4 years ago · 13888d0926
--- a/src/Masuit.MyBlogs.Core/Controllers/CommentController.cs
+++ b/src/Masuit.MyBlogs.Core/Controllers/CommentController.cs
@@ -217,6 +217,12 @@ namespace Masuit.MyBlogs.Core.Controllers
 
				                 foreach (var c in single.Flatten())
			
 
				                 {
			
 
				                     c.CommentDate = c.CommentDate.ToTimeZone(HttpContext.Session.Get<string>(SessionKey.TimeZone));
			
 
				+                    if (!CurrentUser.IsAdmin)
			
 
				+                    {
			
 
				+                        c.Email = null;
			
 
				+                        c.IP = null;
			
 
				+                        c.Location = null;
			
 
				+                    }
			
 
				                 }
			
 
				 
			
 
				                 return ResultData(new
			
@@ -238,6 +244,12 @@ namespace Masuit.MyBlogs.Core.Controllers
 
				             parent.Data.Flatten().ForEach(c =>
			
 
				             {
			
 
				                 c.CommentDate = c.CommentDate.ToTimeZone(HttpContext.Session.Get<string>(SessionKey.TimeZone));
			
 
				+                if (!CurrentUser.IsAdmin)
			
 
				+                {
			
 
				+                    c.Email = null;
			
 
				+                    c.IP = null;
			
 
				+                    c.Location = null;
			
 
				+                }
			
 
				             });
			
 
				             if (total > 0)
			
 
				             {
			
--- a/src/Masuit.MyBlogs.Core/Controllers/Drive/DriveController.cs
+++ b/src/Masuit.MyBlogs.Core/Controllers/Drive/DriveController.cs
@@ -1,7 +1,9 @@
 
				-using Microsoft.AspNetCore.Mvc;
			
 
				+using Masuit.MyBlogs.Core.Extensions.Firewall;
			
 
				+using Microsoft.AspNetCore.Mvc;
			
 
				 
			
 
				 namespace Masuit.MyBlogs.Core.Controllers.Drive
			
 
				 {
			
 
				+    [ServiceFilter(typeof(FirewallAttribute))]
			
 
				     public class DriveController : Controller
			
 
				     {
			
 
				         [HttpGet("/drive")]
			
--- a/src/Masuit.MyBlogs.Core/Controllers/Drive/SitesController.cs
+++ b/src/Masuit.MyBlogs.Core/Controllers/Drive/SitesController.cs
@@ -10,10 +10,12 @@ using Newtonsoft.Json.Serialization;
 
				 using System;
			
 
				 using System.IO;
			
 
				 using System.Threading.Tasks;
			
 
				+using Masuit.MyBlogs.Core.Extensions.Firewall;
			
 
				 
			
 
				 namespace Masuit.MyBlogs.Core.Controllers.Drive
			
 
				 {
			
 
				     [ApiController]
			
 
				+    [ServiceFilter(typeof(FirewallAttribute))]
			
 
				     [Route("api/")]
			
 
				     public class SitesController : Controller
			
 
				     {
			
--- a/src/Masuit.MyBlogs.Core/Controllers/MsgController.cs
+++ b/src/Masuit.MyBlogs.Core/Controllers/MsgController.cs
@@ -78,6 +78,12 @@ namespace Masuit.MyBlogs.Core.Controllers
 
				                 foreach (var m in single.Flatten())
			
 
				                 {
			
 
				                     m.PostDate = m.PostDate.ToTimeZone(HttpContext.Session.Get<string>(SessionKey.TimeZone));
			
 
				+                    if (!CurrentUser.IsAdmin)
			
 
				+                    {
			
 
				+                        m.Email = null;
			
 
				+                        m.IP = null;
			
 
				+                        m.Location = null;
			
 
				+                    }
			
 
				                 }
			
 
				 
			
 
				                 return ResultData(new
			
@@ -99,6 +105,12 @@ namespace Masuit.MyBlogs.Core.Controllers
 
				             parent.Data.Flatten().ForEach(m =>
			
 
				             {
			
 
				                 m.PostDate = m.PostDate.ToTimeZone(HttpContext.Session.Get<string>(SessionKey.TimeZone));
			
 
				+                if (!CurrentUser.IsAdmin)
			
 
				+                {
			
 
				+                    m.Email = null;
			
 
				+                    m.IP = null;
			
 
				+                    m.Location = null;
			
 
				+                }
			
 
				             });
			
 
				             if (total > 0)
			
 
				             {
			
--- a/src/Masuit.MyBlogs.Core/Controllers/SubscribeController.cs
+++ b/src/Masuit.MyBlogs.Core/Controllers/SubscribeController.cs
@@ -22,6 +22,7 @@ namespace Masuit.MyBlogs.Core.Controllers
 
