/// <summary> /// 是否具有发私信的权限 /// </summary> /// <returns></returns> public bool Message(long userId) { IUser currentUser = UserContext.CurrentUser; if (currentUser == null) { return(false); } return(new PrivacyService().Validate(userId, currentUser.UserId, PrivacyItemKeys.Instance().Message())); }
/// <summary> /// 用户的百科 /// </summary> /// <returns></returns> public ActionResult WikiUser(string spaceKey) { IUser user = null; if (string.IsNullOrEmpty(spaceKey)) { user = UserContext.CurrentUser; if (user == null) { return(Redirect(SiteUrls.Instance().Login(true))); } pageResourceManager.InsertTitlePart("我的百科"); } else { user = userService.GetFullUser(spaceKey); if (user == null) { return(HttpNotFound()); } if (!new PrivacyService().Validate(user.UserId, UserContext.CurrentUser != null ? UserContext.CurrentUser.UserId : 0, PrivacyItemKeys.Instance().VisitUserSpace())) { if (UserContext.CurrentUser == null) { return(Redirect(SiteUrls.Instance().Login(true))); } else { return(Redirect(SiteUrls.Instance().PrivacyHome(user.UserName))); } } if (UserContext.CurrentUser != null && user.UserId == UserContext.CurrentUser.UserId) { pageResourceManager.InsertTitlePart("我的百科"); } else { pageResourceManager.InsertTitlePart(user.DisplayName + "的百科"); } } return(View(user)); }
public ActionResult _Invite(string spaceKey, string userIds, string remark) { StatusMessageData message = null; string unInviteFriendNames = string.Empty; GroupEntity group = groupService.Get(spaceKey); if (group == null) { return(Json(new StatusMessageData(StatusMessageType.Error, "找不到群组!"))); } //在显示时做了判断 //已修改 IUser currentUser = UserContext.CurrentUser; List <long> couldBeInvetedUserIds = new List <long>(); //被邀请人的隐私设置 IEnumerable <long> inviteUserIds = Request.Form.Gets <long>("userIds", null); int count = 0; foreach (long inviteUserId in inviteUserIds) { if (!privacyService.Validate(inviteUserId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().Invitation())) { User user = userService.GetFullUser(inviteUserId); unInviteFriendNames += user.DisplayName + ","; } else { count++; couldBeInvetedUserIds.Add(inviteUserId); } } if (currentUser == null) { return(Json(new StatusMessageData(StatusMessageType.Error, "您尚未登录!"))); } if (!new Authorizer().Group_Invite(group)) { return(Redirect(SiteUrls.Instance().SystemMessage(TempData, new SystemMessageViewModel { Body = "没有邀请好友的权限!", Title = "没有权限", StatusMessageType = StatusMessageType.Error }))); } if (!string.IsNullOrEmpty(userIds)) { //已修改 IEnumerable <long> ids = Request.Form.Gets <long>("userIds", null); if (ids != null && ids.Count() > 0) { groupService.SendInvitations(group, currentUser, remark, couldBeInvetedUserIds); if (count < ids.Count()) { message = new StatusMessageData(StatusMessageType.Hint, "共有" + count + "个好友邀请成功," + unInviteFriendNames.Substring(0, unInviteFriendNames.Count() - 1) + "不能被邀请!"); } else { message = new StatusMessageData(StatusMessageType.Success, "邀请好友成功!"); } } else { message = new StatusMessageData(StatusMessageType.Hint, "您尚未选择好友!"); } } return(Json(message)); }
public ActionResult Comment(MicroblogCommentEditModel model) { string message = string.Empty; if (ModelState.HasBannedWord(out message)) { return(Json(new StatusMessageData(StatusMessageType.Error, message))); } IUser currentUser = UserContext.CurrentUser; long userId = microblogService.Get(model.CommentedObjectId).UserId; //被评论用户的隐私判断 if (!privacyService.Validate(userId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().Comment())) { return(Json(new StatusMessageData(StatusMessageType.Hint, "该用户不允许你评论他的内容!"))); } CommentService