/// <summary>
/// Get Access for User in a file
/// </summary>
/// <param name="fileid"></param>
/// <returns></returns>
private async Task <NoteAccess> GetMyAccess(int fileid)
{
NoteAccess noteAccess = await AccessManager.GetAccess(_db, _userManager.GetUserId(User), fileid, 0);
ViewData["MyAccess"] = noteAccess;
return(noteAccess);
}
public async Task Put(NoteAccess item)
{
IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name);
NoteAccess myAccess = await AccessManager.GetAccess(_db, me.Id, item.NoteFileId, item.ArchiveId);
if (!myAccess.EditAccess)
{
return;
}
NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == item.NoteFileId &&
p.ArchiveId == item.ArchiveId && p.UserID == item.UserID)
.FirstOrDefaultAsync();
if (work == null)
{
return;
}
work.ReadAccess = item.ReadAccess;
work.Respond = item.Respond;
work.Write = item.Write;
work.DeleteEdit = item.DeleteEdit;
work.SetTag = item.SetTag;
work.ViewAccess = item.ViewAccess;
work.EditAccess = item.EditAccess;
_db.Update(work);
await _db.SaveChangesAsync();
}
/// <summary>
/// Get Users Specific Access Entry
/// </summary>
/// <param name="db">ApplicationDBContext</param>
/// <param name="userId">ID of logged in user</param>
/// <param name="fileId">NoteFileID</param>
/// <returns>NoteAcess Object</returns>
public static async Task <NoteAccess> GetOneAccess(ApplicationDbContext db, string userId, int fileId, int arcId)
{
NoteAccess na = await db.NoteAccess
.Where(p => p.UserID == userId && p.NoteFileId == fileId && p.ArchiveId == arcId).FirstOrDefaultAsync();
return(na);
}
GetBaseNoteHeadersForFile(int id)
{
string authHeader = Request.Headers["authentication"];
string[] auths = authHeader.Split(',');
IdentityUser me = await _userManager.FindByIdAsync(auths[1]);
UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id);
if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0)
{
return(new List <NoteHeader>());
}
string userID = auths[1];
NoteAccess myAcc = await AccessManager
.GetAccess(_context, userID, id, 0);
if (!myAcc.ReadAccess)
{
return(new List <NoteHeader>());
}
List <NoteHeader> stuff = await NoteDataManager
.GetBaseNoteHeaders(_context, id, 0);
return(stuff);
}
public async Task <ActionResult <IEnumerable <NoteFile> > > GetFileList()
{
string authHeader = Request.Headers["authentication"];
string[] auths = authHeader.Split(',');
IdentityUser me = await _userManager.FindByIdAsync(auths[1]);
UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id);
if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0)
{
return(new List <NoteFile>());
}
List <NoteFile> allFiles = await NoteDataManager
.GetNoteFilesOrderedByName(_context);
List <NoteFile> myFiles = new List <NoteFile>();
foreach (var file in allFiles)
{
file.Owner = null;
NoteAccess myAccess = await AccessManager
.GetAccess(_context, me.Id, file.Id, 0);
if (myAccess.ReadAccess || myAccess.Write)
{
myFiles.Add(file);
}
}
return(myFiles);
}
// GET: NoteAccesses/Edit/5
/// <summary>
/// Edit an access control for a user and file
/// </summary>
/// <param name="id">UserID</param>
/// <param name="id2">NoteFileID</param>
/// <returns></returns>
public async Task <IActionResult> Edit(string id, int id2)
{
int arcId = (int)HttpContext.Session.GetInt32("ArchiveID");
NoteAccess myaccess = await GetMyAccess(id2, arcId);
if (!myaccess.EditAccess)
{
return(RedirectToAction("Index"));
}
ViewBag.MyAccess = myaccess;
// get the Object for the User/NoteFile
NoteAccess noteAccess = await AccessManager.GetOneAccess(_db, id, id2, arcId);
if (noteAccess == null)
{
return(NotFound());
}
// Get the NoteFile Name
