private bool UserIsUnlimited() { User user = _webHelper.GetCurrentUser(ControllerContext.HttpContext); if (_webHelper.IsInRole(user, "Administrators") || _webHelper.IsInRole(user, "Moderators")) { return(true); } return(false); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } IPrincipal user = httpContext.User; if (!user.Identity.IsAuthenticated) { return(false); } string[] usersSplit = SplitString(Users); if (usersSplit.Length > 0 && !usersSplit.Contains(user.Identity.Name, StringComparer.OrdinalIgnoreCase)) { return(false); } string[] rolesSplit = SplitString(Roles); if (rolesSplit.Length == 0) { return(true); } User dbUser = _webHelper.GetCurrentUser(httpContext); return(_webHelper.IsInRole(dbUser, rolesSplit)); }
public ActionResult Details(int id) { Poll poll = _pollService.GetPollById(id); if (poll == null || !poll.IsActive) { return(EntityNotFoundView()); } User user = _webHelper.GetCurrentUser(HttpContext); string ipAddress = ObjectFactory.GetInstance <IWebHelper>().GetIpAddress(); ViewBag.IsAlreadyVoted = _pollService.AlreadyVoted(user != null ? user.UserName : ipAddress, poll.Id); return(ViewOrPartialView(poll)); }
//[ValidateAntiForgeryToken] public ActionResult Upload(HttpPostedFileBase upload, string CKEditorFuncNum, string CKEditor, string langCode) { string url; string message; string output; if (upload == null) { return(null); } const string extensions = ".7z|.aiff|.asf|.avi|.bmp|.csv|.doc|.docx|.fla|.flv|.gif|.gz|.gzip|.jpeg|.jpg|.mid|.mov|.mp3|.mp4|.mpc|.mpeg|.mpg|.ods|.odt|.pdf|.png|.ppt|.pxd|.qt|.ram|.rar|.rm|.rmi|.rmvb|.rtf|.sdc|.sitd|.swf|.sxc|.sxw|.tar|.tgz|.tif|.tiff|.txt|.vsd|.wav|.wma|.wmv|.xls|.xml|.zip"; if (upload.ContentLength == 0 || upload.ContentLength > 1000000 || extensions.Split('|').All(e => e != Path.GetExtension(upload.FileName)) || !UploadUtilities.IsValidImageBinary(upload.InputStream)) { message = ValidationResources.SelectedFileIsInvalid; output = BuildOutput(CKEditorFuncNum, null, message); return(Content(output)); } var file = new File { Uploader = _webHelper.GetCurrentUser(HttpContext), AccessMode = AccessMode.Any, CreateDate = DateTime.UtcNow, Name = upload.FileName, ContentType = upload.ContentType, Size = upload.ContentLength, IsPublished = true }; _fileService.SaveFile(file); bool isSaved; try { isSaved = _unitOfWork.SaveChanges() > 0; } catch { isSaved = false; } if (isSaved) { Logger.SaveLog(new CreateFileProvider(file)); string targetPath = Server.MapPath(Constants.UploadsUrl); UploadUtilities.Save(upload, targetPath, file.Guid.ToString()); url = Url.RouteUrl("Download", new { file.Guid, fn = file.Name }); message = ValidationResources.UploadFileSuccess; output = BuildOutput(CKEditorFuncNum, url, message); return(Content(output)); } message = ValidationResources.UploadFileFailure; output = BuildOutput(CKEditorFuncNum, null, message); return(Content(output)); }
public ActionResult Details(int id, string slug, string title, string body) { Content page = _contentService.GetContentById(id); if (page == null || !page.IsPublished || new[] { ContentType.Pages, ContentType.Menu, }.All(ct => ct == page.Type)) { return(NotFoundView()); } if (slug != null && page.Metadata.SeoSlug != slug) { return(NotFoundView()); } return(ViewOrPartialView(page)); var comment = new Comment { Title = title, Body = body, CommentDateTicks = DateTime.Now.Ticks, CommentorIp = ObjectFactory.GetInstance <IWebHelper>().GetIpAddress(), Owner = page }; if (Request.IsAuthenticated) { comment.Commentor = _webHelper.GetCurrentUser(ControllerContext.HttpContext); } TryUpdateModel(comment, new[] { "Title", "Body" }); if (!TryValidateModel(comment)) { ModelState.AddModelError("", ValidationResources.InvalidState); ViewBag.Comment = comment; return(ViewOrPartialView(page)); } comment.IsApproved = _webHelper.IsInRole(comment.Commentor, "Administrators", "Moderatos"); _commentService.SaveComment(comment); bool isSaved; try { isSaved = _unitOfWork.SaveChanges() > 0; } catch { isSaved = false; } if (isSaved) { Logger.SaveLog(new CreateCommentProvider(comment)); } else { ModelState.AddModelError("", ValidationResources.CommentSubmissionFailure); ViewBag.Comment = comment; return(ViewOrPartialView(page)); } TempData["CommentSubmitted"] = true; return(RedirectToAction("Details", new { page.Id, slug = page.Metadata.SeoSlug })); }