/// <summary> /// Get Access for User in a file /// </summary> /// <param name="fileid"></param> /// <returns></returns> private async Task <NoteAccess> GetMyAccess(int fileid) { NoteAccess noteAccess = await AccessManager.GetAccess(_db, _userManager.GetUserId(User), fileid, 0); ViewData["MyAccess"] = noteAccess; return(noteAccess); }
GetBaseNoteHeadersForFile(int id) { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager.FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(new List <NoteHeader>()); } string userID = auths[1]; NoteAccess myAcc = await AccessManager .GetAccess(_context, userID, id, 0); if (!myAcc.ReadAccess) { return(new List <NoteHeader>()); } List <NoteHeader> stuff = await NoteDataManager .GetBaseNoteHeaders(_context, id, 0); return(stuff); }
/// <summary> /// Get the access object for this user in this file /// </summary> /// <param name="fileid">id of file we are exporting</param> /// <param name="user">id of this user</param> /// <returns></returns> public async Task <NoteAccess> GetMyAccess(int fileid, ClaimsPrincipal user) { NoteAccess noteAccess = await AccessManager.GetAccess(_db, _userManager.GetUserId(user), fileid, 0); // (int)HttpContext.Session.GetInt32("ArchiveID")); //TODO?? ViewData["MyAccess"] = noteAccess; return(noteAccess); }
GetNoteContent(int id, int id2, int id3) { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager .FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(new NoteContent()); } string userID = auths[1]; NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, id, 0); if (!myAcc.ReadAccess) { return(new NoteContent()); } NoteContent result = await NoteDataManager .GetNoteContent(_context, id, 0, id2, id3); return(result); }
public async Task <ActionResult <IEnumerable <NoteFile> > > GetFileList() { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager.FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(new List <NoteFile>()); } List <NoteFile> allFiles = await NoteDataManager .GetNoteFilesOrderedByName(_context); List <NoteFile> myFiles = new List <NoteFile>(); foreach (var file in allFiles) { file.Owner = null; NoteAccess myAccess = await AccessManager .GetAccess(_context, me.Id, file.Id, 0); if (myAccess.ReadAccess || myAccess.Write) { myFiles.Add(file); } } return(myFiles); }
public async Task Post(NoteAccess item) { IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name); NoteAccess myAccess = await AccessManager.GetAccess(_db, me.Id, item.NoteFileId, item.ArchiveId); if (!myAccess.EditAccess) { return; } NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == item.NoteFileId && p.ArchiveId == item.ArchiveId && p.UserID == item.UserID) .FirstOrDefaultAsync(); if (work != null) { return; // already exists } if (item.UserID == Globals.AccessOtherId()) { return; // can not create "Other" } NoteFile nf = _db.NoteFile.Where(p => p.Id == item.NoteFileId).FirstOrDefault(); if (item.ArchiveId < 0 || item.ArchiveId > nf.NumberArchives) { return; } _db.NoteAccess.Add(item); await _db.SaveChangesAsync(); }
public async Task Put(NoteAccess item) { IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name); NoteAccess myAccess = await AccessManager.GetAccess(_db, me.Id, item.NoteFileId, item.ArchiveId); if (!myAccess.EditAccess) { return; } NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == item.NoteFileId && p.ArchiveId == item.ArchiveId && p.UserID == item.UserID) .FirstOrDefaultAsync(); if (work == null) { return; } work.ReadAccess = item.ReadAccess; work.Respond = item.Respond; work.Write = item.Write; work.DeleteEdit = item.DeleteEdit; work.SetTag = item.SetTag; work.ViewAccess = item.ViewAccess; work.EditAccess = item.EditAccess; _db.Update(work); await _db.SaveChangesAsync(); }
