public async Task <ActionResult> ModeratorDelete(string subverse, int submissionID)
{
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.DeletePosts))
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.Unauthorized)));
}
//New Domain Submission
//var q = new QuerySubmission(submissionID);
//var s = await q.ExecuteAsync();
//Legacy Data Submission (Since views expect this type, we use it for now)
var s = DataCache.Submission.Retrieve(submissionID);
ViewBag.Submission = s;
if (s == null)
{
ModelState.AddModelError("", "Can not find submission. Is it hiding?");
return(View(new ModeratorDeleteContentViewModel()));
}
if (s.IsDeleted)
{
ModelState.AddModelError("", "Can not delete a deleted post. Do you have no standards?");
}
return(View(new ModeratorDeleteContentViewModel()
{
ID = s.ID
}));
}
public async Task <ActionResult> AddBan([Bind("Id,Subverse,UserName,Reason")] SubverseBan subverseBan)
{
if (!ModelState.IsValid)
{
return(View(subverseBan));
}
//check perms
if (!ModeratorPermission.HasPermission(User, subverseBan.Subverse, Domain.Models.ModeratorAction.Banning))
{
return(RedirectToAction("Index", "Home"));
}
var cmd = new SubverseBanCommand(subverseBan.UserName, subverseBan.Subverse, subverseBan.Reason, true).SetUserContext(User);
var result = await cmd.Execute();
if (result.Success)
{
return(RedirectToAction("SubverseBans"));
}
else
{
ModelState.AddModelError(string.Empty, result.Message);
ViewBag.SubverseName = subverseBan.Subverse;
ViewBag.SelectedSubverse = string.Empty;
SetNavigationViewModel(subverseBan.Subverse);
return(View("~/Views/Subverses/Admin/AddBan.cshtml",
new SubverseBanViewModel
{
UserName = subverseBan.UserName,
Reason = subverseBan.Reason
}));
}
}
public async Task <ActionResult> ModeratorDelete(string subverse, int submissionID, int commentID)
{
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.DeleteComments))
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.Unauthorized)));
}
var q = new QueryComment(commentID);
var comment = await q.ExecuteAsync();
if (comment == null || comment.SubmissionID != submissionID)
{
ModelState.AddModelError("", "Can not find comment. Who did this?");
return(View(new ModeratorDeleteContentViewModel()));
}
if (!comment.Subverse.IsEqual(subverse))
{
ModelState.AddModelError("", "Data mismatch detected");
return(View(new ModeratorDeleteContentViewModel()));
}
ViewBag.Comment = comment;
return(View(new ModeratorDeleteContentViewModel()
{
ID = commentID
}));
}
public ActionResult ClearLinkFlair(int?submissionID)
{
if (submissionID == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
// get model for selected submission
var submissionModel = _db.Submissions.Find(submissionID);
if (submissionModel == null || submissionModel.IsDeleted)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
// check if caller is subverse moderator, if not, deny posting
if (!ModeratorPermission.HasPermission(User.Identity.Name, submissionModel.Subverse, Domain.Models.ModeratorAction.AssignFlair))
{
return(new HttpUnauthorizedResult());
}
// clear flair and save submission
submissionModel.FlairCss = null;
submissionModel.FlairLabel = null;
_db.SaveChanges();
DataCache.Submission.Remove(submissionID.Value);
return(new HttpStatusCodeResult(HttpStatusCode.OK));
}
public ActionResult RecallModeratorInvitation(int?invitationId)
{
if (invitationId == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
var moderatorInvitation = _db.ModeratorInvitation.Find(invitationId);
if (moderatorInvitation == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
if (!ModeratorPermission.HasPermission(User, moderatorInvitation.Subverse, Domain.Models.ModeratorAction.InviteMods))
{
return(RedirectToAction("SubverseModerators"));
}
//make sure mods can't remove invites
var currentModLevel = ModeratorPermission.Level(User, moderatorInvitation.Subverse);
if (moderatorInvitation.Power <= (int)currentModLevel && currentModLevel != Domain.Models.ModeratorLevel.Owner)
{
return(RedirectToAction("SubverseModerators"));
}
ViewBag.SubverseName = moderatorInvitation.Subverse;
