public ActionResult Ban(string subName, BanUserModel model)
{
if (string.IsNullOrEmpty(subName))
{
return(Redirect(Url.Subs()));
}
var sub = _subDao.GetSubByName(subName);
if (sub == null)
{
throw new BaseHttpException(HttpStatusCode.NotFound, "sub not found");
}
if (!_permissionDao.CanUserManageSubAccess(_userContext.CurrentUser, sub.Id))
{
throw new BaseHttpException(HttpStatusCode.Forbidden, "not allowed to moderate bans");
}
var response = _commandBus.Send <BanUserFromSub, BanUserFromSubResponse>(new BanUserFromSub
{
UserName = model.UserName,
BannedBy = _userContext.CurrentUser.Id,
SubId = sub.Id,
DateBanned = Common.CurrentTime(),
ReasonPrivate = model.ReasonPrivate,
ReasonPublic = model.ReasonPublic
});
return(CommonJsonResult(response.Error));
}
public async Task <ActionResult> BanUser(BanUserModel model)
{
var result = await moderatorService.BanUser(model.UserName, model.DayCount);
if (result)
{
return(Ok());
}
return(BadRequest());
}
public async Task <bool> BanUser(BanUserModel model)
{
var userBan = await StoriesDbContext.UserBans.AddAsync(new UserBan {
BannedByUserId = model.BannedByUserId,
ExpiryDate = model.ExpiryDate,
Notes = model.Notes,
Reason = model.Reason,
UserId = model.UserId
});
return(await StoriesDbContext.SaveChangesAsync() > 1);
}
public ActionResult BanHistory()
{
#region role and is logged in
if (Session["uname"] == null || Session["uname"].ToString() == "")
{
return(RedirectToAction("Login", "User"));
}
if (Session["role"].ToString() != "Admin")
{
return(RedirectToAction("Index", "Unauthorised"));
}
#endregion
Database d = Database.CurrentInstance;
List <BanUserModel> Dummys = new List <BanUserModel>();
try
{
if (d.OpenConnection())
{
string SearchQuery = "SELECT * FROM dububase.banhistory";
MySqlCommand c = new MySqlCommand(SearchQuery, d.conn);
using (MySqlDataReader r = c.ExecuteReader())
{
while (r.Read())
{
BanUserModel dummy = new BanUserModel
{
BanPeriod = ((r["BanPeriod"].ToString())),
BanReason = (r["BanReason"].ToString()),
Username = (r["Username"]).ToString()
};
Dummys.Add(dummy);
ViewBag.Listys = Dummys;
}
}
}
}
catch (MySqlException e)
{
Debug.WriteLine("MySQL Error!");
}
finally
{
d.CloseConnection();
}
return(View());
}
public async Task <IActionResult> BanUser([FromBody] BanUserModel banUserModel)
{
try
{
await accountsService.BanUser(banUserModel.OwnerId, banUserModel.UserName);
return(Ok());
}
catch
{
return(BadRequest(cantBlockUser));
}
}
public ActionResult BanUser([FromBody] BanUserModel filter)
{
if (filter.Id == null)
{
return(Ok());
}
UserAccessLock userAccessLock = new UserAccessLock();
userAccessLock.Id = filter.Id;
userAccessLock.Reason = filter.Description;
userAccessLock.LockDate = DateTime.Now;
_context.UserAccessLocks.Add(userAccessLock);
_context.SaveChanges();
return(Ok(userAccessLock));
}
public ActionResult BanHistory(BanSearchModel model)
{
#region role and is logged in
if (Session["uname"] == null || Session["uname"].ToString() == "")
{
return(RedirectToAction("Login", "User"));
}
if (Session["role"].ToString() != "Admin")
{
return(RedirectToAction("Index", "Unauthorised"));
}
#endregion
Database d = Database.CurrentInstance;
//MySql.Data.MySqlClient.MySqlConnection conn = new MySql.Data.MySqlClient.MySqlConnection();
//AESCryptoStuff aes_obj = new AESCryptoStuff();
try
{
if (d.OpenConnection())
{
string SearchQuery = "SELECT * FROM dububase.banhistory;";
//d.PNQ("SELECT * FROM dububase.users WHERE @searchtype LIKE @search%", model.username);
MySqlCommand c = new MySqlCommand(SearchQuery, d.conn);
List <BanUserModel> noobs = new List <BanUserModel>();
using (MySqlDataReader r = c.ExecuteReader())
{
while (r.Read())
{
BanUserModel noob = new BanUserModel {
Username = (r["UserName"].ToString()),
BanReason = (r["banReason"].ToString()),
BanPeriod = (r["banPeriod"].ToString())
};
noobs.Add(noob);
ViewBag.noobs = noobs;
}
}
}
#region old
//string queryString = "";
//String connString = System.Configuration.ConfigurationManager.ConnectionStrings["WebAppConnString"].ConnectionString;
//conn = new MySql.Data.MySqlClient.MySqlConnection(connString);
//conn.Open();
//MySqlCommand cmd = new MySqlCommand(queryString, conn);
//aes_obj.AesInitialize();
//queryString = "Select * from dububase.bantable where username Like %@username";
//cmd.CommandText = queryString;
//cmd.Parameters.AddWithValue("@username", model.Username);
//cmd.ExecuteNonQuery();
#endregion
}
catch (MySqlException e)
{
Debug.WriteLine("MySQL Error!");
}
finally
{
d.CloseConnection();
}
return(View());
}
public ActionResult BanUser(BanUserModel model)
{
#region role and is logged in
if (Session["uname"] == null || Session["uname"].ToString() == "")
{
return(RedirectToAction("Login", "User"));
}
if (Session["role"].ToString() != "Admin")
{
return(RedirectToAction("Index", "Unauthorised"));
}
#endregion
string username = model.Username;
//db stuff
Database d = Database.CurrentInstance;
AESCryptoStuff aes_obj = AESCryptoStuff.CurrentInstance;
//EncodeDecode encInit = new EncodeDecode();
try
{
if (d.OpenConnection())
{
string queryString = "UPDATE dububase.users SET isBan = 'true', banTill=@date Where username=@username;";
List <user> users = new List <user>();
MySqlCommand cmd = new MySqlCommand(queryString, d.conn);
String BanPeriod = model.BanPeriod;
int time = 0;
if (BanPeriod == "1 Week")
{
time = 7;
}
else if (BanPeriod == "2 Weeks")
{
time = 14;
}
else if (BanPeriod == "1 Month")
{
time = 30;
}
else if (BanPeriod == "3 Months")
{
time = 90;
}
else if (BanPeriod == "1 Year")
{
time = 365;
}
DateTime mehgofu = DateTime.Now.AddDays(time);
cmd.Parameters.AddWithValue("@date", mehgofu);
cmd.Parameters.AddWithValue("@username", model.Username);
cmd.ExecuteNonQuery();
//add ban table into sql
queryString = "INSERT INTO dububase.banhistory(username, banReason,banPeriod) VALUES(@username, @banReason,@banPeriod); ";
cmd = new MySqlCommand(queryString, d.conn);
cmd.Parameters.AddWithValue("@username", model.Username);
cmd.Parameters.AddWithValue("@banReason", model.BanReason);
cmd.Parameters.AddWithValue("@banPeriod", model.BanPeriod);
cmd.ExecuteNonQuery();
return(RedirectToAction("UserProfile", "Admin", new { username = model.Username }));
}
}
catch (MySqlException e)
{
Debug.WriteLine(e);
}
finally
{
d.CloseConnection();
}
return(RedirectToAction("UserProfile", "Admin", new { username = model.Username }));
}
