public IActionResult RemoveHost(string id, [FromForm] string userDisplayId)
{
UserAccount user = GetCurrentUser();
Event targetEvent = DatabaseHelpers.Events.GetEventByUrl(id);
if (targetEvent == null)
{
return(NotFound());
}
EventPermissions userPermissions = DatabaseHelpers.Events.GetUserPermissionsForEvent(user, targetEvent);
if (!userPermissions.HasFlag(EventPermissions.EditEventSettings))
{
return(Forbid());
}
UserAccount targetUser = DatabaseHelpers.Context.QueryByDisplayID <UserAccount>(userDisplayId);
if (targetUser == null)
{
return(NotFound());
}
if (user.ID != targetUser.ID)
{
DatabaseHelpers.Events.RemoveUserAsHost(targetUser, targetEvent);
}
return(Redirect(targetEvent.GetUrl() + "/hosts"));
}
public IActionResult Settings(string id, [FromForm, Bind] Event eventChanges)
{
UserAccount user = GetCurrentUser();
Event targetEvent = DatabaseHelpers.Events.GetEventByUrl(id);
if (targetEvent == null)
{
return(NotFound());
}
EventPermissions userPermissions = DatabaseHelpers.Events.GetUserPermissionsForEvent(user, targetEvent);
if (!userPermissions.HasFlag(EventPermissions.EditEventSettings))
{
return(Forbid());
}
eventChanges.ID = targetEvent.ID;
ModelState.Clear();
TryValidateModel(eventChanges);
// Collect the initial model errors
List <string> errorMessages = new List <string>();
if (!ModelState.IsValid)
{
errorMessages = ModelState.Values.SelectMany(value => value.Errors).Select(error => error.ErrorMessage).ToList();
}
// Perform additional validation
if (errorMessages.Count > 0)
{
// If validation errors occured, display them on the edit page.
ViewBag.ErrorMessages = errorMessages.ToArray();
return(Settings(id));
}
targetEvent.Title = eventChanges.Title;
targetEvent.URL = eventChanges.URL;
targetEvent.Description = eventChanges.Description;
targetEvent.EventType = eventChanges.EventType;
targetEvent.Settings = eventChanges.Settings;
targetEvent.RevealDate = eventChanges.RevealDate;
targetEvent.StartDate = eventChanges.StartDate;
targetEvent.EndDate = eventChanges.EndDate;
targetEvent.VoteEndDate = eventChanges.VoteEndDate;
DatabaseHelpers.Context.UpdateAndSave(targetEvent);
return(Redirect(targetEvent.GetUrl()));
}
public IActionResult RejectReport([FromBody] int reportId)
{
Report r = DatabaseHelpers.Context.QueryByID <Report>(reportId);
EventPermissions permissions = DatabaseHelpers.Events.GetUserPermissionsForEvent(GetCurrentUser(), r.Entry.Event);
if (!permissions.HasFlag(EventPermissions.ManageEntries))
{
return(Unauthorized());
}
DatabaseHelpers.Entries.UpdateEntryReportStatus(r, ReportStatus.Rejected);
return(Ok());
}
public IActionResult DeleteReportedPost([FromBody] int reportId)
{
Report r = DatabaseHelpers.Context.QueryByID <Report>(reportId);
EventPermissions permissions = DatabaseHelpers.Events.GetUserPermissionsForEvent(GetCurrentUser(), r.Entry.Event);
if (!permissions.HasFlag(EventPermissions.ManageEntries))
{
return(Unauthorized());
}
// Note: This will also delete the report (and all votes linked to the entry), so the "approved" status will never actually be visible.
DatabaseHelpers.Entries.DeleteEntry(r.Entry);
DatabaseHelpers.Entries.UpdateEntryReportStatus(r, ReportStatus.Approved);
return(Ok());
}
public IActionResult Settings(string id)
{
UserAccount user = GetCurrentUser();
Event e = DatabaseHelpers.Events.GetEventByUrl(id);
if (e == null)
{
return(NotFound());
}
EventPermissions permissions = DatabaseHelpers.Events.GetUserPermissionsForEvent(user, e);
if (!permissions.HasFlag(EventPermissions.EditEventSettings))
{
return(Forbid());
}
return(View(e));
}
