From cdc61eb4ea5309769ad4db84d92594e4dc3dff67 Mon Sep 17 00:00:00 2001 From: Michael Date: Mon, 20 Mar 2017 16:45:17 -0400 Subject: Initial commit (azure deploy test) --- Project-Unite/Controllers/ModeratorController.cs | 320 +++++++++++++++++++++++ 1 file changed, 320 insertions(+) create mode 100644 Project-Unite/Controllers/ModeratorController.cs (limited to 'Project-Unite/Controllers/ModeratorController.cs') diff --git a/Project-Unite/Controllers/ModeratorController.cs b/Project-Unite/Controllers/ModeratorController.cs new file mode 100644 index 0000000..7872112 --- /dev/null +++ b/Project-Unite/Controllers/ModeratorController.cs @@ -0,0 +1,320 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Web; +using System.Web.Mvc; +using Microsoft.AspNet.Identity; +using Project_Unite.Models; + +namespace Project_Unite.Controllers +{ + [Authorize] + public class ModeratorController : Controller + { + // GET: Moderator + public ActionResult Index() + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + ViewBag.Moderator = true; + return View(); + } + + public ActionResult UserDetails(string id) + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + var usr = db.Users.FirstOrDefault(x => x.DisplayName == id); + if (usr == null || !ACL.Granted(User.Identity.Name, "CanViewUserInfo")) + return new HttpStatusCodeResult(403); + return View(usr); + } + + public ActionResult Users() + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + if (!ACL.Granted(User.Identity.Name, "CanViewUserInfo")) + return new HttpStatusCodeResult(403); + + return View(new ApplicationDbContext().Users); + } + + public ActionResult Unban(string id, string returnUrl = "") + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + if (!ACL.Granted(User.Identity.Name, "CanIssueBan")) + return new HttpStatusCodeResult(403); + var db = new ApplicationDbContext(); + + var usr = db.Users.FirstOrDefault(x => x.Id == id); + if (usr == null) + return new HttpStatusCodeResult(404); + if (usr.IsBanned == false) //we don't need to re-unban the user... save the SQL queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + usr.IsBanned = false; + + db.AuditLogs.Add(new Models.AuditLog(User.Identity.GetUserId(), AuditLogLevel.Moderator, $@"Moderator has unbanned {ACL.UserNameRaw(id)}.")); + + db.SaveChanges(); + + if (string.IsNullOrWhiteSpace(returnUrl)) + return RedirectToAction("Users"); + else + return Redirect(returnUrl); + } + + + public ActionResult Ban(string id, string returnUrl = "") + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + if (!ACL.Granted(User.Identity.Name, "CanIssueBan")) + return new HttpStatusCodeResult(403); + var db = new ApplicationDbContext(); + + var usr = db.Users.FirstOrDefault(x => x.Id == id); + if (usr == null) + return new HttpStatusCodeResult(404); + if (usr.IsBanned == true) //we don't need to re-ban the user... save the SQL queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + usr.IsBanned = true; + usr.BannedAt = DateTime.Now; + usr.BannedBy = User.Identity.GetUserId(); + + db.AuditLogs.Add(new Models.AuditLog(User.Identity.GetUserId(), AuditLogLevel.Moderator, $@"Moderator has banned {ACL.UserNameRaw(id)}.")); + + db.SaveChanges(); + + if (string.IsNullOrWhiteSpace(returnUrl)) + return RedirectToAction("Users"); + else + return Redirect(returnUrl); + } + + + public ActionResult Unmute(string id, string returnUrl = "") + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + if (!ACL.Granted(User.Identity.Name, "CanIssueMute")) + return new HttpStatusCodeResult(403); + var db = new ApplicationDbContext(); + + var usr = db.Users.FirstOrDefault(x => x.Id == id); + if (usr == null) + return new HttpStatusCodeResult(404); + if (usr.IsMuted == false) //we don't need to re-unmute the user... save the SQL queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + usr.IsMuted = false; + + db.AuditLogs.Add(new Models.AuditLog(User.Identity.GetUserId(), AuditLogLevel.Moderator, $@"Moderator has un-muted {ACL.UserNameRaw(id)}.")); + + db.SaveChanges(); + + if (string.IsNullOrWhiteSpace(returnUrl)) + return RedirectToAction("Users"); + else + return Redirect(returnUrl); + } + + [HttpPost] + [ValidateAntiForgeryToken] + public ActionResult ChangeUserName(string id, ApplicationUser model, string returnUrl = "") + { + string acl_r = "CanEditUsernames"; + if (id == User.Identity.GetUserId()) + acl_r = "CanEditUsername"; + + if (!ACL.Granted(User.Identity.Name, acl_r)) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + var usr = db.Users.FirstOrDefault(x => x.Id == id); + if (usr == null) + return new HttpStatusCodeResult(404); + + usr.DisplayName = model.DisplayName; + + db.SaveChanges(); + + if (string.IsNullOrWhiteSpace(returnUrl)) + return RedirectToAction("Users"); + else + return Redirect(returnUrl); + + } + + public ActionResult Lock(string id) + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); + if (forum == null) + return new HttpStatusCodeResult(404); + string perm = "CanLockTopics"; + var uid = User.Identity.GetUserId(); + if (forum.AuthorId == uid) + perm = "CanLockOwnTopics"; + + if (!ACL.Granted(User.Identity.Name, perm)) + return new HttpStatusCodeResult(403); + + if (forum.IsLocked == true) //Save the DB queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + forum.IsLocked = true; + + db.AuditLogs.Add(new AuditLog(uid, AuditLogLevel.Moderator, $"User has locked topic \"{forum.Subject}\" by {ACL.UserNameRaw(forum.AuthorId)}.")); + db.SaveChanges(); + + return RedirectToAction("ViewTopic", "Forum", new { id = id }); + } + + public ActionResult Unlock(string id) + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); + if (forum == null) + return new HttpStatusCodeResult(404); + string perm = "CanUnlockTopics"; + var uid = User.Identity.GetUserId(); + if (forum.AuthorId == uid) + perm = "CanUnlockOwnTopics"; + + if (!ACL.Granted(User.Identity.Name, perm)) + return new HttpStatusCodeResult(403); + + if (forum.IsLocked == false) //Save the DB queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + forum.IsLocked = false; + + db.AuditLogs.Add(new AuditLog(uid, AuditLogLevel.Moderator, $"User has unlocked topic \"{forum.Subject}\" by {ACL.UserNameRaw(forum.AuthorId)}.")); + + db.SaveChanges(); + + return RedirectToAction("ViewTopic", "Forum", new { id = id }); + } + + public ActionResult List(string id) + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); + if (forum == null) + return new HttpStatusCodeResult(404); + string perm = "CanUnlistTopics"; + var uid = User.Identity.GetUserId(); + if (forum.AuthorId == uid) + perm = "CanUnlistOwnTopics"; + + if (!ACL.Granted(User.Identity.Name, perm)) + return new HttpStatusCodeResult(403); + + if (forum.IsUnlisted == false) //Save the DB queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + forum.IsUnlisted = false; + + + db.SaveChanges(); + db.AuditLogs.Add(new AuditLog(uid, AuditLogLevel.Moderator, $"User has listed topic \"{forum.Subject}\" by {ACL.UserNameRaw(forum.AuthorId)}.")); + return RedirectToAction("ViewTopic", "Forum", new { id = id }); + } + + public ActionResult Unlist(string id) + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); + if (forum == null) + return new HttpStatusCodeResult(404); + string perm = "CanUnlistTopics"; + var uid = User.Identity.GetUserId(); + if (forum.AuthorId == uid) + perm = "CanUnlistOwnTopics"; + + if (!ACL.Granted(User.Identity.Name, perm)) + return new HttpStatusCodeResult(403); + + if (forum.IsUnlisted == true) //Save the DB queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + forum.IsUnlisted = true; + + db.AuditLogs.Add(new AuditLog(uid, AuditLogLevel.Moderator, $"User has unlisted topic \"{forum.Subject}\" by {ACL.UserNameRaw(forum.AuthorId)}.")); + db.SaveChanges(); + + return RedirectToAction("ViewTopic", "Forum", new { id = id }); + } + + + public ActionResult Bans() + { + var model = new ModeratorBanListViewModel(); + var db = new ApplicationDbContext(); + + model.UserBans = db.Users.Where(x => x.IsBanned == true); + model.IPBans = db.BannedIPs; + + return View(model); + } + + public ActionResult Logs() + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + + var db = new ApplicationDbContext(); + + return View(db.AuditLogs.Where(x => x.Level != AuditLogLevel.Admin)); + } + + public ActionResult Mute(string id, string returnUrl = "") + { + if (!ACL.Granted(User.Identity.Name, "CanAccessModCP")) + return new HttpStatusCodeResult(403); + if (!ACL.Granted(User.Identity.Name, "CanIssueMute")) + return new HttpStatusCodeResult(403); + var db = new ApplicationDbContext(); + + var usr = db.Users.FirstOrDefault(x => x.Id == id); + if (usr == null) + return new HttpStatusCodeResult(404); + if (usr.IsMuted == true) //we don't need to re-mute the user... save the SQL queries... + return new HttpStatusCodeResult(HttpStatusCode.BadRequest); + + usr.IsMuted = true; + usr.MutedAt = DateTime.Now; + usr.MutedBy = User.Identity.GetUserId(); + + db.AuditLogs.Add(new Models.AuditLog(User.Identity.GetUserId(), AuditLogLevel.Moderator, $@"Moderator has muted {ACL.UserNameRaw(id)}.")); + + db.SaveChanges(); + + if (string.IsNullOrWhiteSpace(returnUrl)) + return RedirectToAction("Users"); + else + return Redirect(returnUrl); + } + + } +} \ No newline at end of file -- cgit v1.2.3