shiftos-archive/Project-Unite
1
0
Fork 0
mirror of https://github.com/lempamo/Project-Unite.git synced 2025-02-02 13:07:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Redo the permission system.

Browse source
This commit is contained in:
Michael 2017-05-09 16:00:37 -04:00
parent cb653f021d
commit c84f619354
10 changed files with 125 additions and 233 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
Project-Unite/ACL.cs
View file

@ -9,6 +9,8 @@ using System.Diagnostics;
using System.Web.Mvc.Html; using System.Web.Mvc.Html;
using System.Data.Entity; using System.Data.Entity;
using System.Text; using System.Text;
using Microsoft.AspNet.Identity.EntityFramework;
using System.Security.Principal;
namespace Project_Unite namespace Project_Unite
{ {
@ -226,8 +228,6 @@ namespace Project_Unite
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(fId)) if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(fId))
return false; return false;
if (!Granted(userName, "CanPostTopics"))
return false; //obviously if this role has a global restraint for this ACL def we shouldn't let them post in ANY forum.
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
@ -282,7 +282,7 @@ namespace Project_Unite
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(fId)) if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(fId))
return false; return false;
if (!Granted(userName, "CanPostTopics")) if (HttpContext.Current.User.Identity.IsGuest())
return false; //obviously if this role has a global restraint for this ACL def we shouldn't let them post in ANY forum. return false; //obviously if this role has a global restraint for this ACL def we shouldn't let them post in ANY forum.
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
@ -324,7 +324,7 @@ namespace Project_Unite
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(fId)) if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(fId))
return false; return false;
if (!Granted(userName, "CanPostTopics")) if (HttpContext.Current.User.Identity.IsGuest())
return false; //obviously if this role has a global restraint for this ACL def we shouldn't let them post in ANY forum. return false; //obviously if this role has a global restraint for this ACL def we shouldn't let them post in ANY forum.
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
@ -389,7 +389,7 @@ namespace Project_Unite
{ {
try try
{ {
if (!Granted(userId, "CanEditRoles")) if (!HttpContext.Current.User.Identity.IsAdmin())
return false; return false;
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
@ -425,40 +425,37 @@ namespace Project_Unite
} }
public static bool Granted(string userName, string prop) public static bool IsGuest(this IIdentity id)
{ {
if (string.IsNullOrWhiteSpace(prop)) if (HttpContext.Current.Request.IsAuthenticated)
return false;
return true; return true;
}
try
public static bool IsModerator(this IIdentity id)
{ {
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
return db.Users.FirstOrDefault(x => x.UserName == id.Name).HighestRole.IsModerator;
}
var usr = db.Users.FirstOrDefault(u => u.UserName == userName); public static bool IsDeveloper(this IIdentity id)
var userRoles = new List<Role>();
foreach (var usrRole in usr.Roles)
{ {
userRoles.Add(db.Roles.FirstOrDefault(r => r.Id == usrRole.RoleId) as Role); var db = new ApplicationDbContext();
return db.Users.FirstOrDefault(x => x.UserName == id.Name).HighestRole.IsDeveloper;
} }
db.Dispose();
var userRole = userRoles.OrderByDescending(m => m.Priority).First();
var t = userRole.GetType(); public static bool IsMember(this IIdentity id)
foreach (var propInf in t.GetProperties(System.Reflection.BindingFlags.Public | System.Reflection.BindingFlags.Instance))
{ {
if (propInf.Name == prop && propInf.PropertyType == typeof(bool)) var db = new ApplicationDbContext();
return (bool)propInf.GetValue(userRole); return db.Users.FirstOrDefault(x => x.UserName == id.Name).HighestRole.IsMember;
} }
return false;
} public static bool IsAdmin(this IIdentity id)
catch (Exception ex)
{ {
Debug.Print(ex.ToString()); var db = new ApplicationDbContext();
return false; return db.Users.FirstOrDefault(x => x.UserName == id.Name).HighestRole.IsAdmin;
}
} }
} }
} }

32
Project-Unite/ACLAttributes.cs Normal file
View file

@ -0,0 +1,32 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace Project_Unite
{
/// <summary>
/// Tells the Unite request router that this view/action requires administrative permissions.
/// </summary>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class RequiresAdmin : Attribute
{
}
/// <summary>
/// Tells the Unite request router that this view/action requires developer permissions.
/// </summary>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class RequiresDeveloper : Attribute
{
}
/// <summary>
/// Tells the Unite request router that this view/action requires moderator permissions.
/// </summary>
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class RequiresModerator : Attribute
{
}
}