/// <summary> /// Get Access Control Object for file and user /// </summary> /// <param name="fileid"></param> /// <returns></returns> public async Task <NoteAccess> GetMyAccess(int fileid, int ArcId) { string myname = User.Identity.Name; var IdUser = await _userManager.FindByEmailAsync(myname); string uid = await _userManager.GetUserIdAsync(IdUser); NoteAccess noteAccess = await AccessManager.GetAccess(_db, uid, fileid, ArcId); return(noteAccess); }
public async Task <NoteHeader> Create(Notes2021.Models.TextViewModel inputModel) { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager.FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(null); } string userID = auths[1]; NoteAccess myAcc = await AccessManager. GetAccess(_context, userID, inputModel.NoteFileID, 0); if (!myAcc.Write) { return(null); } await _signInManager.SignInAsync(me, false); DateTime now = DateTime.Now.ToUniversalTime(); NoteHeader nheader = new NoteHeader() { LastEdited = now, ThreadLastEdited = now, CreateDate = now, NoteFileId = inputModel.NoteFileID, AuthorName = appMe.DisplayName, AuthorID = _userManager.GetUserId(User), NoteSubject = inputModel.MySubject, ResponseOrdinal = 0, ResponseCount = 0 }; if (inputModel.BaseNoteHeaderID == 0) { return(await NoteDataManager .CreateNote(_context, _userManager, nheader, inputModel.MyNote.Replace("\n", "<br />"), inputModel.TagLine, inputModel.DirectorMessage, true, false)); } NoteHeader bnh = await NoteDataManager.GetNoteHeader(_context, inputModel.BaseNoteHeaderID); nheader.BaseNoteId = bnh.Id; return(await NoteDataManager.CreateResponse(_context, _userManager, nheader, inputModel.MyNote, inputModel.TagLine, inputModel.DirectorMessage, true, false)); }
/// <summary> /// Get Access Control Object for file and user /// </summary> /// <param name="fileid"></param> /// <returns></returns> public async Task <NoteAccess> GetMyAccess(int fileid, int ArcId) { string myname = User.Identity.Name; var IdUser = await _userManager.FindByEmailAsync(myname); string uid = await _userManager.GetUserIdAsync(IdUser); NoteAccess noteAccess = await AccessManager.GetAccess(_db, uid, fileid, ArcId); if (User.IsInRole("Guest")) { noteAccess.EditAccess = noteAccess.DeleteEdit = noteAccess.Respond = noteAccess.Write = false; } return(noteAccess); }
public async Task <NoteHeader> Edit(Notes2021.Models.TextViewModel inputModel) { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager.FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(null); } string userID = auths[1]; NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, inputModel.NoteFileID, 0); //TODO if (!myAcc.Write) { return(null); } await _signInManager.SignInAsync(me, false); DateTime now = DateTime.Now.ToUniversalTime(); NoteHeader oheader = await NoteDataManager .GetBaseNoteHeaderById(_context, inputModel.NoteID); if (oheader.AuthorID != userID) // must be a note this user wrote. { return(null); } oheader.LastEdited = now; oheader.ThreadLastEdited = now; oheader.NoteSubject = inputModel.MySubject; NoteContent oContent = await NoteDataManager .GetNoteContent(_context, oheader.NoteFileId, 0, oheader.NoteOrdinal, oheader.ResponseOrdinal); //TODO oContent.NoteBody = inputModel.MyNote; oContent.DirectorMessage = inputModel.DirectorMessage; return(await NoteDataManager .EditNote(_context, _userManager, oheader, oContent, inputModel.TagLine)); }
