async Task <IActionResult> generateAndSendNewPasswordAsync(User user)
{
var newPassword = 3.Times(_ => Global.Random.NextENWord().Capitalize()).Aggregate("");
var isSent = await S.EMail.TrySendMessageAsync(user, "Password reset", "New password", $@"Your new password is: {newPassword}
Please delete this message so that nobody can see it");
if (isSent)
{
user.PasswordHash = S.UserManager.PasswordHasher.HashPassword(user, newPassword);
var result = await S.UserManager.UpdateAsync(user);
await S.SignInManager.SignOutAsync();
await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.PASSWORD_RESET, user));
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage("New password has been sent to your E-Mail");
return(RedirectToPage("/Account/Login"));
}
else
{
return(reportError("Could not send the E-Mail"));
}
}
public async Task <IActionResult> AssignEntitiesAsync(EntitiesAssignModel model)
{
if (ModelState.IsValid)
{
var Owner = await S.Db.Users
.IncludeEntitiesToCheckSlim()
.FirstOrDefaultAsync(u => u.Id == model.ModeratorId);
await S.Permissions.ValidateAccessModeratorsPanelAsync(Owner);
var entities = Owner.ModeratorsGroup.EntitiesToCheck
.Where(e => !e.IsResolved)
.Take(model.NumOfEntitiesToAssign)
.ToArray();
foreach (var entity in entities)
{
entity.AssignedModerator = Owner;
entity.AssignationTime = DateTime.UtcNow;
}
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage($"{entities.Length} new entities were assigned to you");
return(RedirectToPage("/ModeratorPanel", new { id = Owner.Id }));
}
else
{
throw new Exception();
}
}
async Task <IActionResult> confirmEmail(User user)
{
if (user.EmailConfirmed)
{
return(RedirectToPage("/Index"));
}
else if (await S.Utilities.GetCurrentUserModelOrThrowAsync() != user)
{
return(reportError("You should be signed in in order this link to work"));
}
else
{
await S.Db.Entry(user).Reference(u => u.Status).LoadAsync();
user.EmailConfirmed = true;
user.Status.State = ProfileState.ACTIVE;
await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.EMAIL_CONFIRMED, user));
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage("Email has been confirmed!");
return(RedirectToPage("/Index"));
}
}
public async Task <IActionResult> OnPostBanAsync()
{
if (ModelState.IsValid)
{
if (BannedTill.ToUniversalTime() <= DateTime.UtcNow)
{
ModelState.AddModelError("", $"Selected date is less than current");
return(Page());
}
else
{
var targetUser = await S.UserManager.FindByIdAsync(UserId);
await S.Permissions.ValidateBanUserAsync(targetUser);
await S.Banning.BanAsync(targetUser, BannedTill, Reason);
LayoutModel.AddMessage($"User \"{targetUser.UserName}\" has been banned");
return(Redirect("/Index"));
}
}
else
{
return(Page());
}
}
public async Task <IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
var editingPost = await S.Db.Posts
.Include(p => p.Edits)
.Include(p => p.ModerationInfo)
.Include(p => p.Author)
.FirstOrDefaultAsync(p => p.Id == PostId);
await S.Permissions.ValidateEditPostAsync(editingPost);
var authorId = await S.Utilities.GetCurrentUserIdOrThrowAsync();
var author = await S.Db.Users
.Include(u => u.ModeratorsInChargeGroup)
.FirstOrDefaultAsync(u => u.Id == authorId);
if (!await S.Permissions.CanEditPostTitleAsync(editingPost))
{
Title = editingPost.Title;
}
var edit = new PostEdit(author, EditReason, DateTime.UtcNow, editingPost);
var sanitizedBody = await S.Sanitizer.SanitizePostBodyAsync(Body);
editingPost.Body = sanitizedBody;
editingPost.Title = Title;
editingPost.BodyPreview = getPostBodyPreview(sanitizedBody);
editingPost.Edits.Add(edit);
if (editingPost.ModerationInfo.State == ModerationState.MODERATION_NOT_PASSED)
{
editingPost.ModerationInfo.State = ModerationState.UNDER_MODERATION;
editingPost.ModerationInfo.StateReasoning = "Post was edited";
author.ModeratorsInChargeGroup.AddEntityToCheck(editingPost, CheckReason.NEED_MODERATION);
}
else if (editingPost.ModerationInfo.State == ModerationState.MODERATED)
{
author.ModeratorsInChargeGroup.AddEntityToCheck(editingPost, CheckReason.CHECK_REQUIRED);
}
await S.Repository.AddUserActionAsync(author, new UserAction(ActionType.POST_EDITED, editingPost));
await S.Db.SaveChangesAsync();
await S.CacheManager.ResetPostPageCacheAsync(PostId);
LayoutModel.AddMessage("Changes applied!");
return(RedirectToPage("/Post", new { id = editingPost.Id }));
}
else
{
return(Page());
}
}
public async Task <IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
autoSaveDbChanges = true;
var user = await S.Utilities.GetCurrentUserModelOrThrowAsync();
await S.Permissions.ValidateChangeEmailAsync(user);
await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.EMAIL_CHANGING, user));
if (NewEMail.ToUpperInvariant() == user.NormalizedEmail)
{
ModelState.AddModelError("", "Enter new e-mail");
return(Page());
}
var isPasswordValid = await S.UserManager.CheckPasswordAsync(user, Password);
if (!isPasswordValid)
{
#warning security problem
ModelState.AddModelError("", "Incorrect password");
return(Page());
}
var confirmationLink = await S.ConfirmationLinks.GetEMailChangeConfirmationLinkAsync(user, NewEMail);
var isSent = await S.EMail.TrySendMessageAsync(user, "E-Mail change", "Administration", $@"You are trying to change profile e-mail.
