The next generation of the Teknik Services. Written in ASP.NET.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

BlogController.cs 20KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data;
  4. using System.Data.Entity;
  5. using System.Linq;
  6. using System.Net;
  7. using System.Web;
  8. using System.Web.Mvc;
  9. using Teknik.Areas.Blog.Models;
  10. using Teknik.Areas.Blog.ViewModels;
  11. using Teknik.Areas.Users.Models;
  12. using Teknik.Areas.Users.Utility;
  13. using Teknik.Controllers;
  14. using Teknik.Filters;
  15. using Teknik.Utilities;
  16. using Teknik.Models;
  17. using Teknik.Attributes;
  18. namespace Teknik.Areas.Blog.Controllers
  19. {
  20. [TeknikAuthorize]
  21. public class BlogController : DefaultController
  22. {
  23. private TeknikEntities db = new TeknikEntities();
  24. // GET: Blogs/Details/5
  25. [TrackPageView]
  26. [AllowAnonymous]
  27. public ActionResult Blog(string username)
  28. {
  29. BlogViewModel model = new BlogViewModel();
  30. // The blog is the main site's blog
  31. if (string.IsNullOrEmpty(username))
  32. {
  33. ViewBag.Title = Config.BlogConfig.Title + " - " + Config.Title;
  34. ViewBag.Description = Config.BlogConfig.Description;
  35. bool isAuth = User.IsInRole("Admin");
  36. var foundPosts = db.BlogPosts.Where(p => ((p.System || isAuth) && p.Published));
  37. model = new BlogViewModel();
  38. model.BlogId = Config.BlogConfig.ServerBlogId;
  39. User user = (User.IsInRole("Admin")) ? UserHelper.GetUser(db, User.Identity.Name) : null;
  40. model.UserId = (user != null) ? user.UserId : 0;
  41. model.User = user;
  42. model.Title = Config.BlogConfig.Title;
  43. model.Description = Config.BlogConfig.Description;
  44. model.HasPosts = (foundPosts != null && foundPosts.Any());
  45. return View(model);
  46. }
  47. else // A user specific blog
  48. {
  49. Models.Blog blog = db.Blogs.Where(p => p.User.Username == username && p.BlogId != Config.BlogConfig.ServerBlogId).FirstOrDefault();
  50. // find the blog specified
  51. if (blog != null)
  52. {
  53. ViewBag.Title = blog.User.Username + "'s Blog - " + Config.Title;
  54. if (!string.IsNullOrEmpty(blog.User.BlogSettings.Title))
  55. {
  56. ViewBag.Title = blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  57. }
  58. ViewBag.Description = blog.User.BlogSettings.Description;
  59. bool isAuth = User.IsInRole("Admin");
  60. var foundPosts = db.BlogPosts.Where(p => (p.BlogId == blog.BlogId && !p.System) &&
  61. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  62. model = new BlogViewModel();
  63. model.BlogId = blog.BlogId;
  64. model.UserId = blog.UserId;
  65. model.User = blog.User;
  66. model.Title = blog.User.BlogSettings.Title;
  67. model.Description = blog.User.BlogSettings.Description;
  68. model.HasPosts = (foundPosts != null);
  69. return View(model);
  70. }
  71. }
  72. model.Error = true;
  73. return View(model);
  74. }
  75. #region Posts
  76. [TrackPageView]
  77. [AllowAnonymous]
  78. public ActionResult Post(string username, int id)
  79. {
  80. if (string.IsNullOrEmpty(username))
  81. {
  82. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  83. }
  84. PostViewModel model = new PostViewModel();
  85. // find the post specified
  86. bool isAuth = User.IsInRole("Admin");
  87. var post = db.BlogPosts.Where(p => p.BlogPostId == id && (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  88. if (post != null)
  89. {
  90. model = new PostViewModel(post);
  91. if (post.System)
  92. {
  93. ViewBag.Title = model.Title + " - " + Config.BlogConfig.Title + " - " + Config.Title;
  94. ViewBag.Description = Config.BlogConfig.Description;
  95. }
  96. else
  97. {
  98. ViewBag.Title = username + "'s Blog - " + Config.Title;
  99. if (!string.IsNullOrEmpty(post.Blog.User.BlogSettings.Title))
  100. {
  101. ViewBag.Title = post.Blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  102. }
  103. ViewBag.Title = model.Title + " - " + ViewBag.Title;
  104. ViewBag.Description = post.Blog.User.BlogSettings.Description;
  105. }
  106. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  107. }
