Cleanup - admin controller removed

rxtur · rxtur · commit f2b1d91ec60c · 2019-05-12T21:56:17.000-05:00
diff --git a/src/App/Controllers/AdminController.cs b/src/App/Controllers/AdminController.cs
diff --git a/src/App/Controllers/BlogController.cs b/src/App/Controllers/BlogController.cs
@@ -2,6 +2,7 @@
 using Core.Helpers;
 using Core.Services;
 using Markdig;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.ViewEngines;
@@ -189,7 +190,14 @@ public async Task<IActionResult> Error(int code)
             }
         }
 
-        [HttpPost, Route("account/logout")]
+        [HttpGet("admin")]
+        [Authorize]
+        public IActionResult Admin()
+        {
+            return Redirect("~/admin/posts");
+        }
+
+        [HttpPost("account/logout")]
         public async Task<IActionResult> Logout()
         {
             await _sm.SignOutAsync();
diff --git a/src/App/Pages/Admin/Settings/Import.cshtml b/src/App/Pages/Admin/Settings/Import.cshtml
@@ -38,7 +38,7 @@
         var importSubmit = function () {
             $('.loading').fadeIn('fast');
             var data = new FormData($('#frmImport')[0]);
-            DataService.upload('admin/importfeed', data, importCallback, fail);
+            DataService.upload('api/settings/importfeed', data, importCallback, fail);
         }
         var importCallback = function (data) {
 
diff --git a/src/App/wwwroot/admin/js/app/notificationsController.js b/src/App/wwwroot/admin/js/app/notificationsController.js
@@ -4,7 +4,7 @@
         return false;
     }
     function remove(id) {
-        dataService.remove("admin/notifications/remove/" + id, removeCallback, fail);
+        dataService.remove("api/settings/removenotification/" + id, removeCallback, fail);
     }
     function removeCallback() {
         toastr.success('Removed');
diff --git a/src/Core/Api/SettingsController.cs b/src/Core/Api/SettingsController.cs
@@ -19,11 +19,13 @@ namespace Core.Api
     public class SettingsController : ControllerBase
     {
         IDataService _data;
+        IImportService _feed;
         IOptions<RequestLocalizationOptions> _options;
 
-        public SettingsController(IDataService data, IOptions<RequestLocalizationOptions> options)
+        public SettingsController(IDataService data, IImportService feed, IOptions<RequestLocalizationOptions> options)
         {
             _data = data;
+            _feed = feed;
             _options = options;
         }
 
@@ -97,5 +99,29 @@ public async Task<ActionResult<BlogItem>> Post(BlogItem model)
                 return StatusCode(StatusCodes.Status500InternalServerError, ex.Message);
             }
         }
+
+        [HttpPost("importfeed")]
+        [Administrator]
+        public async Task<IEnumerable<ImportMessage>> ImportFeed(IFormFile file)
+        {
+            var author = _data.Authors.Single(a => a.AppUserName == User.Identity.Name);
+
+            if (!author.IsAdmin)
+                Redirect("~/pages/shared/_error/403");
+
+            var webRoot = Url.Content("~/");
+
+            return await _feed.Import(file, User.Identity.Name, webRoot);
+        }
+
+        [HttpDelete("removenotification/{id}")]
+        [Administrator]
+        public async Task RemoveNotification(int id)
+        {
+            var note = _data.Notifications.Single(n => n.Id == id);
+            _data.Notifications.Remove(note);
+            _data.Complete();
+            await Task.CompletedTask;
+        }
     }
 }
diff --git a/src/Core/Extensions/StringExtensions.cs b/src/Core/Extensions/StringExtensions.cs
@@ -226,8 +226,7 @@ public static string SanitizeFileName(this string str)
         {
             str = str.SanitizePath();
 
-            if (str.Count(x => x == '.') > 1)
-                throw new ApplicationException("Invalid file name");
+            //TODO: add filename specific validation here
 
             return str;
         }

Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@`
`38`	`38`	`var importSubmit = function () {`
`39`	`39`	`$('.loading').fadeIn('fast');`
`40`	`40`	`var data = new FormData($('#frmImport')[0]);`
`41`		`- DataService.upload('admin/importfeed', data, importCallback, fail);`
	`41`	`+ DataService.upload('api/settings/importfeed', data, importCallback, fail);`
`42`	`42`	`}`
`43`	`43`	`var importCallback = function (data) {`
`44`	`44`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@`
`4`	`4`	`return false;`
`5`	`5`	`}`
`6`	`6`	`function remove(id) {`
`7`		`- dataService.remove("admin/notifications/remove/" + id, removeCallback, fail);`
	`7`	`+ dataService.remove("api/settings/removenotification/" + id, removeCallback, fail);`
`8`	`8`	`}`
`9`	`9`	`function removeCallback() {`
`10`	`10`	`toastr.success('Removed');`
Original file line number	Diff line number	Diff line change
`@@ -226,8 +226,7 @@ public static string SanitizeFileName(this string str)`
`226`	`226`	`{`
`227`	`227`	`str = str.SanitizePath();`
`228`	`228`
`229`		`- if (str.Count(x => x == '.') > 1)`
`230`		`- throw new ApplicationException("Invalid file name");`
	`229`	`+ //TODO: add filename specific validation here`
`231`	`230`
`232`	`231`	`return str;`
`233`	`232`	`}`