3
Project-Unite/Controllers/AdminController.cs
View file

@ -21,10 +21,9 @@ namespace Project_Unite.Controllers
private ApplicationDbContext db = new ApplicationDbContext(); private ApplicationDbContext db = new ApplicationDbContext();
[Authorize] [Authorize]
[RequiresAdmin]
public ActionResult Index() public ActionResult Index()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessAdminCP"))
return new HttpStatusCodeResult(403);
return View(); return View();
} }
} }

4
Project-Unite/Controllers/BlogController.cs
View file

@ -130,12 +130,10 @@ namespace Project_Unite.Controllers
return View(blog); return View(blog);
} }
[RequiresDeveloper]
[Authorize] [Authorize]
public ActionResult PostBlog() public ActionResult PostBlog()
{ {
if (!ACL.Granted(User.Identity.Name, "CanBlog"))
return new HttpStatusCodeResult(403);
var model = new PostBlogViewModel(); var model = new PostBlogViewModel();
return View(model); return View(model);
} }

29
Project-Unite/Controllers/DeveloperController.cs
View file

@ -9,23 +9,19 @@ using Project_Unite.Models;
namespace Project_Unite.Controllers namespace Project_Unite.Controllers
{ {
[RequiresDeveloper]
[Authorize] [Authorize]
public class DeveloperController : Controller public class DeveloperController : Controller
{ {
// GET: Developer // GET: Developer
public ActionResult Index() public ActionResult Index()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
ViewBag.Developer = true; ViewBag.Developer = true;
return View(); return View();
} }
public ActionResult ToggleObsolete(string id) public ActionResult ToggleObsolete(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var release = db.Downloads.FirstOrDefault(x => x.Id == id); var release = db.Downloads.FirstOrDefault(x => x.Id == id);
release.Obsolete = !release.Obsolete; release.Obsolete = !release.Obsolete;
@ -35,9 +31,6 @@ namespace Project_Unite.Controllers
public ActionResult MakeUnstable(string id) public ActionResult MakeUnstable(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var release = db.Downloads.FirstOrDefault(x => x.Id == id); var release = db.Downloads.FirstOrDefault(x => x.Id == id);
release.IsStable = false; release.IsStable = false;
@ -48,9 +41,6 @@ namespace Project_Unite.Controllers
public ActionResult MakeStable(string id) public ActionResult MakeStable(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var release = db.Downloads.FirstOrDefault(x => x.Id == id); var release = db.Downloads.FirstOrDefault(x => x.Id == id);
release.IsStable = true; release.IsStable = true;
@ -61,18 +51,12 @@ namespace Project_Unite.Controllers
public ActionResult Releases() public ActionResult Releases()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
return View(db.Downloads); return View(db.Downloads);
} }
public ActionResult AddRelease() public ActionResult AddRelease()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanReleaseBuild"))
return new HttpStatusCodeResult(403);
ViewBag.Developer = true; ViewBag.Developer = true;
var build = new PostDownloadViewModel(); var build = new PostDownloadViewModel();
@ -85,10 +69,6 @@ namespace Project_Unite.Controllers
[ValidateAntiForgeryToken] [ValidateAntiForgeryToken]
public ActionResult AddRelease(PostDownloadViewModel model) public ActionResult AddRelease(PostDownloadViewModel model)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanReleaseBuild"))
return new HttpStatusCodeResult(403);
if (!ModelState.IsValid) if (!ModelState.IsValid)
return View(model); return View(model);
@ -174,8 +154,6 @@ namespace Project_Unite.Controllers
[Authorize] [Authorize]
public ActionResult Wiki() public ActionResult Wiki()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
ViewBag.Developer = true; ViewBag.Developer = true;
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var cats = db.WikiCategories; var cats = db.WikiCategories;
@ -184,9 +162,6 @@ namespace Project_Unite.Controllers
public ActionResult AddWikiCategory() public ActionResult AddWikiCategory()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
ViewBag.Developer = true; ViewBag.Developer = true;
var mdl = new AddWikiCategoryViewModel(); var mdl = new AddWikiCategoryViewModel();
@ -198,8 +173,6 @@ namespace Project_Unite.Controllers
[ValidateAntiForgeryToken] [ValidateAntiForgeryToken]
public ActionResult AddWikiCategory(AddWikiCategoryViewModel model) public ActionResult AddWikiCategory(AddWikiCategoryViewModel model)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessDevCP"))
return new HttpStatusCodeResult(403);
ViewBag.Developer = true; ViewBag.Developer = true;
if (!ModelState.IsValid) if (!ModelState.IsValid)
return View(model); return View(model);