  108. model.Error = true;
  109. model.ErrorMessage = "Blog Post does not exist.";
  110. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  111. }
  112. public ActionResult NewPost(string username, int blogID)
  113. {
  114. if (string.IsNullOrEmpty(username))
  115. {
  116. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  117. }
  118. BlogViewModel model = new BlogViewModel();
  119. // find the post specified
  120. bool isAuth = User.IsInRole("Admin");
  121. var blog = db.Blogs.Where(p => (p.BlogId == blogID) && (p.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  122. if (blog != null)
  123. {
  124. model = new BlogViewModel(blog);
  125. if (blog.User.Username == Constants.SERVERUSER)
  126. {
  127. ViewBag.Title = "Create Post - " + Config.BlogConfig.Title + " - " + Config.Title;
  128. ViewBag.Description = Config.BlogConfig.Description;
  129. }
  130. else
  131. {
  132. ViewBag.Title = username + "'s Blog - " + Config.Title;
  133. if (!string.IsNullOrEmpty(blog.User.BlogSettings.Title))
  134. {
  135. ViewBag.Title = blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  136. }
  137. ViewBag.Title = "Create Post - " + ViewBag.Title;
  138. ViewBag.Description = blog.User.BlogSettings.Description;
  139. }
  140. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  141. }
  142. model.Error = true;
  143. model.ErrorMessage = "Blog does not exist.";
  144. return View("~/Areas/Blog/Views/Blog/Blog.cshtml", model);
  145. }
  146. public ActionResult EditPost(string username, int id)
  147. {
  148. if (string.IsNullOrEmpty(username))
  149. {
  150. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
  151. }
  152. PostViewModel model = new PostViewModel();
  153. // find the post specified
  154. bool isAuth = User.IsInRole("Admin");
  155. var post = db.BlogPosts.Where(p => (p.Blog.User.Username == username && p.BlogPostId == id) &&
  156. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  157. if (post != null)
  158. {
  159. model = new PostViewModel(post);
  160. if (post.System)
  161. {
  162. ViewBag.Title = "Edit Post - " + model.Title + " - " + Config.BlogConfig.Title + " - " + Config.Title;
  163. ViewBag.Description = Config.BlogConfig.Description;
  164. }
  165. else
  166. {
  167. ViewBag.Title = username + "'s Blog - " + Config.Title;
  168. if (!string.IsNullOrEmpty(post.Blog.User.BlogSettings.Title))
  169. {
  170. ViewBag.Title = post.Blog.User.BlogSettings.Title + " - " + ViewBag.Title;
  171. }
  172. ViewBag.Title = "Edit Post - " + model.Title + " - " + ViewBag.Title;
  173. ViewBag.Description = post.Blog.User.BlogSettings.Description;
  174. }
  175. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  176. }
  177. model.Error = true;
  178. model.ErrorMessage = "Blog Post does not exist.";
  179. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  180. }
  181. [HttpPost]
  182. [AllowAnonymous]
  183. public ActionResult GetPosts(int blogID, int startPostID, int count)
  184. {
  185. bool isAuth = User.IsInRole("Admin");
  186. var posts = db.BlogPosts.Where(p => ((p.BlogId == blogID && !p.System) || (p.System && blogID == Config.BlogConfig.ServerBlogId)) &&
  187. (p.Published || p.Blog.User.Username == User.Identity.Name || isAuth)).OrderByDescending(p => p.DatePosted).Skip(startPostID).Take(count).ToList();
  188. List<PostViewModel> postViews = new List<PostViewModel>();
  189. if (posts != null)
  190. {
  191. foreach (BlogPost post in posts)
  192. {
  193. postViews.Add(new PostViewModel(post));
  194. }
  195. }
  196. return PartialView("~/Areas/Blog/Views/Blog/Posts.cshtml", postViews);
  197. }
  198. [HttpPost]
  199. public ActionResult CreatePost(int blogID, string title, string article)
  200. {
  201. BlogViewModel model = new BlogViewModel();
  202. if (ModelState.IsValid)
  203. {
  204. bool isAuth = User.IsInRole("Admin");
  205. var blog = db.Blogs.Where(p => (p.BlogId == blogID) && (p.User.Username == User.Identity.Name || isAuth)).FirstOrDefault();
  206. if (blog != null)
  207. {
