3355f9fed0
* asc.gif:
* desc.gif:
* style.css: moved to App_Themes
* style.css:
* bg.gif:
* asc.gif:
* bg.png:
* rect.png:
* asc.png:
* desc.gif:
* jquery-ui.css:
* mdd_styles.css:
* croix.png:
* desc.png:
* style.css:
* jquery-ui.min.css:
* mdd_gripper.png:
* mdd_toolbar.png:
* jquery.timepicker.css:
* mdd_ajax_loader.gif:
* mdd_modal_background.png: moved to /App_Themes
* NpgsqlBlogProvider.cs: * Remove post by id
* Manage collections of entries on a couple (user,title), not a single
post
* NpgsqlCircleProvider.cs: Fixes the "Match" method.
* IDbModule.cs:
* Edit.aspx:
* Estimates.aspx:
* WorkFlowManager.cs:
* NpgsqlContentProvider.cs: refactoring
* NpgsqlMRPProviders.csproj: new NpgsqlUserName provider
* NpgsqlRoleProvider.cs: simpler init method
* NpgsqlUserNameProvider.cs: impements a UserNameProvider
* MyClass.cs: refactoring from Yavsc.Model
* BlogsController.cs: access control simplified
* FrontOfficeController.cs: Pdf generation made public ni case of
formatting exception
* mdd_styles.css: Theme -> App_Themes
* style.css: yet another style impact
* AccountController.cs: Fixes the user name modification
* BlogsController.cs: * Fixes the removal process
* On a title and user name, we get collection of posts, not only one.
* Implements an Access on circle
* FrontOfficeController.cs: * implements a new Get method.
* ensure a membership existence before delivering an estimate.
* GoogleController.cs: Fixes the user name modification on a Google
account
* ErrorHtmlFormatter.cs: nice error message in html (using Markdown
helper)
* FormatterException.cs: formatter exception exposes error and
standard output of the process
* TexToPdfFormatter.cs: * generates temporary files in the folder
returned by Path.GetTempPath()
* throws FormatterException
* Global.asax.cs: new route map:
Blogs/{action}/{user}/{title}
Blog/{user}/{title}
B/{id}
{controller}/{action}/{id}
* App.master: * refactoring: Theme moved to App_Themes
* a link to the logged user's blog
*
* NoLogin.master: refactoring: Theme moved to App_Themes
* Circles.aspx: refactoring : circles now are given as select items
* Login.aspx: fixes the html presentation
* Register.aspx: Fixes a Typo
* Index.aspx: Implements a blog index, due to M&C changes with this
commit
* RemovePost.aspx: links to the new route to the "RemovePost" action,
giving it a post id
* RemoveTitle.aspx: fixes a not yet linked page to remove a post
collection under a given title
* EventPub.aspx: code refactoring
* Writting.ascx: cleans the code
* Web.config: fills the config with new names in the space
* Web.config: configures the new NpgsqlUserNameProvider
* Web.csproj: refactoring and others
* BlogEntryCollection.cs: implement the BlogEntryCollection
* BlogManager.cs: the manager helps to filter on access
* BlogProvider.cs: The title is not unique anymore, and one can modify
it, post a lot under it, drop all posts under it.
A Post is deleted by id.
* UUBlogEntryCollection.cs: implements a collection of post under a
given user name.
* UUTBlogEntryCollection.cs: implements a collection of post under a
given couple (user name, title).
* ListItem.cs: ListItem is declared obsolete in this model, helpers
can build MVC SelectListItem on data returned by the manager.
