vgquotes/Src/VideoGameQuotes.Web/Controllers/AdminController.cs

using System.Linq;
using System.Net;
using System.Web.Mvc;
using Portoa.Persistence;
using Portoa.Web.ErrorHandling;
using Portoa.Web.Results;
using Portoa.Web.Security;
using VideoGameQuotes.Api;
using VideoGameQuotes.Web.Models;
using VideoGameQuotes.Web.Security;
using VideoGameQuotes.Web.Services;

namespace VideoGameQuotes.Web.Controllers {
	[VerifyUser(Group = UserGroup.Admin)]
	public class AdminController : Controller {
		private readonly ICurrentUserProvider<User> userProvider;
		private readonly IAdministrationService adminService;

		public AdminController(ICurrentUserProvider<User> userProvider, IAdministrationService adminService) {
			this.userProvider = userProvider;
			this.adminService = adminService;
		}

		public ActionResult Users(int start = 1, int end = 20) {
			if (start < 1 || start > end || end < 1) {
				return new StatusOverrideResult(View("BadPaging")) { StatusCode = HttpStatusCode.BadRequest };
			}

			var model = new PagedModelWithUser<User> {
				CurrentPage = 1,
				Records = adminService.GetPagedUsers(start, end),
				TotalCount = adminService.GetAllUsers().Count(),
				CurrentUser = userProvider.CurrentUser
			};

			return View(model);
		}

		[HttpGet]
		public ActionResult Create() {
			var model = new CreateAdminModel();
			ResetCreateAdminModel(model);
			return View(model);
		}

		private void ResetCreateAdminModel(CreateAdminModel model) {
			model.Users = adminService.GetAllUsers();
		}

		[HttpPost]
		public ActionResult Create(CreateAdminModel model) {
			if (!ModelState.IsValid) {
				ResetCreateAdminModel(model);
				return View(model);
			}

			try {
				var user = new User {
					Username = model.Username,
					Group = UserGroup.Admin
				};

				if (model.UserId > 0) {
					user = adminService.GetUser(model.UserId);
					if (user.Group == UserGroup.Admin) {
						ModelState.AddModelError("UserId", string.Format("The user {0} is already an admin", user.Username));
					} else {
						user.Group = UserGroup.Admin;
					}

					if (user.Username == null) {
						if (string.IsNullOrWhiteSpace(model.Username)) {
							ModelState.AddModelError("Username", "Username must be given if the user does not have a username");
						} else {
							user.Username = model.Username;
						}
					}
				} else if (string.IsNullOrWhiteSpace(model.Username)) {
					ModelState.AddModelError("Username", "Username must be non-empty if creating a new user");
				}

				if (!ModelState.IsValid) {
					ResetCreateAdminModel(model);
					return View(model);
				}

				user.IpAddress = null; //must delete ip address or it's kind of a glaring security hole
				user.ChangePassword(model.Password);

				adminService.SaveUser(user);
				return View("CreateAdminSuccess", model);
			} catch (EntityNotFoundException) {
				ModelState.AddModelError("UserId", string.Format("User not found for id {0}", model.UserId));
				ResetCreateAdminModel(model);
				return View(model);
			}
		}

		public ActionResult Index() {
			return View();
		}

		[HttpGet]
		public ActionResult Password() {
			return View(new ChangePasswordModel());
		}

		[HttpPost]
		public ActionResult Password(ChangePasswordModel model) {
			if (!ModelState.IsValid) {
				return View(model);
			}

			var user = userProvider.CurrentUser;
			if (user == null) {
				return View("Unknown", new ErrorModel());
			}

			try {
				user.ChangePassword(model.Password);
				adminService.SaveUser(user);
				return View("PasswordSuccessfullyChanged");
			} catch {
				ModelState.AddModelError("password", "Unable to change password");
				return View(model);
			}

		}

		[HttpGet]
		public ActionResult Flags() {
			var flaggedQuotes = adminService.GetFlaggedQuotes();
			return View(flaggedQuotes);
		}
	}
}
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+								using System.Linq;
 								using System.Net;
 								using System.Web.Mvc;
-												create admin


											
										
										
											2011-02-19 23:15:36 +00:00
+								using Portoa.Persistence;
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+								using Portoa.Web.ErrorHandling;
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+								using Portoa.Web.Results;
-												created container extension for search/lucene stuff, modified namespaces to stay in alignment with Portoa


											
										
