private bool UserIsUnlimited()
{
User user = _webHelper.GetCurrentUser(ControllerContext.HttpContext);
if (_webHelper.IsInRole(user, "Administrators") || _webHelper.IsInRole(user, "Moderators"))
{
return(true);
}
return(false);
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
IPrincipal user = httpContext.User;
if (!user.Identity.IsAuthenticated)
{
return(false);
}
string[] usersSplit = SplitString(Users);
if (usersSplit.Length > 0 && !usersSplit.Contains(user.Identity.Name, StringComparer.OrdinalIgnoreCase))
{
return(false);
}
string[] rolesSplit = SplitString(Roles);
if (rolesSplit.Length == 0)
{
return(true);
}
User dbUser = _webHelper.GetCurrentUser(httpContext);
return(_webHelper.IsInRole(dbUser, rolesSplit));
}
public ActionResult Details(int id)
{
Poll poll = _pollService.GetPollById(id);
if (poll == null || !poll.IsActive)
{
return(EntityNotFoundView());
}
User user = _webHelper.GetCurrentUser(HttpContext);
string ipAddress = ObjectFactory.GetInstance <IWebHelper>().GetIpAddress();
ViewBag.IsAlreadyVoted = _pollService.AlreadyVoted(user != null ? user.UserName : ipAddress, poll.Id);
return(ViewOrPartialView(poll));
}
//[ValidateAntiForgeryToken]
public ActionResult Upload(HttpPostedFileBase upload, string CKEditorFuncNum, string CKEditor, string langCode)
{
string url;
string message;
string output;
if (upload == null)
{
return(null);
}
const string extensions =
".7z|.aiff|.asf|.avi|.bmp|.csv|.doc|.docx|.fla|.flv|.gif|.gz|.gzip|.jpeg|.jpg|.mid|.mov|.mp3|.mp4|.mpc|.mpeg|.mpg|.ods|.odt|.pdf|.png|.ppt|.pxd|.qt|.ram|.rar|.rm|.rmi|.rmvb|.rtf|.sdc|.sitd|.swf|.sxc|.sxw|.tar|.tgz|.tif|.tiff|.txt|.vsd|.wav|.wma|.wmv|.xls|.xml|.zip";
if (upload.ContentLength == 0 || upload.ContentLength > 1000000 ||
extensions.Split('|').All(e => e != Path.GetExtension(upload.FileName)) ||
!UploadUtilities.IsValidImageBinary(upload.InputStream))
{
message = ValidationResources.SelectedFileIsInvalid;
output = BuildOutput(CKEditorFuncNum, null, message);
return(Content(output));
}
var file = new File
{
Uploader = _webHelper.GetCurrentUser(HttpContext),
AccessMode = AccessMode.Any,
CreateDate = DateTime.UtcNow,
Name = upload.FileName,
ContentType = upload.ContentType,
Size = upload.ContentLength,
IsPublished = true
};
_fileService.SaveFile(file);
bool isSaved;
try
{
isSaved = _unitOfWork.SaveChanges() > 0;
}
catch
{
isSaved = false;
}
if (isSaved)
{
Logger.SaveLog(new CreateFileProvider(file));
string targetPath = Server.MapPath(Constants.UploadsUrl);
UploadUtilities.Save(upload, targetPath, file.Guid.ToString());
url = Url.RouteUrl("Download", new { file.Guid, fn = file.Name });
message = ValidationResources.UploadFileSuccess;
output = BuildOutput(CKEditorFuncNum, url, message);
return(Content(output));
}
message = ValidationResources.UploadFileFailure;
output = BuildOutput(CKEditorFuncNum, null, message);
return(Content(output));
}
public ActionResult Details(int id, string slug, string title, string body)
{
Content page = _contentService.GetContentById(id);
if (page == null || !page.IsPublished ||
new[] { ContentType.Pages, ContentType.Menu, }.All(ct => ct == page.Type))
{
return(NotFoundView());
}
if (slug != null && page.Metadata.SeoSlug != slug)
{
return(NotFoundView());
}
return(ViewOrPartialView(page));
var comment = new Comment
{
Title = title,
Body = body,
CommentDateTicks = DateTime.Now.Ticks,
CommentorIp = ObjectFactory.GetInstance <IWebHelper>().GetIpAddress(),
Owner = page
};
if (Request.IsAuthenticated)
{
comment.Commentor = _webHelper.GetCurrentUser(ControllerContext.HttpContext);
}
TryUpdateModel(comment, new[] { "Title", "Body" });
if (!TryValidateModel(comment))
{
ModelState.AddModelError("",
ValidationResources.InvalidState);
ViewBag.Comment = comment;
return(ViewOrPartialView(page));
}
comment.IsApproved = _webHelper.IsInRole(comment.Commentor, "Administrators", "Moderatos");
_commentService.SaveComment(comment);
bool isSaved;
try
{
isSaved = _unitOfWork.SaveChanges() > 0;
}
catch
{
isSaved = false;
}
if (isSaved)
{
Logger.SaveLog(new CreateCommentProvider(comment));
}
else
{
ModelState.AddModelError("", ValidationResources.CommentSubmissionFailure);
ViewBag.Comment = comment;
return(ViewOrPartialView(page));
}
TempData["CommentSubmitted"] = true;
return(RedirectToAction("Details", new { page.Id, slug = page.Metadata.SeoSlug }));
}