				     /// <summary>
			
 
				     /// 订阅服务
			
 
				     /// </summary>
			
 
				+    [ServiceFilter(typeof(FirewallAttribute))]
			
 
				     public class SubscribeController : Controller
			
 
				     {
			
 
				         public IPostService PostService { get; set; }
			
--- a/src/Masuit.MyBlogs.Core/Controllers/UploadController.cs
+++ b/src/Masuit.MyBlogs.Core/Controllers/UploadController.cs
@@ -1,6 +1,7 @@
 
				 using AngleSharp;
			
 
				 using DocumentFormat.OpenXml.Packaging;
			
 
				 using Masuit.MyBlogs.Core.Common;
			
 
				+using Masuit.MyBlogs.Core.Extensions.Firewall;
			
 
				 using Masuit.MyBlogs.Core.Extensions.UEditor;
			
 
				 using Masuit.MyBlogs.Core.Models.DTO;
			
 
				 using Masuit.MyBlogs.Core.Models.ViewModel;
			
@@ -31,6 +32,7 @@ namespace Masuit.MyBlogs.Core.Controllers
 
				     /// 文件上传
			
 
				     /// </summary>
			
 
				     [ApiExplorerSettings(IgnoreApi = true)]
			
 
				+    [ServiceFilter(typeof(FirewallAttribute))]
			
 
				     public class UploadController : Controller
			
 
				     {
			
 
				         public IWebHostEnvironment HostEnvironment { get; set; }
			
--- a/src/Masuit.MyBlogs.Core/Extensions/Firewall/RequestInterceptMiddleware.cs
+++ b/src/Masuit.MyBlogs.Core/Extensions/Firewall/RequestInterceptMiddleware.cs
@@ -62,7 +62,7 @@ namespace Masuit.MyBlogs.Core.Extensions.Firewall
 
				                     HttpVersion = request.Protocol,
			
 
				                     Headers = request.Headers.ToJsonString()
			
 
				                 });
			
 
				-                context.Response.StatusCode = 400;
			
 
				+                context.Response.StatusCode = 404;
			
 
				                 context.Response.ContentType = "text/html; charset=utf-8";
			
 
				                 return context.Response.WriteAsync("参数不合法！", Encoding.UTF8);
			
 
				             }
			
--- a/src/Masuit.MyBlogs.Core/Masuit.MyBlogs.Core.csproj
+++ b/src/Masuit.MyBlogs.Core/Masuit.MyBlogs.Core.csproj
@@ -57,7 +57,7 @@
 
				         <PackageReference Include="System.Linq.Dynamic.Core" Version="1.2.12" />
			
 
				         <PackageReference Include="TimeZoneConverter" Version="3.5.0" />
			
 
				         <PackageReference Include="WilderMinds.RssSyndication" Version="1.7.0" />
			
 
				-        <PackageReference Include="Z.EntityFramework.Plus.EFCore" Version="5.2.7" />
			
 
				+        <PackageReference Include="Z.EntityFramework.Plus.EFCore" Version="5.2.8" />
			
 
				     </ItemGroup>
			
 
				     <ItemGroup>
			
 
				         <Content Update="appsettings.json">
			
--- a/src/Masuit.MyBlogs.Core/Models/Drive/Site.cs
+++ b/src/Masuit.MyBlogs.Core/Models/Drive/Site.cs
@@ -1,3 +1,4 @@
 
				+using Newtonsoft.Json;
			
 
				 using System.ComponentModel.DataAnnotations;
			
 
				 
			
 
				 namespace Masuit.MyBlogs.Core.Models.Drive
			
@@ -9,6 +10,7 @@ namespace Masuit.MyBlogs.Core.Models.Drive
 
				         public string Name { get; set; }
			
 
				         public string SiteId { get; set; }
			
 
				         public string NickName { get; set; }
			
 
				+        [JsonIgnore]
			
 
				         public string[] HiddenFolders { get; set; }
			
 
				     }
			
 
				 }
			
--- a/src/Masuit.MyBlogs.Core/Models/ViewModel/LeaveMessageViewModel.cs
+++ b/src/Masuit.MyBlogs.Core/Models/ViewModel/LeaveMessageViewModel.cs
@@ -14,11 +14,6 @@ namespace Masuit.MyBlogs.Core.Models.ViewModel
 
				         /// </summary>
			
 
				         public string NickName { get; set; }
			
 
				 
			
 
				-        /// <summary>
			
 
				-        /// 标题
			
 
				-        /// </summary>
			
 
				-        public string Title { get; set; }
			
 
				-
			
 
				         /// <summary>
			
 
				         /// 内容
			
 
				         /// </summary>
			
--- a/src/Masuit.MyBlogs.Core/Views/Post/Details.cshtml
+++ b/src/Masuit.MyBlogs.Core/Views/Post/Details.cshtml
@@ -66,14 +66,11 @@
 
				                                     {
			
 
				                                         <div class="pull-right margin-right20">
			
 
				                                             <div>
			
 
				-                                                @foreach (string s in Model.Label.Split(',', '，'))
			
