The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

VaultController.cs 21KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data.Entity;
  4. using System.Linq;
  5. using System.Web;
  6. using System.Web.Mvc;
  7. using Teknik.Areas.Paste;
  8. using Teknik.Areas.Users.Models;
  9. using Teknik.Areas.Users.Utility;
  10. using Teknik.Areas.Vault.Models;
  11. using Teknik.Areas.Vault.ViewModels;
  12. using Teknik.Attributes;
  13. using Teknik.Configuration;
  14. using Teknik.Controllers;
  15. using Teknik.Filters;
  16. using Teknik.Models;
  17. using Teknik.Utilities;
  18. namespace Teknik.Areas.Vault.Controllers
  19. {
  20. [TeknikAuthorize]
  21. public class VaultController : DefaultController
  22. {
  23. [TrackPageView]
  24. [AllowAnonymous]
  25. public ActionResult ViewVault(string id)
  26. {
  27. using (TeknikEntities db = new TeknikEntities())
  28. {
  29. Models.Vault foundVault = db.Vaults.Where(v => v.Url == id).FirstOrDefault();
  30. if (foundVault != null)
  31. {
  32. // Update view count
  33. foundVault.Views += 1;
  34. db.Entry(foundVault).State = EntityState.Modified;
  35. db.SaveChanges();
  36. ViewBag.Title = foundVault.Title + " - Teknik Vault";
  37. VaultViewModel model = new VaultViewModel();
  38. model.CurrentSub = Subdomain;
  39. model.Url = foundVault.Url;
  40. model.UserId = foundVault.UserId;
  41. model.User = foundVault.User;
  42. model.Title = foundVault.Title;
  43. model.Description = foundVault.Description;
  44. model.DateCreated = foundVault.DateCreated;
  45. model.DateEdited = foundVault.DateEdited;
  46. if (foundVault.VaultItems.Any())
  47. {
  48. foreach (VaultItem item in foundVault.VaultItems)
  49. {
  50. if (item.GetType().BaseType == typeof(UploadVaultItem))
  51. {
  52. UploadVaultItem upload = (UploadVaultItem)item;
  53. // Increment Views
  54. upload.Upload.Downloads += 1;
  55. db.Entry(upload.Upload).State = EntityState.Modified;
  56. db.SaveChanges();
  57. UploadItemViewModel uploadModel = new UploadItemViewModel();
  58. uploadModel.VaultItemId = item.VaultItemId;
  59. uploadModel.Title = item.Title;
  60. uploadModel.Description = item.Description;
  61. uploadModel.DateAdded = item.DateAdded;
  62. uploadModel.Upload = upload.Upload;
  63. model.Items.Add(uploadModel);
  64. }
  65. else if (item.GetType().BaseType == typeof(PasteVaultItem))
  66. {
  67. PasteVaultItem paste = (PasteVaultItem)item;
  68. // Increment Views
  69. paste.Paste.Views += 1;
  70. db.Entry(paste.Paste).State = EntityState.Modified;
  71. db.SaveChanges();
  72. // Check Expiration
  73. if (PasteHelper.CheckExpiration(paste.Paste))
  74. {
  75. db.Pastes.Remove(paste.Paste);
  76. db.SaveChanges();
  77. break;
  78. }
  79. PasteItemViewModel pasteModel = new PasteItemViewModel();
  80. pasteModel.VaultItemId = item.VaultItemId;
  81. pasteModel.Title = item.Title;
  82. pasteModel.Description = item.Description;
  83. pasteModel.DateAdded = item.DateAdded;
  84. pasteModel.Paste = paste.Paste;
  85. model.Items.Add(pasteModel);
  86. }
  87. }
  88. }
  89. return View(model);
  90. }
  91. return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
  92. }
  93. }
  94. [HttpGet]
  95. [TrackPageView]
  96. [AllowAnonymous]
  97. public ActionResult NewVault()
  98. {
  99. ViewBag.Title = "Create Vault";
  100. ModifyVaultViewModel model = new ModifyVaultViewModel();
  101. model.CurrentSub = Subdomain;
  102. return View("~/Areas/Vault/Views/Vault/ModifyVault.cshtml", model);
  103. }
  104. [HttpGet]
  105. [TrackPageView]
  106. [AllowAnonymous]
  107. public ActionResult NewVaultFromService(string type, string items)
  108. {