commentService = new CommentService(); if (model.IsValidate) { Comment comment = model.AsComment(); if (comment.ParentId != 0) { Comment parentComment = commentService.Get(comment.ParentId); if (parentComment != null) { comment.IsPrivate = parentComment.IsPrivate ? true : comment.IsPrivate; } } if (commentService.Create(comment)) { if (model.CommentOriginalAuthor) { MicroblogEntity entity = microblogService.Get(comment.CommentedObjectId); if (entity != null) { Comment originalAuthorComment = model.AsComment(); entity = entity.OriginalMicroblog; if (entity != null) { originalAuthorComment.ToUserId = entity.UserId; originalAuthorComment.ToUserDisplayName = entity.User.DisplayName; originalAuthorComment.CommentedObjectId = entity.MicroblogId; commentService.Create(originalAuthorComment); } } } if (model.ForwardMicrobo) { MicroblogEntity microblogEntity = microblogService.Get(model.CommentedObjectId); if (microblogEntity != null) { MicroblogEntity microblog = MicroblogEntity.New(); microblog.Body = "转发微博"; microblog.Author = currentUser.DisplayName; microblog.UserId = currentUser.UserId; microblog.OwnerId = currentUser.UserId; microblog.TenantTypeId = TenantTypeIds.Instance().User(); microblog.ForwardedMicroblogId = microblogEntity.MicroblogId; microblog.OriginalMicroblogId = microblogEntity.OriginalMicroblogId > 0 ? microblogEntity.OriginalMicroblogId : microblog.ForwardedMicroblogId; long toUserId = microblog.UserId; MicroblogEntity entity = microblogService.Get(microblog.OriginalMicroblogId); long toOriginalUserId = entity == null ? 0 : entity.UserId; microblogService.Forward(microblog, false, false, toUserId, toOriginalUserId); } } return(Json(new { commentid = comment.Id })); } } WebUtility.SetStatusCodeForError(Response); return(Json(new StatusMessageData(StatusMessageType.Error, "创建留言失败了!"))); }
private void AuthorizeCore(AuthorizationContext filterContext) { string spaceKey = UserContext.CurrentSpaceKey(filterContext); if (string.IsNullOrEmpty(spaceKey)) { filterContext.Result = new HttpNotFoundResult(); return; } IUserService userService = DIContainer.Resolve <IUserService>(); User currentSpaceUser = userService.GetFullUser(spaceKey); if (currentSpaceUser == null) { filterContext.Result = new HttpNotFoundResult(); return; } IUser currentUser = UserContext.CurrentUser; //判断空间访问隐私 PrivacyService privacyService = new PrivacyService(); if (!privacyService.Validate(currentSpaceUser.UserId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().VisitUserSpace())) { if (currentUser == null) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(false, SiteUrls.LoginModal._LoginInModal)); } else { filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(true)); } } else { filterContext.Result = new RedirectResult(SiteUrls.Instance().PrivacyHome(currentSpaceUser.UserName) /* 跳向无权访问页 */); } return; } //判断该用户是否有访问该空间的权限 if (!RequireOwnerOrAdministrator) { return; } //匿名用户要求先登录跳转 if (currentUser == null) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(false, SiteUrls.LoginModal._LoginInModal)); } else { filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(true)); } return; } if (currentSpaceUser.UserId == currentUser.UserId) { //if (currentUser.IsBanned) //{ // IAuthenticationService authenticationService = DIContainer.ResolvePerHttpRequest<IAuthenticationService>(); // authenticationService.SignOut(); // filterContext.Result = new RedirectResult(SiteUrls.Instance().SystemMessage(filterContext.Controller.TempData, new SystemMessageViewModel // { // Title = "帐号被封禁!", // Body = "由于您的非法操作,您的帐号已被封禁,如有疑问,请联系管理员", // StatusMessageType = StatusMessageType.Error // })); //} return; } if (currentUser.IsInRoles(RoleNames.Instance().SuperAdministrator(), RoleNames.Instance().ContentAdministrator())) { return; } filterContext.Result = new RedirectResult(SiteUrls.Instance().SystemMessage(filterContext.Controller.TempData, new SystemMessageViewModel { Title = "无权访问", Body = "您无权访问此页面,只有空间主人或管理员才能访问", StatusMessageType = StatusMessageType.Hint }) /* 跳向无权访问页 */); }
