public ActionResult NoPermission(Topic topic) { // Trying to be a sneaky mo fo, so tell them var message = new GenericMessageViewModel { Message = Lang("Errors.NoPermission"), MessageType = GenericMessages.Warning }; ShowMessage(message); return Redirect(topic.Url); }
public ActionResult GoogleLogin() { var resultMessage = new GenericMessageViewModel(); Callback = Request.QueryString["callback"]; ContentTypeAlias = Request.QueryString["contentTypeAlias"]; PropertyAlias = Request.QueryString["propertyAlias"]; Feature = Request.QueryString["feature"]; if (AuthState != null) { var stateValue = Session["Dialogue_" + AuthState] as NameValueCollection; if (stateValue != null) { Callback = stateValue["Callback"]; ContentTypeAlias = stateValue["ContentTypeAlias"]; PropertyAlias = stateValue["PropertyAlias"]; Feature = stateValue["Feature"]; } } if (string.IsNullOrEmpty(Dialogue.Settings().GoogleClientId) || string.IsNullOrEmpty(Dialogue.Settings().GoogleClientSecret)) { resultMessage.Message = "You need to add the Google app credentials"; resultMessage.MessageType = GenericMessages.Danger; } else { // Configure the OAuth client based on the options of the prevalue options var client = new GoogleOAuthClient { ClientId = Dialogue.Settings().GoogleClientId, ClientSecret = Dialogue.Settings().GoogleClientSecret, RedirectUri = ReturnUrl }; // Session expired? if (AuthState != null && Session["Dialogue_" + AuthState] == null) { resultMessage.Message = "Session Expired"; resultMessage.MessageType = GenericMessages.Danger; } // Check whether an error response was received from Google if (AuthError != null) { resultMessage.Message = AuthErrorDescription; resultMessage.MessageType = GenericMessages.Danger; if (AuthState != null) Session.Remove("Dialogue_" + AuthState); } // Redirect the user to the Google login dialog if (AuthCode == null) { // Generate a new unique/random state var state = Guid.NewGuid().ToString(); // Save the state in the current user session Session["Dialogue_" + state] = new NameValueCollection { { "Callback", Callback}, { "ContentTypeAlias", ContentTypeAlias}, { "PropertyAlias", PropertyAlias}, { "Feature", Feature} }; // Declare the scope var scope = new[] { GoogleScope.OpenId, GoogleScope.Email, GoogleScope.Profile }; // Construct the authorization URL var url = client.GetAuthorizationUrl(state, scope, GoogleAccessType.Offline, GoogleApprovalPrompt.Force); // Redirect the user return Redirect(url); } var info = new GoogleAccessTokenResponse(); try { info = client.GetAccessTokenFromAuthorizationCode(AuthCode); } catch (Exception ex) { resultMessage.Message = string.Format("Unable to acquire access token<br/>{0}", ex.Message); resultMessage.MessageType = GenericMessages.Danger; } try { // Initialize the Google service var service = GoogleService.CreateFromRefreshToken(client.ClientIdFull, client.ClientSecret, info.RefreshToken); // Get information about the authenticated user var user = service.GetUserInfo(); using (UnitOfWorkManager.NewUnitOfWork()) { var userExists = AppHelpers.UmbServices().MemberService.GetByEmail(user.Email); if (userExists != null) { // Update access token userExists.Properties[AppConstants.PropMemberGoogleAccessToken].Value = info.RefreshToken; AppHelpers.UmbServices().MemberService.Save(userExists); // Users already exists, so log them in FormsAuthentication.SetAuthCookie(userExists.Username, true); resultMessage.Message = Lang("Members.NowLoggedIn"); resultMessage.MessageType = GenericMessages.Success; } else { // Not registered already so register them var viewModel = new RegisterViewModel { Email = user.Email, LoginType = LoginType.Google, Password = AppHelpers.RandomString(8), UserName = user.Name, SocialProfileImageUrl = user.Picture, UserAccessToken = info.RefreshToken }; return RedirectToAction("MemberRegisterLogic", "DialogueLoginRegisterSurface", viewModel); } } } catch (Exception ex) { resultMessage.Message = string.Format("Unable to get user information<br/>{0}", ex.Message); resultMessage.MessageType = GenericMessages.Danger; } } ShowMessage(resultMessage); return RedirectToUmbracoPage(Dialogue.Settings().ForumId); }
