public CollectionCreateViewModel(int Page_ID)
{
CONNEXDBEntities db = new CONNEXDBEntities();
this.Collection_Title = "";
this.Collection_Description = "";
this.Display_Mode_ID = 2;
this.Page_ID = Page_ID;
this.availableDisplayModes = (List <CollectionsDisplayMode>)db.CollectionsDisplayModes.ToList();
}
public PageCreateViewModel(string pageName, string url, string displayName, bool defaultPage, int parentPageID, bool displayInMenu)
{
this.pageName = pageName;
this.url = url;
this.displayName = displayName;
this.defaultPage = defaultPage;
this.parentPageID = parentPageID;
this.displayInMenu = displayInMenu;
CONNEXDBEntities db = new CONNEXDBEntities();
availablePages = (List <Page>)(from pg in db.Pages where pg.Archived == false select pg).ToList();
}
public PageCreateViewModel()
{
this.pageName = "";
this.url = "";
this.displayName = "";
this.defaultPage = false;
this.parentPageID = 0;
this.displayInMenu = true;
CONNEXDBEntities db = new CONNEXDBEntities();
availablePages = (List <Page>)(from pg in db.Pages where pg.Archived == false select pg).ToList();
}
public CollectionEditViewModel(Collection coll, int Page_ID)
{
CONNEXDBEntities db = new CONNEXDBEntities();
this.Collection_Description = coll.Collection_Description;
this.Collection_Title = coll.Collection_Title;
this.Display_Mode_ID = coll.Display_Mode_ID;
this.Page_ID = Page_ID;
this.Archived = coll.Archived;
this.posts = (List <Post>)coll.Posts.ToList();
this.Collection_ID = coll.Collection_ID;
this.availableDisplayModes = (List <CollectionsDisplayMode>)db.CollectionsDisplayModes.ToList();
}
public CollectionEditViewModel()
{
CONNEXDBEntities db = new CONNEXDBEntities();
this.Collection_Description = "";
this.Collection_Title = "";
this.Display_Mode_ID = 0;
this.Page_ID = 0;
this.Archived = false;
this.posts = new List <Post>();
this.Collection_ID = 0;
this.availableDisplayModes = (List <CollectionsDisplayMode>)db.CollectionsDisplayModes.ToList();
}
public PostEditViewModel(Post post, int Page_ID)
{
CONNEXDBEntities db = new CONNEXDBEntities();
this.availableMediaTypes = (List <MediaType>)(from mt in db.MediaTypes select mt).ToList();
this.availableWidthModes = (List <WidthMode>)(from wm in db.WidthModes select wm).ToList();
this.Post_ID = post.Post_ID;
this.Collection_ID = post.Collection_ID;
this.Thumb_Path = post.Thumb_Path;
this.Header = post.Header;
this.Summary = post.Summary;
this.Page_ID = Page_ID;
this.Archived = post.Archived;
this.Allow_Comments = post.Allow_Comments;
this.sections = (List <Section>)post.Sections.ToList();
}
public PostEditViewModel()
{
CONNEXDBEntities db = new CONNEXDBEntities();
this.availableMediaTypes = (List <MediaType>)(from mt in db.MediaTypes select mt).ToList();
this.availableWidthModes = (List <WidthMode>)(from wm in db.WidthModes select wm).ToList();
this.Post_ID = 0;
this.Collection_ID = 0;
this.Thumb_Path = "";
this.Header = "";
this.Summary = "";
this.Page_ID = 0;
this.Archived = false;
this.Allow_Comments = false;
this.sections = new List <Section>();
}
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
using (CONNEXDBEntities entities = new CONNEXDBEntities())
{
Admin user = entities.Admins.SingleOrDefault(u => u.Network_ID == username);
foreach (Role role in user.Roles)
{
roles += role.Role1 + ";";
}
if (roles.Length > 0)
{
roles = roles.Substring(0, roles.Length - 1);
}
}
//let us extract the roles from our own custom cookie
//Let us set the Pricipal with our user specific details
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
CONNEXDBEntities db = new CONNEXDBEntities();
//var isAuthorized = base.AuthorizeCore(httpContext);
//if (!isAuthorized)
//{
// return false;
//}
string trace = "1-";
bool authorized = false;
//get current username
string userName = httpContext.User.Identity.Name.ToString();
Admin currentUser = (Admin)db.Admins.Where(x => x.Network_ID == userName).FirstOrDefault();
db.Entry(currentUser).Reload();//forces a refresh of EF data
if (currentUser != null)
{
trace += "1a-";
//get user roles
foreach (Role role in currentUser.Roles.OrderBy(x => x.Role_ID))
{
trace += "2-";
//allow any admin
if (role.Role1 == "Admin")
{
trace += "2a-";
authorized = true;
break;
}
else if (role.Role1 == "ContentManager")
{
//get current request url and extract Page_ID
trace += "3-";
string url = httpContext.Request.Url.AbsoluteUri;
if (httpContext.Request.QueryString["Page_ID"] != null)
{
trace += "3-";
try
{
trace += "3a-";
int Page_ID = Convert.ToInt32(httpContext.Request.QueryString["Page_ID"]);
//lookup access in db
if (currentUser.PageAdminAssigns.Any(x => x.Page_ID == Page_ID))
{
trace += "4-";