SetNavigationViewModel(moderatorInvitation.Subverse);
return(View("~/Views/Subverses/Admin/RecallModeratorInvitation.cshtml", moderatorInvitation));
}
public async Task <CommandResponse <string> > RegenerateThumbnail(int submissionID)
{
DemandAuthentication();
// get model for selected submission
var submission = _db.Submission.Find(submissionID);
var response = CommandResponse.FromStatus(Status.Error);
if (submission == null || submission.IsDeleted)
{
return(CommandResponse.FromStatus("", Status.Error, "Submission is missing or deleted"));
}
var subverse = submission.Subverse;
// check if caller is subverse moderator, if not, deny change
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.AssignFlair))
{
return(CommandResponse.FromStatus("", Status.Denied, "Moderator Permissions are not satisfied"));
}
try
{
throw new NotImplementedException();
await _db.SaveChangesAsync();
return(CommandResponse.FromStatus("", Status.Success));
}
catch (Exception ex)
{
return(CommandResponse.Error <CommandResponse <string> >(ex));
}
}
public ActionResult SubverseStylesheetEditor(string subverse)
{
var subverseObject = DataCache.Subverse.Retrieve(subverse);
if (subverseObject == null)
{
ViewBag.SelectedSubverse = "404";
return(ErrorView(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
}
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.ModifyCSS))
{
return(RedirectToAction("Index", "Home"));
}
// map existing data to view model for editing and pass it to frontend
var viewModel = new SubverseStylesheetViewModel
{
Name = subverseObject.Name,
Stylesheet = subverseObject.Stylesheet
};
ViewBag.SelectedSubverse = string.Empty;
ViewBag.SubverseName = subverseObject.Name;
SetNavigationViewModel(subverseObject.Name);
return(View("~/Views/Subverses/Admin/SubverseStylesheetEditor.cshtml", viewModel));
}
public async Task <CommandResponse <bool> > ToggleNSFW(int submissionID)
{
DemandAuthentication();
// get model for selected submission
var submission = _db.Submission.Find(submissionID);
var response = CommandResponse.FromStatus(Status.Error);
if (submission == null || submission.IsDeleted)
{
return(CommandResponse.FromStatus(false, Status.Error, "Submission is missing or deleted"));
}
var subverse = submission.Subverse;
if (!User.Identity.Name.IsEqual(submission.UserName))
{
// check if caller is subverse moderator, if not, deny change
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.AssignFlair))
{
return(CommandResponse.FromStatus(false, Status.Denied, "Moderator Permissions are not satisfied"));
}
}
try
{
submission.IsAdult = !submission.IsAdult;
await _db.SaveChangesAsync();
return(CommandResponse.FromStatus(submission.IsAdult, Status.Success));
}
catch (Exception ex)
{
return(CommandResponse.Error <CommandResponse <bool> >(ex));
}
}
public ActionResult RemoveModerator(int?id)
{
if (id == null)
{
return(ErrorView(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
var subModerator = _db.SubverseModerator.Find(id);
if (subModerator == null)
{
return(RedirectToAction("NotFound", "Error"));
}
if (!ModeratorPermission.HasPermission(User, subModerator.Subverse, Domain.Models.ModeratorAction.RemoveMods))
{
return(RedirectToAction("Index", "Home"));
}
ViewBag.SelectedSubverse = string.Empty;
ViewBag.SubverseName = subModerator.Subverse;
SetNavigationViewModel(subModerator.Subverse);
return(View("~/Views/Subverses/Admin/RemoveModerator.cshtml", subModerator));
}
public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
{
var data = String.Join(",", JArray.Load(reader).Select(t => t.ToString()).ToArray());
ModeratorPermission result = ModeratorPermission.None;
//var valid = Enum.TryParse(data, true, out result);
var valid = true;
try
{
result = (ModeratorPermission)Enum.Parse(typeof(ModeratorPermission), data);
}
catch (Exception)
{
valid = false;
}
if (!valid)
{
result = ModeratorPermission.None;
}
return(result);
}
public ActionResult SubverseBans(string subverse, int?page)
{
const int pageSize = 25;
int pageNumber = (page ?? 0);
if (pageNumber < 0)
{