15
Project-Unite/Controllers/ForumController.cs
View file

@ -131,9 +131,8 @@ namespace Project_Unite.Controllers
string acl_perm = "CanEditPosts"; string acl_perm = "CanEditPosts";
if (topic == null) if (topic == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
if (topic.AuthorId == User.Identity.GetUserId()) if (topic.AuthorId != User.Identity.GetUserId())
acl_perm = "CanEditOwnPosts"; if (!User.Identity.IsModerator())
if (!ACL.Granted(User.Identity.Name, acl_perm))
return new HttpStatusCodeResult(403); return new HttpStatusCodeResult(403);
var model = new EditPostViewModel(); var model = new EditPostViewModel();
model.Id = topic.Id; model.Id = topic.Id;
@ -141,6 +140,7 @@ namespace Project_Unite.Controllers
return View(model); return View(model);
} }
[RequiresModerator]
[Authorize] [Authorize]
public ActionResult DeletePost(string id) public ActionResult DeletePost(string id)
{ {
@ -150,10 +150,6 @@ namespace Project_Unite.Controllers
string acl_perm = "CanDeletePosts"; string acl_perm = "CanDeletePosts";
if (topic == null) if (topic == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
if (topic.AuthorId == User.Identity.GetUserId())
acl_perm = "CanDeleteOwnPosts";
if (!ACL.Granted(User.Identity.Name, acl_perm))
return new HttpStatusCodeResult(403);
var parent = db.ForumTopics.FirstOrDefault(x => x.Id == topic.Parent); var parent = db.ForumTopics.FirstOrDefault(x => x.Id == topic.Parent);
bool redirectToParent = false; bool redirectToParent = false;
string cat = ""; string cat = "";
@ -184,9 +180,8 @@ namespace Project_Unite.Controllers
string acl_perm = "CanEditPosts"; string acl_perm = "CanEditPosts";
if (topic == null) if (topic == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
if (topic.AuthorId == User.Identity.GetUserId()) if (topic.AuthorId != User.Identity.GetUserId())
acl_perm = "CanEditOwnPosts"; if (!User.Identity.IsModerator())
if (!ACL.Granted(User.Identity.Name, acl_perm))
return new HttpStatusCodeResult(403); return new HttpStatusCodeResult(403);
var edit = new ForumPostEdit(); var edit = new ForumPostEdit();
edit.EditedAt = DateTime.Now; edit.EditedAt = DateTime.Now;

