private static string UpdateComment(XmlDocument doc, IGraffitiUser user)
{
int id = Int32.Parse(doc.SelectSingleNode("/comment").Attributes["id"].Value);
Comment comment = new Comment(id);
if (comment.IsNew)
{
throw new Exception("Comment with id " + id + " does not exist. The REST API only supports updating existing comments at this time.");
}
XmlNode node = doc.SelectSingleNode("/comment");
comment.Body = GetNodeValue(node.SelectSingleNode("body"), comment.Body);
comment.Name = GetNodeValue(node.SelectSingleNode("name"), comment.Name);
comment.IsPublished = GetNodeValue(node.SelectSingleNode("isPublished"), comment.IsPublished);
comment.IsDeleted = GetNodeValue(node.SelectSingleNode("isDeleted"), comment.IsDeleted);
comment.SpamScore = GetNodeValue(node.SelectSingleNode("spamScore"), comment.SpamScore);
comment.Email = GetNodeValue(node.SelectSingleNode("email"), comment.Email);
comment.WebSite = GetNodeValue(node.SelectSingleNode("webSite"), comment.WebSite);
if (!RolePermissionManager.GetPermissions(comment.Post.CategoryId, user).Edit)
{
throw new Exception("You do not have sufficient privileges to update this comment.");
}
comment.Save(GraffitiUsers.Current.Name);
return("<result id=\"" + id + "\">true</result>");
}
protected void EditRoles_Save(object sender, EventArgs e)
{
string roleName = DecodeFromQS("role");
bool isCategoryPermissions = false;
RolePermissionManager.ClearPermissionsForRole(roleName);
foreach (RepeaterItem ri in CategoryList.Items)
{
HiddenField cat = ri.FindControl("categoryId") as HiddenField;
CheckBox read = ri.FindControl("readRoleCatPermission") as CheckBox;
CheckBox edit = ri.FindControl("editRoleCatPermission") as CheckBox;
CheckBox publish = ri.FindControl("publishRoleCatPermission") as CheckBox;
if (read != null && edit != null && publish != null)
{
if (read.Checked || edit.Checked || publish.Checked)
{
isCategoryPermissions = true;
GraffitiUsers.AddUpdateRole(roleName, Convert.ToInt32(cat.Value), read.Checked, edit.Checked, publish.Checked);
}
}
}
if (!isCategoryPermissions)
{
GraffitiUsers.AddUpdateRole(roleName, readRolePermission.Checked, editRolePermission.Checked, publishRolePermission.Checked);
}
else
{
GraffitiUsers.AddUpdateRole(roleName, false, false, false);
}
Response.Redirect(string.Format("~/graffiti-admin/user-management/roles/?roleSaved={0}", HttpUtility.UrlEncode(HttpUtility.HtmlEncode(roleName))));
}
private void SetDefaultFormValues(bool isAdmin)
{
EnableComments.Checked = CommentSettings.Get().EnableCommentsDefault;
featuresiteRegion.Visible = isAdmin;
featuredCategoryRegion.Visible = isAdmin;
if (isAdmin ||
RolePermissionManager.GetPermissions(Int32.Parse(CategoryList.SelectedValue), GraffitiUsers.Current).Publish)
{
PublishStatus.Items.Add(new ListItem("Published", "1"));
}
PublishStatus.Items.Add(new ListItem("Draft", "2"));
PublishStatus.Items.Add(new ListItem("Request Approval", "3"));
if (isAdmin)
{
PublishStatus.Items.Add(new ListItem("Requires Changes", "4"));
}
PublishDate.DateTime = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet);
}
private void CreateUpdateDeletePost(XmlTextWriter writer, IGraffitiUser user)
{
XmlDocument doc = new XmlDocument();
doc.Load(Request.InputStream);
if (Request.Headers["Graffiti-Method"] != "DELETE")
{
writer.WriteRaw(CreateUpdatePost(doc, user));
}
else
{
XmlAttribute postidAttribute = doc.SelectSingleNode("/post").Attributes["id"];
int pid = Int32.Parse(postidAttribute.Value);
Post p = new Post(pid);
Permission perm = RolePermissionManager.GetPermissions(p.CategoryId, user);
if (GraffitiUsers.IsAdmin(user) || perm.Publish)
{
writer.WriteRaw(DeletePost(doc));
}
else
{
UnuathorizedRequest();
}
}
}
public PermissionItemsController(ApplicationDbContext context,
PermissionItemManager permissionItemManager,
RolePermissionManager rolePermissionManager,
PermissionOrganizationManager permissionOrganizationManager,
PermissionExpansionManager permissionExpansionManager)
{
_context = context;
_permissionItemManager = permissionItemManager;
_rolePermissionManager = rolePermissionManager;
_permissionOrganizationManager = permissionOrganizationManager;
_permissionExpansionManager = permissionExpansionManager;
}
public RoleinfoController(ApplicationDbContext context,
RoleManager <Roles> roleManager,
RolePermissionManager rolePermissionManager,
PermissionExpansionManager permissionExpansionManager,
ExtendUserManager <Users> extendUserManager
)
{
_context = context;
_roleManager = roleManager;
_extendUserManager = extendUserManager;
_rolePermissionManager = rolePermissionManager;
_permissionExpansionManager = permissionExpansionManager;
}
protected void CategoryList_OnItemDataBound(object sender, RepeaterItemEventArgs e)
{
string roleName = DecodeFromQS("role");
Category category = e.Item.DataItem as Category;
HiddenField cat = e.Item.FindControl("categoryId") as HiddenField;
Label categoryName = e.Item.FindControl("categoryName") as Label;
if (cat != null && category != null)
{
cat.Value = category.Id.ToString();
}
if (categoryName != null && category != null)
{
categoryName.Text = category.ParentId > 0 ? category.Parent.Name + " - " + category.Name : category.Name;
}
CheckBox read = e.Item.FindControl("readRoleCatPermission") as CheckBox;
CheckBox edit = e.Item.FindControl("editRoleCatPermission") as CheckBox;
CheckBox publish = e.Item.FindControl("publishRoleCatPermission") as CheckBox;
if (read != null && edit != null && publish != null)
{
SetupTogglePermissionsScript(read, edit, publish, read, "read");
SetupTogglePermissionsScript(read, edit, publish, edit, "edit");
SetupTogglePermissionsScript(read, edit, publish, publish, "publish");
RoleCategoryPermissionsCollection rpc = RolePermissionManager.GetRoleCategoryPermissions();
