// POST: api/Subreddit
public Task Post([FromBody] Models.Subreddit newSub)
{
string name = ClaimsPrincipal.Current.Identity.Name;
var ip = HttpContext.Current.GetOwinContext().Request.RemoteIpAddress;
return(subBLL.AddSubreddit(newSub, name, ip));
}
// POST: api/Subreddit
public Task Post([FromBody] Models.Subreddit newSub)
{
string name = User.Identity.Name;
//var ip = HttpContext.Current.GetOwinContext().Request.RemoteIpAddress;
string ip = HttpContext.Connection.RemoteIpAddress.ToString();
return(subBLL.AddSubreddit(newSub, name, ip));
}
// PUT: api/Subreddit/5
public Task <object> Put([FromRoute] string subname, [FromBody] Models.Subreddit sub)
{
sub.SubName = subname;
if (User.HasClaim("uri:snoonotes:admin", sub.SubName.ToLower()))
{
return(subBLL.UpdateSubreddit(sub, User));
}
else
{
throw new UnauthorizedAccessException("You are not a moderator of that subreddit, or you don't have full permissions!");
}
}
public async Task AddSubreddit(Models.Subreddit newSub, string modname, string ip)
{
newSub.Active = true;
newSub.Settings = new Models.SubredditSettings();
newSub.Settings.AccessMask = 64;
var ucacheitem = cache.Get(modname);
var icacheitem = cache.Get(ip);
var ucache = ucacheitem == null ? new CacheObject(modname) : ucacheitem as CacheObject;
var icache = icacheitem == null ? new CacheObject(ip) : icacheitem as CacheObject;
int ureqs = ucache.Value;
int ireqs = icache.Value;
if (Math.Max(ureqs, ireqs) > 5)
{
//throw new Exception( "You are doing that too much! Limited to created 5 subreddits per 24 hours, sorry!" );
}
var activeSubs = await subDAL.GetActiveSubs();
if (activeSubs.Count > 0 && activeSubs.Select(s => s.SubName.ToLower()).Contains(newSub.SubName.ToLower()))
{
throw new Exception("Subreddit already exists!");
}
try {
//loads default note types, currently same types as Toolbox
newSub.Settings.NoteTypes = Models.SubredditSettings.DefaultNoteTypes(newSub.SubName);
await subDAL.AddSubreddit(newSub);
newSub.Settings.NoteTypes = (await ntDAL.AddMultipleNoteTypes(newSub.Settings.NoteTypes, modname)).ToList();
newSub.Settings.PermBanID = newSub.Settings.NoteTypes.FirstOrDefault(nt => nt.DisplayName == "Perma Ban").NoteTypeID;
newSub.Settings.TempBanID = newSub.Settings.NoteTypes.FirstOrDefault(nt => nt.DisplayName == "Ban").NoteTypeID;
await subDAL.UpdateSubredditSettings(newSub);
await _roleManager.CreateAsync(new IdentityRole( newSub.SubName.ToLower()));
//await _roleManager.CreateAsync( new IdentityRole( newSub.SubName.ToLower() + ":admin" ) );
ucache.Value += 1;
icache.Value += 1;
cache.Set(ucache.Key, ucache, ucache.ExpirationDate);
cache.Set(icache.Key, icache, icache.ExpirationDate);
}
catch {
throw;
}
}
public async Task AddSubreddit(Models.Subreddit newSub, string modname, string ip)
{
newSub.Active = true;
newSub.Settings = new Models.SubredditSettings();
newSub.Settings.AccessMask = 64;
var cache = MemoryCache.Default;
var ucacheitem = cache.GetCacheItem(modname);
var icacheitem = cache.GetCacheItem(ip);
var ucache = ucacheitem == null ? new CacheObject(modname) : ucacheitem.Value as CacheObject;
var icache = icacheitem == null ? new CacheObject(ip) : icacheitem.Value as CacheObject;
int ureqs = ucache.Value;
int ireqs = icache.Value;
if (Math.Max(ureqs, ireqs) > 5)
{