NoteFile nf = await NoteDataManager.GetFileById(_db, id2);
ViewBag.NoteFileName = nf.NoteFileName;
ViewBag.NoteUserName = GetUserNameFromID(id);
// Pass Access Control Object to View
return(View(noteAccess));
}
// GET: NoteAccesses/Delete/5
/// <summary>
/// Delete an Accese Control Object
/// </summary>
/// <param name="id">UserID</param>
/// <param name="id2">NoteFileID</param>
/// <returns></returns>
public async Task <IActionResult> Delete(string id, int id2)
{
if (id == "")
{
return(NotFound());
}
int arcId = (int)HttpContext.Session.GetInt32("ArchiveID");
NoteAccess myaccess = await GetMyAccess(id2, arcId);
if (!myaccess.EditAccess)
{
return(RedirectToAction("Index", "Home"));
}
ViewBag.MyAccess = myaccess;
// Get Access Control Object
NoteAccess noteAccess = await AccessManager.GetOneAccess(_db, id, id2, arcId);
if (noteAccess == null)
{
return(NotFound());
}
// Get NoteFile Object
ViewBag.NoteFileName = _db.NoteFile
.FirstOrDefault(p => p.Id == id2)
?.NoteFileName;
ViewBag.NoteUserName = GetUserNameFromID(id);
// Send Access Control Object to View
return(View(noteAccess));
}
GetNoteContent(int id, int id2, int id3)
{
string authHeader = Request.Headers["authentication"];
string[] auths = authHeader.Split(',');
IdentityUser me = await _userManager
.FindByIdAsync(auths[1]);
UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id);
if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0)
{
return(new NoteContent());
}
string userID = auths[1];
NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, id, 0);
if (!myAcc.ReadAccess)
{
return(new NoteContent());
}
NoteContent result = await NoteDataManager
.GetNoteContent(_context, id, 0, id2, id3);
return(result);
}
/// <summary>
/// Shim to Enter a NoteFile from the list of NoteFiles
/// </summary>
/// <param name="id">NoteFile</param>
/// <returns></returns>
public async Task <IActionResult> Viewit(int?id)
{
HttpContext.Session.SetInt32("IsSearch", 0);
if (id == null)
{
return(NotFound());
}
NoteFile noteFile = await NoteDataManager.GetFileById(_db, (int)id);
if (noteFile == null)
{
return(NotFound());
}
// Check access
NoteAccess nacc = await GetMyAccess((int)id);
if (!nacc.Write && !nacc.ReadAccess) // can not read or write = no access
{
return(RedirectToAction("Index"));
}
HttpContext.Session.SetInt32("ArchiveID", Convert.ToInt32(0));
return(RedirectToAction("Listing", "NoteDisplay", new { id = noteFile.Id }));
}
/// <summary>
/// Get the access object for this user in this file
/// </summary>
/// <param name="fileid">id of file we are exporting</param>
/// <param name="user">id of this user</param>
/// <returns></returns>
public async Task <NoteAccess> GetMyAccess(int fileid, ClaimsPrincipal user)
{
NoteAccess noteAccess = await AccessManager.GetAccess(_db, _userManager.GetUserId(user), fileid, 0); // (int)HttpContext.Session.GetInt32("ArchiveID")); //TODO??
ViewData["MyAccess"] = noteAccess;
return(noteAccess);
}
public async Task <IActionResult> Create(NoteAccess noteAccess)
{
if (ModelState.IsValid)
{
if (noteAccess.UserID == "")
{
ViewBag.ErrorMessage = "Not a valid user name!";
return(View(noteAccess));
}
string myid = noteAccess.UserID; // await GetUserIDFromName(noteAccess.UserID);
if (myid == "")
{
ViewBag.ErrorMessage = "Not a valid user id!";
return(View(noteAccess));
}
noteAccess.UserID = myid; // set the userid
try // add new entry to DB
{
_db.NoteAccess.Add(noteAccess);
await _db.SaveChangesAsync();
}
catch
{
ViewBag.ErrorMessage = "Is that user already on the list?";
}
return(RedirectToAction("Index", new { id = noteAccess.NoteFileId }));
}
return(View(noteAccess));
}
public async Task Post(NoteAccess item)