* LocalizedText.Designer.cs:
* LocalizedText.fr.Designer.cs: autogenerated from xml
* LocalizedText.resx:
* LocalizedText.fr.resx: new labels
* ChangeUserNameProvider.cs: xml doc
* Profile.cs: the UserName property is read only, and comes from
authentication, to change it, we set a Name and validate it agains
the "Profile" method
* UserManager.cs: simpler code a init time
* IContentProvider.cs: implements the new IDataProvider interface
* IDataProvider.cs: defines the new IDataProvider interface
* YavscModel.csproj: includes new classes
* UserPosts.aspx: adds a link to remove a post
* UserPost.aspx: now uses the new BlogEntryCollection object
315 lines
9.3 KiB
C#
315 lines
9.3 KiB
C#
using System;
|
|
using Yavsc.Model.Blogs;
|
|
using Yavsc.Model.RolesAndMembers;
|
|
using System.Web;
|
|
using System.Web.Security;
|
|
using Yavsc.Model.Circles;
|
|
using System.Web.Mvc;
|
|
using System.IO;
|
|
using System.Linq;
|
|
using System.Collections.Generic;
|
|
|
|
|
|
namespace Yavsc.Model.Blogs
|
|
{
|
|
/// <summary>
|
|
/// Blog manager.
|
|
/// </summary>
|
|
public static class BlogManager
|
|
{
|
|
/// <summary>
|
|
/// Removes the comment.
|
|
/// </summary>
|
|
/// <returns>The comment.</returns>
|
|
/// <param name="cmtid">Cmtid.</param>
|
|
public static long RemoveComment (long cmtid)
|
|
{
|
|
return Provider.RemoveComment (cmtid);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Comment the specified from, postid, content and visible.
|
|
/// </summary>
|
|
/// <param name="from">From.</param>
|
|
/// <param name="postid">Postid.</param>
|
|
/// <param name="content">Content.</param>
|
|
/// <param name="visible">If set to <c>true</c> visible.</param>
|
|
public static void Comment (string from, long postid, string content, bool visible)
|
|
{
|
|
provider.Comment (from, postid, content);
|
|
}
|
|
|
|
static BlogProvider provider;
|
|
|
|
/// <summary>
|
|
/// Gets the provider.
|
|
/// </summary>
|
|
/// <value>The provider.</value>
|
|
public static BlogProvider Provider {
|
|
get {
|
|
if (provider == null)
|
|
provider = BlogHelper.GetProvider ();
|
|
return provider;
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets the post.
|
|
/// </summary>
|
|
/// <returns>The post.</returns>
|
|
/// <param name="username">Username.</param>
|
|
/// <param name="title">Title.</param>
|
|
public static UUTBlogEntryCollection GetPost (string username, string title)
|
|
{
|
|
return Provider.GetPost (username, title);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets the post.
|
|
/// </summary>
|
|
/// <returns>The post.</returns>
|
|
/// <param name="postid">Postid.</param>
|
|
public static BlogEntry GetPost (long postid)
|
|
{
|
|
return Provider.GetPost (postid);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Post the specified username, title, content and visible.
|
|
/// </summary>
|
|
/// <param name="username">Username.</param>
|
|
/// <param name="title">Title.</param>
|
|
/// <param name="content">Content.</param>
|
|
/// <param name="visible">If set to <c>true</c> visible.</param>
|
|
/// <param name="cids">sets the circles.</param>
|
|
public static long Post (string username, string title, string content, bool visible, long[] cids)
|
|
{
|
|
return Provider.Post (username, title, content, visible, cids);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Updates the post.
|
|
/// </summary>
|
|
/// <param name="postid">Postid.</param>
|
|
/// <param name="title">Title.</param>
|
|
/// <param name="content">Content.</param>
|
|
/// <param name="visible">If set to <c>true</c> visible.</param>
|
|
/// <param name="cids">sets the circles.</param>
|
|
public static void UpdatePost (long postid, string title, string content, bool visible, long[] cids)
|
|
{
|
|
Provider.UpdatePost (postid, title, content, visible, cids);
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Finds the post.
