// GET: Post public ActionResult Index(int id) { Models.BlogPost post = new Models.BlogPost(); string sql = "SELECT * FROM [Post] WHERE [Id] = '" + id + "'"; string sql = "SELECT * FROM [Post] WHERE [Id] = '" + id + "' AND [DeletedOn] IS NULL"; string query2 = "SELECT * FROM [Comment] WHERE [PostId] = " + id + ""; SqlDataReader reader = createConnection(sql); if (reader.HasRows) { while (reader.Read()) { post.Id = reader.GetInt32(0); post.Title = reader.GetString(2); post.Description = reader.GetString(3); post.Content = reader.GetString(4); } } SqlDataReader commentReader = createConnection(query2); List <Models.Comment> comments = new List <Models.Comment>(); if (commentReader.HasRows) { while (commentReader.Read()) { Models.Comment comment = new Models.Comment(); comment.Text = commentReader.GetString(3); comments.Add(comment); } } post.Comments = comments; return(View("Index", post)); }
private bool HasDelegateClaim(string claimType, Models.BlogPost blogPost) { var userContext = _userContextAccessor.GetContext(); // check for claimType with value equal this blogPost's Id return(userContext.SecurityClaims.Any(x => x.Type == claimType && x.Value == blogPost.Id)); }
public void AddNewBlogpost(BlogPostInput blogPostInput) { var BlogPost = new Models.BlogPost { Title = blogPostInput.Title, Url = blogPostInput.Url }; applicationContext.Add(BlogPost); applicationContext.SaveChanges(); }
public Models.BlogPost GetBlogPost() { var post = new Models.BlogPost { Id = 123, Title = "TRUSTPILOT & CNUG ROCKS!", Content = "ASP.NET 5 is the most awesome thing ever!" }; return(post); }
/// <summary> /// Converts between the data model of a post and the view model /// </summary> /// <param name="blogPostDataModel"></param> /// <returns></returns> public Models.BlogPost BlogPostViewModel(Data.Models.BlogPost blogPostDataModel) { var blogPost = new Models.BlogPost() { Id = blogPostDataModel.BlogPostID, PublishedOn = blogPostDataModel.PublishedOn, Title = blogPostDataModel.Title, Body = blogPostDataModel.Body, CommentCount = blogPostDataModel.CommentCount }; return(blogPost); }
public static string GetBlogPostRouteUrl(this LinkGenerator linkGenerator, Models.BlogPost blog) { if (string.IsNullOrWhiteSpace(blog?.Title)) { throw new ArgumentNullException(nameof(blog)); } return(linkGenerator.GetPathByPage("/Index", null, values: new { area = "blog", title = blog.Title.ToLowerInvariant(), })); }
private bool HasAuthorClaim(string claimType, Models.BlogPost blogPost) { var userContext = _userContextAccessor.GetContext(); if (userContext.UserId == blogPost.UserId) { // not checking value because is irrevant since we're checking the blogPost.author directly. return(userContext.SecurityClaims.Any(x => x.Type == claimType)); } return(false); }
public ActionResult Index() { List <Models.BlogPost> posts = new List <Models.BlogPost>(); SqlDataReader reader = createConnection("SELECT * FROM [Post] WHERE [DeletedOn] IS NULL"); if (reader.HasRows) { while (reader.Read()) { Models.BlogPost post = new Models.BlogPost(); post.Id = reader.GetInt32(0); post.Title = reader.GetString(2); post.Description = reader.GetString(3); post.Content = reader.GetString(4); posts.Add(post); } } return(View(posts)); }
public bool AuthorizeForRead(Models.BlogPost blogPost) { var userContext = _userContextAccessor.GetContext(); // The user can create blogs and this is their blog if (HasAuthorClaim(BlogClaimTypes.PersonalBlogAuthor, blogPost)) { return(true); } // The user is a site admin and this is their blog if (HasAuthorClaim(SiteClaimTypes.SitePrimaryAdmin, blogPost)) { return(true); } // The user has been granted read access to this blog by the author if (HasDelegateClaim(BlogClaimTypes.BlogPostRead, blogPost)) { return(true); } // Client Level Blog Content Admin can view all blogs if (HasAdminClaim(BlogClaimTypes.UserBlogsBrowse)) { return(true); } // Client Level User Content Admin can view all content if (HasAdminClaim(ClientClaimTypes.UserContentBrowse)) { return(true); } // Client Level Primary Admin can view everything if (HasAdminClaim(ClientClaimTypes.PrimaryAdmin)) { return(true); } return(false); }
public bool AuthorizeForEdit(Models.BlogPost blogPost) { var userContext = _userContextAccessor.GetContext(); // Can author blogs and this is their blog if (HasAuthorClaim(BlogClaimTypes.PersonalBlogAuthor, blogPost)) { return(true); } // Is a site admin and this is their blog if (HasAuthorClaim(SiteClaimTypes.SitePrimaryAdmin, blogPost)) { return(true); } // Has been granted access to edit this blog by the author if (HasDelegateClaim(BlogClaimTypes.BlogPostEdit, blogPost)) { return(true); } // Client Level Primary Admin can manage everything if (HasAdminClaim(ClientClaimTypes.PrimaryAdmin)) { return(true); } // Client Level Content Admin can manage all content if (HasAdminClaim(ClientClaimTypes.UserContentManage)) { return(true); } // Client Level Blog Admin can manage all blogs if (HasAdminClaim(BlogClaimTypes.UserBlogsManage)) { return(true); } return(false); }