public async Task <MemoryStream> GetFileAs(int id, bool id2) { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager.FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(null); } string userID = auths[1]; NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, id, 0); //TODO if (!myAcc.ReadAccess) { return(null); } ExportController myExp = new ExportController(_appEnv, _userManager, _signInManager, _context); Notes2021.Models.ExportViewModel model = new Notes2021.Models.ExportViewModel(); NoteFile nf = await NoteDataManager.GetFileById(_context, id); model.NoteOrdinal = 0; model.FileName = nf.NoteFileName; model.FileNum = nf.Id; model.directOutput = true; model.isCollapsible = id2; model.isHtml = id2; IdentityUser applicationUser = await _userManager .FindByEmailAsync(auths[0]); await _signInManager.SignInAsync(applicationUser, false); model.tzone = _context.TZone.Single(p => p.Id == appMe.TimeZoneID); return(await myExp.DoExport(model, User, 0)); //TODO }
public async Task <ActionResult <NoteAccess> > GetAccess(int id) { string authHeader = Request.Headers["authentication"]; string[] auths = authHeader.Split(','); IdentityUser me = await _userManager.FindByIdAsync(auths[1]); UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id); if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0) { return(new NoteAccess()); } string userID = auths[1]; NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, id, 0); return(myAcc); }
public async Task Delete(string fileId) { string[] parts = fileId.Split("."); if (parts.Length != 3) { return; } string uid = parts[2]; int fid = int.Parse(parts[0]); int aid = int.Parse(parts[1]); if (uid == Globals.AccessOtherId()) { return; // can not delete "Other" } // also can not delete self string userName = this.HttpContext.User.FindFirst(ClaimTypes.Name).Value; IdentityUser user = await _userManager.FindByNameAsync(userName); NoteAccess myAccess = await AccessManager.GetAccess(_db, user.Id, fid, aid); if (!myAccess.EditAccess) { return; } if (uid == user.Id) { return; // can not delete self" } NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == fid && p.ArchiveId == aid && p.UserID == uid) .FirstOrDefaultAsync(); if (work == null) { return; } _db.NoteAccess.Remove(work); await _db.SaveChangesAsync(); }
public async Task Post(CopyModel Model) { int fileId = Model.FileId; string uid = Model.UserData.UserId; NoteAccess myAccess = await AccessManager.GetAccess(_db, uid, fileId, 0); if (!myAccess.Write) { return; } NoteHeader Header = Model.Note; bool whole = Model.WholeString; noteFile = await _db.NoteFile.SingleAsync(p => p.Id == fileId); if (!whole) { NoteContent cont = await _db.NoteContent.SingleAsync(p => p.NoteHeaderId == Header.Id); //cont.NoteHeader = null; List <Tags> tags = await _db.Tags.Where(p => p.NoteHeaderId == Header.Id).ToListAsync(); string Body = string.Empty; Body = MakeHeader(Header); Body += cont.NoteBody; Header = Header.CloneForLink(); Header.Id = 0; Header.ArchiveId = 0; Header.LinkGuid = string.Empty; Header.NoteOrdinal = 0; Header.ResponseCount = 0; Header.NoteFileId = fileId; Header.BaseNoteId = 0; Header.NoteFile = null; Header.AuthorID = Model.UserData.UserId; Header.AuthorName = Model.UserData.DisplayName; Header.CreateDate = Header.ThreadLastEdited = Header.LastEdited = DateTime.Now.ToUniversalTime(); await NoteDataManager.CreateNote(_db, null, Header, Body, Tags.ListToString(tags), cont.DirectorMessage, true, false); return; } else { // get base note NoteHeader BaseHeader; BaseHeader = await _db.NoteHeader.SingleAsync(p => p.NoteFileId == Header.NoteFileId && p.ArchiveId == Header.ArchiveId && p.NoteOrdinal == Header.NoteOrdinal && p.ResponseOrdinal == 0); Header = BaseHeader.CloneForLink(); NoteContent cont = await _db.NoteContent.SingleAsync(p => p.NoteHeaderId == Header.Id); //cont.NoteHeader = null; List <Tags> tags = await _db.Tags.Where(p => p.NoteHeaderId == Header.Id).ToListAsync(); string Body = string.Empty; Body = MakeHeader(Header); Body += cont.NoteBody; Header.Id = 0; Header.ArchiveId = 0; Header.LinkGuid = string.Empty; Header.NoteOrdinal = 0; Header.ResponseCount = 0; Header.NoteFileId = fileId; Header.BaseNoteId = 0; Header.NoteFile = null; Header.AuthorID = Model.UserData.UserId; Header.AuthorName = Model.UserData.DisplayName; Header.CreateDate = Header.ThreadLastEdited = Header.LastEdited = DateTime.Now.ToUniversalTime(); Header.NoteContent = null; NoteHeader NewHeader = await NoteDataManager.CreateNote(_db, null, Header, Body, Tags.ListToString(tags), cont.DirectorMessage, true, false); for (int i = 1; i <= BaseHeader.ResponseCount; i++) { NoteHeader RHeader = await _db.NoteHeader.SingleAsync(p => p.NoteFileId == BaseHeader.NoteFileId && p.ArchiveId == BaseHeader.ArchiveId && p.NoteOrdinal == BaseHeader.NoteOrdinal && p.ResponseOrdinal == i); Header = RHeader.CloneForLinkR(); cont = await _db.NoteContent.SingleAsync(p => p.NoteHeaderId == Header.Id); tags = await _db.Tags.Where(p => p.NoteHeaderId == Header.Id).ToListAsync(); Body = string.Empty; Body = MakeHeader(Header); Body += cont.NoteBody; Header.Id = 0; Header.ArchiveId = 0; Header.LinkGuid = string.Empty; Header.NoteOrdinal = NewHeader.NoteOrdinal; Header.ResponseCount = 0; Header.NoteFileId = fileId; Header.BaseNoteId = NewHeader.Id; Header.NoteFile = null; Header.ResponseOrdinal = 0; Header.AuthorID = Model.UserData.UserId; Header.AuthorName = Model.UserData.DisplayName; Header.CreateDate = Header.ThreadLastEdited = Header.LastEdited = DateTime.Now.ToUniversalTime(); await NoteDataManager.CreateResponse(_db, null, Header, Body, Tags.ListToString(tags), cont.DirectorMessage, true, false); } } }
public async Task <HomePageModel> Get() { HomePageModel model = new HomePageModel(); //model.Message = _db.HomePageMessage.FirstOrDefault(); model.Message = string.Empty; NoteFile hpmf = _db.NoteFile.Where(p => p.NoteFileName == "homepagemessages").FirstOrDefault(); if (hpmf != null) { NoteHeader hpmh = _db.NoteHeader.Where(p => p.NoteFileId == hpmf.Id).OrderByDescending(p => p.CreateDate).FirstOrDefault(); if (hpmh != null) { model.Message = _db.NoteContent.Where(p => p.NoteHeaderId == hpmh.Id).FirstOrDefault().NoteBody; } } model.NoteFiles = _db.NoteFile .OrderBy(p => p.NoteFileName).ToList(); model.NoteAccesses = new List <NoteAccess>(); List <UserData> udl = _db.UserData.ToList(); foreach (NoteFile nf in model.NoteFiles) { UserData ud = udl.Find(p => p.UserId == nf.OwnerId); ud.MyGuid = ""; ud.MyStyle = ""; nf.Owner = ud; } try { string userName = this.HttpContext.User.FindFirst(ClaimTypes.Name).Value; if (!string.IsNullOrEmpty(userName)) { IdentityUser user = await _userManager.FindByNameAsync(userName); model.UserData = _db.UserData.Single(p => p.UserId == user.Id); foreach (NoteFile nf in model.NoteFiles) { NoteAccess na = await AccessManager.GetAccess(_db, user.Id, nf.Id, 0); model.NoteAccesses.Add(na); } if (model.NoteAccesses.Count > 0) { NoteFile[] theList = new NoteFile[model.NoteFiles.Count]; model.NoteFiles.CopyTo(theList); foreach (NoteFile nf2 in theList) { NoteAccess na = model.NoteAccesses.SingleOrDefault(p => p.NoteFileId == nf2.Id); if (!na.ReadAccess && !na.Write && !na.EditAccess) { model.NoteFiles.Remove(nf2); } } } } else { model.UserData = new UserData { TimeZoneID = Globals.TimeZoneDefaultID }; } } catch { model.UserData = new UserData { TimeZoneID = Globals.TimeZoneDefaultID }; } //model.TimeZone = _db.TZone.Single(p => p.Id == model.UserData.TimeZoneID); Globals.GuestId = model.GuestId = "*none*"; UserData Gdata = _db.UserData.Where(p => p.DisplayName == "Guest").FirstOrDefault(); if (Gdata != null) { Globals.GuestId = model.GuestId = Gdata.UserId; IdentityUser me = await _userManager.FindByIdAsync(Globals.GuestId); model.GuestEmail = Globals.GuestEmail = me.Email; } return(model); }