public bool SubmitComment([FromBody] CommentSubmissionModel cm)
        {
            var sanitizer = new Ganss.XSS.HtmlSanitizer();

            using (var db = new ChaliceDb())
            {
                db.BeginTransaction();

                var comment = new Comment
                {
                    Glyph       = cm.Glyph,
                    CommentText = sanitizer.Sanitize(cm.Text),
                    PostedBy    = User.Identity.Name,
                    Posted      = System.DateTime.Now
                };

                var history = new UserHistory
                {
                    UserName = User.Identity.Name,
                    Action   = "comment",
                    Target   = cm.Glyph,
                    Value    = "",
                    Created  = System.DateTime.Now
                };

                db.InsertWithIdentity(comment);
                db.InsertWithIdentity(history);

                db.CommitTransaction();
            }

            return(true);
        }
Beispiel #2
0
        public IActionResult PostNewHomepageItem([FromForm] HomePageItem item)
        {
            if (UserHasAdminRoles() == false)
            {
                return(View("_Error", "You are not authorized to do this"));
            }

            using (var db = new ChaliceDb())
            {
                db.BeginTransaction();

                db.InsertWithIdentity(new Article
                {
                    Section  = "homepage",
                    Title    = item.Title,
                    Content  = item.Content,
                    PostedBy = User.Identity.Name,
                    Posted   = System.DateTime.Now
                });

                db.InsertWithIdentity(new UserHistory
                {
                    UserName = User.Identity.Name,
                    Action   = "new_article",
                    Target   = "homepage",
                    Value    = item.Title,
                    Created  = System.DateTime.Now
                });

                db.CommitTransaction();
            }

            return(Redirect("/"));
        }
Beispiel #3
0
        public IActionResult DeleteGlyph([FromBody] string glyphId)
        {
            if (UserHasAdminRoles() == false)
            {
                return(View("_Error", "You are not authorized to do this"));
            }

            // Delete glyph and associated history items (created + votes)
            using (var db = new ChaliceDb())
            {
                db.BeginTransaction();

                db.DungeonGlyphs.Delete(d => d.Glyph == glyphId);
                db.UserHistory.Delete(h => h.Target == glyphId);

                db.CommitTransaction();
            }

            return(Ok("deleted"));
        }
Beispiel #4
0
        public IActionResult DeleteUser([FromBody] int userId)
        {
            if (UserHasAdminRoles() == false)
            {
                return(View("_Error", "You are not authorized to do this"));
            }

            using (var db = new ChaliceDb())
            {
                db.BeginTransaction();

                var user = db.Users.FirstOrDefault(u => u.Id == userId);

                if (user == null)
                {
                    return(NotFound("user not found"));
                }

                var glyphs = db.DungeonGlyphs.Where(g => g.Submitter == user.UserName).ToList();
                if (glyphs.Count > 0)
                {
                    foreach (var g in glyphs)
                    {
                        g.Submitter = "[RemovedUser]";
                        db.Update(g);
                    }
                }

                db.Users.Delete(u => u.Id == userId);
                db.UserHistory.Delete(h => h.UserName == user.UserName);

                db.CommitTransaction();
            }

            return(Ok("user deleted"));
        }
        public bool SubmitVote([FromBody] VotePackageModel vote)
        {
            using (var db = new ChaliceDb())
            {
                db.BeginTransaction();

                var glyph = db.DungeonGlyphs.FirstOrDefault(d => d.Glyph == vote.Glyph);
                switch (vote.Vote.ToLower())
                {
                case "up":
                    glyph.Upvotes += 1;
                    break;

                case "down":
                    glyph.Downvotes += 1;
                    break;

                case "retract":
                {
                    var prevVote = db.UserHistory.FirstOrDefault(h => h.UserName == User.Identity.Name && h.Target == vote.Glyph && h.Action == "vote");
                    switch (prevVote.Value)
                    {
                    case "up": glyph.Upvotes -= 1; break;

                    case "down": glyph.Downvotes -= 1; break;

                    case "closed": glyph.ClosedVotes -= 1; break;
                    }
                    db.Delete(prevVote);
                }
                break;

                case "closed":
                {
                    // Delete previous vote if needed
                    var prevVote = db.UserHistory.FirstOrDefault(h => h.UserName == User.Identity.Name && h.Target == vote.Glyph && h.Action == "vote");
                    if (prevVote != null)
                    {
                        switch (prevVote.Value)
                        {
                        case "up": glyph.Upvotes -= 1; break;

                        case "down": glyph.Downvotes -= 1; break;
                        }
                        db.Delete(prevVote);
                    }
                    glyph.ClosedVotes += 1;
                }
                break;
                }

                db.Update(glyph);

                // Don't write history for vote retraction
                if (vote.Vote.ToLower() != "retract")
                {
                    db.InsertWithIdentity(new UserHistory
                    {
                        UserName = User.Identity.Name,
                        Action   = "vote",
                        Target   = vote.Glyph,
                        Value    = vote.Vote,
                        Created  = System.DateTime.Now
                    });
                }

                db.CommitTransaction();
            }

            return(true);
        }