private static string CreateUpdatePost(XmlDocument doc, IGraffitiUser user) { Post post = null; XmlAttribute postidAttribute = doc.SelectSingleNode("/post").Attributes["id"]; if (postidAttribute == null) { post = new Post(); } else { int pid = Int32.Parse(postidAttribute.Value); if (pid > 0) { post = new Post(pid); } else { post = new Post(); } } XmlNode node = doc.SelectSingleNode("/post"); if (GraffitiUsers.IsUserInRole(user.Name, GraffitiUsers.AdminRole)) { XmlNode usernameNode = node.SelectSingleNode("author"); if (usernameNode != null && !string.IsNullOrEmpty(usernameNode.Value)) { post.UserName = GraffitiUsers.GetUser(usernameNode.Value).Name; } } if (string.IsNullOrEmpty(post.UserName) && post.IsNew) { post.UserName = user.Name; } post.PostBody = GetNodeValue(node.SelectSingleNode("postBody"), null); if (string.IsNullOrEmpty(post.PostBody)) { throw new RESTConflict("The Post body element is missing and is required"); } post.CategoryId = GetNodeValue(node.SelectSingleNode("categoryId"), -1); if (post.CategoryId <= 0) { throw new RESTConflict("The category element is missing (or has an invalid value) and is required"); } post.Title = GetNodeValue(node.SelectSingleNode("title"), null); if (string.IsNullOrEmpty(post.Title)) { throw new RESTConflict("The title element is missing and is required"); } post.ExtendedBody = GetNodeValue(node.SelectSingleNode("extendedBody"), null); XmlNode publishedDateNode = node.SelectSingleNode("publishedDate"); if (publishedDateNode != null && !string.IsNullOrEmpty(publishedDateNode.InnerText) && DateTime.Parse(publishedDateNode.InnerText) > new DateTime(2000, 1, 1)) { post.Published = DateTime.Parse(publishedDateNode.InnerText); } else if (post.IsNew) { post.Published = SiteSettings.CurrentUserTime; } post.Name = GetNodeValue(node.SelectSingleNode("name"), post.Name); post.Status = GetNodeValue(node.SelectSingleNode("status"), post.IsNew ? (int)PostStatus.Draft : post.Status); post.TagList = GetNodeValue(node.SelectSingleNode("tags"), null); post.ContentType = GetNodeValue(node.SelectSingleNode("contenttype"), null); post.SortOrder = GetNodeValue(node.SelectSingleNode("sortOrder"), post.SortOrder); post.HomeSortOrder = GetNodeValue(node.SelectSingleNode("homeSortOrder"), post.HomeSortOrder); post.MetaDescription = GetNodeValue(node.SelectSingleNode("metaDescription"), post.MetaDescription); post.MetaKeywords = GetNodeValue(node.SelectSingleNode("metaKeywords"), post.MetaKeywords); post.IsHome = GetNodeValue(node.SelectSingleNode("isHome"), post.IsHome); post.EnableComments = GetNodeValue(node.SelectSingleNode("enableComments"), post.EnableComments); XmlNodeList customFields = node.SelectNodes("customFields/customField"); foreach (XmlNode cNode in customFields) { post[cNode.Attributes["key"].Value] = cNode.InnerText; } Permission perm = RolePermissionManager.GetPermissions(post.CategoryId, user); if (GraffitiUsers.IsAdmin(user) || perm.Publish) { post.IsDeleted = GetNodeValue(node.SelectSingleNode("isDeleted"), post.IsDeleted); } int id = PostRevisionManager.CommitPost(post, user, SiteSettings.Get().FeaturedId == post.Id, post.Category.FeaturedId == post.Id); return(string.Format("<result id=\"{0}\">true</result>", id)); }
protected void Page_Load(object sender, EventArgs e) { LiHyperLink.SetNameToCompare(Context, "UserManagement"); IGraffitiUser currentUser = GraffitiUsers.Current; if (Request.QueryString["user"] != null) { if (!IsPostBack) { user = GraffitiUsers.GetUser(Request.QueryString["user"]); if (user == null) { throw new Exception("This user does not exist or cannot be edited."); } if (!GraffitiUsers.IsAdmin(currentUser) && user.Name != currentUser.Name) { throw new SecurityException("You do not have permission to edit this user"); } if (Request.QueryString["new"] != null && !IsPostBack) { Message.Text = "The user <strong>" + user.Name + "</strong> was created."; Message.Type = StatusType.Success; } PageText.Text = "Update " + user.ProperName + "'s profile."; AdminUserLinks.Visible = true; PasswordLink.NavigateUrl = string.Format("~/graffiti-admin/user-management/users/changepassword.aspx?user={0}", Request.QueryString["user"]); if (GraffitiUsers.CanRenameUsers && GraffitiUsers.IsAdmin(GraffitiUsers.Current)) { AdminUserLinksDelim.Visible = true; RenameLink.Visible = true; RenameLink.NavigateUrl = string.Format("javascript:Telligent_Modal.Open('RenameUser.aspx?user={0}', 400, 200, null);", Request.QueryString["user"]); } txtExistingUserName.Text = Server.HtmlDecode(user.Name); txtProperName.Text = Server.HtmlDecode(user.ProperName); txtExistingEmail.Text = user.Email; txtAvatar.Text = user.Avatar; Editor.Text = user.Bio; txtWebsite.Text = string.IsNullOrEmpty(user.WebSite) ? new Macros().FullUrl(new Urls().Home) : Server.HtmlEncode(user.WebSite); bool isAdmin = GraffitiUsers.IsUserInRole(GraffitiUsers.Current.Name, GraffitiUsers.AdminRole); role_section.Visible = isAdmin; AllRoles.Visible = isAdmin; if (!isAdmin) { Cancel_Edit.NavigateUrl = "~/graffiti-admin/"; } if (isAdmin) { RolePermissionsCollection rp = RolePermissionManager.GetRolePermissions(); RolePermissionsCollection newrp = new RolePermissionsCollection(); newrp.AddRange(rp); RolePermissions temp = newrp.Find(delegate(RolePermissions r) { return(r.RoleName == GraffitiUsers.EveryoneRole); }); if (temp != null) { newrp.Remove(temp); } newrp.Sort(delegate(RolePermissions rp1, RolePermissions rp2) { return(Comparer <string> .Default.Compare(rp1.RoleName, rp2.RoleName)); }); Roles.DataSource = newrp; Roles.DataBind(); foreach (string role in user.Roles) { if (role == GraffitiUsers.AdminRole) { chkAdmin.Checked = true; if (GraffitiUsers.Current.Name == user.Name) { chkAdmin.Enabled = false; } } } } } new_user_container.Visible = false; User_List.Visible = false; user_edit_form.Visible = true; } else { if (!GraffitiUsers.IsUserInRole(currentUser.Name, GraffitiUsers.AdminRole)) { Response.Redirect("?user="******"*"); User_List.DataSource = users; User_List.DataBind(); // filter out everyone if they are not a content publisher for licensing List <IGraffitiUser> filteredUsers = new List <IGraffitiUser>(); filteredUsers.AddRange(users); bool isEveryonePublisher = RolePermissionManager.IsEveryoneAContentPublisher(); if (!isEveryonePublisher) { foreach (IGraffitiUser user in users) { if (user.Roles != null && user.Roles[0] == GraffitiUsers.EveryoneRole) { filteredUsers.Remove(user); } } } } }