  109. ViewBag.Title = "Create Vault";
  110. ModifyVaultViewModel model = new ModifyVaultViewModel();
  111. model.CurrentSub = Subdomain;
  112. string decodedItems = HttpUtility.UrlDecode(items);
  113. string[] allURLs = decodedItems.Split(',');
  114. int index = 0;
  115. foreach (string url in allURLs)
  116. {
  117. string[] urlInfo = url.Split(':');
  118. string uploadId = urlInfo[0];
  119. string title = string.Empty;
  120. if (urlInfo.GetUpperBound(0) >= 1)
  121. {
  122. // They also passed in the original filename, so let's use it as our title
  123. title = urlInfo[1];
  124. }
  125. if (IsValidItem(type, uploadId))
  126. {
  127. ModifyVaultItemViewModel item = new ModifyVaultItemViewModel();
  128. item.isTemplate = false;
  129. item.index = index;
  130. item.title = title;
  131. item.url = uploadId;
  132. item.type = type;
  133. model.items.Add(item);
  134. index++;
  135. }
  136. }
  137. return View("~/Areas/Vault/Views/Vault/ModifyVault.cshtml", model);
  138. }
  139. [HttpGet]
  140. [TrackPageView]
  141. public ActionResult EditVault(string url, string type, string items)
  142. {
  143. using (TeknikEntities db = new TeknikEntities())
  144. {
  145. ViewBag.Title = "Edit Vault";
  146. Vault.Models.Vault foundVault = db.Vaults.Where(v => v.Url == url).FirstOrDefault();
  147. if (foundVault != null)
  148. {
  149. if (foundVault.User.Username == User.Identity.Name)
  150. {
  151. ViewBag.Title = "Edit Vault - " + foundVault.Title;
  152. ModifyVaultViewModel model = new ModifyVaultViewModel();
  153. model.CurrentSub = Subdomain;
  154. model.isEdit = true;
  155. model.vaultId = foundVault.VaultId;
  156. model.title = foundVault.Title;
  157. model.description = foundVault.Description;
  158. int index = 0;
  159. // Add all their existing items for the vault
  160. foreach (VaultItem item in foundVault.VaultItems)
  161. {
  162. ModifyVaultItemViewModel itemModel = new ModifyVaultItemViewModel();
  163. itemModel.index = index;
  164. itemModel.isTemplate = false;
  165. if (item.GetType().BaseType == typeof(UploadVaultItem))
  166. {
  167. UploadVaultItem upload = (UploadVaultItem)item;
  168. itemModel.title = upload.Title;
  169. itemModel.description = upload.Description;
  170. itemModel.type = "Upload";
  171. itemModel.url = upload.Upload.Url;
  172. model.items.Add(itemModel);
  173. index++;
  174. }
  175. else if (item.GetType().BaseType == typeof(PasteVaultItem))
  176. {
  177. PasteVaultItem paste = (PasteVaultItem)item;
  178. itemModel.title = paste.Title;
  179. itemModel.description = paste.Description;
  180. itemModel.type = "Paste";
  181. itemModel.url = paste.Paste.Url;
  182. model.items.Add(itemModel);
  183. index++;
  184. }
  185. }
  186. // If they passed any new items in via the parameters, let's add them
  187. if (!string.IsNullOrEmpty(type) && !string.IsNullOrEmpty(items))
  188. {
  189. string decodedItems = HttpUtility.UrlDecode(items);
  190. string[] allItems = decodedItems.Split(',');
  191. foreach (string newItem in allItems)
  192. {
  193. string[] urlInfo = newItem.Split(':');
  194. string itemId = urlInfo[0];
  195. string title = string.Empty;
  196. if (urlInfo.GetUpperBound(0) >= 1)
  197. {
  198. // They also passed in the original filename, so let's use it as our title
  199. title = urlInfo[1];
  200. }
  201. if (IsValidItem(type, itemId))
  202. {
  203. ModifyVaultItemViewModel item = new ModifyVaultItemViewModel();
  204. item.isTemplate = false;
  205. item.index = index;
  206. item.title = title;
  207. item.url = itemId;
  208. item.type = type;
  209. model.items.Add(item);
  210. index++;
  211. }
  212. }
  213. }