return(ErrorView(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
}
// get model for selected subverse
var subverseObject = DataCache.Subverse.Retrieve(subverse);
if (subverseObject == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.Banning))
{
return(RedirectToAction("Index", "Home"));
}
var subverseBans = _db.SubverseBan.Where(n => n.Subverse == subverse).OrderByDescending(s => s.CreationDate);
var paginatedSubverseBans = new PaginatedList <SubverseBan>(subverseBans, page ?? 0, pageSize);
ViewBag.SubverseModel = subverseObject;
ViewBag.SubverseName = subverse;
ViewBag.SelectedSubverse = string.Empty;
SetNavigationViewModel(subverseObject.Name);
return(View("~/Views/Subverses/Admin/SubverseBans.cshtml", paginatedSubverseBans));
}
public ActionResult ClearLinkFlair(int?submissionID)
{
if (submissionID == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
// get model for selected submission
var submissionModel = _db.Submission.Find(submissionID);
if (submissionModel == null || submissionModel.IsDeleted)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
// check if caller is subverse moderator, if not, deny posting
if (!ModeratorPermission.HasPermission(User, submissionModel.Subverse, Domain.Models.ModeratorAction.AssignFlair))
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.Unauthorized)));
}
// clear flair and save submission
submissionModel.FlairCss = null;
submissionModel.FlairLabel = null;
_db.SaveChanges();
DataCache.Submission.Remove(submissionID.Value);
return(JsonResult(CommandResponse.FromStatus(Status.Success)));
//return new HttpStatusCodeResult(HttpStatusCode.OK);
}
public async Task <ActionResult> RemoveLinkFlair(int id)
{
// get link flair for selected subverse
var linkFlairToRemove = await _db.SubverseFlair.FindAsync(id);
if (linkFlairToRemove == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
var subverse = DataCache.Subverse.Retrieve(linkFlairToRemove.Subverse);
if (subverse == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
// check if caller has clearance to remove a link flair
if (!ModeratorPermission.HasPermission(User, subverse.Name, Domain.Models.ModeratorAction.ModifyFlair))
{
return(RedirectToAction("Index", "Home"));
}
// execute removal
var subverseFlairSetting = await _db.SubverseFlair.FindAsync(id);
_db.SubverseFlair.Remove(subverseFlairSetting);
await _db.SaveChangesAsync();
//clear cache
CacheHandler.Instance.Remove(CachingKey.SubverseFlair(subverse.Name));
return(RedirectToAction("SubverseFlairSettings"));
}
public ActionResult RemoveBan(string subverse, int?id)
{
if (id == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
}
// check if caller is subverse owner, if not, deny listing
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.Banning))
{
return(RedirectToAction("Index", "Home"));
}
var subverseBan = _db.SubverseBan.Find(id);
if (subverseBan == null)
{
return(RedirectToAction("NotFound", "Error"));
}
ViewBag.SelectedSubverse = string.Empty;
ViewBag.SubverseName = subverseBan.Subverse;
SetNavigationViewModel(subverseBan.Subverse);
return(View("~/Views/Subverses/Admin/RemoveBan.cshtml", subverseBan));
}
public ActionResult ApplyLinkFlair(int?submissionID, int?flairId)
{
if (submissionID == null || flairId == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
var submission = _db.Submissions.Find(submissionID);
if (submission == null || submission.IsDeleted)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
if (!ModeratorPermission.HasPermission(User.Identity.Name, submission.Subverse, Domain.Models.ModeratorAction.AssignFlair))
{
return(new HttpUnauthorizedResult());
}
// find flair by id, apply it to submission
var flairModel = _db.SubverseFlairs.Find(flairId);
if (flairModel == null || flairModel.Subverse != submission.Subverse)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
// apply flair and save submission
submission.FlairCss = flairModel.CssClass;
submission.FlairLabel = flairModel.Label;
_db.SaveChanges();
DataCache.Submission.Remove(submissionID.Value);
return(new HttpStatusCodeResult(HttpStatusCode.OK));
}