throw new Exception("You are doing that too much! Limited to created 5 subreddits per 24 hours, sorry!");
}
if ((await subDAL.GetActiveSubs()).Select(s => s.SubName.ToLower()).Contains(newSub.SubName.ToLower()))
{
throw new Exception("Subreddit already exists!");
}
try {
DAL.NoteTypesDAL ntDAL = new DAL.NoteTypesDAL();
//loads default note types, currently same types as Toolbox
newSub.Settings.NoteTypes = Models.SubredditSettings.DefaultNoteTypes(newSub.SubName);
await subDAL.AddSubreddit(newSub);
await ntDAL.AddMultipleNoteTypes(newSub.Settings.NoteTypes, modname);
ucache.Value += 1;
icache.Value += 1;
cache.Set(new CacheItem(ucache.Key, ucache), new CacheItemPolicy()
{
AbsoluteExpiration = ucache.ExpirationDate
});
cache.Set(new CacheItem(icache.Key, icache), new CacheItemPolicy()
{
AbsoluteExpiration = icache.ExpirationDate
});
}
catch {
throw;
}
}
public async Task <object> UpdateSubreddit(Models.Subreddit sub)
{
if (sub.Settings.AccessMask < 64 || sub.Settings.AccessMask <= 0 || sub.Settings.AccessMask >= 128)
{
throw new HttpResponseException(new HttpResponseMessage()
{
ReasonPhrase = "Invalid AccessMask", StatusCode = HttpStatusCode.BadRequest, Content = new StringContent("Access Mask was invalid")
});
}
else if (ClaimsPrincipal.Current.IsInRole(sub.SubName.ToLower()) && ClaimsPrincipal.Current.HasClaim("urn:snoonotes:subreddits:" + sub.SubName.ToLower() + ":admin", "true"))
{
DAL.NoteTypesDAL ntDAL = new DAL.NoteTypesDAL();
var noteTypes = await ntDAL.GetNoteTypesForSubs(new List <string>() { sub.SubName });
if (sub.Settings.PermBanID.HasValue && !noteTypes.Any(nt => nt.NoteTypeID == sub.Settings.PermBanID.Value))
{
throw new HttpResponseException(new HttpResponseMessage()
{
ReasonPhrase = "Invalid Perm Ban ID", StatusCode = HttpStatusCode.BadRequest, Content = new StringContent("Perm Ban id was invalid")
});
}
if (sub.Settings.TempBanID.HasValue && !noteTypes.Any(nt => nt.NoteTypeID == sub.Settings.TempBanID.Value))
{
throw new HttpResponseException(new HttpResponseMessage()
{
ReasonPhrase = "Invalid Temp Ban ID", StatusCode = HttpStatusCode.BadRequest, Content = new StringContent("Temp Ban id was invalid")
});
}
await subDAL.UpdateSubredditSettings(sub);
bool updated = await Utilities.AuthUtils.UpdateModsForSub(sub);
if (updated)
{
return(new { error = false, message = "Settings have been saved and moderator list has been updated!" });
}
else
{
return(new { error = false, message = "Settings have been saved and moderator list will be refreshed within 2 hours!" });
}
}
else
{
throw new UnauthorizedAccessException("You are not a moderator of that subreddit, or you don't have full permissions!");
}
}
public async Task <object> UpdateSubreddit(Models.Subreddit sub, ClaimsPrincipal user)
{
if (sub.Settings.AccessMask < 64 || sub.Settings.AccessMask <= 0 || sub.Settings.AccessMask >= 128)
{
throw new Exception("Access Mask was invalid");
}
else
{
var noteTypes = await ntDAL.GetNoteTypesForSubs(new List <string>() { sub.SubName });
if (sub.Settings.PermBanID.HasValue && !noteTypes.Any(nt => nt.NoteTypeID == sub.Settings.PermBanID.Value))
{
throw new Exception("Perm Ban id was invalid");
}
if (sub.Settings.TempBanID.HasValue && !noteTypes.Any(nt => nt.NoteTypeID == sub.Settings.TempBanID.Value))
{