Current e-mail: {user.Email}
New e-mail: {NewEMail}
Follow this link to finish the operation: {confirmationLink}");
if (isSent)
{
LayoutModel.AddMessage($"Conformation link has been send to {NewEMail}");
return(Redirect(S.History.GetLastURL()));
}
else
{
LayoutModel.AddMessage("Couldn't send confirmation link. Try later.");
return(Page());
}
}
else
{
return(Page());
}
}
async Task <IActionResult> reportAsync(IReportable reportObject)
{
await S.Permissions.ValidateReportAsync(reportObject);
Report report;
var reportingUser = await S.UserManager.GetUserAsync(User);
if (reportObject is Post post)
{
report = new Report(reportingUser, post.Author, reportObject);
}
else if (reportObject is Profile profile)
{
var owner = await S.Db.Users.FirstOrDefaultAsync(u => u.Profile.Id == profile.Id);
report = new Report(reportingUser, owner, reportObject);
}
else if (reportObject is Commentary commentary)
{
report = new Report(reportingUser, commentary.Author, reportObject);
commentary.IsHidden = commentary.IsHidden
? true
: S.Decisions.ShouldHide(commentary);
}
else
{
throw new InvalidOperationException("Can't create report for object of such type");
}
S.Db.Reports.Add(report);
await S.Repository.AddUserActionAsync(reportingUser, new UserAction(ActionType.REPORT, reportObject));
if (S.Decisions.ShouldReportToModerator(reportObject))
{
var moderators = reportObject.Author.ModeratorsInChargeGroup;
var alreadyAdded = moderators.EntitiesToCheck.FirstOrDefault(e => e.Entity == reportObject);
if (alreadyAdded == null)
{
moderators.AddEntityToCheck(reportObject, CheckReason.TOO_MANY_REPORTS);
}
else
{
alreadyAdded.AddTime = DateTime.UtcNow;
}
}
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage("Report has been submitted");
return(Redirect(S.History.GetLastURL()));
}
public async Task <IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
IReportable reportObject;
if (CommentaryReportObjectId != null)
{
reportObject = await S.Db.Commentaries
.Include(o => o.Author)
.FirstAsync(c => c.Id == CommentaryReportObjectId.Value);
}
else if (PostReportObjectId != null)
{
reportObject = await S.Db.Posts
.Include(o => o.Author)
.FirstAsync(c => c.Id == PostReportObjectId.Value);
}
else if (ProfileReportObjectId != null)
{
reportObject = await S.Db.ProfilesInfos
.Include(o => o.Author)
.FirstAsync(c => c.Id == ProfileReportObjectId.Value);
}
else
{
throw new NotSupportedException();
}
await Permissions.ValidateReportViolationAsync(reportObject);
var currentUser = await S.Utilities.GetCurrentUserModelOrThrowAsync();
var violation = new Violation(currentUser, reportObject.Author, reportObject, Description);
var action = new UserAction(ActionType.VIOLATION_REPORTED, reportObject)
{
Author = currentUser
};
S.Db.UserRuleViolations.Add(violation);
S.Db.UsersActions.Add(action);
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage("Violation report has been submitted");
return(Redirect(S.History.GetLastURL()));
}
else
{
return(Page());
}
}
public async Task <IActionResult> UnbanAsync([Required] string userId)
{
if (ModelState.IsValid)
{
await S.Banning.UnbanAsync(userId);
LayoutModel.AddMessage($"User has been unbanned");
return(Redirect(S.History.GetLastURL()));
}
else
{
throw new Exception();
}
}
public async Task <IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
if (NewPassword == NewPasswordConfirmation)
{
var user = await S.Utilities.GetCurrentUserModelOrThrowAsync();
await S.Permissions.ValidateChangePasswordAsync(user);
await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.PASSWORD_CHANGING, user));
var result = await S.UserManager.ChangePasswordAsync(user, CurrentPassword, NewPassword);