 
				+                                                @foreach (string s in Model.Label.Split(new []{',', '，'},StringSplitOptions.RemoveEmptyEntries))
			
 
				                                                 {
			
 
				-                                                    if (!string.IsNullOrEmpty(s))
			
 
				-                                                    {
			
 
				-                                                        <a asp-controller="Home" asp-action="Tag" asp-route-tag="@s">
			
 
				-                                                            <span class="label label-@colors[new Random().Next() % colors.Length]">@s</span>
			
 
				-                                                        </a>
			
 
				-                                                    }
			
 
				+                                                    <a asp-controller="Home" asp-action="Tag" asp-route-tag="@s">
			
 
				+                                                        <span class="label label-@colors[new Random().Next() % colors.Length]">@s</span>
			
 
				+                                                    </a>
			
 
				                                                 }
			
 
				                                             </div>
			
 
				                                         </div>
			
--- a/src/Masuit.MyBlogs.Core/Views/Post/Details_Admin.cshtml
+++ b/src/Masuit.MyBlogs.Core/Views/Post/Details_Admin.cshtml
@@ -68,14 +68,11 @@
 
				                                     {
			
 
				                                         <div class="pull-right margin-right20">
			
 
				                                             <div>
			
 
				-                                                @foreach (string s in Model.Label.Split(',', '，'))
			
 
				+                                                @foreach (string s in Model.Label.Split(new []{',', '，'},StringSplitOptions.RemoveEmptyEntries))
			
 
				                                                 {
			
 
				-                                                    if (!string.IsNullOrEmpty(s))
			
 
				-                                                    {
			
 
				-                                                        <a asp-controller="Home" asp-action="Tag" asp-route-tag="@s">
			
 
				-                                                            <span class="label label-@colors[new Random().Next() % colors.Length]">@s</span>
			
 
				-                                                        </a>
			
 
				-                                                    }
			
 
				+                                                    <a asp-controller="Home" asp-action="Tag" asp-route-tag="@s">
			
 
				+                                                        <span class="label label-@colors[new Random().Next() % colors.Length]">@s</span>
			
 
				+                                                    </a>
			
 
				                                                 }
			
 
				                                             </div>
			
 
				                                         </div>
			
@@ -86,7 +83,7 @@
 
				                                 <div class="col-md-12 line-height24">
			
 
				                                     分类：<i class="icon-map-pin"></i>
			
 
				                                     <a asp-controller="Home" asp-action="Category" asp-route-id="@Model.CategoryId" class="label label-info">@Model.Category.Name</a>
			
 
				-                                    | 评论总数：<span class="text-danger">@Model.Comment.Count</span>条 | 热度：<span class="text-danger">@Model.TotalViewCount</span>℃ | @(await Html.RenderComponentAsync<PostOnline>(RenderMode.ServerPrerendered, new { Model.Id,IP=Context.Connection.RemoteIpAddress.ToString() })) | 状态：@Model.Status.GetDisplay()
			
 
				+                                    | 评论总数：<span class="text-danger">@Model.Comment.Count</span>条 | 热度：<span class="text-danger">@Model.TotalViewCount</span>℃ | @(await Html.RenderComponentAsync<PostOnline>(RenderMode.ServerPrerendered, new { Model.Id,IP=Context.Connection.RemoteIpAddress.ToString(),IsAdmin=true })) | 状态：@Model.Status.GetDisplay()
			
 
				                                     @if (Model.Seminar.Any())
			
 
				                                     {
			
 
				                                         <span> | 所属专题：</span>
			
--- a/src/Masuit.MyBlogs.Core/Views/Post/PostOnline.razor
+++ b/src/Masuit.MyBlogs.Core/Views/Post/PostOnline.razor
@@ -1,7 +1,6 @@
 
				 @using CacheManager.Core
			
 
				 @using System.Threading
			
 
				 @using Masuit.MyBlogs.Core.Common
			
 
				-@using Masuit.Tools
			
 
				 @implements IAsyncDisposable
			
 
				 @inject ICacheManager<HashSet<string>> CacheManager
			
 
				 @inject IJSRuntime JS;
			
@@ -15,6 +14,9 @@
 
				     [Parameter]
			
 
				     public string IP { get; set; }
			
 
				 
			
 
				+    [Parameter]
			
 
				+    public bool IsAdmin { get; set; }
			
 
				+
			
 
				     int online;
			
 
				     Timer _timer;
			
 
				 
			
@@ -36,7 +38,7 @@
 
				     
			
 
				     public void ShowViewer()
			
 
				     {
			
 
				-        if (online>0) {
			
 
				+        if (online>0&&IsAdmin) {
			
 
				             JS.InvokeVoidAsync("showViewer",CacheManager.Get(nameof(PostOnline) + ":" + Id).Select(s => KeyValuePair.Create(s,s.GetIPLocation())));
			
 
				         }
			
 
				     }