public ActionResult DeleteComment(Guid reportGuid, DiscussionTargetType targetType, Guid targetGuid, Guid commentGuid, string authorHash) { // company admins can delete any comment for their company. // non admins can only delete their own comments var deletionAuthorised = false; var discussion = _discussionManager.Get(reportGuid, targetType, targetGuid); var comment = discussion.Comments.SingleOrDefault(c => c.UniqueId == commentGuid); if (Request.IsAuthenticated) { InitializeContext(); if (discussion.CompanyId == CurrentUser.CompanyId && CurrentUser.IsCompanyAdmin) { deletionAuthorised = true; } } if (!deletionAuthorised) { // let's see if the comment is made by the person trying to delete it if (authorHash == ConversionUtil.CommentToHashString(comment)) { deletionAuthorised = true; } } if (deletionAuthorised) { discussion.Comments.Remove(comment); _discussionManager.DeleteComment(comment); try { // update others GlobalHost.ConnectionManager.GetHubContext <DiscussionHub>() .Clients.Group(discussion.DiscussionName) .removeComment(discussion.DiscussionName, commentGuid, discussion.CommentCount); } catch (Exception exception) { ErrorStore.LogException(exception, System.Web.HttpContext.Current); } } else { throw new HttpException(401, "Unauthorized"); } return(Json(new { success = true, commentGuid, commentCount = discussion.CommentCount })); }
public ActionResult Details(Guid reportGuId, DiscussionTargetType targetType, Guid targetGuid, Comment comment) { InitializeContext(); //ensure the Author Name or Email hasn't been messed with if (ConversionUtil.CommentToHashString(comment) != comment.AuthorHash) { throw new HttpException(400, "Bad Request"); } // Get the report. var report = _reportManager.GetList(new { UniqueId = reportGuId }).SingleOrDefault(); if (report == null) { throw new HttpException(400, "Bad Request"); } // Get the discussion var discussion = _discussionManager.Get(reportGuId, targetType, targetGuid); if (discussion == null) { discussion = new Discussion { ReportGuId = reportGuId, ReportId = report.Id, ReportDate = report.Date, TargetType = targetType, Target = targetGuid, }; } discussion.CompanyId = report.CompanyId; var updatedDiscussion = _discussionManager.AddComment(discussion, comment); var commentsHtml = ViewToString("_comments", updatedDiscussion.Comments); try { // update other clients GlobalHost.ConnectionManager.GetHubContext <DiscussionHub>() .Clients.Group(discussion.DiscussionName) .refreshComments(discussion.DiscussionName, commentsHtml, updatedDiscussion.Title, discussion.CommentCount); } catch (Exception exception) { ErrorStore.LogException(exception, System.Web.HttpContext.Current); } return(Json(new { success = true, discussionName = updatedDiscussion.DiscussionName, title = updatedDiscussion.Title, commentCount = discussion.CommentCount, commentsHtml })); }
public ActionResult Details(Guid reportGuid, DiscussionTargetType targetType, Guid targetGuid) { var discussion = _discussionManager.Get(reportGuid, targetType, targetGuid); if (discussion == null) { discussion = new Discussion { Title = "Start a Discussion", ReportGuId = reportGuid, TargetType = targetType, Target = targetGuid }; } return(View("_details", discussion)); }
public Discussion Get(Guid reportGuid, DiscussionTargetType targetType, Guid targetGuid) { try { OpenConnection(); var results = Connection.QueryMultiple("DiscussionGet", new { ReportGuid = reportGuid, targetType = (short)targetType, TargetGuid = targetGuid }, commandType: CommandType.StoredProcedure); var discussion = results.Read <Discussion>().FirstOrDefault(); if (discussion != null) { discussion.Comments = results.Read <Comment>().ToList(); } return(discussion); } finally { CloseConnection(); } }
public Discussion Get(Guid reportGuid, DiscussionTargetType targetType, Guid targetGuid) { return(_dicussionRepository.Get(reportGuid, targetType, targetGuid)); }