										
											2011-02-26 04:29:21 +00:00
+								using Portoa.Web.Security;
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+								using VideoGameQuotes.Api;
 								using VideoGameQuotes.Web.Models;
 								using VideoGameQuotes.Web.Security;
 								using VideoGameQuotes.Web.Services;
 								namespace VideoGameQuotes.Web.Controllers {
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+									[VerifyUser(Group = UserGroup.Admin)]
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+									public class AdminController : Controller {
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+										private readonly ICurrentUserProvider<User> userProvider;
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+										private readonly IAdministrationService adminService;
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+										public AdminController(ICurrentUserProvider<User> userProvider, IAdministrationService adminService) {
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+											this.userProvider = userProvider;
 											this.adminService = adminService;
 										}
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+										public ActionResult Users(int start = 1, int end = 20) {
 											if (start < 1 || start > end || end < 1) {
 												return new StatusOverrideResult(View("BadPaging")) { StatusCode = HttpStatusCode.BadRequest };
 											}
 											var model = new PagedModelWithUser<User> {
-												best/single quote pages are complete


											
										
										
											2011-02-22 04:05:23 +00:00
+												CurrentPage = 1,
-												user stuff, restyled SingleQuote to not be so hideous


											
										
										
											2011-02-21 23:59:06 +00:00
+												Records = adminService.GetPagedUsers(start, end),
 												TotalCount = adminService.GetAllUsers().Count(),
 												CurrentUser = userProvider.CurrentUser
 											};
 											return View(model);
 										}
-												create admin


											
										
										
											2011-02-19 23:15:36 +00:00
+										[HttpGet]
 										public ActionResult Create() {
 											var model = new CreateAdminModel();
 											ResetCreateAdminModel(model);
 											return View(model);
 										}
 										private void ResetCreateAdminModel(CreateAdminModel model) {
 											model.Users = adminService.GetAllUsers();
 										}
 										[HttpPost]
 										public ActionResult Create(CreateAdminModel model) {
 											if (!ModelState.IsValid) {
 												ResetCreateAdminModel(model);
 												return View(model);
 											}
 											try {
 												var user = new User {
 													Username = model.Username,
 													Group = UserGroup.Admin
 												};
 												if (model.UserId > 0) {
 													user = adminService.GetUser(model.UserId);
 													if (user.Group == UserGroup.Admin) {
 														ModelState.AddModelError("UserId", string.Format("The user {0} is already an admin", user.Username));
 													} else {
 														user.Group = UserGroup.Admin;
 													}
 													if (user.Username == null) {
 														if (string.IsNullOrWhiteSpace(model.Username)) {
 															ModelState.AddModelError("Username", "Username must be given if the user does not have a username");
 														} else {
 															user.Username = model.Username;
 														}
 													}
 												} else if (string.IsNullOrWhiteSpace(model.Username)) {
 													ModelState.AddModelError("Username", "Username must be non-empty if creating a new user");
 												}
 												if (!ModelState.IsValid) {
 													ResetCreateAdminModel(model);
 													return View(model);
 												}
 												user.IpAddress = null; //must delete ip address or it's kind of a glaring security hole
 												user.ChangePassword(model.Password);
 												adminService.SaveUser(user);
 												return View("CreateAdminSuccess", model);
 											} catch (EntityNotFoundException) {
 												ModelState.AddModelError("UserId", string.Format("User not found for id {0}", model.UserId));
 												ResetCreateAdminModel(model);
 												return View(model);
 											}
 										}
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+										public ActionResult Index() {
 											return View();
 										}
 										[HttpGet]
 										public ActionResult Password() {
 											return View(new ChangePasswordModel());
 										}
 										[HttpPost]
 										public ActionResult Password(ChangePasswordModel model) {
 											if (!ModelState.IsValid) {
 												return View(model);
 											}
 											var user = userProvider.CurrentUser;
 											if (user == null) {
 												return View("Unknown", new ErrorModel());
 											}
 											try {
 												user.ChangePassword(model.Password);
 												adminService.SaveUser(user);
 												return View("PasswordSuccessfullyChanged");
 											} catch {
-												created container extension for search/lucene stuff, modified namespaces to stay in alignment with Portoa


											
										
										
											2011-02-26 04:29:21 +00:00
+												ModelState.AddModelError("password", "Unable to change password");
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+												return View(model);
 											}
 										}
-												* flagged quote admin page
* fixed issue in user provider where if the app restarts you're still logged in but the app doesn't recognize you as such


											
										
										
											2011-02-18 01:46:02 +00:00
 										[HttpGet]
 										public ActionResult Flags() {
 											var flaggedQuotes = adminService.GetFlaggedQuotes();
 											return View(flaggedQuotes);
 										}
-												* login/logout
* change administration password


											
										
										
											2011-02-17 20:55:47 +00:00
+									}
 								}