RoleCategoryPermissions rp = rpc.Find(
delegate(RoleCategoryPermissions rcper)
{
return(rcper.RoleName.ToLower() == roleName.ToLower() &&
rcper.CategoryId == category.Id);
});
if (rp != null)
{
read.Checked = rp.HasRead;
edit.Checked = rp.HasEdit;
publish.Checked = rp.HasPublish;
}
}
}
private static string DeleteComment(XmlDocument doc, IGraffitiUser user)
{
int id = Int32.Parse(doc.SelectSingleNode("/comment").Attributes["id"].Value);
Comment comment = new Comment(id);
if (comment.IsNew)
{
throw new Exception("Comment with id " + id + " does not exist");
}
if (!RolePermissionManager.GetPermissions(comment.Post.CategoryId, user).Publish)
{
throw new Exception("You do not have sufficient privileges to delete this comment.");
}
Comment.Delete(id);
return("<result id=\"" + id + "\">deleted</result>");
}
public ApplicationController(ApplicationManager applicationManager,
ApplicationDbContext context,
RoleManager <Roles> roleManager,
PermissionItemManager permissionItemManager,
PermissionOrganizationManager permissionOrganizationManager,
RolePermissionManager rolePermissionManager,
PermissionExpansionManager permissionExpansionManager,
RoleApplicationManager roleApplicationManager,
UserManager <Users> userManager)
{
_applicationManager = applicationManager;
_userManager = userManager;
_roleManager = roleManager;
_Context = context;
_permissionItemManager = permissionItemManager;
_permissionOrganizationManager = permissionOrganizationManager;
_rolePermissionManager = rolePermissionManager;
_permissionExpansionManager = permissionExpansionManager;
_roleApplicationManager = roleApplicationManager;
}
private void ProcessCategoryDropdownList(CategoryController cc, bool isAdmin, Category uncategorized)
{
if (!IsPostBack || Request.Form[CategoryList.UniqueID] != CategoryList.SelectedValue)
{
CategoryCollection categories = cc.GetTopLevelCachedCategories();
CategoryList.Items.Clear();
foreach (Category parent in categories)
{
if (RolePermissionManager.GetPermissions(parent.Id, GraffitiUsers.Current).Edit)
{
CategoryList.Items.Add(new ListItem(Server.HtmlDecode(parent.Name), parent.Id.ToString()));
}
foreach (Category child in parent.Children)
{
if (RolePermissionManager.GetPermissions(child.Id, GraffitiUsers.Current).Edit)
{
CategoryList.Items.Add(new ListItem("--" + Server.HtmlDecode(child.Name), child.Id.ToString()));
}
}
}
if (RolePermissionManager.GetPermissions(uncategorized.Id, GraffitiUsers.Current).Edit)
{
CategoryList.Items.Add(new ListItem(uncategorized.Name, uncategorized.Id.ToString()));
}
if (isAdmin)
{
CategoryList.Items.Add(new ListItem("[Add New Category]", "-1"));
}
if (IsPostBack)
{
CategoryList.SelectedValue = Request.Form[CategoryList.UniqueID];
}
}
}
protected void CreateRole_Click(object sender, EventArgs e)
{
string encodedRoleName = HttpUtility.HtmlEncode(txtRoleName.Text);
if (RolePermissionManager.IsDuplicate(txtRoleName.Text))
{
Message.Text = string.Format("The role <strong>{0}</strong> already exists.", encodedRoleName);
Message.Type = StatusType.Error;
return;
}
if (txtRoleName.Text == "gAdmin")
{
Message.Text = string.Format("The role <strong>{0}</strong> is a reserved Graffiti Role and cannot be used.", encodedRoleName);
Message.Type = StatusType.Error;
return;
}
GraffitiUsers.AddUpdateRole(txtRoleName.Text, read.Checked, edit.Checked, publish.Checked);
Response.Redirect(string.Format("~/graffiti-admin/user-management/roles/?role={0}&new=true", HttpUtility.UrlEncode(encodedRoleName)));
}
public RolePermissionsController(ApplicationDbContext context,
RoleManager <Roles> roleManager,
ExtendUserManager <Users> extendUserManager,
RolePermissionManager rolePermissionManager,
PermissionItemManager permissionItemManager,
OrganizationsManager organizationsManager,
OrganizationExpansionManager organizationExpansionManager,
PermissionExpansionManager permissionExpansionManager,
PermissionOrganizationManager permissionOrganizationManager,
OpenIddictApplicationManager <OpenIddictApplication> applicationManager)
{
_context = context;
_roleManager = roleManager;
_extendUserManager = extendUserManager;
_rolePermissionManager = rolePermissionManager;
_permissionItemManager = permissionItemManager;
_organizationsManager = organizationsManager;
_organizationExpansionManager = organizationExpansionManager;
_permissionOrganizationManager = permissionOrganizationManager;
_applicationManager = applicationManager;
_permissionExpansionManager = permissionExpansionManager;
}
private static string CreateUpdatePost(XmlDocument doc, IGraffitiUser user)
{
Post post = null;
XmlAttribute postidAttribute = doc.SelectSingleNode("/post").Attributes["id"];
if (postidAttribute == null)
{
post = new Post();
}
else
{
int pid = Int32.Parse(postidAttribute.Value);
if (pid > 0)
{
post = new Post(pid);
}
else
{
post = new Post();
}
}
XmlNode node = doc.SelectSingleNode("/post");
if (GraffitiUsers.IsUserInRole(user.Name, GraffitiUsers.AdminRole))
{
XmlNode usernameNode = node.SelectSingleNode("author");
if (usernameNode != null && !string.IsNullOrEmpty(usernameNode.Value))
{
post.UserName = GraffitiUsers.GetUser(usernameNode.Value).Name;
}
}
if (string.IsNullOrEmpty(post.UserName) && post.IsNew)
{
post.UserName = user.Name;
}
post.PostBody = GetNodeValue(node.SelectSingleNode("postBody"), null);
if (string.IsNullOrEmpty(post.PostBody))
{
throw new RESTConflict("The Post body element is missing and is required");
}
post.CategoryId = GetNodeValue(node.SelectSingleNode("categoryId"), -1);
if (post.CategoryId <= 0)
{
throw new RESTConflict("The category element is missing (or has an invalid value) and is required");
}
post.Title = GetNodeValue(node.SelectSingleNode("title"), null);
if (string.IsNullOrEmpty(post.Title))
{
throw new RESTConflict("The title element is missing and is required");