throw new Exception("Temp Ban id was invalid");
}
await subDAL.UpdateSubredditSettings(sub);
return(new { error = false, message = "Settings have been saved and moderator list will be refreshed within 2 hours!" });
}
}
// PUT: api/Subreddit/5
public Task <object> Put(string id, [FromBody] Models.Subreddit sub)
{
sub.SubName = id;
return(subBLL.UpdateSubreddit(sub));
}
public override async Task <bool> UpdateModsForSubAsync(Models.Subreddit sub, ClaimsPrincipal user)
{
if (!user.HasClaim("uri:snoonotes:admin", sub.SubName.ToLower()))
{
throw new UnauthorizedAccessException("You don't have 'Full' permissions to this subreddit!");
}
if (sub.SubName.ToLower() == Configuration["CabalSubreddit"].ToLower())
{
return(false);
}
sub = (await subDAL.GetSubreddits(new string[] { sub.SubName })).First();
if (sub == null)
{
throw new Exception("Unrecognized subreddit");
}
string subName = sub.SubName.ToLower();
//var usersWithAccess = userManager.Users.Where(u =>
// u.Claims.Where(c =>
// c.ClaimType == ClaimTypes.Role && c.ClaimValue == sub.SubName.ToLower()).Count() > 0).ToList();
var usersWithAccess = await _userManager.GetUsersInRoleAsync(subName);
//var x = userManager.Users.Where(u=>u.Claims.Select(c => c.ClaimValue).Contains("videos")).ToList();
//var y = userManager.Users.Select(u => u.Claims);
var ident = await _userManager.FindByNameAsync(user.Identity.Name);
ClaimsIdentity curuser = user.Identity as ClaimsIdentity;
RedditSharp.IWebAgent agent;
if (ident.HasConfig)
{
agent = await agentPool.GetOrCreateWebAgentAsync(curuser.Name, (uname, uagent, rlimit) =>
{
return(Task.FromResult(new RedditSharp.RefreshTokenPoolEntry(uname, ident.RefreshToken, rlimit, uagent)));
});
}
else
{
agent = new RedditSharp.WebAgent();
}
RedditSharp.Reddit rd = new RedditSharp.Reddit(agent);
RedditSharp.Things.Subreddit subinfo;
try
{
subinfo = await rd.GetSubredditAsync(sub.SubName);
}
catch
{
return(false);
}
var modsWithAccess = (await subinfo.GetModeratorsAsync()).Where(m => ((int)m.Permissions & sub.Settings.AccessMask) > 0);
// get list of users to remove perms from
var usersToRemove = usersWithAccess.Where(u => !modsWithAccess.Select(m => m.Name.ToLower()).Contains(u.UserName.ToLower())).ToList();
foreach (var appuser in usersToRemove)
{
await _userManager.RemoveFromRoleAsync(appuser, subName);
//if ( appuser.Claims.Where( c => c.ClaimType == "uri:snoonotes:admin" && c.ClaimValue == subName ).Count() > 0 ) {
await _userManager.RemoveClaimAsync(appuser, new Claim("uri:snoonotes:admin", subName));
//}
}
var usersToAdd = modsWithAccess.Where(m => ((int)m.Permissions & sub.Settings.AccessMask) > 0 && !usersWithAccess.Select(u => u.UserName.ToLower()).Contains(m.Name.ToLower()));
foreach (var appuser in usersToAdd)
{
try
{
var u = await _userManager.FindByNameAsync(appuser.Name);
if (u != null)
{
//assume it won't be adding a duplicate *holds breath*
if (appuser.Permissions.HasFlag(RedditSharp.ModeratorPermission.All))
{
await _userManager.AddToRoleAsync(u, subName);
await _userManager.AddClaimAsync(u, new Claim("uri:snoonotes:admin:", subName));
}
else if (((int)appuser.Permissions & sub.Settings.AccessMask) > 0)
{
await _userManager.AddToRoleAsync(u, subName);
}
}
}
catch
{
//TODO something, mighta caught a non registered user?
