async Task <IActionResult> generateAndSendNewPasswordAsync(User user) { var newPassword = 3.Times(_ => Global.Random.NextENWord().Capitalize()).Aggregate(""); var isSent = await S.EMail.TrySendMessageAsync(user, "Password reset", "New password", $@"Your new password is: {newPassword} Please delete this message so that nobody can see it"); if (isSent) { user.PasswordHash = S.UserManager.PasswordHasher.HashPassword(user, newPassword); var result = await S.UserManager.UpdateAsync(user); await S.SignInManager.SignOutAsync(); await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.PASSWORD_RESET, user)); await S.Db.SaveChangesAsync(); LayoutModel.AddMessage("New password has been sent to your E-Mail"); return(RedirectToPage("/Account/Login")); } else { return(reportError("Could not send the E-Mail")); } }
public async Task <IActionResult> AssignEntitiesAsync(EntitiesAssignModel model) { if (ModelState.IsValid) { var Owner = await S.Db.Users .IncludeEntitiesToCheckSlim() .FirstOrDefaultAsync(u => u.Id == model.ModeratorId); await S.Permissions.ValidateAccessModeratorsPanelAsync(Owner); var entities = Owner.ModeratorsGroup.EntitiesToCheck .Where(e => !e.IsResolved) .Take(model.NumOfEntitiesToAssign) .ToArray(); foreach (var entity in entities) { entity.AssignedModerator = Owner; entity.AssignationTime = DateTime.UtcNow; } await S.Db.SaveChangesAsync(); LayoutModel.AddMessage($"{entities.Length} new entities were assigned to you"); return(RedirectToPage("/ModeratorPanel", new { id = Owner.Id })); } else { throw new Exception(); } }
async Task <IActionResult> confirmEmail(User user) { if (user.EmailConfirmed) { return(RedirectToPage("/Index")); } else if (await S.Utilities.GetCurrentUserModelOrThrowAsync() != user) { return(reportError("You should be signed in in order this link to work")); } else { await S.Db.Entry(user).Reference(u => u.Status).LoadAsync(); user.EmailConfirmed = true; user.Status.State = ProfileState.ACTIVE; await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.EMAIL_CONFIRMED, user)); await S.Db.SaveChangesAsync(); LayoutModel.AddMessage("Email has been confirmed!"); return(RedirectToPage("/Index")); } }
public async Task <IActionResult> OnPostBanAsync() { if (ModelState.IsValid) { if (BannedTill.ToUniversalTime() <= DateTime.UtcNow) { ModelState.AddModelError("", $"Selected date is less than current"); return(Page()); } else { var targetUser = await S.UserManager.FindByIdAsync(UserId); await S.Permissions.ValidateBanUserAsync(targetUser); await S.Banning.BanAsync(targetUser, BannedTill, Reason); LayoutModel.AddMessage($"User \"{targetUser.UserName}\" has been banned"); return(Redirect("/Index")); } } else { return(Page()); } }
public async Task <IActionResult> OnPostAsync() { if (ModelState.IsValid) { var editingPost = await S.Db.Posts .Include(p => p.Edits) .Include(p => p.ModerationInfo) .Include(p => p.Author) .FirstOrDefaultAsync(p => p.Id == PostId); await S.Permissions.ValidateEditPostAsync(editingPost); var authorId = await S.Utilities.GetCurrentUserIdOrThrowAsync(); var author = await S.Db.Users .Include(u => u.ModeratorsInChargeGroup) .FirstOrDefaultAsync(u => u.Id == authorId); if (!await S.Permissions.CanEditPostTitleAsync(editingPost)) { Title = editingPost.Title; } var edit = new PostEdit(author, EditReason, DateTime.UtcNow, editingPost); var sanitizedBody = await S.Sanitizer.SanitizePostBodyAsync(Body); editingPost.Body = sanitizedBody; editingPost.Title = Title; editingPost.BodyPreview = getPostBodyPreview(sanitizedBody); editingPost.Edits.Add(edit); if (editingPost.ModerationInfo.State == ModerationState.MODERATION_NOT_PASSED) { editingPost.ModerationInfo.State = ModerationState.UNDER_MODERATION; editingPost.ModerationInfo.StateReasoning = "Post was edited"; author.ModeratorsInChargeGroup.AddEntityToCheck(editingPost, CheckReason.NEED_MODERATION); } else if (editingPost.ModerationInfo.State == ModerationState.MODERATED) { author.ModeratorsInChargeGroup.AddEntityToCheck(editingPost, CheckReason.CHECK_REQUIRED); } await S.Repository.AddUserActionAsync(author, new UserAction(ActionType.POST_EDITED, editingPost)); await S.Db.SaveChangesAsync(); await S.CacheManager.ResetPostPageCacheAsync(PostId); LayoutModel.AddMessage("Changes applied!"); return(RedirectToPage("/Post", new { id = editingPost.Id })); } else { return(Page()); } }