|
|
/// </summary>
|
|
/// <returns>The post.</returns>
|
|
/// <param name="readersName">Readers name.</param>
|
|
/// <param name="pattern">Pattern.</param>
|
|
/// <param name="searchflags">Searchflags.</param>
|
|
/// <param name="pageIndex">Page index.</param>
|
|
/// <param name="pageSize">Page size.</param>
|
|
/// <param name="totalRecords">Total records.</param>
|
|
public static BlogEntryCollection FindPost (string readersName, string pattern, FindBlogEntryFlags searchflags, int pageIndex, int pageSize, out int totalRecords)
|
|
{
|
|
return Provider.FindPost (readersName, pattern, searchflags, pageIndex, pageSize, out totalRecords);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Removes the post.
|
|
/// </summary>
|
|
/// <param name="post_id">Post identifier.</param>
|
|
public static void RemovePost (long post_id)
|
|
{
|
|
Provider.RemovePost (post_id);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Removes the post.
|
|
/// </summary>
|
|
/// <param name="username">Username.</param>
|
|
/// <param name="title">Title.</param>
|
|
public static void RemoveTitle (string username, string title)
|
|
{
|
|
if (!Roles.IsUserInRole ("Admin")) {
|
|
string rguser = Membership.GetUser ().UserName;
|
|
if (rguser != username) {
|
|
throw new AccessViolationException (
|
|
string.Format (
|
|
"{1}, Vous n'avez pas le droit de suprimer les Blogs de {0}",
|
|
username, rguser));
|
|
}
|
|
}
|
|
Provider.RemoveTitle (username, title);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Lasts the posts.
|
|
/// </summary>
|
|
/// <returns>The posts.</returns>
|
|
/// <param name="pageIndex">Page index.</param>
|
|
/// <param name="pageSize">Page size.</param>
|
|
/// <param name="totalRecords">Total records.</param>
|
|
public static IEnumerable<BlogEntry> LastPosts (int pageIndex, int pageSize, out int totalRecords)
|
|
{
|
|
var c = Provider.LastPosts (pageIndex, pageSize, out totalRecords);
|
|
return FilterOnReadAccess (c);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets the comments.
|
|
/// </summary>
|
|
/// <returns>The comments.</returns>
|
|
/// <param name="postid">Postid.</param>
|
|
/// <param name="getHidden">If set to <c>true</c> get hidden.</param>
|
|
public static Comment[] GetComments (long postid, bool getHidden = true)
|
|
{
|
|
return Provider.GetComments (postid, getHidden);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Tag the specified post by postid.
|
|
/// </summary>
|
|
/// <param name="postid">Postid.</param>
|
|
/// <param name="tag">Tag.</param>
|
|
/// <returns>The tag identifier</returns>
|
|
public static long Tag (long postid, string tag)
|
|
{
|
|
return Provider.Tag (postid, tag);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Checks the auth can edit.
|
|
/// </summary>
|
|
/// <returns><c>true</c>, if can edit was authed, <c>false</c> otherwise.</returns>
|
|
/// <param name="user">User.</param>
|
|
/// <param name="title">Title.</param>
|
|
/// <param name="throwEx">If set to <c>true</c> throw ex.</param>
|
|
public static bool CheckAuthCanEdit (string user, string title, bool throwEx = true)
|
|
{
|
|
BlogEntryCollection bec = BlogManager.GetPost (user, title);
|
|
if (bec == null)
|
|
throw new FileNotFoundException ();
|
|
if (!Roles.IsUserInRole ("Admin"))
|
|
if (bec.Count > 0)
|
|
if (Membership.GetUser ().UserName != user) {
|
|
if (throwEx)
|
|
throw new AccessViolationException (
|
|
string.Format (
|
|
"Vous n'avez pas le droit d'editer ce blog (title:{0})",
|
|
title));
|
|
else
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Checks the auth can edit.
