Exemplo n.º 1
0
        public static int CommitPost(Post p, IGraffitiUser user, bool isFeaturedPost, bool isFeaturedCategory)
        {
            Permission perm   = RolePermissionManager.GetPermissions(p.CategoryId, user);
            bool       isMan  = perm.Publish;
            bool       isEdit = GraffitiUsers.IsAdmin(user);

            if (isMan || isEdit)
            {
                p.IsPublished = (p.PostStatus == PostStatus.Publish);
            }
            else
            {
                p.IsPublished = false;

                if (p.PostStatus != PostStatus.Draft && p.PostStatus != PostStatus.PendingApproval)
                {
                    p.PostStatus = PostStatus.Draft;
                }
            }

            p.ModifiedBy = user.Name;

            if (p.IsNew) //No VERSION WORK, just save it.
            {
                p.Version = 1;
                p.Save(user.Name, SiteSettings.CurrentUserTime);
            }
            else if (p.IsPublished) //Make a copy of the current post, then save this one.
            {
                Post old_Post = new Post(p.Id);

                //if(old_Post.PostStatus == PostStatus.Publish)
                VersionPost(old_Post);

                p.Version = GetNextVersionId(p.Id, p.Version);
                p.Save(user.Name);
            }
            else
            {
                p.Version = GetNextVersionId(p.Id, p.Version);
                VersionPost(p);
                Post.UpdatePostStatus(p.Id, p.PostStatus);
            }

            ProcessFeaturedPosts(p, user, isFeaturedPost, isFeaturedCategory);

            if (p.PostStatus == PostStatus.PendingApproval)
            {
                SendPReqiresApprovalMessage(p, user);
            }
            else if (p.PostStatus == PostStatus.RequiresChanges)
            {
                SendRequestedChangesMessage(p, user);
            }

            return(p.Id);
        }
Exemplo n.º 2
0
        public static void SendPReqiresApprovalMessage(Post p, IGraffitiUser user)
        {
            var users = new List <IGraffitiUser>();

            foreach (IGraffitiUser u in GraffitiUsers.GetUsers("*"))
            {
                if (GraffitiUsers.IsAdmin(u) || RolePermissionManager.GetPermissions(p.CategoryId, u).Publish)
                {
                    users.Add(u);
                }
            }

            Macros m = new Macros();
            EmailTemplateToolboxContext pttc = new EmailTemplateToolboxContext();

            pttc.Put("sitesettings", SiteSettings.Get());
            pttc.Put("post", p);
            pttc.Put("user", user);
            pttc.Put("macros", m);
            pttc.Put("home", m.FullUrl(new Urls().Home));
            pttc.Put("adminUrl",
                     m.FullUrl(VirtualPathUtility.ToAbsolute("~/graffiti-admin/posts/write/")) + "?id=" + p.Id + "&v=" +
                     p.Version);

            string adminApprovalUrl = m.FullUrl(VirtualPathUtility.ToAbsolute("~/api/approve.ashx")) +
                                      "?key={0}&u={1}&id={2}&v={3}";

            EmailTemplate template = new EmailTemplate();

            template.Context      = pttc;
            template.Subject      = "You have content to approve: " + p.Title;
            template.TemplateName = "QueuedPost.view";

            foreach (IGraffitiUser admin in users)
            {
                template.Context.Put("adminApprovalUrl",
                                     string.Format(adminApprovalUrl, admin.UniqueId, admin.Name, p.Id, p.Version));

                try
                {
                    template.To = admin.Email;
                    Emailer.Send(template);

                    //Emailer.Send("QueuedPost.view", admin.Email, "You have content to approve: " + p.Title, pttc);
                }
                catch (Exception ex)
                {
                    Log.Error("Email Error", ex.Message);
                }
            }

            Log.Info("Post approval email", "{0} user(s) were sent an email to approve the post \"{1}\" (id: {2}).", users.Count,
                     p.Title, p.Id);
        }
Exemplo n.º 3
0
        protected override void Authenticate()
        {
            if (GraffitiUsers.Current == null)
            {
                Response.Redirect("~/login/");
            }

            if (!GraffitiUsers.IsAdmin(GraffitiUsers.Current))
            {
                Response.Redirect("~/");
            }
        }
Exemplo n.º 4
0
        protected override void Authenticate()
        {
            if (GraffitiUsers.Current == null)
            {
                Response.Redirect("~/login/");
            }

            if (!RolePermissionManager.CanViewControlPanel(GraffitiUsers.Current) &&
                !GraffitiUsers.IsAdmin(GraffitiUsers.Current))
            {
                Response.Redirect("~/");
            }
        }
Exemplo n.º 5
0
        public static void SendRequestedChangesMessage(Post p, IGraffitiUser user)
        {
            List <IGraffitiUser> users = new List <IGraffitiUser>();

            foreach (IGraffitiUser u in GraffitiUsers.GetUsers("*"))
            {
                if (GraffitiUsers.IsAdmin(u) || RolePermissionManager.GetPermissions(p.CategoryId, u).Publish)
                {
                    users.Add(u);
                }
            }

            Macros m = new Macros();

            EmailTemplateToolboxContext pttc = new EmailTemplateToolboxContext();

            pttc.Put("sitesettings", SiteSettings.Get());
            pttc.Put("post", p);
            pttc.Put("user", user);
            pttc.Put("macros", m);
            pttc.Put("home", m.FullUrl(new Urls().Home));
            pttc.Put("adminUrl",
                     m.FullUrl(VirtualPathUtility.ToAbsolute("~/graffiti-admin/posts/write/")) + "?id=" + p.Id + "&v=" +
                     p.Version);