public ActionResult PrivateMessages(DialoguePage page) { if (CurrentMember.DisablePrivateMessages) { var message = new GenericMessageViewModel { Message = Lang("Errors.NoPermission"), MessageType = GenericMessages.Danger }; ShowMessage(message); return Redirect(Settings.ForumRootUrl); } using (UnitOfWorkManager.NewUnitOfWork()) { var pageIndex = AppHelpers.ReturnCurrentPagingNo(); var pagedMessages = ServiceFactory.PrivateMessageService.GetPagedReceivedMessagesByUser(pageIndex, AppConstants.PrivateMessageListSize, CurrentMember); var viewModel = new PageListPrivateMessageViewModel(page) { ListPrivateMessageViewModel = new ListPrivateMessageViewModel { Messages = pagedMessages, PageIndex = pageIndex, TotalCount = pagedMessages.TotalCount }, PageTitle = Lang("PM.ReceivedPrivateMessages") }; return View(PathHelper.GetThemeViewPath("PrivateMessages"), viewModel); } }
public ActionResult UnBanMember() { //Check permission if (User.IsInRole(AppConstants.AdminRoleName) || CurrentMember.CanEditOtherMembers) { using (UnitOfWorkManager.NewUnitOfWork()) { var id = Request["id"]; if (id != null) { // Get the member var member = ServiceFactory.MemberService.Get(Convert.ToInt32(id)); var message = new GenericMessageViewModel { Message = Lang("Member.IsUnBanned"), MessageType = GenericMessages.Success }; try { ServiceFactory.MemberService.UnBanMember(member); } catch (Exception ex) { LogError(ex); message.MessageType = GenericMessages.Danger; message.Message = ex.Message; } ShowMessage(message); return Redirect(member.Url); } } } return ErrorToHomePage(Lang("Errors.NoPermission")); }
public ActionResult KillSpammer() { //Check permission if (User.IsInRole(AppConstants.AdminRoleName) || CurrentMember.CanEditOtherMembers) { using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { var id = Request["id"]; if (id != null) { // Get the member var member = ServiceFactory.MemberService.Get(Convert.ToInt32(id)); // Delete all their posts and votes and delete etc.. var worked = ServiceFactory.MemberService.DeleteAllAssociatedMemberInfo(member.Id, unitOfWork); // SAVE UOW var message = new GenericMessageViewModel { Message = Lang("Member.SpammerIsKilled"), MessageType = GenericMessages.Success }; try { // Clear the website and signature fields and ban them ServiceFactory.MemberService.KillSpammer(member); } catch (Exception ex) { LogError(ex); message.MessageType = GenericMessages.Danger; message.Message = ex.Message; } ShowMessage(message); return Redirect(member.Url); } } } return ErrorToHomePage(Lang("Errors.NoPermission")); }
public void ShowModelErrors() { var message = new GenericMessageViewModel(); var sb = new StringBuilder(); foreach (var modelState in ViewData.ModelState.Values) { foreach (var error in modelState.Errors) { sb.AppendFormat("<li>{0}</li>", error.ErrorMessage); } } var fullMessage = sb.ToString(); if (!string.IsNullOrEmpty(fullMessage)) { message.Message = string.Concat("<ul>", fullMessage, "</ul>"); message.MessageType = GenericMessages.Danger; ShowMessage(message); } }
public void ShowMessage(GenericMessageViewModel messageViewModel) { // We have to put it on two because some umbraco redirects only work with ViewData!! ViewData[AppConstants.MessageViewBagName] = messageViewModel; TempData[AppConstants.MessageViewBagName] = messageViewModel; }
public ActionResult Report(ReportPostViewModel viewModel) { if (Settings.EnableSpamReporting) { using (UnitOfWorkManager.NewUnitOfWork()) { var post = ServiceFactory.PostService.Get(viewModel.PostId); // Banned link? if (ServiceFactory.BannedLinkService.ContainsBannedLink(viewModel.Reason)) { ShowMessage(new GenericMessageViewModel { Message = Lang("Errors.BannedLink"), MessageType = GenericMessages.Danger }); return Redirect(post.Topic.Url); } var report = new Report { Reason = viewModel.Reason, ReportedPost = post, Reporter = CurrentMember }; ServiceFactory.ReportService.PostReport(report); var message= new GenericMessageViewModel { Message = Lang("Report.ReportSent"), MessageType = GenericMessages.Success }; ShowMessage(message); return Redirect(post.Topic.Url); } } return ErrorToHomePage(Lang("Errors.GenericMessage")); }