authorized = true;
break;
}
}
catch (Exception)
{
trace += "5-";
//do nothing
}
}
else
{
trace += "6-";
int altIndex = url.LastIndexOf("/Pages/Edit/");
if (altIndex > -1)
{
trace += "7-";
string[] parts = url.Substring(altIndex + 12, url.Length - (altIndex + 12)).Split('?');
try
{
trace += "8-";
int Page_ID = Convert.ToInt32(parts[0].Trim());
//lookup access in db
//List<PageAdminAssign> authPages = (List<PageAdminAssign>)db.PageAdminAssigns.Where(x => x.Admin_ID == currentUser.Admin_ID).ToList();
if (currentUser.PageAdminAssigns.Any(x => x.Page_ID == Page_ID))
{
trace += "9-";
authorized = true;
break;
}
}
catch (Exception)
{
trace += "10-";
//do nothing
}
}
else if (httpContext.Request.Form["Page_ID"] != null)
{
trace += "11-";
int Page_ID = Convert.ToInt32(httpContext.Request.Form["Page_ID"]);
if (currentUser.PageAdminAssigns.Any(x => x.Page_ID == Page_ID))
{
trace += "12-";
authorized = true;
break;
}
}
trace += "13-";
}
trace += "14-";
}
trace += "15-";
}
}
trace += "16-";
if (!authorized)
{
if (!System.IO.Directory.Exists("C:/ConnexLogs/"))
{
System.IO.Directory.CreateDirectory("C:/ConnexLogs/");
}
using (System.IO.StreamWriter file = new System.IO.StreamWriter("C:/ConnexLogs/AuthLogs.txt", true))
{
string roles = "";
string pageIDs = "";
foreach (Role role in currentUser.Roles)
{
roles += role.Role1 + ",";
}
foreach (PageAdminAssign page in currentUser.PageAdminAssigns)
{
pageIDs += page.Page.Page_Name + ",";
}
file.WriteLine("Authorization failed for " + userName + " on the url " + httpContext.Request.Url + " with the roles " + roles + " and the assigned pages " + pageIDs + " at " + DateTime.Now.ToShortDateString() + " " + DateTime.Now.ToShortTimeString() + "\n\nTrace:\n" + trace + "\n\n");
}
}
else
{
if (!System.IO.Directory.Exists("C:/ConnexLogs/"))
{
System.IO.Directory.CreateDirectory("C:/ConnexLogs/");
}
using (System.IO.StreamWriter file = new System.IO.StreamWriter("C:/ConnexLogs/AuthLogs.txt", true))
{
file.WriteLine("Authorization successful for " + userName + " on the url " + httpContext.Request.Url + " at " + DateTime.Now.ToShortDateString() + " " + DateTime.Now.ToShortTimeString() + "\n\n");
}
}
db.Dispose();
return(authorized);
}
public SearchViewModel(string param, bool Inc_Posts, bool Inc_Galleries, bool Inc_Events, bool Inc_Documents, bool Inc_Videos)
{
CONNEXDBEntities db = new CONNEXDBEntities();
this.id = param;
if (param != "")
{
this.Inc_Posts = Inc_Posts;
this.Inc_Galleries = Inc_Galleries;
this.Inc_Events = Inc_Events;
this.Inc_Documents = Inc_Documents;
this.Inc_Videos = Inc_Videos;
string[] paramParts = param.Split(' ');
if (Inc_Events)
{
this.events = (List <Event>)db.Events.Where(x => x.Archived == false).ToList();
}
else
{
this.events = new List <Event>();
}
if (Inc_Posts)
{
this.posts = (List <Post>)db.Posts.Where(x => x.Archived == false).ToList();
}
else
{
this.posts = new List <Post>();
}
if (Inc_Galleries)
{
this.galleries = (List <Gallery>)db.Galleries.Where(x => x.Archived == false).ToList();
}
else
{
this.galleries = new List <Gallery>();
}
if (Inc_Documents)
{
this.documents = (List <Document>)db.Documents.Where(x => x.Archived == false).ToList();
}
else
{
this.documents = new List <Document>();
}
if (Inc_Videos)
{
this.videos = (List <Video>)db.Videos.Where(x => x.Archived == false).ToList();
}
else
{
this.videos = new List <Video>();
}
foreach (string part in paramParts)
{
this.events = this.events.Where(x => x.Event_Name.ToLower().Contains(part.ToLower()) || x.Description.ToLower().Contains(part.ToLower()) || x.Location.ToLower().Contains(part.ToLower())).ToList();
this.posts = this.posts.Where(x => x.Header.ToLower().Contains(part.ToLower()) || x.Summary.ToLower().Contains(part.ToLower())).ToList();
///TODO:allow searching within post text. need to handle null values
this.galleries = this.galleries.Where(x => x.Gallery_Name.ToLower().Contains(part.ToLower())).ToList();
this.documents = this.documents.Where(x => x.Name.ToLower().Contains(part.ToLower()) || x.Path.ToLower().Contains(part.ToLower()) || x.Library.Title_Text.ToLower().Contains(part.ToLower())).ToList();
this.videos = this.videos.Where(x => x.Caption.ToLower().Contains(part.ToLower()) || x.File_Path.ToLower().Contains(part.ToLower()) || x.Thumb_Path.ToLower().Contains(part.ToLower()) || x.Title_Text.ToLower().Contains(part.ToLower()) || x.VideoGallery.Gallery_Name.ToLower().Contains(part.ToLower())).ToList();
}
}
else
{
this.events = new List <Event>();
this.posts = new List <Post>();
this.galleries = new List <Gallery>();
this.documents = new List <Document>();
this.videos = new List <Video>();
}
}