74
Project-Unite/Controllers/ModeratorController.cs
View file

@ -9,47 +9,33 @@ using Project_Unite.Models;
namespace Project_Unite.Controllers namespace Project_Unite.Controllers
{ {
[RequiresModerator]
[Authorize] [Authorize]
public class ModeratorController : Controller public class ModeratorController : Controller
{ {
// GET: Moderator // GET: Moderator
public ActionResult Index() public ActionResult Index()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
ViewBag.Moderator = true; ViewBag.Moderator = true;
return View(); return View();
} }
public ActionResult UserDetails(string id) public ActionResult UserDetails(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var usr = db.Users.FirstOrDefault(x => x.DisplayName == id); var usr = db.Users.FirstOrDefault(x => x.DisplayName == id);
if (usr == null || !ACL.Granted(User.Identity.Name, "CanViewUserInfo")) if (usr == null)
return new HttpStatusCodeResult(403); return new HttpStatusCodeResult(404);
return View(usr); return View(usr);
} }
public ActionResult Users() public ActionResult Users()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanViewUserInfo"))
return new HttpStatusCodeResult(403);
return View(new ApplicationDbContext().Users); return View(new ApplicationDbContext().Users);
} }
public ActionResult Unban(string id, string returnUrl = "") public ActionResult Unban(string id, string returnUrl = "")
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanIssueBan"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var usr = db.Users.FirstOrDefault(x => x.Id == id); var usr = db.Users.FirstOrDefault(x => x.Id == id);
@ -73,10 +59,6 @@ namespace Project_Unite.Controllers
public ActionResult Ban(string id, string returnUrl = "") public ActionResult Ban(string id, string returnUrl = "")
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanIssueBan"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var usr = db.Users.FirstOrDefault(x => x.Id == id); var usr = db.Users.FirstOrDefault(x => x.Id == id);
@ -102,10 +84,6 @@ namespace Project_Unite.Controllers
public ActionResult Unmute(string id, string returnUrl = "") public ActionResult Unmute(string id, string returnUrl = "")
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanIssueMute"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var usr = db.Users.FirstOrDefault(x => x.Id == id); var usr = db.Users.FirstOrDefault(x => x.Id == id);
@ -130,13 +108,6 @@ namespace Project_Unite.Controllers
[ValidateAntiForgeryToken] [ValidateAntiForgeryToken]
public ActionResult ChangeUserName(string id, ApplicationUser model, string returnUrl = "") public ActionResult ChangeUserName(string id, ApplicationUser model, string returnUrl = "")
{ {
string acl_r = "CanEditUsernames";
if (id == User.Identity.GetUserId())
acl_r = "CanEditUsername";
if (!ACL.Granted(User.Identity.Name, acl_r))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var usr = db.Users.FirstOrDefault(x => x.Id == id); var usr = db.Users.FirstOrDefault(x => x.Id == id);
if (usr == null) if (usr == null)
@ -155,20 +126,12 @@ namespace Project_Unite.Controllers
public ActionResult Lock(string id) public ActionResult Lock(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id);
if (forum == null) if (forum == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
string perm = "CanLockTopics"; string perm = "CanLockTopics";
var uid = User.Identity.GetUserId(); var uid = User.Identity.GetUserId();
if (forum.AuthorId == uid)
perm = "CanLockOwnTopics";
if (!ACL.Granted(User.Identity.Name, perm))
return new HttpStatusCodeResult(403);
if (forum.IsLocked == true) //Save the DB queries... if (forum.IsLocked == true) //Save the DB queries...
return new HttpStatusCodeResult(HttpStatusCode.BadRequest); return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
@ -183,20 +146,12 @@ namespace Project_Unite.Controllers
public ActionResult Unlock(string id) public ActionResult Unlock(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id);
if (forum == null) if (forum == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
string perm = "CanUnlockTopics"; string perm = "CanUnlockTopics";
var uid = User.Identity.GetUserId(); var uid = User.Identity.GetUserId();
if (forum.AuthorId == uid)
perm = "CanUnlockOwnTopics";
if (!ACL.Granted(User.Identity.Name, perm))
return new HttpStatusCodeResult(403);
if (forum.IsLocked == false) //Save the DB queries... if (forum.IsLocked == false) //Save the DB queries...
return new HttpStatusCodeResult(HttpStatusCode.BadRequest); return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
@ -212,20 +167,12 @@ namespace Project_Unite.Controllers
public ActionResult List(string id) public ActionResult List(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id);
if (forum == null) if (forum == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
string perm = "CanUnlistTopics"; string perm = "CanUnlistTopics";
var uid = User.Identity.GetUserId(); var uid = User.Identity.GetUserId();
if (forum.AuthorId == uid)
perm = "CanUnlistOwnTopics";
if (!ACL.Granted(User.Identity.Name, perm))
return new HttpStatusCodeResult(403);
if (forum.IsUnlisted == false) //Save the DB queries... if (forum.IsUnlisted == false) //Save the DB queries...
return new HttpStatusCodeResult(HttpStatusCode.BadRequest); return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
@ -240,20 +187,12 @@ namespace Project_Unite.Controllers
public ActionResult Unlist(string id) public ActionResult Unlist(string id)
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id); var forum = db.ForumTopics.FirstOrDefault(x => x.Discriminator == id);
if (forum == null) if (forum == null)
return new HttpStatusCodeResult(404); return new HttpStatusCodeResult(404);
string perm = "CanUnlistTopics"; string perm = "CanUnlistTopics";
var uid = User.Identity.GetUserId(); var uid = User.Identity.GetUserId();
if (forum.AuthorId == uid)
perm = "CanUnlistOwnTopics";
if (!ACL.Granted(User.Identity.Name, perm))
return new HttpStatusCodeResult(403);
if (forum.IsUnlisted == true) //Save the DB queries... if (forum.IsUnlisted == true) //Save the DB queries...
return new HttpStatusCodeResult(HttpStatusCode.BadRequest); return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
@ -280,9 +219,6 @@ namespace Project_Unite.Controllers
public ActionResult Logs() public ActionResult Logs()
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
return View(db.AuditLogs.Where(x => x.Level != AuditLogLevel.Admin)); return View(db.AuditLogs.Where(x => x.Level != AuditLogLevel.Admin));
@ -290,10 +226,6 @@ namespace Project_Unite.Controllers
public ActionResult Mute(string id, string returnUrl = "") public ActionResult Mute(string id, string returnUrl = "")
{ {
if (!ACL.Granted(User.Identity.Name, "CanAccessModCP"))
return new HttpStatusCodeResult(403);
if (!ACL.Granted(User.Identity.Name, "CanIssueMute"))
return new HttpStatusCodeResult(403);
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
var usr = db.Users.FirstOrDefault(x => x.Id == id); var usr = db.Users.FirstOrDefault(x => x.Id == id);