public ActionResult Compose()
{
ViewBag.PmView = "compose";
ViewBag.Title = "Compose";
var recipient = Request.Params["recipient"];
var subject = Request.Params["subject"];
var subverse = (string)RouteData.Values["subverse"];
var model = new NewMessageViewModel()
{
Recipient = recipient, Subject = subject
};
var userData = UserData;
model.RequireCaptcha = userData.Information.CommentPoints.Sum < Settings.MinimumCommentPointsForCaptchaMessaging && !Settings.CaptchaDisabled;
if (!string.IsNullOrEmpty(subverse))
{
if (!ModeratorPermission.HasPermission(User.Identity.Name, subverse, ModeratorAction.SendMail))
{
return(RedirectToAction("Home", "Index"));
}
ViewBag.PmView = "mod";
model.Sender = UserDefinition.Format(subverse, IdentityType.Subverse);
}
// return compose view
return(View(model));
}
public ActionResult SubverseFlairSettings(string subverse)
{
// get model for selected subverse
var subverseObject = DataCache.Subverse.Retrieve(subverse);
if (subverseObject == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
//return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
// check if caller is authorized for this sub, if not, deny listing
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.ModifyFlair))
{
return(RedirectToAction("Index", "Home"));
}
var subverseFlairsettings = _db.SubverseFlair
.Where(n => n.Subverse == subverse)
.Take(20)
.OrderBy(s => s.ID)
.ToList();
ViewBag.SubverseModel = subverseObject;
ViewBag.SubverseName = subverse;
ViewBag.SelectedSubverse = string.Empty;
SetNavigationViewModel(subverseObject.Name);
return(View("~/Views/Subverses/Admin/Flair/FlairSettings.cshtml", subverseFlairsettings));
}
public async Task <ActionResult> ModeratorDelete(string subverse, int submissionID, ModeratorDeleteContentViewModel model)
{
var q = new QueryComment(model.ID);
var comment = await q.ExecuteAsync();
if (comment == null || comment.SubmissionID != submissionID)
{
ModelState.AddModelError("", "Can not find comment. Who did this?");
return(View(new ModeratorDeleteContentViewModel()));
}
if (!ModeratorPermission.HasPermission(User.Identity.Name, comment.Subverse, Domain.Models.ModeratorAction.DeleteComments))
{
return(new HttpUnauthorizedResult());
}
if (!ModelState.IsValid)
{
return(View(model));
}
var cmd = new DeleteCommentCommand(model.ID, model.Reason);
var r = await cmd.Execute();
if (r.Success)
{
return(RedirectToRoute("SubverseCommentsWithSort_Short", new { subverseName = subverse, submissionID = submissionID }));
}
else
{
ModelState.AddModelError("", r.Message);
return(View(model));
}
}
public async Task <ActionResult> SubverseLinkFlairs(string subverse, int?id)
{
// get model for selected subverse
var subverseObject = DataCache.Subverse.Retrieve(subverse);
if (subverseObject == null || id == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
}
var submission = DataCache.Submission.Retrieve(id);
if (submission == null || submission.Subverse != subverse)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.NotFound)));
}
// check if caller is subverse owner or moderator, if not, deny listing
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.AssignFlair))
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.Unauthorized)));
}
var q = new QuerySubverseFlair(subverseObject.Name);
var flairs = await q.ExecuteAsync();
ViewBag.SubmissionId = id;
ViewBag.SubverseName = subverse;
return(PartialView("~/Views/AjaxViews/_LinkFlairSelectDialog.cshtml", flairs));
}
public async Task <ActionResult> SubverseStylesheetEditor(SubverseStylesheetViewModel model)
{
try
{
if (!ModelState.IsValid)
{
SetNavigationViewModel(model.Name);
return(View("~/Views/Subverses/Admin/SubverseStylesheetEditor.cshtml"));
}
var existingSubverse = _db.Subverse.FirstOrDefault(x => x.Name.ToUpper() == model.Name.ToUpper());
// check if subverse exists before attempting to edit it
if (existingSubverse != null)
{
SetNavigationViewModel(model.Name);
// check if user requesting edit is authorized to do so for current subverse
// check that the user requesting to edit subverse settings is subverse owner!