{
IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name);
NoteAccess myAccess = await AccessManager.GetAccess(_db, me.Id, item.NoteFileId, item.ArchiveId);
if (!myAccess.EditAccess)
{
return;
}
NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == item.NoteFileId &&
p.ArchiveId == item.ArchiveId && p.UserID == item.UserID)
.FirstOrDefaultAsync();
if (work != null)
{
return; // already exists
}
if (item.UserID == Globals.AccessOtherId())
{
return; // can not create "Other"
}
NoteFile nf = _db.NoteFile.Where(p => p.Id == item.NoteFileId).FirstOrDefault();
if (item.ArchiveId < 0 || item.ArchiveId > nf.NumberArchives)
{
return;
}
_db.NoteAccess.Add(item);
await _db.SaveChangesAsync();
}
public async Task QueryNotesDoesntFailIfNoMatchesRedisTest()
{
this.setupRetrieveAll();
sut = new NoteAccess(redisMock.Object, dbMock.Object, serverMock.Object);
var res = (await sut.QueryNotes("doesntexist")).ToList();
Assert.Equal(res.Count, 0);
}
public async Task RetrieveNoteCallsRedisTest()
{
dbMock.Setup(x => x.StringGetAsync("notes_1", CommandFlags.None)).ReturnsAsync("notes");
sut = new NoteAccess(redisMock.Object, dbMock.Object, serverMock.Object);
var res = await sut.RetrieveNote("1");
Assert.Equal(res.body, "notes");
Assert.Equal(res.id, 1);
}
public async Task QueryNotesMatchesCharTest()
{
this.setupRetrieveAll();
sut = new NoteAccess(redisMock.Object, dbMock.Object, serverMock.Object);
var res = (await sut.QueryNotes("n")).ToList();
Assert.Equal(res.Count, 1);
Assert.Equal(res[0].body, "notes");
Assert.Equal(res[0].id, 1);
}
public async Task RetrieveNotesCallsRedisTest()
{
this.setupRetrieveAll();
sut = new NoteAccess(redisMock.Object, dbMock.Object, serverMock.Object);
var res = (await sut.RetrieveNotes()).ToList();
Assert.Equal(res.Count, 1);
Assert.Equal(res[0].body, "notes");
Assert.Equal(res[0].id, 1);
}
public async Task AddNoteCallsRedisTest()
{
dbMock.Setup(x => x.StringGetAsync(indexKey, CommandFlags.None)).ReturnsAsync("notes_1");
dbMock.Setup(x => x.StringSetAsync("notes_2", "note", null, When.Always, CommandFlags.None)).ReturnsAsync(true);
dbMock.Setup(x => x.StringSetAsync(indexKey, "notes_2", null, When.Always, CommandFlags.None)).ReturnsAsync(true);
sut = new NoteAccess(redisMock.Object, dbMock.Object, serverMock.Object);
var res = await sut.AddNote("note");
Assert.Equal(res.body, "note");
}
/// <summary>
/// Get Access Control Object for file and user
/// </summary>
/// <param name="fileid"></param>
/// <returns></returns>
public async Task <NoteAccess> GetMyAccess(int fileid, int ArcId)
{
string myname = User.Identity.Name;
var IdUser = await _userManager.FindByEmailAsync(myname);
string uid = await _userManager.GetUserIdAsync(IdUser);
NoteAccess noteAccess = await AccessManager.GetAccess(_db, uid, fileid, ArcId);
return(noteAccess);
}
public async Task <IActionResult> DeleteConfirmed(string id, int id2)
{
int arcId = (int)HttpContext.Session.GetInt32("ArchiveID");
NoteAccess noteAccess = await AccessManager.GetOneAccess(_db, id, id2, arcId);
_db.NoteAccess.Remove(noteAccess);
await _db.SaveChangesAsync();
return(RedirectToAction("Index", new { id = noteAccess.NoteFileId }));
}
public async Task <NoteHeader> Create(Notes2021.Models.TextViewModel inputModel)
{
string authHeader = Request.Headers["authentication"];
string[] auths = authHeader.Split(',');
IdentityUser me = await _userManager.FindByIdAsync(auths[1]);
UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id);
if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0)
{
return(null);
}
string userID = auths[1];
NoteAccess myAcc = await AccessManager.