public ActionResult EditPost(EditPostViewModel editPostViewModel) { using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { // Got to get a lot of things here as we have to check permissions // Get the post var post = ServiceFactory.PostService.Get(editPostViewModel.Id); // Get the topic var topic = post.Topic; var category = ServiceFactory.CategoryService.Get(topic.CategoryId); topic.Category = category; // get the users permissions var permissions = ServiceFactory.PermissionService.GetPermissions(category, _membersGroup); if (post.MemberId == CurrentMember.Id || permissions[AppConstants.PermissionModerate].IsTicked) { // User has permission so update the post post.PostContent = AppHelpers.GetSafeHtml(ServiceFactory.BannedWordService.SanitiseBannedWords(editPostViewModel.Content)); post.DateEdited = DateTime.UtcNow; // if topic starter update the topic if (post.IsTopicStarter) { // if category has changed then update it if (topic.Category.Id != editPostViewModel.Category) { var cat = ServiceFactory.CategoryService.Get(editPostViewModel.Category); topic.Category = cat; } topic.IsLocked = editPostViewModel.IsLocked; topic.IsSticky = editPostViewModel.IsSticky; topic.Name = AppHelpers.GetSafeHtml(ServiceFactory.BannedWordService.SanitiseBannedWords(editPostViewModel.Name)); // See if there is a poll if (editPostViewModel.PollAnswers != null && editPostViewModel.PollAnswers.Count > 0) { // Now sort the poll answers, what to add and what to remove // Poll answers already in this poll. var postedIds = editPostViewModel.PollAnswers.Select(x => x.Id); //var existingAnswers = topic.Poll.PollAnswers.Where(x => postedIds.Contains(x.Id)).ToList(); var existingAnswers = editPostViewModel.PollAnswers.Where(x => topic.Poll.PollAnswers.Select(p => p.Id).Contains(x.Id)).ToList(); var newPollAnswers = editPostViewModel.PollAnswers.Where(x => !topic.Poll.PollAnswers.Select(p => p.Id).Contains(x.Id)).ToList(); var pollAnswersToRemove = topic.Poll.PollAnswers.Where(x => !postedIds.Contains(x.Id)).ToList(); // Loop through existing and update names if need be //TODO: Need to think about this in future versions if they change the name //TODO: As they could game the system by getting votes and changing name? foreach (var existPollAnswer in existingAnswers) { // Get the existing answer from the current topic var pa = topic.Poll.PollAnswers.FirstOrDefault(x => x.Id == existPollAnswer.Id); if (pa != null && pa.Answer != existPollAnswer.Answer) { // If the answer has changed then update it pa.Answer = existPollAnswer.Answer; } } // Loop through and remove the old poll answers and delete foreach (var oldPollAnswer in pollAnswersToRemove) { // Delete ServiceFactory.PollService.Delete(oldPollAnswer); // Remove from Poll topic.Poll.PollAnswers.Remove(oldPollAnswer); } // Poll answers to add foreach (var newPollAnswer in newPollAnswers) { var npa = new PollAnswer { Poll = topic.Poll, Answer = newPollAnswer.Answer }; ServiceFactory.PollService.Add(npa); topic.Poll.PollAnswers.Add(npa); } } else { // Need to check if this topic has a poll, because if it does // All the answers have now been removed so remove the poll. if (topic.Poll != null) { //Firstly remove the answers if there are any if (topic.Poll.PollAnswers != null && topic.Poll.PollAnswers.Any()) { var answersToDelete = new List<PollAnswer>(); answersToDelete.AddRange(topic.Poll.PollAnswers); foreach (var answer in answersToDelete) { // Delete ServiceFactory.PollService.Delete(answer); // Remove from Poll topic.Poll.PollAnswers.Remove(answer); } } // Now delete the poll var pollToDelete = topic.Poll; ServiceFactory.PollService.Delete(pollToDelete); // Remove from topic. topic.Poll = null; } } } // redirect back to topic var message = new GenericMessageViewModel { Message = Lang("Post.Updated"), MessageType = GenericMessages.Success }; try { unitOfWork.Commit(); ShowMessage(message); return Redirect(topic.Url); } catch (Exception ex) { unitOfWork.Rollback(); LogError(ex); throw new Exception(Lang("Errors.GenericError")); } } return NoPermission(topic); } }
