public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login to do this.");
}
if (!WebUser.HasRole(UserRoles.Admin) &&
!WebUser.HasRole(UserRoles.Editor) &&
!WebUser.HasRole(UserRoles.Author))
{
throw new HttpException(401, "You do not have permission to do that.");
}
var mode = context.Request.Form["mode"];
var title = context.Request.Form["postTitle"];
var content = context.Request.Form["postContent"];
var slug = context.Request.Form["postSlug"];
var id = context.Request.Form["postId"];
var datePublished = context.Request.Form["postDatePublished"];
var postTags = context.Request.Form["postTags"];
var authorId = context.Request.Form["postAuthorId"];
IEnumerable <int> tags = new int[] { };
if (!string.IsNullOrEmpty(postTags))
{
tags = postTags.Split(',').Select(v => Convert.ToInt32(v));
}
if ((mode == "edit" || mode == "delete") && WebUser.HasRole(UserRoles.Author))
{
if (WebUser.UserId != Convert.ToInt32(authorId))
{
throw new HttpException(401, "You do not have permission to do that.");
}
}
if (string.IsNullOrWhiteSpace(slug))
{
slug = CreateSlug(title);
}
if (mode == "edit")
{
EditPost(Convert.ToInt32(id), title, content, slug, datePublished, Convert.ToInt32(authorId), tags);
}
else if (mode == "new")
{
CreatePost(title, content, slug, datePublished, WebUser.UserId, tags);
}
else if (mode == "delete")
{
DeletePost(slug);
}
context.Response.Redirect("~/admin/post/");
}
public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login to do this.");
}
if (!WebUser.HasRole(UserRoles.Admin))
{
throw new HttpException(401, "You do not have permission to do this.");
}
var mode = context.Request.Form["mode"];
var name = context.Request.Form["roleName"];
var id = context.Request.Form["roleId"];
var resourceItem = context.Request.Form["resourceItem"];
if (mode == "edit")
{
Edit(Convert.ToInt32(id), name);
}
else if (mode == "new")
{
Create(name);
}
else if (mode == "delete")
{
Delete(name ?? resourceItem);
}
if (string.IsNullOrEmpty(resourceItem))
{
context.Response.Redirect("~/admin/role/");
}
}
public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login to do this.");
}
if (!WebUser.HasRole(UserRoles.Admin))
{
throw new HttpException(401, "You do not have permission to do this.");
}
var mode = context.Request.Form["mode"];
var username = context.Request.Form["accountName"];
var password1 = context.Request.Form["accountPassword1"];
var password2 = context.Request.Form["accountPassword2"];
var id = context.Request.Form["accountId"];
var email = context.Request.Form["accountEmail"];
var userRoles = context.Request.Form["accountRoles"];
var roles = userRoles.Split(',').Select(v => Convert.ToInt32(v));
if (mode == "delete")
{
Delete(username);
}
else
{
if (password1 != password2)
{
throw new Exception("Passwords do not match.");
}
if (string.IsNullOrWhiteSpace(email))
{
throw new Exception("Email cannot be blank.");
}
if (string.IsNullOrWhiteSpace(username))
{
throw new Exception("Username cannot be blank.");
}
if (mode == "edit")
{
Edit(Convert.ToInt32(id), username, password1, email, roles);
}
else if (mode == "new")
{
Create(username, password1, email, roles);
}
}
context.Response.Redirect("~/admin/account/");
}
public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login to do this");
}
if (!WebUser.HasRole(UserRoles.Admin) && !WebUser.HasRole(UserRoles.Editor))
{
throw new HttpException(401, "You do not have permission to do that");
}
var mode = context.Request.Form["mode"];
var name = context.Request.Form["tagName"];
var friendlyName = context.Request.Form["tagFriendlyName"];
var id = context.Request.Form["tagId"];
var resourceItem = context.Request.Form["resourceItem"];
if (mode == "delete")
{
DeleteTag(friendlyName ?? resourceItem);
}
else
{
if (string.IsNullOrWhiteSpace(friendlyName))
{
friendlyName = CreateTag(name);
}
if (mode == "edit")
{
EditTag(Convert.ToInt32(id), name, friendlyName);
}
else if (mode == "new")
{
CreateTag(name, friendlyName);
}
}
if (string.IsNullOrEmpty(resourceItem))
{
context.Response.Redirect("~/admin/tag");
}
}
public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login !");
}
if (!WebUser.HasRole(UserRoles.Admin) && !WebUser.HasRole(UserRoles.Editor))
{
throw new HttpException(401, "You must be admin or editor!");
}
//treba nam mode jer cemo u zavisnosti od njega, ako je edit da ispravljamo post ako je new da pravimo novi...
var mode = context.Request.Form["mode"];
var name = context.Request.Form["tagName"];
var friendlyName = context.Request.Form["tagFriendlyName"];
var id = context.Request.Form["tagId"];
if (string.IsNullOrWhiteSpace(friendlyName))
{
friendlyName = CreateFriendlyName(name);
}
if (mode == "edit")
{
EditTag(Convert.ToInt32(id), name, friendlyName);
}
else if (mode == "new")
{
CreateTag(name, friendlyName);
}
else if (mode == "delete")
{
DeleteTag(friendlyName);
}
context.Response.Redirect("~/admin/tag/");
}
public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login !");
}
if (!WebUser.HasRole(UserRoles.Admin))
{
throw new HttpException(401, "You do not have permission to do this");
}
//treba nam mode jer cemo u zavisnosti od njega, ako je edit da ispravljamo post ako je new da pravimo novi...
var mode = context.Request.Form["mode"];
var name = context.Request.Form["roleName"];
var id = context.Request.Form["roleId"];
if (mode == "edit")
{
Edit(Convert.ToInt32(id), name);
}
else if (mode == "new")
{
Create(name);
}
else if (mode == "delete")
{
Delete(name);
}
context.Response.Redirect("~/admin/role/");
}
public void ProcessRequest(HttpContext context)
{
AntiForgery.Validate();
if (!WebUser.IsAuthenticated)
{
throw new HttpException(401, "You must login !");
}
if (!WebUser.HasRole(UserRoles.Admin))
{
throw new HttpException(401, "You do not have permission to do this");
}
//treba nam mode jer cemo u zavisnosti od njega, ako je edit da ispravljamo post ako je new da pravimo novi...
var mode = context.Request.Form["mode"];
var username = context.Request.Form["accountName"];
var password1 = context.Request.Form["accountPassword1"];
var password2 = context.Request.Form["accountPassword2"];
//var datePublished = context.Request.Form["postDatePublished"];
var id = context.Request.Form["accountId"];
var email = context.Request.Form["accountEmail"];
var userRoles = context.Request.Form["accountRoles"];
var roles = userRoles.Split(',').Select(v => Convert.ToInt32(v));
if (mode == "delete")
{
Delete(username);
}
else
{
if (password1 != password2)
{
throw new Exception("Password dont match!");
}
if (string.IsNullOrWhiteSpace(email))
{
throw new Exception("Email cannot be blank!");
}
if (string.IsNullOrWhiteSpace(username))
{
throw new Exception("Username cannot be blank!");
}
if (mode == "edit")
{
Edit(Convert.ToInt32(id), username, password1, email, roles);
}
else if (mode == "new")
{
Create(username, password1, email, roles);
}
}
context.Response.Redirect("~/admin/account/");
}