if (!ModeratorPermission.HasPermission(User, existingSubverse.Name, Domain.Models.ModeratorAction.ModifyCSS))
{
return(new EmptyResult());
}
if (!String.IsNullOrEmpty(model.Stylesheet))
{
if (model.Stylesheet.Length < 50001)
{
existingSubverse.Stylesheet = model.Stylesheet;
}
else
{
ModelState.AddModelError(string.Empty, "Sorry, custom CSS limit is set to 50000 characters.");
return(View("~/Views/Subverses/Admin/SubverseStylesheetEditor.cshtml"));
}
}
else
{
existingSubverse.Stylesheet = model.Stylesheet;
}
await _db.SaveChangesAsync();
//purge new minified CSS
CacheHandler.Instance.Remove(CachingKey.SubverseStylesheet(existingSubverse.Name));
CacheHandler.Instance.Remove(CachingKey.Subverse(existingSubverse.Name));
// go back to this subverse
return(RedirectToRoute(Models.ROUTE_NAMES.SUBVERSE_INDEX, new { subverse = model.Name }));
}
ModelState.AddModelError(string.Empty, "Sorry, The subverse you are trying to edit does not exist.");
return(View("~/Views/Subverses/Admin/SubverseStylesheetEditor.cshtml", model));
}
catch (Exception ex)
{
EventLogger.Instance.Log(ex);
ModelState.AddModelError(string.Empty, "Something bad happened.");
return(View("~/Views/Subverses/Admin/SubverseStylesheetEditor.cshtml", model));
}
}
protected override RuleOutcome EvaluateRule(VoatRuleContext context)
{
//bool isModerator = context.UserData.Information.Moderates.Any(x => x.Subverse.Equals(context.Subverse.Name, StringComparison.OrdinalIgnoreCase));
bool isModerator = ModeratorPermission.IsModerator(context.User, context.Subverse.Name, null);
// check posting quotas if user is posting to subs they do not moderate
if (!isModerator)
{
// reject if user has reached global daily submission quota
if (UserDailyGlobalPostingQuotaUsed(context))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your daily global submission quota"));
}
// reject if user has reached global hourly submission quota
if (UserHourlyGlobalPostingQuotaUsed(context))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your hourly global submission quota"));
}
// check if user has reached hourly posting quota for target subverse
if (UserHourlyPostingQuotaForSubUsed(context, context.Subverse.Name))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your hourly submission quota for this subverse"));
}
// check if user has reached daily posting quota for target subverse
if (UserDailyPostingQuotaForSubUsed(context, context.Subverse.Name))
{
return(CreateOutcome(RuleResult.Denied, "You have reached your daily submission quota for this subverse"));
}
if (context.Subverse.IsAuthorizedOnly)
{
return(CreateOutcome(RuleResult.Denied, "You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization"));
}
}
Domain.Models.UserSubmission userSubmission = context.PropertyBag.UserSubmission;
if (userSubmission.Type == Domain.Models.SubmissionType.Link)
{
using (var repo = new Data.Repository())
{
int crossPostCount = repo.FindUserLinkSubmissionCount(context.UserName, userSubmission.Url, TimeSpan.FromDays(1));
if (crossPostCount >= VoatSettings.Instance.DailyCrossPostingQuota)
{
return(CreateOutcome(RuleResult.Denied, "You have reached your daily crossposting quota for this Url"));
}
}
//Old code
//if (UserHelper.DailyCrossPostingQuotaUsed(userName, submissionModel.Content))
//{
// // ABORT
// return ("You have reached your daily crossposting quota for this URL.");
//}
}
return(Allowed);
}
public async Task <CommandResponse <Comment> > DistinguishComment(int commentID)
{
DemandAuthentication();
var response = CommandResponse.FromStatus <Comment>(null, Status.Invalid);
var comment = await this.GetComment(commentID);
if (comment != null)
{
// check to see if request came from comment author
if (User.Identity.Name == comment.UserName)
{
// check to see if comment author is also sub mod or sub admin for comment sub
if (ModeratorPermission.HasPermission(User, comment.Subverse, ModeratorAction.DistinguishContent))
{
var m = new DapperMulti();
var u = new DapperUpdate();
//u.Update = $"{SqlFormatter.Table("Comment")} SET \"IsDistinguished\" = {SqlFormatter.ToggleBoolean("\"IsDistinguished\"")}";
u.Update = SqlFormatter.UpdateSetBlock($"\"IsDistinguished\" = {SqlFormatter.ToggleBoolean("\"IsDistinguished\"")}", SqlFormatter.Table("Comment"));
u.Where = "\"ID\" = @id";
u.Parameters.Add("id", commentID);
m.Add(u);
var s = new DapperQuery();
s.Select = $"\"IsDistinguished\" FROM {SqlFormatter.Table("Comment")}";
s.Where = "\"ID\" = @id";
m.Add(s);
//ProTip: The actual execution of code is important.