public ActionResult FacebookLogin() { var resultMessage = new GenericMessageViewModel(); Callback = Request.QueryString["callback"]; ContentTypeAlias = Request.QueryString["contentTypeAlias"]; PropertyAlias = Request.QueryString["propertyAlias"]; if (AuthState != null) { var stateValue = Session["Dialogue_" + AuthState] as string[]; if (stateValue != null && stateValue.Length == 3) { Callback = stateValue[0]; ContentTypeAlias = stateValue[1]; PropertyAlias = stateValue[2]; } } // Get the prevalue options if (string.IsNullOrEmpty(Dialogue.Settings().FacebookAppId) || string.IsNullOrEmpty(Dialogue.Settings().FacebookAppSecret)) { resultMessage.Message = "You need to add the Facebook app credentials"; resultMessage.MessageType = GenericMessages.Danger; } else { // Settings valid move on // Configure the OAuth client based on the options of the prevalue options var client = new FacebookOAuthClient { AppId = Dialogue.Settings().FacebookAppId, AppSecret = Dialogue.Settings().FacebookAppSecret, RedirectUri = ReturnUrl }; // Session expired? if (AuthState != null && Session["Dialogue_" + AuthState] == null) { resultMessage.Message = "Session Expired"; resultMessage.MessageType = GenericMessages.Danger; } // Check whether an error response was received from Facebook if (AuthError != null) { resultMessage.Message = AuthErrorDescription; resultMessage.MessageType = GenericMessages.Danger; } // Redirect the user to the Facebook login dialog if (AuthCode == null) { // Generate a new unique/random state var state = Guid.NewGuid().ToString(); // Save the state in the current user session Session["Dialogue_" + state] = new[] { Callback, ContentTypeAlias, PropertyAlias }; // Construct the authorization URL var url = client.GetAuthorizationUrl(state, "public_profile", "email"); //"user_friends" // Redirect the user return Redirect(url); } // Exchange the authorization code for a user access token var userAccessToken = string.Empty; try { userAccessToken = client.GetAccessTokenFromAuthCode(AuthCode); } catch (Exception ex) { resultMessage.Message = string.Format("Unable to acquire access token<br/>{0}", ex.Message); resultMessage.MessageType = GenericMessages.Danger; } try { if (string.IsNullOrEmpty(resultMessage.Message)) { // Initialize the Facebook service (no calls are made here) var service = FacebookService.CreateFromAccessToken(userAccessToken); var user = service.Users.GetUser(); // Try to get the email - Some FB accounts have protected passwords var email = user.Body.Email; // TODO - Ignore if no email - Have to check PropMemberFacebookAccessToken has a value // TODO - and the me.UserName is there to match existing logged in accounts // First see if this user has registered already - Use email address using (UnitOfWorkManager.NewUnitOfWork()) { var userExists = AppHelpers.UmbServices().MemberService.GetByEmail(email); if (userExists != null) { // Update access token userExists.Properties[AppConstants.PropMemberFacebookAccessToken].Value = userAccessToken; AppHelpers.UmbServices().MemberService.Save(userExists); // Users already exists, so log them in FormsAuthentication.SetAuthCookie(userExists.Username, true); resultMessage.Message = Lang("Members.NowLoggedIn"); resultMessage.MessageType = GenericMessages.Success; } else { // Not registered already so register them var viewModel = new RegisterViewModel { Email = email, LoginType = LoginType.Facebook, Password = AppHelpers.RandomString(8), UserName = user.Body.Name, UserAccessToken = userAccessToken }; // Get the image and save it var