From 960f26b95c1edf352ebd0757b6208ee0bca1b827 Mon Sep 17 00:00:00 2001
From: jvyden <jvyden@jvyden.xyz>
Date: Sun, 9 Jan 2022 23:43:07 -0500
Subject: [PATCH] Add ban confirmation page

---
 .../Website/Admin/AdminUserController.cs      | 26 +---------
 .../Pages/Admin/AdminBanUserPage.cshtml       | 20 ++++++++
 .../Pages/Admin/AdminBanUserPage.cshtml.cs    | 49 +++++++++++++++++++
 .../Pages/{ => Admin}/AdminPanelPage.cshtml   |  2 +-
 .../{ => Admin}/AdminPanelPage.cshtml.cs      |  2 +-
 .../Pages/PasswordResetRequiredPage.cshtml    |  2 +-
 6 files changed, 73 insertions(+), 28 deletions(-)
 create mode 100644 ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml
 create mode 100644 ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml.cs
 rename ProjectLighthouse/Pages/{ => Admin}/AdminPanelPage.cshtml (96%)
 rename ProjectLighthouse/Pages/{ => Admin}/AdminPanelPage.cshtml.cs (96%)

diff --git a/ProjectLighthouse/Controllers/Website/Admin/AdminUserController.cs b/ProjectLighthouse/Controllers/Website/Admin/AdminUserController.cs
index 96e74702..e92266fe 100644
--- a/ProjectLighthouse/Controllers/Website/Admin/AdminUserController.cs
+++ b/ProjectLighthouse/Controllers/Website/Admin/AdminUserController.cs
@@ -1,5 +1,4 @@
 #nullable enable
-using System.Linq;
 using System.Threading.Tasks;
 using LBPUnion.ProjectLighthouse.Types;
 using Microsoft.AspNetCore.Mvc;
@@ -18,34 +17,11 @@ namespace LBPUnion.ProjectLighthouse.Controllers.Website.Admin
             this.database = database;
         }
 
-        [HttpGet("ban")]
-        public async Task<IActionResult> BanUser([FromRoute] int id)
-        {
-            User? user = this.database.UserFromWebRequest(this.Request);
-            if (user == null || !user.IsAdmin) return this.StatusCode(403, "");
-
-            User? targetedUser = await this.database.Users.FirstOrDefaultAsync(u => u.UserId == id);
-            ;
-            if (targetedUser == null) return this.NotFound();
-
-            targetedUser.Banned = true;
-            targetedUser.BannedReason = $"Banned by admin {user.Username} (id: {user.UserId})";
-
-            // invalidate all currently active gametokens
-            this.database.GameTokens.RemoveRange(this.database.GameTokens.Where(t => t.UserId == targetedUser.UserId));
-
-            // invalidate all currently active webtokens
-            this.database.WebTokens.RemoveRange(this.database.WebTokens.Where(t => t.UserId == targetedUser.UserId));
-
-            await this.database.SaveChangesAsync();
-            return this.Redirect($"/user/{targetedUser.UserId}");
-        }
-
         [HttpGet("unban")]
         public async Task<IActionResult> UnbanUser([FromRoute] int id)
         {
             User? user = this.database.UserFromWebRequest(this.Request);
-            if (user == null || !user.IsAdmin) return this.StatusCode(403, "");
+            if (user == null || !user.IsAdmin) return this.NotFound();
 
