public ActionResult Comment(MicroblogCommentEditModel model)
{
string message = string.Empty;
if (ModelState.HasBannedWord(out message))
{
return(Json(new StatusMessageData(StatusMessageType.Error, message)));
}
IUser currentUser = UserContext.CurrentUser;
long userId = microblogService.Get(model.CommentedObjectId).UserId;
//被评论用户的隐私判断
if (!privacyService.Validate(userId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().Comment()))
{
return(Json(new StatusMessageData(StatusMessageType.Hint, "该用户不允许你评论他的内容!")));
}
CommentService commentService = new CommentService();
if (model.IsValidate)
{
Comment comment = model.AsComment();
if (comment.ParentId != 0)
{
Comment parentComment = commentService.Get(comment.ParentId);
if (parentComment != null)
{
comment.IsPrivate = parentComment.IsPrivate ? true : comment.IsPrivate;
}
}
if (commentService.Create(comment))
{
if (model.CommentOriginalAuthor)
{
MicroblogEntity entity = microblogService.Get(comment.CommentedObjectId);
if (entity != null)
{
Comment originalAuthorComment = model.AsComment();
entity = entity.OriginalMicroblog;
if (entity != null)
{
originalAuthorComment.ToUserId = entity.UserId;
originalAuthorComment.ToUserDisplayName = entity.User.DisplayName;
originalAuthorComment.CommentedObjectId = entity.MicroblogId;
commentService.Create(originalAuthorComment);
}
}
}
if (model.ForwardMicrobo)
{
MicroblogEntity microblogEntity = microblogService.Get(model.CommentedObjectId);
if (microblogEntity != null)
{
MicroblogEntity microblog = MicroblogEntity.New();
microblog.Body = "转发微博";
microblog.Author = currentUser.DisplayName;
microblog.UserId = currentUser.UserId;
microblog.OwnerId = currentUser.UserId;
microblog.TenantTypeId = TenantTypeIds.Instance().User();
microblog.ForwardedMicroblogId = microblogEntity.MicroblogId;
microblog.OriginalMicroblogId = microblogEntity.OriginalMicroblogId > 0 ? microblogEntity.OriginalMicroblogId : microblog.ForwardedMicroblogId;
long toUserId = microblog.UserId;
MicroblogEntity entity = microblogService.Get(microblog.OriginalMicroblogId);
long toOriginalUserId = entity == null ? 0 : entity.UserId;
microblogService.Forward(microblog, false, false, toUserId, toOriginalUserId);
}
}
return(Json(new { commentid = comment.Id }));
}
}
WebUtility.SetStatusCodeForError(Response);
return(Json(new StatusMessageData(StatusMessageType.Error, "创建留言失败了!")));
}
public ActionResult _Invite(string spaceKey, string userIds, string remark)
{
StatusMessageData message = null;
string unInviteFriendNames = string.Empty;
GroupEntity group = groupService.Get(spaceKey);
if (group == null)
{
return(Json(new StatusMessageData(StatusMessageType.Error, "找不到群组!")));
}
//在显示时做了判断
//已修改
IUser currentUser = UserContext.CurrentUser;
List <long> couldBeInvetedUserIds = new List <long>();
//被邀请人的隐私设置
IEnumerable <long> inviteUserIds = Request.Form.Gets <long>("userIds", null);
int count = 0;
foreach (long inviteUserId in inviteUserIds)
{
if (!privacyService.Validate(inviteUserId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().Invitation()))
{
User user = userService.GetFullUser(inviteUserId);
unInviteFriendNames += user.DisplayName + ",";
}
else
{
count++;
couldBeInvetedUserIds.Add(inviteUserId);
}
}
if (currentUser == null)
{
return(Json(new StatusMessageData(StatusMessageType.Error, "您尚未登录!")));
}
if (!new Authorizer().Group_Invite(group))
{
return(Redirect(SiteUrls.Instance().SystemMessage(TempData, new SystemMessageViewModel
{
Body = "没有邀请好友的权限!",
Title = "没有权限",
StatusMessageType = StatusMessageType.Error
})));
}
if (!string.IsNullOrEmpty(userIds))
{
//已修改
IEnumerable <long> ids = Request.Form.Gets <long>("userIds", null);
if (ids != null && ids.Count() > 0)
{
groupService.SendInvitations(group, currentUser, remark, couldBeInvetedUserIds);
if (count < ids.Count())
{
message = new StatusMessageData(StatusMessageType.Hint, "共有" + count + "个好友邀请成功," + unInviteFriendNames.Substring(0, unInviteFriendNames.Count() - 1) + "不能被邀请!");
}
else
{
message = new StatusMessageData(StatusMessageType.Success, "邀请好友成功!");
}
}
else
{
message = new StatusMessageData(StatusMessageType.Hint, "您尚未选择好友!");
}
}
return(Json(message));
}
private void AuthorizeCore(AuthorizationContext filterContext)
{
string spaceKey = UserContext.CurrentSpaceKey(filterContext);
if (string.IsNullOrEmpty(spaceKey))
{
filterContext.Result = new HttpNotFoundResult();
return;
}
IUserService userService = DIContainer.Resolve <IUserService>();
User currentSpaceUser = userService.GetFullUser(spaceKey);
if (currentSpaceUser == null)
{
filterContext.Result = new HttpNotFoundResult();
return;
}
IUser currentUser = UserContext.CurrentUser;
//判断空间访问隐私
PrivacyService privacyService = new PrivacyService();
if (!privacyService.Validate(currentSpaceUser.UserId, currentUser != null ? currentUser.UserId : 0, PrivacyItemKeys.Instance().VisitUserSpace()))
{
if (currentUser == null)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(false, SiteUrls.LoginModal._LoginInModal));
}
else
{
filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(true));
}
}
else
{
filterContext.Result = new RedirectResult(SiteUrls.Instance().PrivacyHome(currentSpaceUser.UserName) /* 跳向无权访问页 */);
}
return;
}
//判断该用户是否有访问该空间的权限
if (!RequireOwnerOrAdministrator)
{
return;
}
//匿名用户要求先登录跳转
if (currentUser == null)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(false, SiteUrls.LoginModal._LoginInModal));
}
else
{
filterContext.Result = new RedirectResult(SiteUrls.Instance().Login(true));
}
return;
}
if (currentSpaceUser.UserId == currentUser.UserId)
{
//if (currentUser.IsBanned)
//{
// IAuthenticationService authenticationService = DIContainer.ResolvePerHttpRequest<IAuthenticationService>();
// authenticationService.SignOut();
// filterContext.Result = new RedirectResult(SiteUrls.Instance().SystemMessage(filterContext.Controller.TempData, new SystemMessageViewModel
// {
// Title = "帐号被封禁!",
// Body = "由于您的非法操作,您的帐号已被封禁,如有疑问,请联系管理员",
// StatusMessageType = StatusMessageType.Error
// }));
//}
return;
}
if (currentUser.IsInRoles(RoleNames.Instance().SuperAdministrator(), RoleNames.Instance().ContentAdministrator()))
{
return;
}
filterContext.Result = new RedirectResult(SiteUrls.Instance().SystemMessage(filterContext.Controller.TempData, new SystemMessageViewModel
{
Title = "无权访问",
Body = "您无权访问此页面,只有空间主人或管理员才能访问",
StatusMessageType = StatusMessageType.Hint
}) /* 跳向无权访问页 */);
}