getImageUrl = string.Format("http://graph.facebook.com/{0}/picture?type=square", user.Body.Id); viewModel.SocialProfileImageUrl = getImageUrl; //Large size photo https://graph.facebook.com/{facebookId}/picture?type=large //Medium size photo https://graph.facebook.com/{facebookId}/picture?type=normal //Small size photo https://graph.facebook.com/{facebookId}/picture?type=small //Square photo https://graph.facebook.com/{facebookId}/picture?type=square return RedirectToAction("MemberRegisterLogic", "DialogueLoginRegisterSurface", viewModel); } } } } catch (Exception ex) { resultMessage.Message = string.Format("Unable to get user information<br/>{0}", ex.Message); resultMessage.MessageType = GenericMessages.Danger; } } ShowMessage(resultMessage); return RedirectToUmbracoPage(Dialogue.Settings().ForumId); }
public ActionResult MemberRegisterLogic(RegisterViewModel userModel) { var forumReturnUrl = Settings.ForumRootUrl; var newMemberGroup = Settings.Group; if (userModel.ForumId != null && userModel.ForumId != Settings.ForumId) { var correctForum = Dialogue.Settings((int)userModel.ForumId); forumReturnUrl = correctForum.ForumRootUrl; newMemberGroup = correctForum.Group; } using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { // Secondly see if the email is banned if (ServiceFactory.BannedEmailService.EmailIsBanned(userModel.Email)) { ModelState.AddModelError(string.Empty, Lang("Error.EmailIsBanned")); if (userModel.LoginType != LoginType.Standard) { ShowModelErrors(); return Redirect(Settings.RegisterUrl); } return CurrentUmbracoPage(); } var userToSave = AppHelpers.UmbMemberHelper().CreateRegistrationModel(AppConstants.MemberTypeAlias); userToSave.Username = ServiceFactory.BannedWordService.SanitiseBannedWords(userModel.UserName); userToSave.Name = userToSave.Username; userToSave.UsernameIsEmail = false; userToSave.Email = userModel.Email; userToSave.Password = userModel.Password; var homeRedirect = false; MembershipCreateStatus createStatus; AppHelpers.UmbMemberHelper().RegisterMember(userToSave, out createStatus, false); if (createStatus != MembershipCreateStatus.Success) { ModelState.AddModelError(string.Empty, ServiceFactory.MemberService.ErrorCodeToString(createStatus)); } else { // Get the umbraco member var umbracoMember = AppHelpers.UmbServices().MemberService.GetByUsername(userToSave.Username); // Set the role/group they should be in AppHelpers.UmbServices().MemberService.AssignRole(umbracoMember.Id, newMemberGroup.Name); // See if this is a social login and we have their profile pic if (!string.IsNullOrEmpty(userModel.SocialProfileImageUrl)) { // We have an image url - Need to save it to their profile var image = AppHelpers.GetImageFromExternalUrl(userModel.SocialProfileImageUrl); // Upload folder path for member var uploadFolderPath = AppHelpers.GetMemberUploadPath(umbracoMember.Id); // Upload the file var uploadResult = AppHelpers.UploadFile(image, uploadFolderPath); // Don't throw error if problem saving avatar, just don't save it. if (uploadResult.UploadSuccessful) { umbracoMember.Properties[AppConstants.PropMemberAvatar].Value = string.Concat(VirtualPathUtility.ToAbsolute(AppConstants.UploadFolderPath), umbracoMember.Id, "/", uploadResult.UploadedFileName); } } // Now check settings, see if users need to be manually authorised // OR Does the user need to confirm their email var manuallyAuthoriseMembers = Settings.ManuallyAuthoriseNewMembers; var memberEmailAuthorisationNeeded = Settings.NewMembersMustConfirmAccountsViaEmail; if (manuallyAuthoriseMembers || memberEmailAuthorisationNeeded) { umbracoMember.IsApproved = false; } // Store access token for social media account in case we want to do anything with it if (userModel.LoginType == LoginType.Facebook) { umbracoMember.Properties[AppConstants.PropMemberFacebookAccessToken].Value = userModel.UserAccessToken; } if (userModel.LoginType == LoginType.Google) { umbracoMember.Properties[AppConstants.PropMemberGoogleAccessToken].Value = userModel.UserAccessToken; } // Do a save on the member AppHelpers.UmbServices().MemberService.Save(umbracoMember); if (Settings.EmailAdminOnNewMemberSignup) { var sb = new StringBuilder(); sb.AppendFormat("<p>{0}</p>", string.Format(Lang("Members.NewMemberRegistered"), Settings.ForumName, Settings.ForumRootUrl)); sb.AppendFormat("<p>{0} - {1}</p>", userToSave.Username, userToSave.Email); var email = new Email { EmailTo = Settings.AdminEmailAddress, EmailFrom = Settings.NotificationReplyEmailAddress, NameTo = Lang("Members.Admin"), Subject = Lang("Members.NewMemberSubject") }; email.Body = ServiceFactory.EmailService.EmailTemplate(email.NameTo, sb.ToString()); ServiceFactory.EmailService.SendMail(email); } // Fire the activity Service ServiceFactory.ActivityService.MemberJoined(MemberMapper.MapMember(umbracoMember)); var userMessage = new GenericMessageViewModel(); // Set the view bag message here if (manuallyAuthoriseMembers) { userMessage.Message = Lang("Members.NowRegisteredNeedApproval"); userMessage.MessageType = GenericMessages.Success; } else if (memberEmailAuthorisationNeeded) { userMessage.Message = Lang("Members.MemberEmailAuthorisationNeeded"); userMessage.MessageType = GenericMessages.Success; } else { // If not manually authorise then log the user in FormsAuthentication.SetAuthCookie(userToSave.Username, true); userMessage.Message = Lang("Members.NowRegistered"); userMessage.MessageType = GenericMessages.Success; } //Show the message ShowMessage(userMessage); if (!manuallyAuthoriseMembers && !memberEmailAuthorisationNeeded) { homeRedirect = true; } try { unitOfWork.Commit(); // Only send the email if the admin is not manually authorising emails or it's pointless SendEmailConfirmationEmail(umbracoMember); if (homeRedirect && !string.IsNullOrEmpty(forumReturnUrl)) { if (Url.IsLocalUrl(userModel.ReturnUrl) && userModel.ReturnUrl.Length > 1 && userModel.ReturnUrl.StartsWith("/") && !userModel.ReturnUrl.StartsWith("//") && !userModel.ReturnUrl.StartsWith("/\\")) { return Redirect(userModel.ReturnUrl); } return Redirect(forumReturnUrl); } } catch (Exception ex) { unitOfWork.Rollback(); LogError("Eror during member registering", ex); FormsAuthentication.SignOut(); ModelState.AddModelError(string.Empty, ex.Message); } } if (userModel.LoginType != LoginType.Standard) { ShowModelErrors(); return Redirect(Settings.RegisterUrl); } return CurrentUmbracoPage(); } }
public ActionResult LogOn(LogOnViewModel model) { try { if (ModelState.IsValid) { var message = new GenericMessageViewModel(); var user = new Member(); if (ServiceFactory.MemberService.Login(model.UserName, model.Password)) { // Set last login date user = ServiceFactory.MemberService.Get(model.UserName); if (user.IsApproved && !user.IsLockedOut) { if (Url.IsLocalUrl(model.ReturnUrl) && model.ReturnUrl.Length > 1 && model.ReturnUrl.StartsWith("/") && !model.ReturnUrl.StartsWith("//") && !model.ReturnUrl.StartsWith("/\\")) { return Redirect(model.ReturnUrl); } message.Message = Lang("Members.NowLoggedIn"); message.MessageType = GenericMessages.Success; return RedirectToUmbracoPage(Dialogue.Settings().ForumId); } } // Only show if we have something to actually show to the user if (!string.IsNullOrEmpty(message.Message)) { ShowMessage(message); } else { if (user.IsApproved) { ModelState.AddModelError(string.Empty, Lang("Members.Errors.NotApproved")); } else if (user.IsLockedOut) { ModelState.AddModelError(string.Empty, Lang("Members.Errors.LockedOut")); } else { ModelState.AddModelError(string.Empty, Lang("Members.Errors.LogonGeneric")); } } } else { ModelState.AddModelError(string.Empty, Lang("Members.Errors.LogonGeneric")); } } catch (Exception ex) { LogError("Error when user logging in", ex); } // Hack to show form validation ShowModelErrors(); return CurrentUmbracoPage(); }
