public ActionResult Add(int earningID, bool earningIsAchievement, String text)
{
/* TODO:
* if(WebSecurity.CurrentUserId < 0) {
* return new HttpStatusCodeResult(401, "Custom Error Message 1"); // Unauthorized
* }*/
// Need text for a comment
if (String.IsNullOrWhiteSpace(text))
{
return(new HttpStatusCodeResult(406, "Invalid comment text")); // Invalid text
}
UnitOfWork work = new UnitOfWork();
// Are comments enabled, and can we access the earning?
user earningUser = null;
object template = null;
if (!CommentsEnabled(earningID, earningIsAchievement, work))
{
return(new HttpStatusCodeResult(403, "Comments currently disabled")); // Disabled comments
}
if (!UserCanAccessEarning(earningID, earningIsAchievement, work, out earningUser, out template))
{
return(new HttpStatusCodeResult(403, "Earning cannot be accessed")); // Invalid earning access
}
comment c = new comment()
{
date = DateTime.Now,
deleted = false,
last_modified_by_id = WebSecurity.CurrentUserId,
last_modified_date = null, // Not being modified, just created, so this is null
location_id = earningID,
location_type = earningIsAchievement ? (int)JPPConstants.CommentLocation.Achievement : (int)JPPConstants.CommentLocation.Quest,
text = text,
user_id = WebSecurity.CurrentUserId
};
// Access is validated, create comment
work.EntityContext.comment.Add(c);
// Get the current user's display name
user u = work.EntityContext.user.Find(WebSecurity.CurrentUserId);
//ID, Photo, Name, Text, PosterID, Deleted
// Send a notification
/*if (earningIsAchievement)
* {
* achievement_template a = template as achievement_template;
* work.SystemRepository.AddNotification(
* earningUser.id,
* WebSecurity.CurrentUserId,
* "[" + u.display_name + "] commented on [" + a.title + "]",
* u.image,
* new UrlHelper(Request.RequestContext).Action(
* "IndividualAchievement",
* "Achievements",
* new { id = a.id }
* ) + "#" + earningUser.id + "-" + earningID,
* false);
* }
* else
* {
* quest_template q = template as quest_template;
* work.SystemRepository.AddNotification(
* earningUser.id,
* WebSecurity.CurrentUserId,
* "[" + u.display_name + "] commented on [" + q.title + "]",
* u.image,
* new UrlHelper(Request.RequestContext).Action(
* "IndividualQuest",
* "Quests",
* new { id = q.id }
* ) + "#" + earningUser.id + "-" + earningID,
* false);
* }*/
// Success
work.SaveChanges();
EarningComment response = new EarningComment()
{
Deleted = false,
ID = c.id,
Text = c.text,
PlayerID = u.id,
DisplayName = u.display_name,
PlayerImage = u.image,
CommentDate = c.date,
CurrentUserCanEdit = true,
CurrentUserCanDelete = true
};
return(Json(response));
}
public ActionResult Delete(int commentID)
{
UnitOfWork work = new UnitOfWork();
// Grab the comment and check for edit capabilities
comment c = work.EntityContext.comment.Find(commentID);
// Is the current user the instance owner?
bool instanceOwner = false;
if (c.location_type == (int)JPPConstants.CommentLocation.Achievement)
{
instanceOwner = (from e in work.EntityContext.achievement_instance
where e.id == c.location_id && e.user_id == WebSecurity.CurrentUserId
select e).Any();
}
else if (c.location_type == (int)JPPConstants.CommentLocation.Quest)
{
instanceOwner = (from e in work.EntityContext.quest_instance
where e.id == c.location_id && e.user_id == WebSecurity.CurrentUserId
select e).Any();
}
// Instance owner, comment owner or admin?
if (!instanceOwner && c.user_id != WebSecurity.CurrentUserId && !Roles.IsUserInRole(JPPConstants.Roles.FullAdmin))
{
return(new HttpStatusCodeResult(406, "Invalid credentials")); // Invalid text
}
LoggerModel logCommentDelete = new LoggerModel()
{
Action = Logger.CommentBehaviorLogType.CommentDelete.ToString(),
UserID = WebSecurity.CurrentUserId,
IPAddress = Request.UserHostAddress,
TimeStamp = DateTime.Now,
ID1 = c.id,
IDType1 = Logger.LogIDType.Comment.ToString(),
Value1 = c.text
};
Logger.LogSingleEntry(logCommentDelete, work.EntityContext);
// Mark as deleted
c.deleted = true;
c.last_modified_by_id = WebSecurity.CurrentUserId;
c.last_modified_date = DateTime.Now;
work.SaveChanges();
// Get the current user's display name
user u = work.EntityContext.user.Find(WebSecurity.CurrentUserId);
EarningComment response = new EarningComment()
{
Deleted = true,
ID = c.id,
Text = JPPConstants.SiteSettings.DeletedCommentText + u.display_name,
PlayerID = c.last_modified_by_id,
DisplayName = null,
PlayerImage = null,
CurrentUserCanEdit = false,
CurrentUserCanDelete = false
};
return(Json(response)); // Success
}