var result = await _db.Connection.ExecuteScalarAsync <bool>(m.ToCommandDefinition());
comment.IsDistinguished = result;
response = CommandResponse.FromStatus(comment, Status.Success);
}
else
{
response.Message = "User does not have permissions to distinquish content";
response.Status = Status.Denied;
}
}
else
{
response.Message = "User can only distinquish owned content";
response.Status = Status.Denied;
}
}
else
{
response.Message = "Comment can not be found";
response.Status = Status.Denied;
}
return(response);
}
public ActionResult ToggleSticky(int submissionID)
{
// get model for selected submission
var submissionModel = _db.Submissions.Find(submissionID);
if (submissionModel == null || submissionModel.IsDeleted)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
// check if caller is subverse moderator, if not, deny change
if (!ModeratorPermission.HasPermission(User.Identity.Name, submissionModel.Subverse, Domain.Models.ModeratorAction.AssignStickies))
{
return(new HttpUnauthorizedResult());
}
try
{
// find and clear current sticky if toggling
var existingSticky = _db.StickiedSubmissions.FirstOrDefault(s => s.SubmissionID == submissionID);
if (existingSticky != null)
{
_db.StickiedSubmissions.Remove(existingSticky);
}
else
{
// remove all stickies for subverse matching submission subverse
_db.StickiedSubmissions.RemoveRange(_db.StickiedSubmissions.Where(s => s.Subverse == submissionModel.Subverse));
// set new submission as sticky
var stickyModel = new StickiedSubmission
{
SubmissionID = submissionID,
CreatedBy = User.Identity.Name,
CreationDate = Repository.CurrentDate,
Subverse = submissionModel.Subverse
};
_db.StickiedSubmissions.Add(stickyModel);
}
_db.SaveChanges();
StickyHelper.ClearStickyCache(submissionModel.Subverse);
return(new HttpStatusCodeResult(HttpStatusCode.OK));
}
catch (Exception)
{
return(new HttpStatusCodeResult(HttpStatusCode.InternalServerError));
}
}
public async Task <ActionResult> SubverseIndex(string subverse, MessageTypeFlag type, MessageState?state = null, int?page = null)
{
if (!(type == MessageTypeFlag.Private || type == MessageTypeFlag.Sent))
{
return(RedirectToAction("Index", "Home"));
}
if (string.IsNullOrEmpty(subverse))
{
return(RedirectToAction("Index", "Home"));
}
if (!ModeratorPermission.HasPermission(User, subverse, ModeratorAction.ReadMail))
{
return(RedirectToAction("Index", "Home"));
}
ViewBag.Context = new MessageContextViewModel()
{
ViewerContext = new UserDefinition()
{
Name = subverse, Type = IdentityType.Subverse
}
};
var qSub = new QuerySubverse(subverse);
var sub = await qSub.ExecuteAsync();
if (sub == null)
{
return(ErrorView(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
}
//ViewBag.PmView = "mod";
//ViewBag.Title = string.Format("v/{0} {1}", sub.Name, (type == MessageTypeFlag.Sent ? "Sent" : "Inbox"));
var q = new QueryMessages(sub.Name, IdentityType.Subverse, type, MessageState.All, false).SetUserContext(User);
q.PageNumber = SetPage(page);
var result = await q.ExecuteAsync();
var pagedList = new PaginatedList <Message>(result, q.PageNumber, q.PageCount);
//TODO: This needs to be the Smail Menu, right now it shows user menu
var name = type == MessageTypeFlag.Sent ? "Sent" : "Inbox";