  208. if (User.IsInRole("Admin") || db.Blogs.Where(b => b.User.Username == User.Identity.Name).FirstOrDefault() != null)
  209. {
  210. // Validate the fields
  211. if (string.IsNullOrEmpty(title))
  212. {
  213. model.Error = true;
  214. model.ErrorMessage = "You must write something for the title";
  215. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  216. }
  217. if (string.IsNullOrEmpty(article))
  218. {
  219. model.Error = true;
  220. model.ErrorMessage = "You must write something for the article";
  221. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  222. }
  223. bool system = (blogID == Config.BlogConfig.ServerBlogId);
  224. if (system)
  225. {
  226. var user = db.Blogs.Where(b => b.User.Username == User.Identity.Name);
  227. if (user != null)
  228. {
  229. blogID = user.First().BlogId;
  230. }
  231. }
  232. BlogPost post = db.BlogPosts.Create();
  233. post.BlogId = blogID;
  234. post.Title = title;
  235. post.Article = article;
  236. post.System = system;
  237. post.DatePosted = DateTime.Now;
  238. post.DatePublished = DateTime.Now;
  239. post.DateEdited = DateTime.Now;
  240. db.BlogPosts.Add(post);
  241. db.SaveChanges();
  242. return Redirect(Url.SubRouteUrl("blog", "Blog.Post", new { username = blog.User.Username, id = post.BlogPostId }));
  243. }
  244. model.Error = true;
  245. model.ErrorMessage = "You are not authorized to create a post for this blog";
  246. return View("~/Areas/Blog/Views/Blog/Blog.cshtml", model);
  247. }
  248. model.Error = true;
  249. model.ErrorMessage = "Blog does not exist.";
  250. return View("~/Areas/Blog/Views/Blog/Blog.cshtml", model);
  251. }
  252. model.Error = true;
  253. model.ErrorMessage = "No post created";
  254. return View("~/Areas/Blog/Views/Blog/NewPost.cshtml", model);
  255. }
  256. [HttpPost]
  257. public ActionResult EditPost(int postID, string title, string article)
  258. {
  259. PostViewModel model = new PostViewModel();
  260. if (ModelState.IsValid)
  261. {
  262. BlogPost post = db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault();
  263. if (post != null)
  264. {
  265. model = new PostViewModel(post);
  266. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  267. {
  268. // Validate the fields
  269. if (string.IsNullOrEmpty(title))
  270. {
  271. model.Error = true;
  272. model.ErrorMessage = "You must write something for the title";
  273. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  274. }
  275. if (string.IsNullOrEmpty(article))
  276. {
  277. model.Error = true;
  278. model.ErrorMessage = "You must write something for the article";
  279. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  280. }
  281. post.Title = title;
  282. post.Article = article;
  283. post.DateEdited = DateTime.Now;
  284. db.Entry(post).State = EntityState.Modified;
  285. db.SaveChanges();
  286. return Redirect(Url.SubRouteUrl("blog", "Blog.Post", new { username = post.Blog.User.Username, id = post.BlogPostId }));
  287. }
  288. model.Error = true;
  289. model.ErrorMessage = "You are not authorized to edit this post";
  290. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  291. }
  292. model.Error = true;
  293. model.ErrorMessage = "Post does not exist.";
  294. return View("~/Areas/Blog/Views/Blog/ViewPost.cshtml", model);
  295. }
  296. model.Error = true;
  297. model.ErrorMessage = "Invalid Parameters";
  298. return View("~/Areas/Blog/Views/Blog/EditPost.cshtml", model);
  299. }
  300. [HttpPost]
  301. public ActionResult PublishPost(int postID, bool publish)
  302. {
  303. if (ModelState.IsValid)
  304. {
  305. BlogPost post = db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault();
  306. if (post != null)
  307. {
  308. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  309. {
  310. post.Published = publish;
  311. if (publish)
  312. post.DatePublished = DateTime.Now;
  313. db.Entry(post).State = EntityState.Modified;
  314. db.SaveChanges();
  315. return Json(new { result = true });
  316. }
  317. return Json(new { error = "You are not authorized to publish this post" });
  318. }