41
Project-Unite/Global.asax.cs
View file

@ -3,6 +3,7 @@ using System.Collections.Generic;
using System.Data.Entity.Migrations; using System.Data.Entity.Migrations;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Reflection;
using System.Web; using System.Web;
using System.Web.Mvc; using System.Web.Mvc;
using System.Web.Optimization; using System.Web.Optimization;
@ -36,6 +37,44 @@ namespace Project_Unite
migrator.Update(); migrator.Update();
string actionname = this.Request.RequestContext.RouteData.Values["action"].ToString();
string controllername = this.Request.RequestContext.RouteData.Values["controller"].ToString();
var asm = Assembly.GetExecutingAssembly();
var ctl = asm.GetTypes().FirstOrDefault(x => x.Name == controllername + "Controller");
var adm = ctl.GetCustomAttributes(false).Where(x => x is RequiresAdmin);
var mod = ctl.GetCustomAttributes(false).Where(x => x is RequiresModerator);
var dev = ctl.GetCustomAttributes(false).Where(x => x is RequiresDeveloper);
bool fail = false;
if (adm != null)
fail = !User.Identity.IsAdmin();
if (mod != null)
fail = !User.Identity.IsModerator();
if (dev != null)
fail = !User.Identity.IsDeveloper();
var act = ctl.GetMethods(BindingFlags.Public | BindingFlags.Instance).FirstOrDefault(x => x.Name == actionname);
adm = act.GetCustomAttributes(false).Where(x => x is RequiresAdmin);
mod = act.GetCustomAttributes(false).Where(x => x is RequiresModerator);
dev = act.GetCustomAttributes(false).Where(x => x is RequiresDeveloper);
if (adm != null)
fail = fail || !User.Identity.IsAdmin();
if (mod != null)
fail = fail || !User.Identity.IsModerator();
if (dev != null)
fail = fail || !User.Identity.IsDeveloper();
if (fail == true)
{
string url = "http://" + this.Request.Url.Host.Replace("http://", "").Replace("https://", "") + "/Home/AccessDenied";
Response.Redirect(url, true);
return;
}
var addr = HttpContext.Current.Request.UserHostAddress; var addr = HttpContext.Current.Request.UserHostAddress;
var db = new ApplicationDbContext(); var db = new ApplicationDbContext();
@ -47,6 +86,8 @@ namespace Project_Unite
this.CompleteRequest(); this.CompleteRequest();
return; return;
} }
} }
protected void Application_EndRequest(object s, EventArgs e) protected void Application_EndRequest(object s, EventArgs e)

1
Project-Unite/Project-Unite.csproj
View file

@ -243,6 +243,7 @@
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Compile Include="ACL.cs" /> <Compile Include="ACL.cs" />
<Compile Include="ACLAttributes.cs" />
<Compile Include="App_Start\BundleConfig.cs" /> <Compile Include="App_Start\BundleConfig.cs" />
<Compile Include="App_Start\FilterConfig.cs" /> <Compile Include="App_Start\FilterConfig.cs" />
<Compile Include="App_Start\IdentityConfig.cs" /> <Compile Include="App_Start\IdentityConfig.cs" />

