文章恶意修改检查

src/Masuit.MyBlogs.Core/Controllers/MergeController.cs

@@ -139,5 +139,19 @@ namespace Masuit.MyBlogs.Core.Controllers
             BackgroundJob.Enqueue(() => CommonHelper.SendMail(CommonHelper.SystemSettings["Title"] + "博客你提交的修改已被拒绝", content, merge.ModifierEmail));
             return ResultData(null, true, "合并已拒绝！");
         }
+
+        /// <summary>
+        /// 标记为恶意修改
+        /// </summary>
+        /// <param name="id"></param>
+        /// <returns></returns>
+        [HttpPost("block/{id}")]
+        public ActionResult Block(int id)
+        {
+            var merge = PostMergeRequestService.GetById(id) ?? throw new NotFoundException("待合并文章未找到");
+            merge.MergeState = MergeStatus.Block;
+            var b = PostMergeRequestService.SaveChanges() > 0;
+            return b ? ResultData(null, true, "操作成功！") : ResultData(null, false, "操作失败！");
+        }
     }
 }

src/Masuit.MyBlogs.Core/Controllers/PostController.cs

@@ -47,8 +47,8 @@ namespace Masuit.MyBlogs.Core.Controllers
         public IBroadcastService BroadcastService { get; set; }
         public ISeminarService SeminarService { get; set; }
         public IPostHistoryVersionService PostHistoryVersionService { get; set; }
-
         public IInternalMessageService MessageService { get; set; }
+        public IPostMergeRequestService PostMergeRequestService { get; set; }
 
         public IWebHostEnvironment HostEnvironment { get; set; }
         public ISearchEngine<DataContext> SearchEngine { get; set; }
@@ -398,7 +398,19 @@ namespace Masuit.MyBlogs.Core.Controllers
             {
                 return ResultData(null, false, "内容未被修改！");
             }
+            #region 合并验证
+
+            if (PostMergeRequestService.Any(p => p.ModifierEmail == dto.ModifierEmail && p.MergeState == MergeStatus.Block))
+            {
+                return ResultData(null, false, "由于您曾经多次恶意修改文章，已经被标记为黑名单，无法修改任何文章，如有疑问，请联系网站管理员进行处理。");
+            }
 
+            if (post.PostMergeRequests.Any(p => p.ModifierEmail == dto.ModifierEmail && p.MergeState == MergeStatus.Pending))
+            {
+                return ResultData(null, false, "您已经提交过一次修改请求正在待处理，暂不能继续提交修改请求！");
+            }
+
+            #endregion
             #region 直接合并
 
             if (post.Email.Equals(dto.ModifierEmail))

src/Masuit.MyBlogs.Core/Models/Enum/MergeStatus.cs

@@ -18,6 +18,11 @@
         /// <summary>
         /// 拒绝
         /// </summary>
-        Reject
+        Reject,
+
+        /// <summary>
+        /// 阻止恶意修改
+        /// </summary>
+        Block
     }
 }

src/Masuit.MyBlogs.Core/Properties/PublishProfiles/FolderProfile.pubxml

@@ -17,8 +17,5 @@
     <SelfContained>false</SelfContained>
     <publishUrl>bin\Release\publish\</publishUrl>
     <DeleteExistingFiles>True</DeleteExistingFiles>
-    <RuntimeIdentifier>win-x64</RuntimeIdentifier>
-    <PublishSingleFile>False</PublishSingleFile>
-    <PublishReadyToRun>True</PublishReadyToRun>
   </PropertyGroup>
 </Project>

src/Masuit.MyBlogs.Core/appsettings.json

@@ -5,10 +5,10 @@
         }
     },
     "AllowedHosts": "*",
-    "Port": 80,
+    "Port": 5000,
     "Https": {
         "Enabled": true, // 启用https跳转
-        "Port": 443,
+        "Port": 5001,
         "CertPath": "App_Data/cert/server.pfx", // https证书
         "CertPassword": "cEHlnUGu" // 证书密码
     },