}
post.ExtendedBody = GetNodeValue(node.SelectSingleNode("extendedBody"), null);
XmlNode publishedDateNode = node.SelectSingleNode("publishedDate");
if (publishedDateNode != null && !string.IsNullOrEmpty(publishedDateNode.InnerText) &&
DateTime.Parse(publishedDateNode.InnerText) > new DateTime(2000, 1, 1))
{
post.Published = DateTime.Parse(publishedDateNode.InnerText);
}
else if (post.IsNew)
{
post.Published = SiteSettings.CurrentUserTime;
}
post.Name = GetNodeValue(node.SelectSingleNode("name"), post.Name);
post.Status = GetNodeValue(node.SelectSingleNode("status"), post.IsNew ? (int)PostStatus.Draft : post.Status);
post.TagList = GetNodeValue(node.SelectSingleNode("tags"), null);
post.ContentType = GetNodeValue(node.SelectSingleNode("contenttype"), null);
post.SortOrder = GetNodeValue(node.SelectSingleNode("sortOrder"), post.SortOrder);
post.HomeSortOrder = GetNodeValue(node.SelectSingleNode("homeSortOrder"), post.HomeSortOrder);
post.MetaDescription = GetNodeValue(node.SelectSingleNode("metaDescription"), post.MetaDescription);
post.MetaKeywords = GetNodeValue(node.SelectSingleNode("metaKeywords"), post.MetaKeywords);
post.IsHome = GetNodeValue(node.SelectSingleNode("isHome"), post.IsHome);
post.EnableComments = GetNodeValue(node.SelectSingleNode("enableComments"), post.EnableComments);
XmlNodeList customFields = node.SelectNodes("customFields/customField");
foreach (XmlNode cNode in customFields)
{
post[cNode.Attributes["key"].Value] = cNode.InnerText;
}
Permission perm = RolePermissionManager.GetPermissions(post.CategoryId, user);
if (GraffitiUsers.IsAdmin(user) || perm.Publish)
{
post.IsDeleted = GetNodeValue(node.SelectSingleNode("isDeleted"), post.IsDeleted);
}
int id =
PostRevisionManager.CommitPost(post, user, SiteSettings.Get().FeaturedId == post.Id,
post.Category.FeaturedId == post.Id);
return(string.Format("<result id=\"{0}\">true</result>", id));
}
protected void PostList_OnItemCreated(object sender, RepeaterItemEventArgs e)
{
if (e.Item.ItemType == ListItemType.AlternatingItem || e.Item.ItemType == ListItemType.Item)
{
Literal control = (Literal)e.Item.FindControl("cssclass");
Literal counts = (Literal)e.Item.FindControl("CommentCounts");
PlaceHolder pnlDelete = (PlaceHolder)e.Item.FindControl("delete");
Post p = (Post)e.Item.DataItem;
if (p != null)
{
if (RolePermissionManager.GetPermissions(p.CategoryId, GraffitiUsers.Current).Publish)
{
pnlDelete.Visible = true;
}
else
{
pnlDelete.Visible = false;
}
if (control != null)
{
control.Text = IsAltRow(e.Item.ItemIndex, p.Id);
}
if (counts != null)
{
counts.Text = "";
if (p.CommentCount > 0)
{
counts.Text += "<a href=\"" + ResolveUrl("~/graffiti-admin/comments/") + "?pid=" + p.Id + "\">";
if (p.CommentCount == 1)
{
counts.Text += "1 comment published";
}
else
{
counts.Text += p.CommentCount + " comments published";
}
counts.Text += "</a><br />";
}
if (p.PendingCommentCount > 0)
{
counts.Text += "<a style=\"color: #9d0a0e;\" href=\"" + ResolveUrl("~/graffiti-admin/comments/") + "?a=f&pid=" +
p.Id + "\">";
if (p.PendingCommentCount == 1)
{
counts.Text += "1 comment not published";
}
else
{
counts.Text += p.PendingCommentCount + " comments not published";
}
counts.Text += "</a>";
}
if (p.CommentCount == 0 && p.PendingCommentCount == 0)
{
counts.Text += "No comments";
}
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request.QueryString["id"] != null)
{
Post the_Post = new Post(Request.QueryString["id"]);
switch (the_Post.PostStatus)
{
case PostStatus.Publish:
if (the_Post.Published > SiteSettings.CurrentUserTime)
{
PostUpdateStatus.Text = "The post, <em>"<a title=\"click to view the post\" href=\"" + the_Post.Url +
"\">" + the_Post.Title +
"</a>"</em>, was published. However, since this is a forward dated post, only site administrators can view it until " +
the_Post.Published.ToLongDateString() + " " + the_Post.Published.ToShortTimeString();
}
else
{
PostUpdateStatus.Text = "The post, <em>"<a title=\"click to view the post\" href=\"" + the_Post.Url +
"\">" + the_Post.Title +
"</a>"</em>, was published. If this was a revision, the new version is now live.";
}
PostUpdateStatus.Type = StatusType.Success;
break;
case PostStatus.Draft:
PostUpdateStatus.Text = "The post, <em>"" + the_Post.Title +
""</em>, was saved as a draft.";
PostUpdateStatus.Type = StatusType.Success;
break;
case PostStatus.PendingApproval:
PostUpdateStatus.Text = "The post, <em>"" + the_Post.Title +
""</em>, was saved, but requires approval before it can be published. The site editors and publishers have been notified by email about this post. Once they publish it, you will be able to view it live.";
PostUpdateStatus.Type = StatusType.Warning;
break;
case PostStatus.RequiresChanges:
PostUpdateStatus.Text = "The post, <em>"" + the_Post.Title +
""</em>, was saved. An email has been sent to the original author with the change notification. You will receive an email once the author sets the post status to <em>Request Approval</em>.";
PostUpdateStatus.Type = StatusType.Warning;
break;
}
}
if (!IsPostBack)
{
string page = Request.QueryString["status"] ?? "1";
string category = Request.QueryString["category"];
string author = Request.QueryString["author"];
Master.FindControl("SideBarRegion").Visible = true;
List <AuthorCount> auts = null;
switch (page)
{
case "1": // published
PostsLinks.SetActiveView(Published);
cats = Post.GetCategoryCountForStatus(PostStatus.Publish, author);
auts = Post.GetAuthorCountForStatus(PostStatus.Publish, category);
break;
case "2": // draft
PostsLinks.SetActiveView(Draft);
cats = Post.GetCategoryCountForStatus(PostStatus.Draft, author);
auts = Post.GetAuthorCountForStatus(PostStatus.Draft, category);
break;
case "3": // pending review
PostsLinks.SetActiveView(PendingReview);