GetAccess(_context, userID, inputModel.NoteFileID, 0);
if (!myAcc.Write)
{
return(null);
}
await _signInManager.SignInAsync(me, false);
DateTime now = DateTime.Now.ToUniversalTime();
NoteHeader nheader = new NoteHeader()
{
LastEdited = now,
ThreadLastEdited = now,
CreateDate = now,
NoteFileId = inputModel.NoteFileID,
AuthorName = appMe.DisplayName,
AuthorID = _userManager.GetUserId(User),
NoteSubject = inputModel.MySubject,
ResponseOrdinal = 0,
ResponseCount = 0
};
if (inputModel.BaseNoteHeaderID == 0)
{
return(await NoteDataManager
.CreateNote(_context, _userManager, nheader,
inputModel.MyNote.Replace("\n", "<br />"),
inputModel.TagLine,
inputModel.DirectorMessage, true, false));
}
NoteHeader bnh = await NoteDataManager.GetNoteHeader(_context, inputModel.BaseNoteHeaderID);
nheader.BaseNoteId = bnh.Id;
return(await NoteDataManager.CreateResponse(_context, _userManager,
nheader, inputModel.MyNote, inputModel.TagLine,
inputModel.DirectorMessage, true, false));
}
public async Task <IActionResult> Edit(NoteAccess noteAccess)
{
if (ModelState.IsValid)
{
_db.Entry(noteAccess).State = EntityState.Modified;
await _db.SaveChangesAsync();
return(RedirectToAction("Index", new { id = noteAccess.NoteFileId }));
}
return(View(noteAccess));
}
public async Task CreateAnnounce()
{
await CreateNoteFile("announce", "Notes 2021 Announcements");
NoteFile nf4 = await NoteDataManager.GetFileByName(_db, "announce");
int padid = nf4.Id;
NoteAccess access = await AccessManager.GetOneAccess(_db, Globals.AccessOtherId(), padid, 0);
access.ReadAccess = true;
_db.Entry(access).State = EntityState.Modified;
await _db.SaveChangesAsync();
}
public async Task <NoteAccess> Get(string fileId)
{
int Id = int.Parse(fileId);
IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name);
NoteAccess mine = await _db.NoteAccess.Where(p => p.NoteFileId == Id && p.UserID == me.Id && p.ArchiveId == 0).OrderBy(p => p.ArchiveId).FirstOrDefaultAsync();
if (mine == null)
{
mine = await _db.NoteAccess.Where(p => p.NoteFileId == Id && p.UserID == Globals.AccessOtherId() && p.ArchiveId == 0).OrderBy(p => p.ArchiveId).FirstOrDefaultAsync();
}
return(mine);
}
private static async Task SendNewNoteToSubscribers(ApplicationDbContext db, UserManager <IdentityUser> userManager, NoteHeader nc)
{
nc.NoteFile.NoteHeaders = null;
ForwardViewModel fv = new ForwardViewModel()
{
NoteSubject = "New Note from Notes 2021"
};
List <Subscription> subs = await db.Subscription
.Where(p => p.NoteFileId == nc.NoteFileId)
.ToListAsync();
List <string> emails = new List <string>();
fv.ToEmail = "xx";
fv.FileID = nc.NoteFileId;
fv.hasstring = false;
fv.NoteID = nc.Id;
fv.NoteOrdinal = nc.NoteOrdinal;
fv.NoteSubject = nc.NoteSubject;
fv.toAllUsers = false;
fv.IsAdmin = false;
fv.wholestring = false;
foreach (Subscription s in subs)
{
UserAuxData usr = await db.UserData.SingleAsync(p => p.UserId == s.SubscriberId);
NoteAccess myAccess = await AccessManager.GetAccess(db, usr.UserId, nc.NoteFileId, 0);
if (myAccess.ReadAccess)
{
emails.Add((await userManager.FindByIdAsync(usr.UserId)).Email);
}
}
if (emails.Count > 0)
{
string payload = await MakeNoteForEmail(fv, db, "BackgroundJob", "Notes 2021");
foreach (string em in emails)
{
await Globals.EmailSender.SendEmailAsync(em, fv.NoteSubject, payload);
}
//await Globals.EmailSender.SendEmailListAsync(emails, fv.NoteSubject, payload);
}
}
public async Task CreatePad()
{
await CreateNoteFile("pad", "Traditional Pad");
NoteFile nf4 = await NoteDataManager.GetFileByName(_db, "pad");
int padid = nf4.Id;
NoteAccess access = await AccessManager.GetOneAccess(_db, Globals.AccessOtherId(), padid, 0);
access.ReadAccess = true;
access.Respond = true;
access.Write = true;
_db.Entry(access).State = EntityState.Modified;
await _db.SaveChangesAsync();
}
/// <summary>
/// Get Access Control Object for file and user
/// </summary>
/// <param name="fileid"></param>
/// <returns></returns>
public async Task <NoteAccess> GetMyAccess(int fileid, int ArcId)
{
string myname = User.Identity.Name;
var IdUser = await _userManager.FindByEmailAsync(myname);
string uid = await _userManager.GetUserIdAsync(IdUser);
NoteAccess noteAccess = await AccessManager.GetAccess(_db, uid, fileid, ArcId);
if (User.IsInRole("Guest"))
{
noteAccess.EditAccess = noteAccess.DeleteEdit = noteAccess.Respond = noteAccess.Write = false;
}
return(noteAccess);
}
