Stacking Code

This is post #19 in the Building Neno series. Please click here for a description of the Building Neno project and instructions on how to access the source code for this post.

I desperately need a post edit screen to fix the spelling mistakes in my last post. While I'm at it, a post new screen would be handy so I don't have to use /database/import again.

Who Are You?

I'm not going to do a post list screen tonight. I already have a decent number of archive screens which let me get around my posts a little bit. So the plan is to sprinkle my post headings in my existing screens with a "Not Published" label where appropriate, and a link to the post edit screen.

Remember back in the repository stage I filtered the posts based on who the current user is. As an author, I can see my unpublished posts. As an administrator, I can see all unpublished posts. Mixing unpublished posts with published posts lets me see what the unpublished posts will look like on the site before I release them. If I want to see what everyone else sees, I can simply logout.

So first up, I need a couple more identification scenarios to make the sprinkling of the edit link easy.

public static class IIdentityExtensions
{
    public static bool IsRegistered(this IIdentity identity)
    {
        return User.Current != null;
    }

    public static bool IsAnAuthor(this IIdentity identity)
    {
        return IsRegistered(identity) && User.Current.IsAnAuthor;
    }

    public static bool IsAnAdministrator(this IIdentity identity)
    {
        return IsRegistered(identity) && User.Current.IsAnAdministrator;
    }

    public static bool IsAnAuthorOrAnAdministrator(this IIdentity identity)
    {
        return IsAnAuthor(identity) || IsAnAdministrator(identity);
    }

    public static bool IsTheAuthorOrAnAdministrator(this IIdentity identity, Post post)
    {
        return (IsAnAuthor(identity) && post != null && post.Author.Id == User.Current.Id) || IsAnAdministrator(identity);
    }
}

That lets me do quick checks in my views like this...

<%
    if (Context.User.Identity.IsTheAuthorOrAnAdministrator(Model))
    {%>
<div class="small" style="float: right; margin-left: 1em;"><%=Html.ActionLink("Edit", "edit", "post", new { Model.Id }, null)%></div>

Crazy Attributes

I can extend that check to my action methods as well like I did with the RegisteredAttribute class (now the UserIsRegisteredAttribute class).

[UserIsTheAuthorOrAnAdministrator("Id")]
public ActionResult Edit(int id)
{
    // I can assume the post exists or the attribute above will redirect me away.
    Post post = Container.Get<IPostService>().GetPost(id);

    return View(post);
}

This is a form of security, but it's there mainly as a convenience to make sure the user is logged in as the right identity. I still need to add proper security checks to my service layer.

The Screens

The screens themselves are nothing to write home about. Functional, gets the job done, they'll do for now.

I may eventually hook up the WMD editor for Markdown. But considering I'm in the habit of actually writing my posts elsewhere and cutting and pasting them in, it's not a high priority.

I found MarkdownNote, a Markdown editor for the iPad, last week. There might even be a Markdown plugin for Firefox that I'm not aware of.

New Links

The last thing to do before I log off tonight is add a recent posts section to my right hand column, along with a link to the archives. This should help with navigation a bit.

I don't have a link to /post/new yet, so I'll have to hack that into the address bar for now.