Exemple #1
0
        public async Task <IActionResult> EditPage([FromRoute] string path, CreatePageRequest req)
        {
            Infopage page = await Db.Infopages.SingleAsync(x => x.Path == path.Replace("%2F", "/", true, CultureInfo.InvariantCulture));

            if (!HttpContext.UserCan("kb.editpage.all") &&
                !(HttpContext.UserCan("kb.editpage.own") && ((int?)page.AuthorId ?? -1) == HttpContext.User.GetUserId()))
            {
                if (HttpContext.User.IsAnonymous())
                {
                    return(Challenge());
                }
                else
                {
                    return(Forbid());
                }
            }

            if (!ModelState.IsValid)
            {
                return(View(page));
            }

            if (!HttpContext.UserCan("kb.secrecy." + page.Secrecy.ToString()))
            {
                return(Forbid());
            }
            if (!HttpContext.UserCan("kb.secrecy." + ((byte)req.Secrecy).ToString()))
            {
                return(Forbid());
            }

            await Db.KBActivities.AddKBActivity(HttpContext, page.Id, new EditPageActivity()
            {
                OldName          = page.Name,
                NewName          = req.Name,
                OldTags          = page.Tags,
                NewTags          = req.Tags ?? "",
                OldContainedText = page.ContainedText,
                NewContainedText = req.Text,
                OldSecrecy       = page.Secrecy,
                NewSecrecy       = (byte)req.Secrecy
            });

            page.Name          = req.Name;
            page.Tags          = req.Tags ?? "";
            page.ContainedText = req.Text;
            page.Secrecy       = (byte)req.Secrecy;

            await Db.SaveChangesAsync();

            return(RedirectToAction("ViewPage", new { path = path.Replace("%2F", "/", true, CultureInfo.InvariantCulture) }));
        }
Exemple #2
0
        public async Task <IActionResult> Create([FromRoute] string path, CreatePageRequest req)
        {
            if (!ModelState.IsValid)
            {
                return(View((object)(path.Replace("%2F", "/", true, CultureInfo.InvariantCulture))));
            }
            if (!HttpContext.UserCan("kb.secrecy." + ((byte)req.Secrecy).ToString()))
            {
                return(Forbid());
            }
            var page = (await Db.Infopages.AddAsync(new Infopage()
            {
                AuthorId = HttpContext.User.IsAnonymous() ? null : new uint?((uint)HttpContext.User.GetUserId()),
                EditorId = HttpContext.User.IsAnonymous() ? null : new uint?((uint)HttpContext.User.GetUserId()),
                DateOfCreation = DateTime.UtcNow,
                DateOfEdit = DateTime.UtcNow,
                Path = path.Replace("%2F", "/", true, CultureInfo.InvariantCulture),
                Name = req.Name,
                Tags = req.Tags ?? "",
                ContainedText = req.Text,
                Secrecy = (byte)req.Secrecy
            })).Entity;

            await Db.KBActivities.AddKBActivity(HttpContext, 0, new CreatePageActivity()
            {
                Infopage      = page,
                Name          = req.Name,
                ContainedText = req.Text,
                Tags          = req.Tags ?? "",
                Secrecy       = (int?)req.Secrecy
            });

            await Db.SaveChangesAsync();

            return(RedirectToAction("ViewPage", new
            {
                path = path.Replace("%2F", "/", true, CultureInfo.InvariantCulture)
            }));
        }