|
|
/// </summary>
|
|
/// <returns><c>true</c>, if auth can edit was checked, <c>false</c> otherwise.</returns>
|
|
/// <param name="postid">Postid.</param>
|
|
/// <param name="throwEx">If set to <c>true</c> throw ex.</param>
|
|
public static BlogEntry GetForEditing (long postid, bool throwEx = true)
|
|
{
|
|
BlogEntry e = BlogManager.GetPost (postid);
|
|
if (e == null)
|
|
throw new PostNotFoundException ();
|
|
if (!Roles.IsUserInRole ("Admin")) {
|
|
string rguser = Membership.GetUser ().UserName;
|
|
if (rguser != e.UserName) {
|
|
if (throwEx)
|
|
throw new AccessViolationException (
|
|
string.Format (
|
|
"Vous n'avez pas le droit d'editer ce billet (id:{0})",
|
|
e.Id));
|
|
else
|
|
return null;
|
|
|
|
}
|
|
}
|
|
return e;
|
|
}
|
|
|
|
private static bool CanView (BlogEntry e, MembershipUser u = null)
|
|
{
|
|
if (e.AllowedCircles != null && e.AllowedCircles.Length > 0) {
|
|
// only deliver to admins, owner, or specified circle memebers
|
|
if (u == null)
|
|
return false;
|
|
if (u.UserName != e.UserName)
|
|
if (!Roles.IsUserInRole (u.UserName, "Admin"))
|
|
{
|
|
if (!e.Visible)
|
|
return false;
|
|
if (!CircleManager.DefaultProvider.Matches (e.AllowedCircles, u.UserName))
|
|
return false;
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
/// <summary>
|
|
/// Checks the auth can read.
|
|
/// </summary>
|
|
/// <returns><c>true</c>, if auth can read was checked, <c>false</c> otherwise.</returns>
|
|
/// <param name="postid">Postid.</param>
|
|
/// <param name="throwEx">If set to <c>true</c> throw ex.</param>
|
|
public static BlogEntry GetForReading (long postid, bool throwEx = true)
|
|
{
|
|
BlogEntry e = BlogManager.GetPost (postid);
|
|
if (e == null)
|
|
if (throwEx)
|
|
throw new FileNotFoundException ();
|
|
if ( CanView (e, Membership.GetUser ()))
|
|
return e;
|
|
if (throwEx)
|
|
throw new AccessViolationException (string.Format (
|
|
"Vous n'avez pas le droit de lire ce billet (id:{0})",
|
|
postid.ToString ()));
|
|
return null;
|
|
|
|
}
|
|
|
|
/// <summary>
|
|
/// Checks the auth can read.
|
|
/// </summary>
|
|
/// <returns><c>true</c>, if auth can read was checked, <c>false</c> otherwise.</returns>
|
|
/// <param name="bec">Bec.</param>
|
|
/// <param name="throwEx">If set to <c>true</c> throw ex.</param>
|
|
private static bool HasReadAccess (BlogEntryCollection bec, bool throwEx = true)
|
|
{
|
|
if (bec == null)
|
|
throw new FileNotFoundException ();
|
|
if (Roles.IsUserInRole ("Admin"))
|
|
return true;
|
|
var u = Membership.GetUser ();
|
|
BlogEntry e = bec.First (x=>!CanView(x,u));
|
|
if (e == null)
|
|
return true;
|
|
if (throwEx)
|
|
throw new AccessViolationException (
|
|
string.Format (
|
|
"Vous n'avez pas le droit de lire cette collection de billet (titles:{0})",
|
|
bec.ToString()));
|
|
else
|
|
return false;
|
|
}
|
|
/// <summary>
|
|
/// Filters the on read access.
|
|
/// </summary>
|
|
/// <returns>The on read access.</returns>
|
|
/// <param name="bec">Bec.</param>
|
|
/// <typeparam name="TEntry">The 1st type parameter.</typeparam>
|
|
public static IEnumerable<TEntry> FilterOnReadAccess<TEntry> ( IEnumerable<TEntry> bec)
|
|
{
|
|
if (bec == null) return null;
|
|
if (Roles.IsUserInRole ("Admin")) return bec;
|
|
var u = Membership.GetUser ();
|
|
var r = bec.Where (x => CanView (x as BlogEntry, u));
|
|
return r;
|
|
}
|
|
}
|
|
}
|
|
|