  319. return Json(new { error = "No post found" });
  320. }
  321. return Json(new { error = "Invalid Parameters" });
  322. }
  323. [HttpPost]
  324. public ActionResult DeletePost(int postID)
  325. {
  326. if (ModelState.IsValid)
  327. {
  328. BlogPost post = db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault();
  329. if (post != null)
  330. {
  331. if (User.IsInRole("Admin") || post.Blog.User.Username == User.Identity.Name)
  332. {
  333. db.BlogPosts.Remove(post);
  334. db.SaveChanges();
  335. return Json(new { result = true });
  336. }
  337. return Json(new { error = "You are not authorized to delete this post" });
  338. }
  339. return Json(new { error = "No post found" });
  340. }
  341. return Json(new { error = "Invalid Parameters" });
  342. }
  343. #endregion
  344. #region Comments
  345. [HttpPost]
  346. [AllowAnonymous]
  347. public ActionResult GetComments(int postID, int startCommentID, int count)
  348. {
  349. var comments = db.BlogComments.Where(p => (p.BlogPostId == postID)).OrderByDescending(p => p.DatePosted).Skip(startCommentID).Take(count).ToList();
  350. List<CommentViewModel> commentViews = new List<CommentViewModel>();
  351. if (comments != null)
  352. {
  353. foreach (BlogPostComment comment in comments)
  354. {
  355. commentViews.Add(new CommentViewModel(comment));
  356. }
  357. }
  358. return PartialView("~/Areas/Blog/Views/Blog/Comments.cshtml", commentViews);
  359. }
  360. [HttpPost]
  361. [AllowAnonymous]
  362. public ActionResult GetCommentArticle(int commentID)
  363. {
  364. BlogPostComment comment = db.BlogComments.Where(p => (p.BlogPostCommentId == commentID)).First();
  365. if (comment != null)
  366. {
  367. return Json(new { result = comment.Article });
  368. }
  369. return Json(new { error = "No article found" });
  370. }
  371. [HttpPost]
  372. public ActionResult CreateComment(int postID, string article)
  373. {
  374. if (ModelState.IsValid)
  375. {
  376. if (db.BlogPosts.Where(p => p.BlogPostId == postID).FirstOrDefault() != null)
  377. {
  378. BlogPostComment comment = db.BlogComments.Create();
  379. comment.BlogPostId = postID;
  380. comment.UserId = UserHelper.GetUser(db, User.Identity.Name).UserId;
  381. comment.Article = article;
  382. comment.DatePosted = DateTime.Now;
  383. comment.DateEdited = DateTime.Now;
  384. db.BlogComments.Add(comment);
  385. db.SaveChanges();
  386. return Json(new { result = true });
  387. }
  388. return Json(new { error = "The post does not exist" });
  389. }
  390. return Json(new { error = "Invalid Parameters" });
  391. }
  392. [HttpPost]
  393. public ActionResult EditComment(int commentID, string article)
  394. {
  395. if (ModelState.IsValid)
  396. {
  397. BlogPostComment comment = db.BlogComments.Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  398. if (comment != null)
  399. {
  400. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  401. {
  402. comment.Article = article;
  403. comment.DateEdited = DateTime.Now;
  404. db.Entry(comment).State = EntityState.Modified;
  405. db.SaveChanges();
  406. return Json(new { result = true });
  407. }
  408. return Json(new { error = "You don't have permission to edit this comment" });
  409. }
  410. return Json(new { error = "No comment found" });
  411. }
  412. return Json(new { error = "Invalid Parameters" });
  413. }
  414. [HttpPost]
  415. public ActionResult DeleteComment(int commentID)
  416. {
  417. if (ModelState.IsValid)
  418. {
  419. BlogPostComment comment = db.BlogComments.Where(c => c.BlogPostCommentId == commentID).FirstOrDefault();
  420. if (comment != null)
  421. {
  422. if (comment.User.Username == User.Identity.Name || User.IsInRole("Admin"))
  423. {
  424. db.BlogComments.Remove(comment);
  425. db.SaveChanges();
  426. return Json(new { result = true });
  427. }
  428. return Json(new { error = "You don't have permission to delete this comment" });
  429. }
  430. return Json(new { error = "No comment found" });
  431. }
  432. return Json(new { error = "Invalid Parameters" });
  433. }
  434. #endregion
  435. }
  436. }