public string posts() { List <Models.BlogPost> posts = new List <Models.BlogPost>(); SqlCommand command = createConnection("SELECT * FROM [Post] WHERE [DeletedOn] IS NULL"); SqlDataReader reader = command.ExecuteReader(); if (reader.HasRows) { while (reader.Read()) { Models.BlogPost post = new Models.BlogPost(); post.Id = reader.GetInt32(0); post.Title = reader.GetString(2); post.Description = reader.GetString(3); post.Content = reader.GetString(4); posts.Add(post); } } string json = JsonConvert.SerializeObject(posts); return(json); }
public string posts(string postid) { Models.BlogPost post = new Models.BlogPost(); string sql = "SELECT * FROM [Post] WHERE [Id] = '" + postid + "' AND [DeletedOn] IS NULL"; string query2 = "SELECT * FROM [Comment] WHERE [PostId] = " + postid + ""; SqlCommand command = createConnection(sql); SqlDataReader reader = command.ExecuteReader(); if (reader.HasRows) { while (reader.Read()) { post.Id = reader.GetInt32(0); post.Title = reader.GetString(2); post.Description = reader.GetString(3); post.Content = reader.GetString(4); } } SqlCommand commandComment = createConnection(query2); SqlDataReader commentReader = commandComment.ExecuteReader(); List <Models.Comment> comments = new List <Models.Comment>(); if (commentReader.HasRows) { while (commentReader.Read()) { Models.Comment comment = new Models.Comment(); comment.Text = commentReader.GetString(3); comments.Add(comment); } } post.Comments = comments; string json = JsonConvert.SerializeObject(post); return(json); }
public bool AuthorizeForPublish(Models.BlogPost blogPost) { var userContext = _userContextAccessor.GetContext(); // Can author blogs and this is their blog if (HasAuthorClaim(BlogClaimTypes.PersonalBlogPublish, blogPost)) { return(true); } // Is a site admin and this is their blog if (HasAuthorClaim(SiteClaimTypes.SitePrimaryAdmin, blogPost)) { return(true); } // Client Level Primary Admin can manage everything if (HasAdminClaim(ClientClaimTypes.PrimaryAdmin)) { return(true); } // Client Level Content Admin can publish all content if (HasAdminClaim(ClientClaimTypes.UserContentPublish)) { return(true); } // Client Level Blog Admin can publish all blogs if (HasAdminClaim(BlogClaimTypes.UserBlogsPublish)) { return(true); } // no delegate claims to check since "publish" is not allowed to be delegated return(false); }
public async Task <IActionResult> CreateBlogPost(BlogPostViewModel userPostValues) { BlogPost blog_post = new Models.BlogPost(); blog_post = userPostValues.Post; String userPost = userPostValues.Post.Content; List <BadWord> badWords = _Context.BadWords.ToList(); foreach (var word in badWords) { userPost = userPost.Replace(word.Word, "*****"); } blog_post.Content = userPost; blog_post.UserId = Int32.Parse(Request.Form["UserId"]); _Context.BlogPosts.Add(userPostValues.Post); _Context.SaveChanges(); var storageAccount = CloudStorageAccount.Parse("DefaultEndpointsProtocol=https;AccountName=cst8359;AccountKey=ecMPpNU6vimZKMDTJG4seALrY7Kq7UJYjgl0/yLanXn857C8xtUJ2sF4ciB6wy9gg+e/YeYbRTaly2DVOxWhXQ=="); var blobClient = storageAccount.CreateCloudBlobClient(); var container = blobClient.GetContainerReference("justinsphotostorage"); await container.CreateIfNotExistsAsync(); // set the permissions of the container to 'blob' to make them public var permissions = new BlobContainerPermissions(); permissions.PublicAccess = BlobContainerPublicAccessType.Blob; await container.SetPermissionsAsync(permissions); // for each file that may have been sent to the server from the client if (userPostValues.Files != null) { foreach (var file in userPostValues.Files) { try { // create the blob to hold the data var blockBlob = container.GetBlockBlobReference(file.FileName); if (await blockBlob.ExistsAsync()) { await blockBlob.DeleteAsync(); } using (var memoryStream = new MemoryStream()) { // copy the file data into memory await file.CopyToAsync(memoryStream); // navigate back to the beginning of the memory stream memoryStream.Position = 0; // send the file to the cloud await blockBlob.UploadFromStreamAsync(memoryStream); } // add the photo to the database if it uploaded successfully var photo = new Photo(); photo.Url = blockBlob.Uri.AbsoluteUri; photo.FileName = file.FileName; photo.BlogPostId = blog_post.BlogPostId; _Context.Photos.Add(photo); _Context.SaveChanges(); } catch { } } } _Context.SaveChanges(); return(RedirectToAction("Index")); }
public void OnGet(Guid id) { Data = _api.Posts.GetById <Models.BlogPost>(id); ViewData["CurrentPage"] = Data.BlogId; }