cats = Post.GetCategoryCountForStatus(PostStatus.PendingApproval, author);
auts = Post.GetAuthorCountForStatus(PostStatus.PendingApproval, category);
break;
case "4": // requires changes
PostsLinks.SetActiveView(RequiresChanges);
cats = Post.GetCategoryCountForStatus(PostStatus.RequiresChanges, author);
auts = Post.GetAuthorCountForStatus(PostStatus.RequiresChanges, category);
break;
case "-1": // deleted
PostsLinks.SetActiveView(Deleted);
Master.FindControl("SideBarRegion").Visible = false;
break;
}
if (auts != null)
{
rptAuthors.DataSource = auts;
rptAuthors.DataBind();
}
if (cats != null)
{
var temp = new List <CategoryCount>();
temp.AddRange(cats.FindAll(
delegate(CategoryCount ca)
{
return(ca.ParentId <= 0); // only want the parents
// the repeater below will handle the children
}));
temp.Sort(
delegate(CategoryCount c, CategoryCount c1) { return(c.Name.CompareTo(c1.Name)); });
rptCategories.DataSource = temp;
var toRemove = new List <CategoryCount>();
foreach (CategoryCount cc in temp)
{
if (!RolePermissionManager.GetPermissions(cc.ID, GraffitiUsers.Current).Read)
{
toRemove.Add(cc);
}
}
foreach (CategoryCount cc in toRemove)
{
temp.Remove(cc);
}
rptCategories.DataBind();
}
User user = null;
if (!String.IsNullOrEmpty(author))
{
user = new User(Convert.ToInt32(author));
author = user.Name;
}
Query q = Post.CreateQuery();
if (Request.QueryString["category"] != null && Request.QueryString["category"] != "-1")
{
q.AndWhere(Post.Columns.CategoryId, Request.QueryString["category"]);
}
if (!String.IsNullOrEmpty(author))
{
q.AndWhere(Post.Columns.CreatedBy, author);
}
if (Request.QueryString["status"] == "-1")
{
q.AndWhere(Post.Columns.IsDeleted, true);
}
else
{
q.AndWhere(Post.Columns.IsDeleted, false);
q.AndWhere(Post.Columns.Status, Request.QueryString["status"] ?? "1");
}
q.OrderByDesc(Post.Columns.Published);
PostCollection tempPC = new PostCollection();
tempPC.LoadAndCloseReader(q.ExecuteReader());
PostCollection permissionsFilteredCount = new PostCollection();
permissionsFilteredCount.AddRange(tempPC);
foreach (Post p in tempPC)
{
if (!RolePermissionManager.GetPermissions(p.CategoryId, GraffitiUsers.Current).Read)
{
permissionsFilteredCount.Remove(p);
}
}
q.PageSize = 15;
q.PageIndex = Int32.Parse(Request.QueryString["p"] ?? "1");
PostCollection pc = new PostCollection();
pc.LoadAndCloseReader(q.ExecuteReader());
PostList.NoneItemsDataBound += PostList_NoneItemsDataBound;
PostCollection permissionsFiltered = new PostCollection();
permissionsFiltered.AddRange(pc);
foreach (Post p in pc)
{
if (!RolePermissionManager.GetPermissions(p.CategoryId, GraffitiUsers.Current).Read)
{
permissionsFiltered.Remove(p);
}
}
PostList.DataSource = permissionsFiltered;
PostList.DataBind();
string catID = Request.QueryString["category"] ?? "0";
string autID = Request.QueryString["author"] ?? "0";
if (pc.Count > 0)
{
string qs = "?status=" + page;
if (catID != "0")
{
qs += "&category=" + catID;
}
if (autID != "0")
{
qs += "&author=" + autID;
}
Pager.Text = Util.Pager(q.PageIndex, q.PageSize, permissionsFilteredCount.Count, null, qs);
}
SetCounts(Int32.Parse(catID));
#region build the page title
StringBuilder sb = new StringBuilder();
sb.Append("Posts ");
switch (page)
{
case "1":
sb.Append("Published ");
break;
case "2":
sb.Append("Drafted ");
break;
case "3":
sb.Append("Pending Review ");
break;
case "4":
sb.Append("Requiring Changes ");
break;
case "5":
sb.Append("Deleted ");
break;
}
sb.Append("in ");
if (Request.QueryString["category"] != null)
{
CategoryCollection categories = new CategoryController().GetAllCachedCategories();
Category temp = categories.Find(
delegate(Category c) { return(c.Id == Int32.Parse(Request.QueryString["category"])); });
if (temp != null)
{
sb.Append(temp.Name);
}
}
else
{
sb.Append("All Categories");
}
if (!String.IsNullOrEmpty(author))
{
sb.Append(" for " + user.ProperName);
}
lblPageTitle.Text = sb.ToString();
#endregion
if (Request.QueryString["dstry"] != null)
{
PostUpdateStatus.Text = Server.UrlDecode(Request.QueryString["dstry"]) +
" has been permanently deleted.";
PostUpdateStatus.Type = StatusType.Success;
}
}
}
public void ProcessRequest(HttpContext context)
{
if (context.Request.RequestType != "POST" || !context.Request.IsAuthenticated)
{
return;
}
IGraffitiUser user = GraffitiUsers.Current;
if (user == null)
{
return;
}
if (!RolePermissionManager.CanViewControlPanel(user))
{
return;
}
context.Response.ContentType = "text/plain";
switch (context.Request.QueryString["command"])
{
case "deleteComment":
Comment c = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment.Delete(context.Request.Form["commentid"]);
context.Response.Write("success");
}
break;
case "deleteCommentWithStatus":
Comment c1 = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c1.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment.Delete(context.Request.Form["commentid"]);
context.Response.Write("The comment was deleted. <a href=\"javascript:void(0);\" onclick=\"Comments.unDelete('" +
new Urls().AdminAjax + "'," + context.Request.Form["commentid"] +
"); return false;\">Undo?</a>");
}
break;
case "unDelete":
Comment c2 = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c2.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment comment = new Comment(context.Request.Form["commentid"]);
comment.IsDeleted = false;
comment.Save();
context.Response.Write("The comment was un-deleted. You may need to refresh the page to see it");
}
break;
case "approve":
Comment c3 = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c3.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment cmt = new Comment(context.Request.Form["commentid"]);
cmt.IsDeleted = false;
cmt.IsPublished = true;
cmt.Save();