84
Project-Unite/Views/Shared/_Layout.cshtml
View file

@ -97,9 +97,9 @@
} }
<div class="container clearfix body-content"> <div class="container clearfix body-content">
<div class="panel panel-success"> <div class="panel panel-warning">
<div class="panel-body"> <div class="panel-body">
<p><span class="glyphicon glyphicon-exclamation-sign"></span> <strong>Welcome to Project: Unite!</strong> Things are a bit barren right now and not a lot of stuff is implemented - but feel free to explore!</p> <p><span class="glyphicon glyphicon-warning-sign"></span> <strong>Do things seem broken?</strong> We are currently working on streamlining the permission system and its backend. Please be patient!</p>
</div> </div>
</div> </div>
@ -112,84 +112,8 @@
</div> </div>
} }
@if (ViewBag.Moderator == true)
{
<ul class="nav nav-tabs">
<li>@Html.ActionLink("Home", "Index", "Moderator")</li>
@if (ACL.Granted(User.Identity.Name, "CanIssueBan"))
{
<li>@Html.ActionLink("Bans", "Bans", "Moderator")</li>
}
@if (ACL.Granted(User.Identity.Name, "CanEditProfiles"))
{
<li>@Html.ActionLink("Users", "Users", "Moderator")</li>
}
<li>@Html.ActionLink("Audit logs", "Logs", "Moderator")</li>
</ul>
@RenderBody();
}
else if (ViewBag.Developer == true)
{
<ul class="nav nav-pills">
<li>@Html.ActionLink("Home", "Index", "Developer")</li>
<li>@Html.ActionLink("Releases", "Releases", "Developer")</li>
<li>@Html.ActionLink("Wiki", "Wiki", "Developer")</li>
<li>@Html.ActionLink("Bugs", "Bugs", "Developer")</li>
</ul>
@RenderBody();
}
else if (ACL.Granted(User.Identity.Name, ViewBag.ACLRule))
{
if (ViewBag.Admin == true)
{
if (ACL.Granted(User.Identity.Name, "CanAccessAdminCP"))
{
<ul class="nav nav-tabs">
<li>@Html.ActionLink("Home", "Index", "Admin")</li>
@if (ACL.Granted(User.Identity.Name, "CanEditRoles"))
{
<li>@Html.ActionLink("Roles", "Roles", "Admin")</li>
<li>@Html.ActionLink("Access Control", "AccessControl", "Admin")</li>
}
@if (ACL.Granted(User.Identity.Name, "CanEditProfiles"))
{
<li>@Html.ActionLink("Users", "Users", "Admin")</li>
}
@if (ACL.Granted(User.Identity.Name, "CanEditForumCategories"))
{
<li>@Html.ActionLink("Forum Categories", "Forums", "Admin")</li>
}
<li>@Html.ActionLink("Audit logs", "Logs", "Admin")</li>
</ul>
@RenderBody();
}
else
{
<h2>Access denied.</h2>
<p>You do not have permission to access this page. Contact an admin if this is in error.</p>
}
}
else
{
@RenderBody() @RenderBody()
<hr />
}
}
else
{
<h2>Access denied.</h2>
<p>You do not have permission to access this page. Contact an admin if this is in error.</p>
}<hr />
</div> </div>
@ -232,7 +156,7 @@
<p><strong>We'd like to formally thank Philip Adams.</strong> Without him, we would not exist. Phil has contributed years of work and help to ShiftOS and is the original developer of the game. He has written code that is still used to this day in modern ShiftOS, and much of the ideas and mechanics in the game are from his mind.</p> <p><strong>We'd like to formally thank Philip Adams.</strong> Without him, we would not exist. Phil has contributed years of work and help to ShiftOS and is the original developer of the game. He has written code that is still used to this day in modern ShiftOS, and much of the ideas and mechanics in the game are from his mind.</p>
<p>Check Phil out on YouTube: <a href="http://youtube.com/OSFirstTimer">OSFirstTimer</a> | <a href="https://www.youtube.com/user/AstralPhaser">AstralPhaser</a> | <a href="https://www.youtube.com/channel/UC2wLfbZrHQOxP2e5zkxYRjA">YouTube Millionaire</a></p> <p>Check Phil out on YouTube: <a href="http://youtube.com/OSFirstTimer">OSFirstTimer</a> | <a href="https://www.youtube.com/user/AstralPhaser">AstralPhaser</a> | <a href="https://www.youtube.com/channel/UC2wLfbZrHQOxP2e5zkxYRjA">YouTube Millionaire</a></p>
@if (ACL.Granted(User.Identity.Name, "CanAccessAdminCP")) @if (User.Identity.IsAdmin())
{ {
<p>@Html.ActionLink("Administrator Control Panel", "Index", "Admin")</p>} <p>@Html.ActionLink("Administrator Control Panel", "Index", "Admin")</p>}
</footer> </footer>