}
}
usersWithAccess = usersWithAccess.Union(await _userManager.GetUsersForClaimAsync(new Claim("uri:snoonotes:admin", subName))).ToList();
var usersToCheckUpdates = usersWithAccess.Where(u => modsWithAccess.Select(m => m.Name.ToLower()).Contains(u.UserName.ToLower())).ToList();
foreach (var appuser in usersToCheckUpdates)
{
var access = modsWithAccess.Where(m => m.Name.ToLower() == appuser.UserName.ToLower()).Single().Permissions;
if (access == RedditSharp.ModeratorPermission.All)
{
if (!appuser.Claims.Any(c => c.ClaimType == "uri:snoonotes:admin" && c.ClaimValue == subName))
{
await _userManager.AddClaimAsync(appuser, new Claim("uri:snoonotes:admin", subName));
}
}
else
{
//if( appuser.Claims.Any( c => c.ClaimType == "uri:snoonotes:admin" && c.ClaimValue == subName ) ) {
await _userManager.RemoveClaimAsync(appuser, new Claim("uri:snoonotes:admin", subName));
//}
}
}
return(true);
}
public async static Task<bool> UpdateModsForSub( Models.Subreddit sub ) {
if ( !ClaimsPrincipal.Current.HasClaim( "urn:snoonotes:subreddits:" + sub.SubName.ToLower() + ":admin", "true" ) ) {
throw new UnauthorizedAccessException( "You don't have 'Full' permissions to this subreddit!" );
}
if ( sub.SubName.ToLower() == System.Configuration.ConfigurationManager.AppSettings["CabalSubreddit"].ToLower() ) return false;
sub = (await new BLL.SubredditBLL().GetSubreddits( new string[] { sub.SubName } )).First();
if ( sub == null ) {
throw new Exception( "Unrecognized subreddit" );
}
string subName = sub.SubName.ToLower();
var userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>();
//var usersWithAccess = userManager.Users.Where(u =>
// u.Claims.Where(c =>
// c.ClaimType == ClaimTypes.Role && c.ClaimValue == sub.SubName.ToLower()).Count() > 0).ToList();
var usersWithAccess = userManager.Users.Where( u => u.Claims.Select( c => c.ClaimValue ).Contains( subName ) ).ToList();
//var x = userManager.Users.Where(u=>u.Claims.Select(c => c.ClaimValue).Contains("videos")).ToList();
//var y = userManager.Users.Select(u => u.Claims);
var ident = userManager.FindByName( ClaimsPrincipal.Current.Identity.Name );
if ( ident.TokenExpires < DateTime.UtcNow ) {
GetNewToken( ident );
userManager.Update( ident );
}
ClaimsIdentity curuser = ClaimsPrincipal.Current.Identity as ClaimsIdentity;
SNWebAgent agent;
if ( curuser.HasClaim( "urn:snoonotes:scope", "read" ) ) {
agent = new SNWebAgent( ident.AccessToken );
}
else {
agent = new SNWebAgent();
}
RedditSharp.Reddit rd = new RedditSharp.Reddit( agent );
RedditSharp.Things.Subreddit subinfo;
try {
subinfo = rd.GetSubreddit( sub.SubName );
}
catch {
return false;
}
var modsWithAccess = subinfo.Moderators.Where( m => ( (int) m.Permissions & sub.Settings.AccessMask ) > 0 );
// get list of users to remove perms from
var usersToRemove = usersWithAccess.Where( u => !modsWithAccess.Select( m => m.Name.ToLower() ).Contains( u.UserName.ToLower() ) ).ToList();
foreach ( var user in usersToRemove ) {
userManager.RemoveClaim( user.Id, new Claim( ClaimTypes.Role, subName ) );
if ( user.Claims.Where( c => c.ClaimType == "urn:snoonotes:subreddits:" + subName + ":admin" ).Count() > 0 ) {
userManager.RemoveClaim( user.Id, new Claim( "urn:snoonotes:subreddits:" + subName + ":admin", "true" ) );
}
}
var usersToAdd = modsWithAccess.Where( m => ( (int) m.Permissions & sub.Settings.AccessMask ) > 0 && !usersWithAccess.Select( u => u.UserName.ToLower() ).Contains( m.Name.ToLower() ) );
foreach ( var user in usersToAdd ) {
try {
var u = userManager.FindByName( user.Name );
if ( u != null ) {
//assume it won't be adding a duplicate *holds breath*
if ( user.Permissions.HasFlag( RedditSharp.ModeratorPermission.All ) ) {
userManager.AddClaim( u.Id, new Claim( ClaimTypes.Role, subName ) );
userManager.AddClaim( u.Id, new Claim( "urn:snoonotes:subreddits:" + subName + ":admin", "true" ) );
}
else if ( ( (int) user.Permissions & sub.Settings.AccessMask ) > 0 ) {
userManager.AddClaim( u.Id, new Claim( ClaimTypes.Role, subName ) );
}
}
}
catch {
//TODO something, mighta caught a non registered user?
}
}
return true;
}
