId;
  54. model.User = blog.User;
  55. model.Title = blog.User.BlogSettings.Title;
  56. model.Description = blog.User.BlogSettings.Description;
  57. model.HasPosts = (foundPosts != null);
  58. return View(model);
  59. }
  60. }
  61. model.Error = true;
  62. return View(model);
  63. }
  64. #region Posts
  65. [AllowAnonymous]
  66. public ActionResult Post(string username, int id)
  67. {
  68. if (string.IsNullOrEmpty(username))
  69. {
  70. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  71. }
  72. // find the post specified
  73. bool isAuth = User.IsInRole("Admin");
  74. var post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.Blog.User.Username == username && p.BlogPostId == id) &&
  75. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  76. if (post != null)
  77. {
  78. PostViewModel model = new PostViewModel(post);
  79. ViewBag.Title = model.Title + " - " + username + "'s Blog - " + Config.Title;
  80. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  81. }
  82. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", null);
  83. }
  84. [HttpPost]
  85. [AllowAnonymous]
  86. public ActionResult GetPosts(int blogID, int startPostID, int count)
  87. {
  88. bool isAuth = User.IsInRole("Admin");
  89. var posts = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => ((p.BlogId == blogID && !p.System) || (p.System && blogID == Constants.SERVERBLOGID)) &&
  90. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).OrderByDescending(p => p.DatePosted).Skip(startPostID).Take(count).ToList();
  91. List<PostViewModel> postViews = new List<PostViewModel>();
  92. if (posts != null)
  93. {
  94. foreach (BlogPost post in posts)
  95. {
  96. postViews.Add(new PostViewModel(post));
  97. }
  98. }
  99. return PartialView("~/Areas/Blog/Views/Blog/Posts.cshtml", postViews);
  100. }
  101. [HttpPost]
  102. [AllowAnonymous]
  103. public ActionResult GetPostTitle(int postID)
  104. {
  105. bool isAuth = User.IsInRole("Admin");
  106. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.BlogPostId == postID) && (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  107. if (post != null)
  108. {
  109. return Json(new { result = post.Title });
  110. }
  111. return Json(new { error = "No title found" });
  112. }
  113. [HttpPost]
  114. [AllowAnonymous]
  115. public ActionResult GetPostArticle(int postID)
  116. {
  117. bool isAuth = User.IsInRole("Admin");
  118. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => (p.BlogPostId == postID) && (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  119. if (post != null)
  120. {
  121. return Json(new { result = post.Article });
  122. }
  123. return Json(new { error = "No article found" });
  124. }
  125. [HttpPost]
  126. [ValidateAntiForgeryToken]
  127. public ActionResult CreatePost(int blogID, string title, string article)
  128. {
  129. if (ModelState.IsValid)
  130. {
  131. if (User.IsInRole("Admin") || db.Blogs.Where(b => b.User.Username == User.Identity.Name).FirstOrDefault() != null)
  132. {
  133. bool system = (blogID == Constants.SERVERBLOGID);
  134. if (system)
  135. {
  136. var user = db.Blogs.Include("User").Where(b => b.User.Username == User.Identity.Name);
  137. if (user != null)
  138. {
  139. blogID = user.First().BlogId;
  140. }
  141. }
  142. BlogPost post = db.BlogPosts.Create();
  143. post.BlogId = blogID;
  144. post.Title = title;
  145. post.Article = article;
  146. post.System = system;
  147. post.DatePosted = DateTime.Now;
  148. post.DatePublished = DateTime.Now;
  149. post.DateEdited = DateTime.Now;
  150. db.BlogPosts.Add(post);
  151. db.SaveChanges();
  152. return Json(new { result = true });
  153. }
  154. return Json(new { error = "You are not authorized to create a post for this blog" });
  155. }
  156. return Json(new { error = "No post created" });
  157. }
  158. [HttpPost]
  159. [ValidateAntiForgeryToken]
  160. public ActionResult EditPost(int postID, string title, string article)
  161. {
  162. if (ModelState.IsValid)
  163. {
  164. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => p.BlogPostId == postID).FirstOrDefault();
  165. if (post != null)
  166. {
  167. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  168. {
  169. post.Title = title;
  170. post.Article = article;
  171. post.DateEdited = DateTime.Now;
  172. db.Entry(post).State = EntityState.Modified;
  173. db.SaveChanges();
  174. return Json(new { result = true });
  175. }
  176. return Json(new { error = "You are not authorized to edit this post" });
  177. }
  178. return Json(new { error = "No post found" });
  179. }
  180. return Json(new { error = "Invalid Parameters" });
  181. }
  182. [HttpPost]
  183. [ValidateAntiForgeryToken]
  184. public ActionResult PublishPost(int postID, bool publish)
  185. {
  186. if (ModelState.IsValid)
  187. {