             User? targetedUser = await this.database.Users.FirstOrDefaultAsync(u => u.UserId == id);
             ;
diff --git a/ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml b/ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml
new file mode 100644
index 00000000..2fd9e27a
--- /dev/null
+++ b/ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml
@@ -0,0 +1,20 @@
+@page "/admin/user/{id:int}/ban"
+@model LBPUnion.ProjectLighthouse.Pages.Admin.AdminBanUserPage
+
+@{
+    Layout = "Layouts/BaseLayout";
+    Model.Title = "Ban " + Model.TargetedUser!.Username + "?";
+}
+
+<p>Are you sure you want to ban this user?</p>
+
+<form method="post">
+    @Html.AntiForgeryToken()
+
+    <div class="ui left labeled input">
+        <label for="text" class="ui blue label">Reason: </label>
+        <input type="text" name="reason" id="text">
+    </div><br><br>
+
+    <input type="submit" value="Yes, ban @Model.TargetedUser.Username!" id="submit" class="ui red button"><br>
+</form>
\ No newline at end of file
diff --git a/ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml.cs b/ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml.cs
new file mode 100644
index 00000000..34eff362
--- /dev/null
+++ b/ProjectLighthouse/Pages/Admin/AdminBanUserPage.cshtml.cs
@@ -0,0 +1,49 @@
+#nullable enable
+using System.Linq;
+using System.Threading.Tasks;
+using LBPUnion.ProjectLighthouse.Pages.Layouts;
+using LBPUnion.ProjectLighthouse.Types;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+namespace LBPUnion.ProjectLighthouse.Pages.Admin;
+
+public class AdminBanUserPage : BaseLayout
+{
+    public AdminBanUserPage(Database database) : base(database)
+    {}
+
+    public User? TargetedUser;
+
+    public async Task<IActionResult> OnGet([FromRoute] int id)
+    {
+        User? user = this.Database.UserFromWebRequest(this.Request);
+        if (user == null || !user.IsAdmin) return this.NotFound();
+
+        this.TargetedUser = await this.Database.Users.FirstOrDefaultAsync(u => u.UserId == id);
+        if (this.TargetedUser == null) return this.NotFound();
+
+        return this.Page();
+    }
+
+    public async Task<IActionResult> OnPost([FromRoute] int id, string reason)
+    {
+        User? user = this.Database.UserFromWebRequest(this.Request);
+        if (user == null || !user.IsAdmin) return this.NotFound();
+
+        this.TargetedUser = await this.Database.Users.FirstOrDefaultAsync(u => u.UserId == id);
+        if (this.TargetedUser == null) return this.NotFound();
+
+        this.TargetedUser.Banned = true;
+        this.TargetedUser.BannedReason = reason;
+
+        // invalidate all currently active gametokens
+        this.Database.GameTokens.RemoveRange(this.Database.GameTokens.Where(t => t.UserId == this.TargetedUser.UserId));
+
+        // invalidate all currently active webtokens
+        this.Database.WebTokens.RemoveRange(this.Database.WebTokens.Where(t => t.UserId == this.TargetedUser.UserId));
+
+        await this.Database.SaveChangesAsync();
+        return this.Redirect($"/user/{this.TargetedUser.UserId}");
+    }
+}
\ No newline at end of file
diff --git a/ProjectLighthouse/Pages/AdminPanelPage.cshtml b/ProjectLighthouse/Pages/Admin/AdminPanelPage.cshtml
similarity index 96%
rename from ProjectLighthouse/Pages/AdminPanelPage.cshtml
rename to ProjectLighthouse/Pages/Admin/AdminPanelPage.cshtml
index 891e8891..9321859f 100644
--- a/ProjectLighthouse/Pages/AdminPanelPage.cshtml
+++ b/ProjectLighthouse/Pages/Admin/AdminPanelPage.cshtml
@@ -1,7 +1,7 @@
 @page "/admin"
 @using LBPUnion.ProjectLighthouse.Helpers
 @using LBPUnion.ProjectLighthouse.Maintenance
-@model LBPUnion.ProjectLighthouse.Pages.AdminPanelPage
+@model LBPUnion.ProjectLighthouse.Pages.Admin.AdminPanelPage
 
 @{
     Layout = "Layouts/BaseLayout";
diff --git a/ProjectLighthouse/Pages/AdminPanelPage.cshtml.cs b/ProjectLighthouse/Pages/Admin/AdminPanelPage.cshtml.cs
similarity index 96%
rename from ProjectLighthouse/Pages/AdminPanelPage.cshtml.cs
rename to ProjectLighthouse/Pages/Admin/AdminPanelPage.cshtml.cs
index e12a2b4a..8881f236 100644
--- a/ProjectLighthouse/Pages/AdminPanelPage.cshtml.cs
+++ b/ProjectLighthouse/Pages/Admin/AdminPanelPage.cshtml.cs
@@ -7,7 +7,7 @@ using LBPUnion.ProjectLighthouse.Pages.Layouts;
 using LBPUnion.ProjectLighthouse.Types;
 using Microsoft.AspNetCore.Mvc;
 
-namespace LBPUnion.ProjectLighthouse.Pages
+namespace LBPUnion.ProjectLighthouse.Pages.Admin
 {
     public class AdminPanelPage : BaseLayout
     {
diff --git a/ProjectLighthouse/Pages/PasswordResetRequiredPage.cshtml b/ProjectLighthouse/Pages/PasswordResetRequiredPage.cshtml
index 616d2f8a..afe20489 100644
--- a/ProjectLighthouse/Pages/PasswordResetRequiredPage.cshtml
+++ b/ProjectLighthouse/Pages/PasswordResetRequiredPage.cshtml
@@ -6,7 +6,7 @@
     Model.Title = "Password Reset Required";
 }
 
-<p>An admin has deemed it necessary that you reset your password. Please do so.</p>
+<p>An administrator has deemed it necessary that you reset your password. Please do so.</p>
 
 <a href="/passwordReset">
     <div class="ui blue button">Reset Password</div>