src/Masuit.MyBlogs.Core/wwwroot/ng-views/controllers/merge.js

@@ -92,6 +92,31 @@
 		}).catch(swal.noop);
     }
 
+	self.block = function(row) {
+		swal({
+			title: "确认标记为恶意修改吗？",
+			text: row.Title,
+			showCancelButton: true,
+			confirmButtonColor: "#DD6B55",
+			confirmButtonText: "确定",
+			cancelButtonText: "取消",
+			showLoaderOnConfirm: true,
+			animation: true,
+			allowOutsideClick: false
+		}).then(function() {
+            $scope.request("/merge/block/"+row.Id, null, function(data) {
+			    window.notie.alert({
+				    type: 1,
+				    text: data.Message,
+				    time: 4
+			    });
+			    self.stats = [];
+			    self.GetPageData($scope.paginationConf.currentPage, $scope.paginationConf.itemsPerPage);
+		    });
+		}, function() {
+		}).catch(swal.noop);
+    }
+
 	var _timeout;
 	$scope.search = function (kw) {
 		if (_timeout) {
@@ -173,6 +198,30 @@ myApp.controller("mergecompare", ["$scope", "$http", "$timeout","$location", fun
 		}).catch(swal.noop);
     }
 
+	$scope.block = function() {
+        swal({
+			title: "确认标记为恶意修改吗？",
+			showCancelButton: true,
+			confirmButtonColor: "#DD6B55",
+			confirmButtonText: "确定",
+			cancelButtonText: "取消",
+			showLoaderOnConfirm: true,
+			animation: true,
+			allowOutsideClick: false
+		}).then(function() {
+			$scope.request("/merge/block/"+$scope.id, null, function(data) {
+			    window.notie.alert({
+				    type: 1,
+				    text: data.Message,
+				    time: 4
+			    });
+			    self.stats = [];
+			    self.GetPageData($scope.paginationConf.currentPage, $scope.paginationConf.itemsPerPage);
+		    });
+		}, function() {
+		}).catch(swal.noop);
+    }
+
 }]);
 myApp.controller("mergeedit", ["$scope", "$http", "$timeout","$location", function ($scope, $http, $timeout,$location) {
 	window.hub.stop();

src/Masuit.MyBlogs.Core/wwwroot/ng-views/views/merge/compare.html

@@ -17,6 +17,7 @@
         <button class="btn btn-info" ng-click="pass()">接受合并</button>
         <a class="btn btn-success" ng-href="#/merge/edit?id={{newer.Id}}">编辑并合并</a>
         <button class="btn btn-danger" ng-click="reject()">拒绝合并</button>
+        <button class="btn btn-danger" ng-click="block()">标记为恶意修改</button>
     </div>
     <div class="row">
         <div class="col-md-6">

src/Masuit.MyBlogs.Core/wwwroot/ng-views/views/merge/list.html

@@ -15,7 +15,7 @@
             </div>
         </div>
     </div>
-    <table ng-table="list.tableParams" class="table table-bordered table-hover table-condensed editable-table listTable" ng-form="list.tableForm" disable-filter="list.isAdding" tracked-table="list.tableTracker">
+    <table ng-table="list.tableParams" class="table table-bordered table-hover table-condensed table-responsive editable-table listTable" ng-form="list.tableForm" disable-filter="list.isAdding" tracked-table="list.tableTracker">
         <tr ng-repeat="row in $data" ng-form="rowForm" tracked-table-row="row">
             <td title="'原标题'">
                 <a ng-href="/{{row.PostId}}" target="_blank">{{row.PostTitle}}</a>
@@ -29,12 +29,16 @@
             <td title="'修改人邮箱'">
                 {{row.ModifierEmail}}
             </td>
+            <td title="'提交时间'">
+                {{row.SubmitTime|date:'yyyy-MM-dd HH:mm:ss'}}
+            </td>
             <td title="'状态'">
                 <span ng-if="row.MergeState==0" class="text-warning">待合并</span>
                 <span ng-if="row.MergeState==1" class="text-success">已合并</span>
                 <span ng-if="row.MergeState==2" class="text-danger">已拒绝</span>
+                <span ng-if="row.MergeState==3" class="text-danger">已被标记为恶意修改</span>
             </td>
-            <td title="'操作'">
+            <td title="'操作'" style="max-width: 400px">
                 <div class="btn-group" ng-if="row.MergeState==0">
                     <a class="btn btn-info btn-sm waves-effect" ng-href="#/merge/compare?id={{row.Id}}">
                         对比
@@ -48,6 +52,9 @@
                     <button class="btn btn-danger btn-sm waves-effect" ng-click="list.reject(row)">
                         拒绝
                     </button>
+                    <button class="btn btn-primary btn-sm waves-effect" ng-click="list.block(row)">
+                        标记为恶意修改
+                    </button>
                 </div>
             </td>
         </tr>