  188. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => p.BlogPostId == postID).FirstOrDefault();
  189. if (post != null)
  190. {
  191. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  192. {
  193. post.Published = publish;
  194. if (publish)
  195. post.DatePublished = DateTime.Now;
  196. db.Entry(post).State = EntityState.Modified;
  197. db.SaveChanges();
  198. return Json(new { result = true });
  199. }
  200. return Json(new { error = "You are not authorized to publish this post" });
  201. }
  202. return Json(new { error = "No post found" });
  203. }
  204. return Json(new { error = "Invalid Parameters" });
  205. }
  206. [HttpPost]
  207. [ValidateAntiForgeryToken]
  208. public ActionResult DeletePost(int postID)
  209. {
  210. if (ModelState.IsValid)
  211. {
  212. BlogPost post = db.BlogPosts.Include("Blog").Include("Blog.User").Where(p => p.BlogPostId == postID).FirstOrDefault();
  213. if (post != null)
  214. {
  215. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  216. {
  217. db.BlogPosts.Remove(post);
  218. db.SaveChanges();
  219. return Json(new { result = true });
  220. }
  221. return Json(new { error = "You are not authorized to delete this post" });
  222. }
  223. return Json(new { error = "No post found" });
  224. }
  225. return Json(new { error = "Invalid Parameters" });
  226. }
  227. #endregion
  228. #region Comments
  229. [HttpPost]
  230. [AllowAnonymous]
  231. public ActionResult GetComments(int postID, int startCommentID, int count)
  232. {
  233. var comments = db.BlogComments.Include("BlogPost").Include("BlogPost.Blog").Include("BlogPost.Blog.User").Include("User").Where(p => (p.BlogPostId == postID)).OrderByDescending(p => p.DatePosted).Skip(startCommentID).Take(count).ToList();
  234. List<CommentViewModel> commentViews = new List<CommentViewModel>();
  235. if (comments != null)
  236. {
  237. foreach (BlogPostComment comment in comments)
  238. {
  239. commentViews.Add(new CommentViewModel(comment));
  240. }
  241. }
  242. return PartialView("~/Areas/Blog/Views/Blog/Comments.cshtml", commentViews);
  243. }
  244. [HttpPost]
  245. [AllowAnonymous]
  246. public ActionResult GetCommentArticle(int commentID)
  247. {
  248. BlogPostComment comment = db.BlogComments.Where(p => (p.BlogPostCommentId == commentID)).First();
  249. if (comment != null)
  250. {
  251. return Json(new { result = comment.Article });
  252. }
  253. return Json(new { error = "No article found" });
  254. }
  255. [HttpPost]
  256. [ValidateAntiForgeryToken]
  257. public ActionResult CreateComment(int postID, string article)
  258. {
  259. if (ModelState.IsValid)
  260. {
  261. if (db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault() != null)
  262. {
  263. BlogPostComment comment = db.BlogComments.Create();
  264. comment.BlogPostId = postID;
  265. comment.UserId = db.Users.Where(u => u.Username == User.Identity.Name).First().UserId;
  266. comment.Article = article;
  267. comment.DatePosted = DateTime.Now;
  268. comment.DateEdited = DateTime.Now;
  269. db.BlogComments.Add(comment);
  270. db.SaveChanges();
  271. return Json(new { result = true });
  272. }
  273. return Json(new { error = "The post does not exist" });
  274. }
  275. return Json(new { error = "Invalid Parameters" });
  276. }
  277. [HttpPost]
  278. [ValidateAntiForgeryToken]
  279. public ActionResult EditComment(int commentID, string article)
  280. {
  281. if (ModelState.IsValid)
  282. {
  283. BlogPostComment comment = db.BlogComments.Include("User").Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  284. if (comment != null)
  285. {
  286. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  287. {
  288. comment.Article = article;
  289. comment.DateEdited = DateTime.Now;
  290. db.Entry(comment).State = EntityState.Modified;
  291. db.SaveChanges();
  292. return Json(new { result = true });
  293. }
  294. return Json(new { error = "You don't have permission to edit this comment" });
  295. }
  296. return Json(new { error = "No comment found" });
  297. }
  298. return Json(new { error = "Invalid Parameters" });
  299. }
  300. [HttpPost]
  301. [ValidateAntiForgeryToken]
  302. public ActionResult DeleteComment(int commentID)
  303. {
  304. if (ModelState.IsValid)
  305. {
  306. BlogPostComment comment = db.BlogComments.Include("User").Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  307. if (comment != null)
  308. {
  309. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  310. {
  311. db.BlogComments.Remove(comment);
  312. db.SaveChanges();
  313. return Json(new { result = true });
  314. }
  315. return Json(new { error = "You don't have permission to delete this comment" });
  316. }
  317. return Json(new { error = "No comment found" });
  318. }
  319. return Json(new { error = "Invalid Parameters" });
  320. }
  321. #endregion
  322. }
  323. }