public async Task <IActionResult> OnPostAsync() { if (ModelState.IsValid) { autoSaveDbChanges = true; var user = await S.Utilities.GetCurrentUserModelOrThrowAsync(); await S.Permissions.ValidateChangeEmailAsync(user); await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.EMAIL_CHANGING, user)); if (NewEMail.ToUpperInvariant() == user.NormalizedEmail) { ModelState.AddModelError("", "Enter new e-mail"); return(Page()); } var isPasswordValid = await S.UserManager.CheckPasswordAsync(user, Password); if (!isPasswordValid) { #warning security problem ModelState.AddModelError("", "Incorrect password"); return(Page()); } var confirmationLink = await S.ConfirmationLinks.GetEMailChangeConfirmationLinkAsync(user, NewEMail); var isSent = await S.EMail.TrySendMessageAsync(user, "E-Mail change", "Administration", $@"You are trying to change profile e-mail. Current e-mail: {user.Email} New e-mail: {NewEMail} Follow this link to finish the operation: {confirmationLink}"); if (isSent) { LayoutModel.AddMessage($"Conformation link has been send to {NewEMail}"); return(Redirect(S.History.GetLastURL())); } else { LayoutModel.AddMessage("Couldn't send confirmation link. Try later."); return(Page()); } } else { return(Page()); } }
async Task <IActionResult> reportAsync(IReportable reportObject) { await S.Permissions.ValidateReportAsync(reportObject); Report report; var reportingUser = await S.UserManager.GetUserAsync(User); if (reportObject is Post post) { report = new Report(reportingUser, post.Author, reportObject); } else if (reportObject is Profile profile) { var owner = await S.Db.Users.FirstOrDefaultAsync(u => u.Profile.Id == profile.Id); report = new Report(reportingUser, owner, reportObject); } else if (reportObject is Commentary commentary) { report = new Report(reportingUser, commentary.Author, reportObject); commentary.IsHidden = commentary.IsHidden ? true : S.Decisions.ShouldHide(commentary); } else { throw new InvalidOperationException("Can't create report for object of such type"); } S.Db.Reports.Add(report); await S.Repository.AddUserActionAsync(reportingUser, new UserAction(ActionType.REPORT, reportObject)); if (S.Decisions.ShouldReportToModerator(reportObject)) { var moderators = reportObject.Author.ModeratorsInChargeGroup; var alreadyAdded = moderators.EntitiesToCheck.FirstOrDefault(e => e.Entity == reportObject); if (alreadyAdded == null) { moderators.AddEntityToCheck(reportObject, CheckReason.TOO_MANY_REPORTS); } else { alreadyAdded.AddTime = DateTime.UtcNow; } } await S.Db.SaveChangesAsync(); LayoutModel.AddMessage("Report has been submitted"); return(Redirect(S.History.GetLastURL())); }
public async Task <IActionResult> OnPostAsync() { if (ModelState.IsValid) { IReportable reportObject; if (CommentaryReportObjectId != null) { reportObject = await S.Db.Commentaries .Include(o => o.Author) .FirstAsync(c => c.Id == CommentaryReportObjectId.Value); } else if (PostReportObjectId != null) { reportObject = await S.Db.Posts .Include(o => o.Author) .FirstAsync(c => c.Id == PostReportObjectId.Value); } else if (ProfileReportObjectId != null) { reportObject = await S.Db.ProfilesInfos .Include(o => o.Author) .FirstAsync(c => c.Id == ProfileReportObjectId.Value); } else { throw new NotSupportedException(); } await Permissions.ValidateReportViolationAsync(reportObject); var currentUser = await S.Utilities.GetCurrentUserModelOrThrowAsync(); var violation = new Violation(currentUser, reportObject.Author, reportObject, Description); var action = new UserAction(ActionType.VIOLATION_REPORTED, reportObject) { Author = currentUser }; S.Db.UserRuleViolations.Add(violation); S.Db.UsersActions.Add(action); await S.Db.SaveChangesAsync(); LayoutModel.AddMessage("Violation report has been submitted"); return(Redirect(S.History.GetLastURL())); } else { return(Page()); } }
public async Task <IActionResult> UnbanAsync([Required] string userId) { if (ModelState.IsValid) { await S.Banning.UnbanAsync(userId); LayoutModel.AddMessage($"User has been unbanned"); return(Redirect(S.History.GetLastURL())); } else { throw new Exception(); } }