            EmailTemplate template = new EmailTemplate();

            template.Context      = pttc;
            template.To           = p.User.Email;
            template.Subject      = "Changes Requested: " + p.Title;
            template.TemplateName = "RequestChanges.view";

            try
            {
                Emailer.Send(template);
                //Emailer.Send("RequestChanges.view", p.User.Email, "Changes Requested: " + p.Title, pttc);
                Log.Info("Post Changes Email", p.User.Email + " was sent an email requesting changes");
            }
            catch (Exception ex)
            {
                Log.Error("Email Requested Changes Error", ex.Message);
            }
        }
Exemplo n.º 6
0
        public static bool CanViewControlPanel(IGraffitiUser user)
        {
            if (user == null)
            {
                return(false);
            }

            if (GraffitiUsers.IsAdmin(user))
            {
                return(true);
            }

            foreach (string role in user.Roles)
            {
                foreach (RolePermissions rp in GetRolePermissions())
                {
                    if (rp.RoleName == role)
                    {
                        if (rp.HasEdit || rp.HasPublish)
                        {
                            return(true);
                        }
                    }
                }

                foreach (RoleCategoryPermissions rcp in GetRoleCategoryPermissions())
                {
                    if (rcp.RoleName == role)
                    {
                        if (rcp.HasEdit || rcp.HasPublish)
                        {
                            return(true);
                        }
                    }
                }
            }

            return(false);
        }
Exemplo n.º 7
0
        private static Graffiti.Core.Category AddOrFetchCategory(string name, IGraffitiUser user)
        {
            int index = name.IndexOf(">");

            if (index > -1)
            {
                string parentName = name.Substring(0, index).Trim();
                string childName  = name.Substring(index + 1).Trim();

                Graffiti.Core.Category parent = new CategoryController().GetCachedCategory(parentName, true);

                if (parent != null)
                {
                    foreach (Graffiti.Core.Category childCategory in parent.Children)
                    {
                        if (Util.AreEqualIgnoreCase(childCategory.Name, childName))
                        {
                            return(childCategory);
                        }
                    }

                    if (GraffitiUsers.IsAdmin(user))
                    {
                        Core.Category child = new Core.Category();
                        child.Name     = HttpUtility.HtmlEncode(childName);
                        child.ParentId = parent.Id;
                        child.Save();

                        return(child);
                    }
                }
                else
                {
                    if (GraffitiUsers.IsAdmin(user))
                    {
                        parent      = new Core.Category();
                        parent.Name = HttpUtility.HtmlEncode(parentName);
                        parent.Save();

                        Core.Category child = new Core.Category();
                        child.Name     = HttpUtility.HtmlEncode(childName);
                        child.ParentId = parent.Id;
                        child.Save();

                        return(child);
                    }
                }
            }
            else
            {
                Core.Category category = new CategoryController().GetCachedCategory(name, true);
                if (category == null)
                {
                    if (GraffitiUsers.IsAdmin(user))
                    {
                        category      = new Core.Category();
                        category.Name = name;
                        category.Save();
                    }
                }

                return(category);
            }

            Log.Warn("Categories", "The user {0} does not have permission to create the category {1}", user.ProperName, HttpUtility.HtmlEncode(name));
            throw new Exception("You do not have permission to create a new category or sub-category");
        }
Exemplo n.º 8
0
        public static Permission GetPermissions(int categoryId, IGraffitiUser user, bool calledFromMultipleCategoryPage)
        {
            string[] roles;

            // if there is no users, setup the roles collection to be everyone
            if (user == null)
            {
                roles = new string[1] {
                    GraffitiUsers.EveryoneRole
                };
            }
            else             // get the users roles
            {
                roles = user.Roles;
            }

            Permission p = new Permission();

            // if the user is an admin, they have access to everything
            if (GraffitiUsers.IsAdmin(user))
            {
                p.Read    = true;
                p.Edit    = true;
                p.Publish = true;

                return(p);
            }

            // determines if category permissions are setup, which overrides individual role permissions
            bool setInCategoryPermissions = false;

            if (categoryId != -1 || calledFromMultipleCategoryPage)
            {
                foreach (string role in roles)
                {
                    foreach (RoleCategoryPermissions rcp in GetRoleCategoryPermissions())
                    {
                        if (rcp.RoleName == role)
                        {
                            if (rcp.CategoryId == categoryId || calledFromMultipleCategoryPage)
                            {
                                // only set it if it's false. if another permissions allowed this category,
                                // the user has permissions
                                if (!p.Read)
                                {
                                    p.Read = rcp.HasRead;
                                }

                                if (!p.Edit)
                                {
                                    p.Edit = rcp.HasEdit;
                                }

                                if (!p.Publish)
                                {
                                    p.Publish = rcp.HasPublish;
                                }
                            }

                            setInCategoryPermissions = true;
                        }
                    }
                }
            }

            if (!setInCategoryPermissions)
            {
                foreach (string role in roles)
                {
                    foreach (RolePermissions rp in GetRolePermissions())
                    {
                        if (rp.RoleName == role)
                        {
                            // only set it if it's false. if another permissions allowed,
                            // the user has permissions
                            if (!p.Read)
                            {
                                p.Read = rp.HasRead;
                            }

                            if (!p.Edit)
                            {
                                p.Edit = rp.HasEdit;
                            }

                            if (!p.Publish)
                            {
                                p.Publish = rp.HasPublish;
                            }
                        }
                    }
                }
            }

            return(p);
        }