context.Response.Write("The comment was un-deleted and/or approved. You may need to refresh the page to see it");
}
break;
case "deletePost":
try
{
Post postToDelete = new Post(context.Request.Form["postid"]);
Permission perm = RolePermissionManager.GetPermissions(postToDelete.CategoryId, user);
if (GraffitiUsers.IsAdmin(user) || perm.Publish)
{
postToDelete.IsDeleted = true;
postToDelete.Save(user.Name, DateTime.Now);
//Post.Delete(context.Request.Form["postid"]);
//ZCache.RemoveByPattern("Posts-");
//ZCache.RemoveCache("Post-" + context.Request.Form["postid"]);
context.Response.Write("The post was deleted. <a href=\"javascript:void(0);\" onclick=\"Posts.unDeletePost('" +
new Urls().AdminAjax + "'," + context.Request.Form["postid"] +
"); return false;\">Undo?</a>");
}
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "unDeletePost":
Post p = new Post(context.Request.Form["postid"]);
p.IsDeleted = false;
p.Save();
//ZCache.RemoveByPattern("Posts-");
//ZCache.RemoveCache("Post-" + context.Request.Form["postid"]);
//context.Response.Write("The post was un-deleted. You may need to fresh the page to see it");
break;
case "permanentDeletePost":
Post tempPost = new Post(context.Request.Form["postid"]);
Post.DestroyDeletedPost(tempPost.Id);
context.Response.Write(tempPost.Title);
break;
case "createdWidget":
string widgetID = context.Request.Form["id"];
var the_widgets = Widgets.GetAvailableWidgets();
Widget widget = null;
foreach (WidgetDescription wia in the_widgets)
{
if (wia.UniqueId == widgetID)
{
widget = Widgets.Create(wia.WidgetType);
break;
}
}
context.Response.Write(widget.Id.ToString());
break;
case "updateWidgetsOrder":
try
{
string listID = context.Request.Form["id"];
string list = "&" + context.Request.Form["list"];
Widgets.ReOrder(listID, list);
//StreamWriter sw = new StreamWriter(context.Server.MapPath("~/widgets.txt"), true);
//sw.WriteLine(DateTime.Now);
//sw.WriteLine();
//sw.WriteLine(context.Request.Form["left"]);
//sw.WriteLine(context.Request.Form["right"]);
//sw.WriteLine(context.Request.Form["queue"]);
//sw.WriteLine();
//sw.Close();
context.Response.Write("Saved!");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "deleteWidget":
string deleteID = context.Request.Form["id"];
Widgets.Delete(deleteID);
context.Response.Write("The widget was removed!");
break;
case "createTextLink":
DynamicNavigationItem di = new DynamicNavigationItem();
di.NavigationType = DynamicNavigationType.Link;
di.Text = context.Request.Form["text"];
di.Href = context.Request.Form["href"];
di.Id = Guid.NewGuid();
NavigationSettings.Add(di);
context.Response.Write(di.Id);
break;
case "deleteTextLink":
Guid g = new Guid(context.Request.Form["id"]);
NavigationSettings.Remove(g);
context.Response.Write("Success");
break;
case "reOrderNavigation":
try
{
string navItems = "&" + context.Request.Form["navItems"];
NavigationSettings.ReOrder(navItems);
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "addNavigationItem":
try
{
if (context.Request.Form["type"] == "Post")
{
Post navPost = Post.FetchByColumn(Post.Columns.UniqueId, new Guid(context.Request.Form["id"]));
DynamicNavigationItem item = new DynamicNavigationItem();
item.PostId = navPost.Id;
item.Id = navPost.UniqueId;
item.NavigationType = DynamicNavigationType.Post;
NavigationSettings.Add(item);
context.Response.Write("Success");
}
else if (context.Request.Form["type"] == "Category")
{
Category navCategory = Category.FetchByColumn(Category.Columns.UniqueId, new Guid(context.Request.Form["id"]));
DynamicNavigationItem item = new DynamicNavigationItem();
item.CategoryId = navCategory.Id;
item.Id = navCategory.UniqueId;
item.NavigationType = DynamicNavigationType.Category;
NavigationSettings.Add(item);
context.Response.Write("Success");
}
}
catch (Exception exp)
{
context.Response.Write(exp.Message);
}
break;
case "reOrderPosts":
try
{
var posts = new Dictionary <int, Post>();
Query query = Post.CreateQuery();
query.AndWhere(Post.Columns.CategoryId, int.Parse(context.Request.QueryString["id"]));
foreach (Post post in PostCollection.FetchByQuery(query))
{
posts[post.Id] = post;
}
string postOrder = context.Request.Form["posts"];
int orderNumber = 1;
foreach (string sId in postOrder.Split('&'))
{
Post post = null;
posts.TryGetValue(int.Parse(sId), out post);
if (post != null && post.SortOrder != orderNumber)
{
post.SortOrder = orderNumber;
post.Save();
}
orderNumber++;
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "reOrderHomePosts":
try
{
var posts = new Dictionary <int, Post>();
Query query = Post.CreateQuery();
query.AndWhere(Post.Columns.IsHome, true);
foreach (Post post in PostCollection.FetchByQuery(query))
{
posts[post.Id] = post;
}
string postOrder = context.Request.Form["posts"];
int orderNumber = 1;
foreach (string sId in postOrder.Split('&'))
{
Post post = null;
posts.TryGetValue(int.Parse(sId), out post);
if (post != null && post.HomeSortOrder != orderNumber)
{
post.HomeSortOrder = orderNumber;
post.Save();
}
orderNumber++;
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "categoryForm":
int selectedCategory = int.Parse(context.Request.QueryString["category"] ?? "-1");
int postId = int.Parse(context.Request.QueryString["post"] ?? "-1");
NameValueCollection nvcCustomFields;
if (postId > 0)
{
nvcCustomFields = new Post(postId).CustomFields();
}
else
{
nvcCustomFields = new NameValueCollection();
}
CustomFormSettings cfs = CustomFormSettings.Get(selectedCategory);
if (cfs.HasFields)
{
foreach (CustomField cf in cfs.Fields)
{
if (context.Request.Form[cf.Id.ToString()] != null)
{
nvcCustomFields[cf.Name] = context.Request.Form[cf.Id.ToString()];
}
}
context.Response.Write(cfs.GetHtmlForm(nvcCustomFields, (postId < 1)));
}
else
{
context.Response.Write("");
}
break;
case "toggleEventStatus":
try
{