/// <summary> /// 是否具有创建评论的权限 /// </summary> /// <returns></returns> public bool Comment_Create(string tenantTypeId, long?userId = null) { IUser currentUser = UserContext.CurrentUser; //站点设置是否启用了匿名发帖 TenantCommentSettings settings = TenantCommentSettings.GetRegisteredSettings(tenantTypeId); //不允许匿名用户的时候,并且是匿名用户的时候 if (!settings.AllowAnonymousComment && currentUser == null) { return(false); } CommentSettings commentSettings = DIContainer.Resolve <ISettingsManager <CommentSettings> >().Get(); if (!commentSettings.AllowAnonymousComment && currentUser == null) { return(false); } //允许匿名用户,并且是匿名用户的时候 if (currentUser == null) { return(true); } if (userId.HasValue) { return(new PrivacyService().Validate(userId.Value, currentUser.UserId, PrivacyItemKeys.Instance().Comment())); } return(true); }
/// <summary> /// 他的资讯/我的资讯 /// </summary> public ActionResult CmsUser(string spaceKey, int?contentFolderId = null, AuditStatus?auditStatus = null, int pageSize = 50, int pageIndex = 1) { IUser user = null; if (string.IsNullOrEmpty(spaceKey)) { user = UserContext.CurrentUser; if (user == null) { return(Redirect(SiteUrls.Instance().Login(true))); } pageResourceManager.InsertTitlePart("我的资讯"); } else { user = userService.GetFullUser(spaceKey); if (user == null) { return(HttpNotFound()); } if (!new PrivacyService().Validate(user.UserId, UserContext.CurrentUser != null ? UserContext.CurrentUser.UserId : 0, PrivacyItemKeys.Instance().VisitUserSpace())) { if (UserContext.CurrentUser == null) { return(Redirect(SiteUrls.Instance().Login(true))); } else { return(Redirect(SiteUrls.Instance().PrivacyHome(user.UserName))); } } if (UserContext.CurrentUser != null && user.UserId == UserContext.CurrentUser.UserId) { pageResourceManager.InsertTitlePart("我的资讯"); } else { pageResourceManager.InsertTitlePart(user.DisplayName + "的资讯"); } } ViewData["user"] = user; bool hasManagePermission = UserContext.CurrentUser != null && UserContext.CurrentUser.UserId == user.UserId; if (authorizer.IsAdministrator(CmsConfig.Instance().ApplicationId)) { hasManagePermission = true; } PubliclyAuditStatus?publiclyAuditStatus = null; if (hasManagePermission) { if (auditStatus.HasValue) { switch (auditStatus.Value) { case AuditStatus.Again: publiclyAuditStatus = PubliclyAuditStatus.Again; break; case AuditStatus.Fail: publiclyAuditStatus = PubliclyAuditStatus.Fail; break; case AuditStatus.Success: publiclyAuditStatus = PubliclyAuditStatus.Success; break; case AuditStatus.Pending: default: publiclyAuditStatus = PubliclyAuditStatus.Pending; break; } } } else { publiclyAuditStatus = new AuditService().GetPubliclyAuditStatus(CmsConfig.Instance().ApplicationId); } PagingDataSet <ContentItem> contentItems = contentItemService.GetUserContentItems(user.UserId, contentFolderId, publiclyAuditStatus, pageSize, pageIndex); if (Request.IsAjaxRequest()) { return(PartialView("_UserContentItems", contentItems)); } ViewData["hasManagePermission"] = hasManagePermission; OwnerDataService ownerDataService = new OwnerDataService(TenantTypeIds.Instance().User()); ViewData["contributeCount"] = ownerDataService.GetLong(user.UserId, OwnerDataKeys.Instance().ContributeCount()); return(View(contentItems)); }