  214. return View("~/Areas/Vault/Views/Vault/ModifyVault.cshtml", model);
  215. }
  216. return Redirect(Url.SubRouteUrl("error", "Error.Http403"));
  217. }
  218. return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
  219. }
  220. }
  221. [HttpPost]
  222. [AllowAnonymous]
  223. [ValidateAntiForgeryToken]
  224. public ActionResult CreateVault(ModifyVaultViewModel model)
  225. {
  226. if (model != null)
  227. {
  228. if (!string.IsNullOrEmpty(model.title))
  229. {
  230. using (TeknikEntities db = new TeknikEntities())
  231. {
  232. Vault.Models.Vault newVault = db.Vaults.Create();
  233. // Create a new ID
  234. string url = StringHelper.RandomString(Config.VaultConfig.UrlLength);
  235. while (db.Vaults.Where(v => v.Url == url).FirstOrDefault() != null)
  236. {
  237. url = StringHelper.RandomString(Config.VaultConfig.UrlLength);
  238. }
  239. newVault.Url = url;
  240. newVault.DateCreated = DateTime.Now;
  241. newVault.Title = model.title;
  242. newVault.Description = model.description;
  243. if (User.Identity.IsAuthenticated)
  244. {
  245. User user = UserHelper.GetUser(db, User.Identity.Name);
  246. if (user != null)
  247. {
  248. newVault.UserId = user.UserId;
  249. }
  250. }
  251. // Add/Verify items
  252. if (model.items.Any())
  253. {
  254. foreach (ModifyVaultItemViewModel item in model.items)
  255. {
  256. if (IsValidItem(item.type, item.url))
  257. {
  258. switch (item.type.ToLower())
  259. {
  260. case "upload":
  261. UploadVaultItem newUpload = new UploadVaultItem();
  262. newUpload.DateAdded = DateTime.Now;
  263. newUpload.Title = item.title;
  264. newUpload.Description = item.description;
  265. newUpload.UploadId = db.Uploads.Where(u => u.Url == item.url).FirstOrDefault().UploadId;
  266. newVault.VaultItems.Add(newUpload);
  267. break;
  268. case "paste":
  269. PasteVaultItem newPaste = new PasteVaultItem();
  270. newPaste.DateAdded = DateTime.Now;
  271. newPaste.Title = item.title;
  272. newPaste.Description = item.description;
  273. newPaste.PasteId = db.Pastes.Where(p => p.Url == item.url).FirstOrDefault().PasteId;
  274. newVault.VaultItems.Add(newPaste);
  275. break;
  276. default:
  277. return Json(new { error = new { message = "You have an invalid item type: " + item.type } });
  278. }
  279. }
  280. else
  281. {
  282. return Json(new { error = new { message = "You have an invalid item URL: " + item.url } });
  283. }
  284. }
  285. }
  286. // Add and save the new vault
  287. db.Vaults.Add(newVault);
  288. db.SaveChanges();
  289. return Json(new { result = new { url = Url.SubRouteUrl("v", "Vault.ViewVault", new { id = url }) } });
  290. }
  291. }
  292. return Json(new { error = new { message = "You must supply a Title" } });
  293. }
  294. return Json(new { error = new { message = "Invalid Parameters" } });
  295. }
  296. [HttpPost]
  297. [ValidateAntiForgeryToken]
  298. public ActionResult EditVault(ModifyVaultViewModel model)
  299. {
  300. if (model != null)
  301. {
  302. using (TeknikEntities db = new TeknikEntities())
  303. {
  304. Vault.Models.Vault foundVault = db.Vaults.Where(v => v.VaultId == model.vaultId).FirstOrDefault();
  305. if (foundVault != null)
  306. {
  307. if (foundVault.User.Username == User.Identity.Name)
  308. {
  309. foundVault.DateEdited = DateTime.Now;
  310. foundVault.Title = model.title;
  311. foundVault.Description = model.description;
  312. // Clear previous items
  313. List<VaultItem> vaultItems = db.VaultItems.Where(v => v.VaultId == foundVault.VaultId).ToList();
  314. if (vaultItems != null)
  315. {
  316. foreach (VaultItem item in vaultItems)
  317. {
