Пример #1
0
        public ActionResult Comment(MicroblogCommentEditModel model)
        {
            string message = string.Empty;

            if (ModelState.HasBannedWord(out message))
            {
                return(Json(new StatusMessageData(StatusMessageType.Error, message)));
            }

            IUser currentUser = UserContext.CurrentUser;
            long  userId      = microblogService.Get(model.CommentedObjectId).UserId;

            //被评论用户的隐私判断

            if (!privacyService.Validate(userId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().Comment()))
            {
                return(Json(new StatusMessageData(StatusMessageType.Hint, "该用户不允许你评论他的内容!")));
            }

            CommentService commentService = new CommentService();

            if (model.IsValidate)
            {
                Comment comment = model.AsComment();

                if (comment.ParentId != 0)
                {
                    Comment parentComment = commentService.Get(comment.ParentId);
                    if (parentComment != null)
                    {
                        comment.IsPrivate = parentComment.IsPrivate ? true : comment.IsPrivate;
                    }
                }

                if (commentService.Create(comment))
                {
                    if (model.CommentOriginalAuthor)
                    {
                        MicroblogEntity entity = microblogService.Get(comment.CommentedObjectId);


                        if (entity != null)
                        {
                            Comment originalAuthorComment = model.AsComment();
                            entity = entity.OriginalMicroblog;
                            if (entity != null)
                            {
                                originalAuthorComment.ToUserId          = entity.UserId;
                                originalAuthorComment.ToUserDisplayName = entity.User.DisplayName;
                                originalAuthorComment.CommentedObjectId = entity.MicroblogId;
                                commentService.Create(originalAuthorComment);
                            }
                        }
                    }
                    if (model.ForwardMicrobo)
                    {
                        MicroblogEntity microblogEntity = microblogService.Get(model.CommentedObjectId);
                        if (microblogEntity != null)
                        {
                            MicroblogEntity microblog = MicroblogEntity.New();
                            microblog.Body         = "转发微博";
                            microblog.Author       = currentUser.DisplayName;
                            microblog.UserId       = currentUser.UserId;
                            microblog.OwnerId      = currentUser.UserId;
                            microblog.TenantTypeId = TenantTypeIds.Instance().User();

                            microblog.ForwardedMicroblogId = microblogEntity.MicroblogId;
                            microblog.OriginalMicroblogId  = microblogEntity.OriginalMicroblogId > 0 ? microblogEntity.OriginalMicroblogId : microblog.ForwardedMicroblogId;

                            long toUserId = microblog.UserId;

                            MicroblogEntity entity           = microblogService.Get(microblog.OriginalMicroblogId);
                            long            toOriginalUserId = entity == null ? 0 : entity.UserId;

                            microblogService.Forward(microblog, false, false, toUserId, toOriginalUserId);
                        }
                    }
                    return(Json(new { commentid = comment.Id }));
                }
            }
            WebUtility.SetStatusCodeForError(Response);
            return(Json(new StatusMessageData(StatusMessageType.Error, "创建留言失败了!")));
        }
Пример #2
0
        public ActionResult _Invite(string spaceKey, string userIds, string remark)
        {
            StatusMessageData message             = null;
            string            unInviteFriendNames = string.Empty;
            GroupEntity       group = groupService.Get(spaceKey);


            if (group == null)
            {
                return(Json(new StatusMessageData(StatusMessageType.Error, "找不到群组!")));
            }

            //在显示时做了判断
            //已修改
            IUser currentUser = UserContext.CurrentUser;

            List <long> couldBeInvetedUserIds = new List <long>();
            //被邀请人的隐私设置
            IEnumerable <long> inviteUserIds = Request.Form.Gets <long>("userIds", null);
            int count = 0;

            foreach (long inviteUserId in inviteUserIds)
            {
                if (!privacyService.Validate(inviteUserId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().Invitation()))
                {
                    User user = userService.GetFullUser(inviteUserId);
                    unInviteFriendNames += user.DisplayName + ",";
                }
                else
                {
                    count++;
                    couldBeInvetedUserIds.Add(inviteUserId);
                }
            }