EventDetails ed = Events.GetEvent(context.Request.QueryString["t"]);
ed.Enabled = !ed.Enabled;
if (ed.Enabled)
{
ed.Event.EventEnabled();
}
else
{
ed.Event.EventDisabled();
}
Events.Save(ed);
context.Response.Write(ed.Enabled ? "Enabled" : "Disabled");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "buildMainFeed":
try
{
FileInfo mainFeedFileInfo = new FileInfo(HttpContext.Current.Server.MapPath("~/Feed/Default.aspx"));
if (!mainFeedFileInfo.Directory.Exists)
{
mainFeedFileInfo.Directory.Create();
}
using (StreamWriter sw = new StreamWriter(mainFeedFileInfo.FullName, false))
{
sw.WriteLine("<%@ Page Language=\"C#\" Inherits=\"Graffiti.Core.RSS\" %>");
sw.Close();
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
return;
}
break;
case "removeFeedData":
try
{
FeedManager.RemoveFeedData();
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "buildCategoryPages":
try
{
CategoryCollection cc = new CategoryController().GetCachedCategories();
foreach (Category cat in cc)
{
cat.WritePages();
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
return;
}
break;
case "buildPages":
try
{
Query q = Post.CreateQuery();
q.PageIndex = Int32.Parse(context.Request.Form["p"]);
q.PageSize = 20;
q.OrderByDesc(Post.Columns.Id);
PostCollection pc = PostCollection.FetchByQuery(q);
if (pc.Count > 0)
{
foreach (Post postToWrite in pc)
{
postToWrite.WritePages();
foreach (string tagName in Util.ConvertStringToList(postToWrite.TagList))
{
if (!string.IsNullOrEmpty(tagName))
{
Tag.WritePage(tagName);
}
}
}
context.Response.Write("Next");
}
else
{
context.Response.Write("Success");
}
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
return;
}
break;
case "importPosts":
try
{
Post newPost = new Post();
newPost.Title = HttpContext.Current.Server.HtmlDecode(context.Request.Form["subject"]);
string postName = HttpContext.Current.Server.HtmlDecode(context.Request.Form["name"]);
PostCollection pc = new PostCollection();
if (!String.IsNullOrEmpty(postName))
{
Query q = Post.CreateQuery();
q.AndWhere(Post.Columns.Name, Util.CleanForUrl(postName));
pc.LoadAndCloseReader(q.ExecuteReader());
}
if (pc.Count > 0)
{
newPost.Name = "[RENAME ME - " + Guid.NewGuid().ToString().Substring(0, 7) + "]";
newPost.Status = (int)PostStatus.Draft;
}
else if (String.IsNullOrEmpty(postName))
{
newPost.Name = "[RENAME ME - " + Guid.NewGuid().ToString().Substring(0, 7) + "]";
newPost.Status = (int)PostStatus.Draft;
}
else
{
newPost.Name = postName;
newPost.Status = (int)PostStatus.Publish;
}
if (String.IsNullOrEmpty(newPost.Title))
{
newPost.Title = newPost.Name;
}
newPost.PostBody = HttpContext.Current.Server.HtmlDecode(context.Request.Form["body"]);
newPost.CreatedOn = Convert.ToDateTime(context.Request.Form["createdon"]);
newPost.CreatedBy = context.Request.Form["author"];
newPost.ModifiedBy = context.Request.Form["author"];
newPost.TagList = context.Request.Form["tags"];
newPost.ContentType = "text/html";
newPost.CategoryId = Convert.ToInt32(context.Request.Form["category"]);
newPost.UserName = context.Request.Form["author"];
newPost.EnableComments = true;
newPost.Published = Convert.ToDateTime(context.Request.Form["createdon"]);
newPost.IsPublished = Convert.ToBoolean(context.Request.Form["published"]);
// this was causing too many posts to be in draft status.
// updated text on migrator to flag users to just move their content/binary directory
// into graffiti's root
//if (context.Request.Form["method"] == "dasBlog")
//{
// if (newPost.Body.ToLower().Contains("/content/binary/"))
// newPost.Status = (int)PostStatus.Draft;
//}
newPost.Save(GraffitiUsers.Current.Name);
int postid = Convert.ToInt32(context.Request.Form["postid"]);
IMigrateFrom temp = null;
switch (context.Request.Form["method"])
{
case "CS2007Database":
CS2007Database db = new CS2007Database();
temp = db;
break;
case "Wordpress":
Wordpress wp = new Wordpress();
temp = wp;
break;
case "BlogML":
BlogML bml = new BlogML();
temp = bml;
break;
case "CS21Database":
CS21Database csDb = new CS21Database();
temp = csDb;
break;
case "dasBlog":
dasBlog dasb = new dasBlog();
temp = dasb;
break;
}
var comments = temp.GetComments(postid);
foreach (MigratorComment cmnt in comments)
{
Comment ct = new Comment();
ct.PostId = newPost.Id;
ct.Body = cmnt.Body;
ct.Published = cmnt.PublishedOn;
ct.IPAddress = cmnt.IPAddress;
ct.WebSite = cmnt.WebSite;
ct.Email = string.IsNullOrEmpty(cmnt.Email) ? "" : cmnt.Email;
ct.Name = string.IsNullOrEmpty(cmnt.UserName) ? "" : cmnt.UserName;
ct.IsPublished = cmnt.IsPublished;
ct.IsTrackback = cmnt.IsTrackback;
ct.SpamScore = cmnt.SpamScore;
ct.DontSendEmail = true;
ct.DontChangeUser = true;
ct.Save();
Comment ctemp = new Comment(ct.Id);
ctemp.DontSendEmail = true;
ctemp.DontChangeUser = true;
ctemp.Body = HttpContext.Current.Server.HtmlDecode(ctemp.Body);
ctemp.Save();
}
if (newPost.Status == (int)PostStatus.Publish)
{
context.Response.Write("Success" + context.Request.Form["panel"]);
}
else
{
context.Response.Write("Warning" + context.Request.Form["panel"]);
}
}
catch (Exception ex)
{
context.Response.Write(context.Request.Form["panel"] + ":" + ex.Message);
}
break;
case "saveHomeSortStatus":
SiteSettings siteSettings = SiteSettings.Get();
siteSettings.UseCustomHomeList = bool.Parse(context.Request.Form["ic"]);
siteSettings.Save();
context.Response.Write("Success");
break;
case "checkCategoryPermission":
try
{
int catID = Int32.Parse(context.Request.QueryString["category"]);
string permissionName = context.Request.QueryString["permission"];
Permission perm = RolePermissionManager.GetPermissions(catID, user);
bool permissionResult = false;
switch (permissionName)
{
case "Publish":
permissionResult = perm.Publish;
break;
case "Read":
permissionResult = perm.Read;
break;
case "Edit":