  318. db.VaultItems.Remove(item);
  319. }
  320. }
  321. foundVault.VaultItems.Clear();
  322. // Add/Verify items
  323. if (model.items.Any())
  324. {
  325. foreach (ModifyVaultItemViewModel item in model.items)
  326. {
  327. if (IsValidItem(item.type, item.url))
  328. {
  329. switch (item.type.ToLower())
  330. {
  331. case "upload":
  332. UploadVaultItem newUpload = new UploadVaultItem();
  333. newUpload.DateAdded = DateTime.Now;
  334. newUpload.Title = item.title;
  335. newUpload.Description = item.description;
  336. newUpload.UploadId = db.Uploads.Where(u => u.Url == item.url).FirstOrDefault().UploadId;
  337. foundVault.VaultItems.Add(newUpload);
  338. break;
  339. case "paste":
  340. PasteVaultItem newPaste = new PasteVaultItem();
  341. newPaste.DateAdded = DateTime.Now;
  342. newPaste.Title = item.title;
  343. newPaste.Description = item.description;
  344. newPaste.PasteId = db.Pastes.Where(p => p.Url == item.url).FirstOrDefault().PasteId;
  345. foundVault.VaultItems.Add(newPaste);
  346. break;
  347. default:
  348. return Json(new { error = new { message = "You have an invalid item type: " + item.type } });
  349. }
  350. }
  351. else
  352. {
  353. return Json(new { error = new { message = "You have an invalid item URL: " + item.url } });
  354. }
  355. }
  356. }
  357. db.Entry(foundVault).State = EntityState.Modified;
  358. db.SaveChanges();
  359. return Json(new { result = new { url = Url.SubRouteUrl("v", "Vault.ViewVault", new { id = foundVault.Url }) } });
  360. }
  361. return Json(new { error = new { message = "You do not have permission to edit this Vault" } });
  362. }
  363. return Json(new { error = new { message = "That Vault does not exist" } });
  364. }
  365. }
  366. return Json(new { error = new { message = "Invalid Parameters" } });
  367. }
  368. [HttpPost]
  369. public ActionResult DeleteVault(string url)
  370. {
  371. using (TeknikEntities db = new TeknikEntities())
  372. {
  373. Vault.Models.Vault foundVault = db.Vaults.Where(v => v.Url == url).FirstOrDefault();
  374. if (foundVault != null)
  375. {
  376. if (foundVault.User.Username == User.Identity.Name)
  377. {
  378. db.Vaults.Remove(foundVault);
  379. db.SaveChanges();
  380. return Json(new { result = new { url = Url.SubRouteUrl("vault", "Vault.CreateVault") } });
  381. }
  382. return Json(new { error = new { message = "You do not have permission to edit this Vault" } });
  383. }
  384. return Json(new { error = new { message = "That Vault does not exist" } });
  385. }
  386. }
  387. [HttpPost]
  388. [AllowAnonymous]
  389. [ValidateAntiForgeryToken]
  390. public ActionResult ValidateItem(string type, string url)
  391. {
  392. if (IsValidItem(type, url))
  393. {
  394. return Json(new { result = new { valid = true } });
  395. }
  396. else
  397. {
  398. return Json(new { error = new { message = "Invalid URL Id for this Item" } });
  399. }
  400. }
  401. private bool IsValidItem(string type, string url)
  402. {
  403. bool valid = false;
  404. if (!string.IsNullOrEmpty(type) && !string.IsNullOrEmpty(url))
  405. {
  406. using (TeknikEntities db = new TeknikEntities())
  407. {
  408. switch (type.ToLower())
  409. {
  410. case "upload":
  411. Upload.Models.Upload foundUpload = db.Uploads.Where(u => u.Url == url).FirstOrDefault();
  412. if (foundUpload != null)
  413. {
  414. valid = true;
  415. }
  416. break;
  417. case "paste":
  418. Paste.Models.Paste foundPaste = db.Pastes.Where(p => p.Url == url).FirstOrDefault();
  419. if (foundPaste != null)
  420. {
  421. valid = true;
  422. }
  423. break;
  424. }
  425. }
  426. }
  427. return valid;
  428. }
  429. }
  430. }