public async Task <IActionResult> OnPostAsync() { if (ModelState.IsValid) { if (NewPassword == NewPasswordConfirmation) { var user = await S.Utilities.GetCurrentUserModelOrThrowAsync(); await S.Permissions.ValidateChangePasswordAsync(user); await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.PASSWORD_CHANGING, user)); var result = await S.UserManager.ChangePasswordAsync(user, CurrentPassword, NewPassword); if (result.Succeeded) { await S.SignInManager.SignOutAsync(); user.Actions.Add(new UserAction(ActionType.PASSWORD_CHANGED, user)); await S.Db.SaveChangesAsync(); LayoutModel.AddMessage("Password has been changed"); return(RedirectToPage("/Account/Login", new { userName = user.UserName })); } else { LayoutModel.AddMessage("Could not change password"); return(Page()); } } else { ModelState.AddModelError("", "Passwords do not match"); return(Page()); } } else { return(Page()); } }
public async Task <IActionResult> OnPostAsync() { if (ModelState.IsValid) { await S.Permissions.ValidateMarkAsNotPassedModerationAsync(PostId); await S.Moderation.MarkAsNotPassedModerationAsync(PostId, Reason); await S.Db.SaveChangesAsync(); LayoutModel.AddMessage("The post has been marked as not passed moderation"); return(RedirectToPage("/Post", new { id = PostId })); } else { throw new Exception(); } }
public async Task <IActionResult> OnPostAsync() { if (ModelState.IsValid) { var targetUser = await S.UserManager.FindByNameAsync(UserName); if (targetUser == null || !await S.Permissions.CanResetPasswordAsync(targetUser)) { return(RedirectToPage("/Errors/PasswordResetError")); } else { await S.Repository.AddUserActionAsync(targetUser, new UserAction(ActionType.PASSWORD_RESETING, targetUser)); var link = await _confirmation.GetPasswordResetConfirmationLinkAsync(targetUser); var isSent = await _email.TrySendMessageAsync(targetUser, "Password reset", "Confirmation", $@"If you want to continue password reset, follow this link: {link} After openning the link, new password will be sent to this E-Mail"); if (isSent) { targetUser.Status.LastPasswordRestoreAttempt = DateTime.UtcNow; await S.UserManager.UpdateAsync(targetUser); LayoutModel.AddMessage("Password reset confirmation link has been sent"); return(RedirectToPage("/Index")); } else { LayoutModel.AddMessage("Error while sending confirmation link"); return(Page()); } } } else { return(Page()); } }
public async Task <IActionResult> UpdateCommentaryAsync([Required] CommentaryEditinigModel model) { if (ModelState.IsValid) { var currentUser = await S.UserManager.GetUserAsync(User); var commentary = await S.Db.Commentaries .Include(c => c.Post) .FirstOrDefaultAsync(c => c.Id == model.CommentaryId); await S.Permissions.ValidateEditCommentaryAsync(commentary); var user = await S.UserManager.GetUserAsync(User); commentary.Body = model.Body; commentary.Edits.Add(new CommentaryEdit(user, model.Reason, DateTime.UtcNow)); await S.Repository.AddUserActionAsync(currentUser, new UserAction(ActionType.COMMENTARY_EDIT, commentary)); await S.Db.SaveChangesAsync(); await S.CacheManager.ResetPostPageCacheAsync(commentary.Post.Id); } else { if (model.Reason == null) { LayoutModel.AddMessage("Edit reason is required"); } else if (model.Body == null) { LayoutModel.AddMessage("Commentary body is required"); } else { throw new Exception(); } } return(Redirect(S.History.GetLastURL())); }
async Task <IActionResult> changeEMail(User user, string arguments) { if (arguments == null) { return(reportError("Bad arguments")); } else if (await S.Utilities.GetCurrentUserModelOrThrowAsync() != user) { return(reportError("You should log in in order this link to work")); } else { var newEmail = arguments; user.Email = newEmail; await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.EMAIL_CHANGED, user)); await S.Db.SaveChangesAsync(); LayoutModel.AddMessage($"Email has been changed to {newEmail}"); return(RedirectToPage("/Account/Profile")); } }
IActionResult reportError(string message) { LayoutModel.AddMessage(message); return(RedirectToPage("/Index")); }