if (result.Succeeded)
{
await S.SignInManager.SignOutAsync();
user.Actions.Add(new UserAction(ActionType.PASSWORD_CHANGED, user));
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage("Password has been changed");
return(RedirectToPage("/Account/Login", new { userName = user.UserName }));
}
else
{
LayoutModel.AddMessage("Could not change password");
return(Page());
}
}
else
{
ModelState.AddModelError("", "Passwords do not match");
return(Page());
}
}
else
{
return(Page());
}
}
public async Task <IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
await S.Permissions.ValidateMarkAsNotPassedModerationAsync(PostId);
await S.Moderation.MarkAsNotPassedModerationAsync(PostId, Reason);
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage("The post has been marked as not passed moderation");
return(RedirectToPage("/Post", new { id = PostId }));
}
else
{
throw new Exception();
}
}
public async Task <IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
var targetUser = await S.UserManager.FindByNameAsync(UserName);
if (targetUser == null || !await S.Permissions.CanResetPasswordAsync(targetUser))
{
return(RedirectToPage("/Errors/PasswordResetError"));
}
else
{
await S.Repository.AddUserActionAsync(targetUser, new UserAction(ActionType.PASSWORD_RESETING, targetUser));
var link = await _confirmation.GetPasswordResetConfirmationLinkAsync(targetUser);
var isSent = await _email.TrySendMessageAsync(targetUser, "Password reset", "Confirmation", $@"If you want to continue password reset, follow this link: {link}
After openning the link, new password will be sent to this E-Mail");
if (isSent)
{
targetUser.Status.LastPasswordRestoreAttempt = DateTime.UtcNow;
await S.UserManager.UpdateAsync(targetUser);
LayoutModel.AddMessage("Password reset confirmation link has been sent");
return(RedirectToPage("/Index"));
}
else
{
LayoutModel.AddMessage("Error while sending confirmation link");
return(Page());
}
}
}
else
{
return(Page());
}
}
public async Task <IActionResult> UpdateCommentaryAsync([Required] CommentaryEditinigModel model)
{
if (ModelState.IsValid)
{
var currentUser = await S.UserManager.GetUserAsync(User);
var commentary = await S.Db.Commentaries
.Include(c => c.Post)
.FirstOrDefaultAsync(c => c.Id == model.CommentaryId);
await S.Permissions.ValidateEditCommentaryAsync(commentary);
var user = await S.UserManager.GetUserAsync(User);
commentary.Body = model.Body;
commentary.Edits.Add(new CommentaryEdit(user, model.Reason, DateTime.UtcNow));
await S.Repository.AddUserActionAsync(currentUser, new UserAction(ActionType.COMMENTARY_EDIT, commentary));
await S.Db.SaveChangesAsync();
await S.CacheManager.ResetPostPageCacheAsync(commentary.Post.Id);
}
else
{
if (model.Reason == null)
{
LayoutModel.AddMessage("Edit reason is required");
}
else if (model.Body == null)
{
LayoutModel.AddMessage("Commentary body is required");
}
else
{
throw new Exception();
}
}
return(Redirect(S.History.GetLastURL()));
}
async Task <IActionResult> changeEMail(User user, string arguments)
{
if (arguments == null)
{
return(reportError("Bad arguments"));
}
else if (await S.Utilities.GetCurrentUserModelOrThrowAsync() != user)
{
return(reportError("You should log in in order this link to work"));
}
else
{
var newEmail = arguments;
user.Email = newEmail;
await S.Repository.AddUserActionAsync(user, new UserAction(ActionType.EMAIL_CHANGED, user));
await S.Db.SaveChangesAsync();
LayoutModel.AddMessage($"Email has been changed to {newEmail}");
return(RedirectToPage("/Account/Profile"));
}
}
IActionResult reportError(string message)
{
LayoutModel.AddMessage(message);
return(RedirectToPage("/Index"));
}