permissionResult = perm.Edit;
break;
}
context.Response.Write(permissionResult.ToString().ToLower());
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
}
}
protected void Page_Load(object sender, EventArgs e)
{
LiHyperLink.SetNameToCompare(Context, "UserManagement");
string role = DecodeFromQS("role");
if (!Page.IsPostBack)
{
SetupTogglePermissionsScript(read, edit, publish, read, "read");
SetupTogglePermissionsScript(read, edit, publish, edit, "edit");
SetupTogglePermissionsScript(read, edit, publish, publish, "publish");
SetupTogglePermissionsScript(readRolePermission, editRolePermission, publishRolePermission, readRolePermission, "read");
SetupTogglePermissionsScript(readRolePermission, editRolePermission, publishRolePermission, editRolePermission, "edit");
SetupTogglePermissionsScript(readRolePermission, editRolePermission, publishRolePermission, publishRolePermission, "publish");
if (!String.IsNullOrEmpty(role))
{
RolePermissionsCollection rpc = RolePermissionManager.GetRolePermissions();
RolePermissions rp = rpc.Find(
delegate(RolePermissions rper)
{
return(rper.RoleName.ToLower() == role.ToLower());
});
if (rp != null)
{
readRolePermission.Checked = rp.HasRead;
editRolePermission.Checked = rp.HasEdit;
publishRolePermission.Checked = rp.HasPublish;
}
}
}
if (role != null)
{
string encodedRoleName = HttpUtility.HtmlEncode(role);
if (!IsPostBack)
{
if (Request.QueryString["new"] != null)
{
Message.Text = string.Format("The role <strong>{0}</strong> was created.", encodedRoleName);
Message.Type = StatusType.Success;
}
litExistingRoleName.Text = encodedRoleName;
PageText.Text = "Update " + encodedRoleName;
CategoryList.DataSource = new CategoryController().GetAllCachedCategories();
CategoryList.DataBind();
}
new_role_container.Visible = false;
Role_List.Visible = false;
role_edit_form.Visible = true;
}
else
{
if (!Page.IsPostBack)
{
RolePermissionsCollection rps = RolePermissionManager.GetRolePermissions();
rps.Sort(delegate(RolePermissions rp1, RolePermissions rp2)
{
return(Comparer <string> .Default.Compare(rp1.RoleName, rp2.RoleName));
});
// move everyone to the top
RolePermissionsCollection rpss = new RolePermissionsCollection();
foreach (RolePermissions rp in rps)
{
if (rp.RoleName == GraffitiUsers.EveryoneRole)
{
rpss.Insert(0, rp);
}
}
foreach (RolePermissions rp in rps)
{
if (rp.RoleName != GraffitiUsers.EveryoneRole)
{
rpss.Add(rp);
}
}
Role_List.DataSource = rpss;
Role_List.DataBind();
if (Request.QueryString["roleSaved"] != null)
{
string roleSaved = HttpUtility.UrlDecode(Request.QueryString["roleSaved"]);
Message.Text = string.Format("The role <strong>{0}</strong> was updated.", roleSaved);
Message.Type = StatusType.Success;
}
}
new_role_container.Visible = true;
role_edit_form.Visible = false;
Role_List.Visible = true;
}
}
protected void Page_Load(object sender, EventArgs e)
{
LiHyperLink.SetNameToCompare(Context, "UserManagement");
IGraffitiUser currentUser = GraffitiUsers.Current;
if (Request.QueryString["user"] != null)
{
if (!IsPostBack)
{
user = GraffitiUsers.GetUser(Request.QueryString["user"]);
if (user == null)
{
throw new Exception("This user does not exist or cannot be edited.");
}
if (!GraffitiUsers.IsAdmin(currentUser) && user.Name != currentUser.Name)
{
throw new SecurityException("You do not have permission to edit this user");
}
if (Request.QueryString["new"] != null && !IsPostBack)
{
Message.Text = "The user <strong>" + user.Name + "</strong> was created.";
Message.Type = StatusType.Success;
}
PageText.Text = "Update " + user.ProperName + "'s profile.";
AdminUserLinks.Visible = true;
PasswordLink.NavigateUrl = string.Format("~/graffiti-admin/user-management/users/changepassword.aspx?user={0}", Request.QueryString["user"]);
if (GraffitiUsers.CanRenameUsers && GraffitiUsers.IsAdmin(GraffitiUsers.Current))
{
AdminUserLinksDelim.Visible = true;
RenameLink.Visible = true;
RenameLink.NavigateUrl = string.Format("javascript:Telligent_Modal.Open('RenameUser.aspx?user={0}', 400, 200, null);", Request.QueryString["user"]);
}
txtExistingUserName.Text = Server.HtmlDecode(user.Name);
txtProperName.Text = Server.HtmlDecode(user.ProperName);
txtExistingEmail.Text = user.Email;
txtAvatar.Text = user.Avatar;
Editor.Text = user.Bio;
txtWebsite.Text = string.IsNullOrEmpty(user.WebSite)
? new Macros().FullUrl(new Urls().Home)
: Server.HtmlEncode(user.WebSite);
bool isAdmin = GraffitiUsers.IsUserInRole(GraffitiUsers.Current.Name, GraffitiUsers.AdminRole);
role_section.Visible = isAdmin;
AllRoles.Visible = isAdmin;
if (!isAdmin)
{
Cancel_Edit.NavigateUrl = "~/graffiti-admin/";
}
if (isAdmin)
{
RolePermissionsCollection rp = RolePermissionManager.GetRolePermissions();
RolePermissionsCollection newrp = new RolePermissionsCollection();
newrp.AddRange(rp);
RolePermissions temp = newrp.Find(delegate(RolePermissions r)
{
return(r.RoleName == GraffitiUsers.EveryoneRole);
});
if (temp != null)
{
newrp.Remove(temp);
}
newrp.Sort(delegate(RolePermissions rp1, RolePermissions rp2)
{
return(Comparer <string> .Default.Compare(rp1.RoleName, rp2.RoleName));
});
Roles.DataSource = newrp;
Roles.DataBind();
foreach (string role in user.Roles)
{
if (role == GraffitiUsers.AdminRole)
{
chkAdmin.Checked = true;
if (GraffitiUsers.Current.Name == user.Name)
{
chkAdmin.Enabled = false;
}
}
}
}
}
new_user_container.Visible = false;
User_List.Visible = false;
user_edit_form.Visible = true;
}
else
{
if (!GraffitiUsers.IsUserInRole(currentUser.Name, GraffitiUsers.AdminRole))
{
Response.Redirect("?user="******"*");
User_List.DataSource = users;
User_List.DataBind();
// filter out everyone if they are not a content publisher for licensing
List <IGraffitiUser> filteredUsers = new List <IGraffitiUser>();
filteredUsers.AddRange(users);