            if (currentUser == null)
            {
                return(Json(new StatusMessageData(StatusMessageType.Error, "您尚未登录!")));
            }

            if (!new Authorizer().Group_Invite(group))
            {
                return(Redirect(SiteUrls.Instance().SystemMessage(TempData, new SystemMessageViewModel
                {
                    Body = "没有邀请好友的权限!",
                    Title = "没有权限",
                    StatusMessageType = StatusMessageType.Error
                })));
            }

            if (!string.IsNullOrEmpty(userIds))
            {
                //已修改

                IEnumerable <long> ids = Request.Form.Gets <long>("userIds", null);
                if (ids != null && ids.Count() > 0)
                {
                    groupService.SendInvitations(group, currentUser, remark, couldBeInvetedUserIds);
                    if (count < ids.Count())
                    {
                        message = new StatusMessageData(StatusMessageType.Hint, "共有" + count + "个好友邀请成功," + unInviteFriendNames.Substring(0, unInviteFriendNames.Count() - 1) + "不能被邀请!");
                    }
                    else
                    {
                        message = new StatusMessageData(StatusMessageType.Success, "邀请好友成功!");
                    }
                }
                else
                {
                    message = new StatusMessageData(StatusMessageType.Hint, "您尚未选择好友!");
                }
            }
            return(Json(message));
        }
Пример #3
0
        private void AuthorizeCore(AuthorizationContext filterContext)
        {
            string spaceKey = UserContext.CurrentSpaceKey(filterContext);

            if (string.IsNullOrEmpty(spaceKey))
            {
                filterContext.Result = new HttpNotFoundResult();
                return;
            }
            IUserService userService      = DIContainer.Resolve <IUserService>();
            User         currentSpaceUser = userService.GetFullUser(spaceKey);

            if (currentSpaceUser == null)
            {
                filterContext.Result = new HttpNotFoundResult();
                return;
            }
            IUser currentUser = UserContext.CurrentUser;
            //判断空间访问隐私
            PrivacyService privacyService = new PrivacyService();

            if (!privacyService.Validate(currentSpaceUser.UserId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().VisitUserSpace()))
            {
                if (currentUser == null)
                {
                    if (filterContext.HttpContext.Request.IsAjaxRequest())
                    {
                        filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(false, SiteUrls.LoginModal._LoginInModal));
                    }
                    else
                    {
                        filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(true));
                    }
                }
                else
                {
                    filterContext.Result = new RedirectResult(SiteUrls.Instance().PrivacyHome(currentSpaceUser.UserName) /* 跳向无权访问页 */);
                }
                return;
            }

            //判断该用户是否有访问该空间的权限
            if (!RequireOwnerOrAdministrator)
            {
                return;
            }
            //匿名用户要求先登录跳转
            if (currentUser == null)
            {
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(false, SiteUrls.LoginModal._LoginInModal));
                }
                else
                {
                    filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(true));
                }
                return;
            }

            if (currentSpaceUser.UserId == currentUser.UserId)
            {
                //if (currentUser.IsBanned)
                //{
                //    IAuthenticationService authenticationService = DIContainer.ResolvePerHttpRequest<IAuthenticationService>();
                //    authenticationService.SignOut();
                //    filterContext.Result = new RedirectResult(SiteUrls.Instance().SystemMessage(filterContext.Controller.TempData, new SystemMessageViewModel
                //      {
                //          Title = "帐号被封禁!",
                //          Body = "由于您的非法操作,您的帐号已被封禁,如有疑问,请联系管理员",
                //          StatusMessageType = StatusMessageType.Error
                //      }));
                //}
                return;
            }
            if (currentUser.IsInRoles(RoleNames.Instance().SuperAdministrator(), RoleNames.Instance().ContentAdministrator()))
            {
                return;
            }
            filterContext.Result = new RedirectResult(SiteUrls.Instance().SystemMessage(filterContext.Controller.TempData, new SystemMessageViewModel
            {
                Title             = "无权访问",
                Body              = "您无权访问此页面,只有空间主人或管理员才能访问",
                StatusMessageType = StatusMessageType.Hint
            }) /* 跳向无权访问页 */);
        }