ViewBag.Title = name;
SetMenuNavigationModel(name, MenuType.Smail, subverse);
return(View("Index", pagedList));
}
public ActionResult AddLinkFlair(SubverseFlairInput subverseFlairSetting)
{
if (!ModelState.IsValid)
{
return(View("~/Views/Subverses/Admin/Flair/AddLinkFlair.cshtml", subverseFlairSetting));
}
//check perms
if (!ModeratorPermission.HasPermission(User, subverseFlairSetting.Subverse, Domain.Models.ModeratorAction.ModifyFlair))
{
return(RedirectToAction("Index", "Home"));
}
// get model for selected subverse
var subverse = DataCache.Subverse.Retrieve(subverseFlairSetting.Subverse);
if (subverse == null)
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
}
var count = _db.SubverseFlair.Count(x => x.Subverse == subverseFlairSetting.Subverse);
if (count >= 20)
{
ViewBag.SubverseModel = subverse;
ViewBag.SubverseName = subverse.Name;
ViewBag.SelectedSubverse = string.Empty;
SetNavigationViewModel(subverse.Name);
ModelState.AddModelError("", "Subverses are limited to 20 flairs");
return(View("~/Views/Subverses/Admin/Flair/AddLinkFlair.cshtml", subverseFlairSetting));
}
subverseFlairSetting.Subverse = subverse.Name;
_db.SubverseFlair.Add(new SubverseFlair()
{
Label = subverseFlairSetting.Label,
CssClass = subverseFlairSetting.CssClass,
Subverse = subverseFlairSetting.Subverse
});
_db.SaveChanges();
//clear cache
CacheHandler.Instance.Remove(CachingKey.SubverseFlair(subverse.Name));
return(RedirectToAction("SubverseFlairSettings"));
}
public async Task <ActionResult> ModeratorDelete(string subverse, int submissionID, ModeratorDeleteContentViewModel model)
{
//New Domain Submission
//var q = new QuerySubmission(submissionID);
//var s = await q.ExecuteAsync();
//Legacy Data Submission (Since views expect this type, we use it for now)
var s = DataCache.Submission.Retrieve(submissionID);
ViewBag.Submission = s;
if (s == null || s.ID != model.ID)
{
ModelState.AddModelError("", "Can not find submission. Is it hiding?");
return(View(model));
}
if (s.IsDeleted)
{
ModelState.AddModelError("", "Can not delete a deleted post. Do you have no standards?");
return(View(model));
}
if (!ModeratorPermission.HasPermission(User, s.Subverse, Domain.Models.ModeratorAction.DeletePosts))
{
return(HybridError(ErrorViewModel.GetErrorViewModel(ErrorType.Unauthorized)));
}
if (!ModelState.IsValid)
{
return(View(model));
}
var cmd = new DeleteSubmissionCommand(model.ID, model.Reason).SetUserContext(User);
var r = await cmd.Execute();
if (r.Success)
{
return(RedirectToRoute(Models.ROUTE_NAMES.SUBVERSE_INDEX, new { subverse = s.Subverse }));
}
else
{
ModelState.AddModelError("", r.Message);
return(View(model));
}
}
public IEnumerable <ValidationResult> Validate(ValidationContext validationContext)
{
var errors = new List <ValidationResult>();
string originalUserName = UserHelper.OriginalUsername(UserName);
if (String.IsNullOrEmpty(originalUserName))
{
errors.Add(ValidationPathResult.Create(this, $"User '{UserName}' can not be found", x => x.UserName));
}
else if (!ModeratorPermission.IsModerator(UserName, Subverse))
{
errors.Add(ValidationPathResult.Create(this, $"User '{UserName}' is not a moderator of {Subverse}", x => x.UserName));
}