bool isEveryonePublisher = RolePermissionManager.IsEveryoneAContentPublisher();
if (!isEveryonePublisher)
{
foreach (IGraffitiUser user in users)
{
if (user.Roles != null && user.Roles[0] == GraffitiUsers.EveryoneRole)
{
filteredUsers.Remove(user);
}
}
}
}
}
private void BuildPage()
{
if (Request.QueryString["id"] == null)
{
//CommentCollection cc = new CommentCollection();
Query q = Comment.CreateQuery();
if (!(Request.QueryString["a"] == "d"))
{
q.AndWhere(Comment.Columns.IsPublished, !(Request.QueryString["a"] == "f"));
}
q.AndWhere(Comment.Columns.IsDeleted, (Request.QueryString["a"] == "d"));
if (!String.IsNullOrEmpty(Request.QueryString["pid"]))
{
q.AndWhere(Comment.Columns.PostId, Request.QueryString["pid"]);
}
q.OrderByDesc(Comment.Columns.Id);
CommentCollection tempCC = CommentCollection.FetchByQuery(q);
CommentCollection permissionsFilteredCount = new CommentCollection();
permissionsFilteredCount.AddRange(tempCC);
foreach (Comment c in tempCC)
{
if (!RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Read)
{
permissionsFilteredCount.Remove(c);
}
}
q.PageIndex = Int32.Parse(Request.QueryString["p"] ?? "1");
q.PageSize = 25;
CommentCollection cc = CommentCollection.FetchByQuery(q);
CommentCollection permissionsFiltered = new CommentCollection();
permissionsFiltered.AddRange(cc);
foreach (Comment c in cc)
{
if (!RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Read)
{
permissionsFiltered.Remove(c);
}
}
CommentList.DataSource = permissionsFiltered;
CommentList.DataBind();
string qs = Request.QueryString["a"] != null ? "?a=" + Request.QueryString["a"] : "?a=t";
Pager.Text = Util.Pager(q.PageIndex, q.PageSize, permissionsFilteredCount.Count, "navigation", qs);
if (Request.QueryString["a"] == "f")
{
CommentLinks.SetActiveView(PendingComments);
}
else if (Request.QueryString["a"] == "d")
{
CommentLinks.SetActiveView(DeletedComments);
}
}
else
{
the_Views.SetActiveView(Comment_Form);
Comment comment = new Comment(Request.QueryString["id"]);
if (comment.IsNew)
{
throw new Exception("Invalid Comment Id");
}
txtName.Text = Server.HtmlDecode(comment.Name);
txtSite.Text = comment.WebSite;
txtEmail.Text = comment.Email;
CommentEditor.Text = comment.Body;
}
#region build the page title
StringBuilder sb = new StringBuilder();
string page = Request.QueryString["a"] ?? "t";
switch (page)
{
case "t":
sb.Append("Published ");
break;
case "f":
sb.Append("Pending ");
break;
case "d":
sb.Append("Deleted ");
break;
}
sb.Append(" Comments");
lblPageTitle.Text = sb.ToString();
string post = Request.QueryString["pid"];
if (!String.IsNullOrEmpty(post))
{
Post p = new Post(Convert.ToInt32(post));
lblPageTitle.Text += " for \"" + p.Name + "\"";
}
#endregion
}
protected void CommentList_OnItemCreated(object sender, RepeaterItemEventArgs e)
{
if (e.Item.ItemType == ListItemType.Header)
{
PlaceHolder bulkApprove = (PlaceHolder)e.Item.FindControl("bulkApprove");
PlaceHolder bulkDelete = (PlaceHolder)e.Item.FindControl("bulkDelete");
PlaceHolder bulkUndelete = (PlaceHolder)e.Item.FindControl("bulkUndelete");
// hide everything for now
bulkApprove.Visible = false;
bulkDelete.Visible = false;
bulkUndelete.Visible = false;
string page = Request.QueryString["a"] ?? "t";
if (!String.IsNullOrEmpty(page))
{
switch (page)
{
case "t": // published
bulkDelete.Visible = true;
break;
case "f": // pending
bulkApprove.Visible = true;
bulkDelete.Visible = true;
break;
case "d": // bulkDeleted
bulkUndelete.Visible = true;
break;
}
}
else
{
bulkDelete.Visible = true;
}
}
if (e.Item.ItemType == ListItemType.AlternatingItem || e.Item.ItemType == ListItemType.Item)
{
if (e.Item.DataItem == null)
{
return;
}
Literal control = (Literal)e.Item.FindControl("cssclass");
if (control != null)
{
control.Text = IsAltRow(e.Item.ItemIndex);
}
HiddenField hf = (HiddenField)e.Item.FindControl("CommentID");
if (hf != null)
{
hf.Value = (((Comment)e.Item.DataItem).Id.ToString());
}
PlaceHolder edit = (PlaceHolder)e.Item.FindControl("edit");
PlaceHolder approve = (PlaceHolder)e.Item.FindControl("approve");
PlaceHolder delete = (PlaceHolder)e.Item.FindControl("delete");
PlaceHolder undelete = (PlaceHolder)e.Item.FindControl("undelete");
// just to set them bold or not...
//Literal EditBold = (Literal)edit.FindControl("EditBold");
//Literal ApproveBold = (Literal)approve.FindControl("ApproveBold");
Label pipe1 = (Label)e.Item.FindControl("pipe1");
Label pipe2 = (Label)e.Item.FindControl("pipe2");
// hide everything for now
edit.Visible = false;
approve.Visible = false;
delete.Visible = false;
undelete.Visible = false;
pipe1.Visible = false;
pipe2.Visible = false;
string page = Request.QueryString["a"] ?? "t";
Comment c = (Comment)e.Item.DataItem;
if (!String.IsNullOrEmpty(page))
{
switch (page)
{
case "t": // published
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Edit)
{
edit.Visible = true;
}
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
//EditBold.Visible = true;
pipe1.Visible = true;
delete.Visible = true;
}
break;
case "f": // pending
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Edit)
{
edit.Visible = true;
}
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
pipe1.Visible = true;
approve.Visible = true;
//ApproveBold.Visible = true;
pipe2.Visible = true;
delete.Visible = true;
}
break;
case "d": // deleted
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
undelete.Visible = true;
}
break;
}
}
else
{
// published is default tab
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Edit)
{
edit.Visible = true;
}
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
pipe1.Visible = true;
delete.Visible = true;
}
}
if (!RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
CheckBox commentCheckbox = (CheckBox)e.Item.FindControl("CommentCheckbox");
commentCheckbox.Visible = false;
}
}
}