public ActionResult UploadPostFiles(AttachFileToPostViewModel attachFileToPostViewModel) { if (attachFileToPostViewModel != null && attachFileToPostViewModel.Files != null) { using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { var message = new GenericMessageViewModel(); // First this to do is get the post var post = ServiceFactory.PostService.Get(attachFileToPostViewModel.UploadPostId); // Check we get a valid post back and have some file if (post != null && attachFileToPostViewModel.Files != null) { Topic topic = null; try { // Now get the topic topic = post.Topic; // Now get the category var category = ServiceFactory.CategoryService.Get(topic.CategoryId); // Get the permissions for this category, and check they are allowed to update and // not trying to be a sneaky mofo var permissions = ServiceFactory.PermissionService.GetPermissions(category, _membersGroup); if (permissions[AppConstants.PermissionAttachFiles].IsTicked == false && CurrentMember.DisableFileUploads != true) { return ErrorToHomePage(Lang("Errors.NoPermission")); } // woot! User has permission and all seems ok // Before we save anything, check the user already has an upload folder and if not create one var uploadFolderPath = Server.MapPath(string.Concat(AppConstants.UploadFolderPath, CurrentMember.Id)); if (!Directory.Exists(uploadFolderPath)) { Directory.CreateDirectory(uploadFolderPath); } // Loop through each file and get the file info and save to the users folder and Db foreach (var file in attachFileToPostViewModel.Files) { if (file != null) { // If successful then upload the file var uploadResult = AppHelpers.UploadFile(file, uploadFolderPath); if (!uploadResult.UploadSuccessful) { message.Message = uploadResult.ErrorMessage; message.MessageType = GenericMessages.Danger; ShowMessage(message); return Redirect(topic.Url); } // Add the filename to the database var uploadedFile = new UploadedFile { Filename = uploadResult.UploadedFileName, Post = post, MemberId = CurrentMember.Id }; ServiceFactory.UploadedFileService.Add(uploadedFile); } } //Commit unitOfWork.Commit(); // Redirect to the topic with a success message message.Message = Lang("Post.FilesUploaded"); message.MessageType = GenericMessages.Success; ShowMessage(message); return Redirect(topic.Url); } catch (Exception ex) { unitOfWork.Rollback(); LogError(ex); message.Message = Lang("Errors.GenericMessage"); message.MessageType = GenericMessages.Danger; ShowMessage(message); return topic != null ? Redirect(topic.Url) : ErrorToHomePage(Lang("Errors.GenericMessage")); } } } } // Else return with error to home page return ErrorToHomePage(Lang("Errors.GenericMessage")); }
public ActionResult DeleteUploadedFile(Guid id) { if (id != Guid.Empty) { using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { Topic topic = null; var message = new GenericMessageViewModel(); try { // Get the file and associated objects we'll need var uploadedFile = ServiceFactory.UploadedFileService.Get(id); var post = uploadedFile.Post; topic = post.Topic; if (_membersGroup.Name == AppConstants.AdminRoleName || uploadedFile.MemberId == CurrentMember.Id) { // Ok to delete file // Remove it from the post post.Files.Remove(uploadedFile); // store the file path as we'll need it to delete on the file system var filePath = uploadedFile.FilePath; // Now delete it ServiceFactory.UploadedFileService.Delete(uploadedFile); // And finally delete from the file system System.IO.File.Delete(Server.MapPath(filePath)); } else { message.Message = Lang("Errors.NoPermission"); message.MessageType = GenericMessages.Danger; ShowMessage(message); Redirect(topic.Url); } //Commit unitOfWork.Commit(); message.Message = Lang("Post.FileSuccessfullyDeleted"); message.MessageType = GenericMessages.Success; ShowMessage(message); return Redirect(topic.Url); } catch (Exception ex) { unitOfWork.Rollback(); LogError(ex); message.Message = Lang("Errors.GenericMessage"); message.MessageType = GenericMessages.Danger; ShowMessage(message); return topic != null ? Redirect(topic.Url) : ErrorToHomePage(Lang("Errors.GenericMessage")); } } } return ErrorToHomePage(Lang("Errors.GenericMessage")); }