else
{
UserName = originalUserName;
}
return(errors);
}
public async Task <ActionResult> ModeratorDelete(string subverse, int submissionID, int commentID)
{
if (!ModeratorPermission.HasPermission(User.Identity.Name, subverse, Domain.Models.ModeratorAction.DeleteComments))
{
return(new HttpUnauthorizedResult());
}
var q = new QueryComment(commentID);
var comment = await q.ExecuteAsync();
if (comment == null || comment.SubmissionID != submissionID)
{
ModelState.AddModelError("", "Can not find comment. Who did this?");
return(View(new ModeratorDeleteContentViewModel()));
}
ViewBag.Comment = comment;
return(View(new ModeratorDeleteContentViewModel()
{
ID = commentID
}));
}
public async Task <ActionResult> Reports(string subverse, Domain.Models.ContentType?type = null, int days = 1, Domain.Models.ReviewStatus status = Domain.Models.ReviewStatus.Unreviewed, int[] ruleid = null)
{
days = days.EnsureRange(1, 7);
if (subverse.IsEqual("all"))
{
subverse = null;
}
else
{
//check perms
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.AccessReports))
{
return(ErrorView(ErrorViewModel.GetErrorViewModel(ErrorType.Unauthorized)));
}
}
//TODO: Implement Command/Query - Remove direct Repository access
using (var repo = new Repository(User))
{
var data = await repo.GetRuleReports(subverse, type, days * 24, status, ruleid);
ViewBag.Days = days;
ViewBag.RuleID = ruleid;
ViewBag.ReviewStatus = status;
//Add Mod Menu
if (!subverse.IsEqual("all"))
{
ViewBag.NavigationViewModel = new Models.ViewModels.NavigationViewModel()
{
Description = "Moderation",
Name = subverse,
MenuType = Models.ViewModels.MenuType.Moderator,
BasePath = String.Format("/v/{0}/about", subverse),
Sort = null
};
}
return(View(data));
}
}
public ActionResult Update(string subverse)
{
var subverseObject = DataCache.Subverse.Retrieve(subverse);
if (subverseObject == null)
{
ViewBag.SelectedSubverse = "404";
return(ErrorView(ErrorViewModel.GetErrorViewModel(ErrorType.SubverseNotFound)));
}
if (!ModeratorPermission.HasPermission(User, subverse, Domain.Models.ModeratorAction.ModifySettings))
{
return(RedirectToRoute(Models.ROUTE_NAMES.SUBVERSE_INDEX, new { subverse = subverse }));
}
// map existing data to view model for editing and pass it to frontend
// NOTE: we should look into a mapper which automatically maps these properties to corresponding fields to avoid tedious manual mapping
var viewModel = new SubverseSettingsViewModel
{
Name = subverseObject.Name,
Title = subverseObject.Title,
Description = subverseObject.Description,
SideBar = subverseObject.SideBar,
//Stylesheet = subverseObject.Stylesheet,
IsAdult = subverseObject.IsAdult,
IsPrivate = subverseObject.IsPrivate,
IsThumbnailEnabled = subverseObject.IsThumbnailEnabled,
ExcludeSitewideBans = subverseObject.ExcludeSitewideBans,
IsAuthorizedOnly = subverseObject.IsAuthorizedOnly,
IsAnonymized = subverseObject.IsAnonymized,
MinCCPForDownvote = subverseObject.MinCCPForDownvote,
LastUpdateDate = subverseObject.LastUpdateDate
};
ViewBag.SelectedSubverse = string.Empty;
ViewBag.SubverseName = subverseObject.Name;
SetNavigationViewModel(subverseObject.Name);
return(View("~/Views/Subverses/Admin/SubverseSettings.cshtml", viewModel));
}