int iHeaderHeight; //Used for the header height
public ListNotes(NoteFile myFile)
{
InitializeComponent();
mySelf = this;
MyFile = myFile;
label1.Text = MyFile.NoteFileName;
label2.Text = MyFile.NoteFileTitle;
List <NoteHeader> noteHeader = Actions.GetNoteList(Program.MyClient, MyFile.Id);
MyAccess = Actions.GetAccess(Program.MyClient, MyFile.Id);
button1.Enabled = MyAccess.Write;
int count = 0;
foreach (var header in noteHeader)
{
header.CreateDate = header.CreateDate.ToLocalTime();
count++;
}
label3.Text = count + @" Base Notes";
dataGridView1.DataSource = noteHeader;
dataGridView1.Columns[0].Visible = false;
dataGridView1.Columns[1].Visible = false;
dataGridView1.Columns[2].Visible = false;
dataGridView1.Columns[3].Visible = false;
dataGridView1.Columns[4].Visible = false;
dataGridView1.Columns[6].Visible = false;
dataGridView1.Columns[9].Visible = false;
dataGridView1.Columns[10].Visible = false;
dataGridView1.Columns[12].Visible = false;
dataGridView1.Columns[14].Visible = false;
dataGridView1.Columns[15].Visible = false;
dataGridView1.Columns[5].AutoSizeMode = DataGridViewAutoSizeColumnMode.AllCells;
dataGridView1.Columns[7].AutoSizeMode = DataGridViewAutoSizeColumnMode.AllCells;
dataGridView1.Columns[8].AutoSizeMode = DataGridViewAutoSizeColumnMode.AllCells;
dataGridView1.Columns[11].AutoSizeMode = DataGridViewAutoSizeColumnMode.AllCells;
dataGridView1.Columns[13].AutoSizeMode = DataGridViewAutoSizeColumnMode.AllCells;
}
public async Task <NoteHeader> Edit(Notes2021.Models.TextViewModel inputModel)
{
string authHeader = Request.Headers["authentication"];
string[] auths = authHeader.Split(',');
IdentityUser me = await _userManager.FindByIdAsync(auths[1]);
UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id);
if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0)
{
return(null);
}
string userID = auths[1];
NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, inputModel.NoteFileID, 0); //TODO
if (!myAcc.Write)
{
return(null);
}
await _signInManager.SignInAsync(me, false);
DateTime now = DateTime.Now.ToUniversalTime();
NoteHeader oheader = await NoteDataManager
.GetBaseNoteHeaderById(_context, inputModel.NoteID);
if (oheader.AuthorID != userID) // must be a note this user wrote.
{
return(null);
}
oheader.LastEdited = now;
oheader.ThreadLastEdited = now;
oheader.NoteSubject = inputModel.MySubject;
NoteContent oContent = await NoteDataManager
.GetNoteContent(_context, oheader.NoteFileId, 0, oheader.NoteOrdinal, oheader.ResponseOrdinal); //TODO
oContent.NoteBody = inputModel.MyNote;
oContent.DirectorMessage = inputModel.DirectorMessage;
return(await NoteDataManager
.EditNote(_context, _userManager, oheader, oContent, inputModel.TagLine));
}
public async Task <IActionResult> CreateNoteshelp()
{
await CreateNoteFile("noteshelp", "Help with Notes 2021");
NoteFile nf4 = await NoteDataManager.GetFileByName(_db, "noteshelp");
int padid = nf4.Id;
NoteAccess access = await AccessManager.GetOneAccess(_db, Globals.AccessOtherId(), padid, 0);
access.ReadAccess = true;
access.Respond = true;
access.Write = true;
_db.Entry(access).State = EntityState.Modified;
await _db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
public async Task <MemoryStream> GetFileAs(int id, bool id2)
{
string authHeader = Request.Headers["authentication"];
string[] auths = authHeader.Split(',');
IdentityUser me = await _userManager.FindByIdAsync(auths[1]);
UserData appMe = await _context.UserData.SingleAsync(p => p.UserId == me.Id);
if (String.Compare(auths[2], appMe.MyGuid, StringComparison.Ordinal) != 0)
{
return(null);
}
string userID = auths[1];
NoteAccess myAcc = await AccessManager.GetAccess(_context, userID, id, 0); //TODO
if (!myAcc.ReadAccess)
{
return(null);
}
ExportController myExp = new ExportController(_appEnv,
_userManager, _signInManager, _context);
Notes2021.Models.ExportViewModel model = new Notes2021.Models.ExportViewModel();
NoteFile nf = await NoteDataManager.GetFileById(_context, id);
model.NoteOrdinal = 0;
model.FileName = nf.NoteFileName;
model.FileNum = nf.Id;
model.directOutput = true;
model.isCollapsible = id2;
model.isHtml = id2;
IdentityUser applicationUser = await _userManager
.FindByEmailAsync(auths[0]);
await _signInManager.SignInAsync(applicationUser, false);
model.tzone = _context.TZone.Single(p => p.Id == appMe.TimeZoneID);
return(await myExp.DoExport(model, User, 0)); //TODO
}
