From 2c43e7fe5825ba25de14abccb86c163726b01ba5 Mon Sep 17 00:00:00 2001
From: Chris Woodward <cwoodward@brightmetrics.com>
Date: Wed, 25 Jul 2018 09:11:33 -0700
Subject: [PATCH 1/2] Changed Uploads, Pastes, and URL Shortening to private
 only.

---
 Teknik/Areas/API/Controllers/APIv1Controller.cs      |  3 ---
 Teknik/Areas/About/Views/About/Index.cshtml          | 12 ++++++------
 Teknik/Areas/Paste/Controllers/PasteController.cs    |  6 ++----
 .../Shortener/Controllers/ShortenerController.cs     |  2 --
 Teknik/Areas/Upload/Controllers/UploadController.cs  |  2 --
 Teknik/Areas/Vault/Controllers/VaultController.cs    |  4 ----
 6 files changed, 8 insertions(+), 21 deletions(-)

diff --git a/Teknik/Areas/API/Controllers/APIv1Controller.cs b/Teknik/Areas/API/Controllers/APIv1Controller.cs
index f729867..f4f6a94 100644
--- a/Teknik/Areas/API/Controllers/APIv1Controller.cs
+++ b/Teknik/Areas/API/Controllers/APIv1Controller.cs
@@ -33,7 +33,6 @@ namespace Teknik.Areas.API.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         [TrackPageView]
         public ActionResult Upload(APIv1UploadModel model)
         {
@@ -184,7 +183,6 @@ namespace Teknik.Areas.API.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         [TrackPageView]
         public ActionResult Paste(APIv1PasteModel model)
         {
@@ -232,7 +230,6 @@ namespace Teknik.Areas.API.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         [TrackPageView]
         public ActionResult Shorten(APIv1ShortenModel model)
         {
diff --git a/Teknik/Areas/About/Views/About/Index.cshtml b/Teknik/Areas/About/Views/About/Index.cshtml
index 313d628..f57e3d3 100644
--- a/Teknik/Areas/About/Views/About/Index.cshtml
+++ b/Teknik/Areas/About/Views/About/Index.cshtml
@@ -103,37 +103,37 @@
                             <td class="text-left">Pastebin</td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
-                            <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
+                            <td class="text-center"><i class="fa fa-times fa-2x text-danger"></i></td>
                         </tr>
                         <tr>
                             <td class="text-left">File Uploads</td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
-                            <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
+                            <td class="text-center"><i class="fa fa-times fa-2x text-danger"></i></td>
                         </tr>
                         <tr>
                             <td class="text-left">Max Upload Filesize</td>
                             <td class="text-center">@StringHelper.GetBytesReadable(Model.Config.UploadConfig.MaxUploadSizePremium)</td>
                             <td class="text-center">@StringHelper.GetBytesReadable(Model.Config.UploadConfig.MaxUploadSizeBasic)</td>
-                            <td class="text-center">@StringHelper.GetBytesReadable(Model.Config.UploadConfig.MaxUploadSize)</td>
+                            <td class="text-center"><i class="fa fa-times fa-2x text-danger"></i></td>
                         </tr>
                         <tr>
                             <td class="text-left">Max Embedded Filesize</td>
                             <td class="text-center">Unlimited</td>
                             <td class="text-center">@StringHelper.GetBytesReadable(Model.Config.UploadConfig.MaxDownloadSize)</td>
-                            <td class="text-center">@StringHelper.GetBytesReadable(Model.Config.UploadConfig.MaxDownloadSize)</td>
+                            <td class="text-center"><i class="fa fa-times fa-2x text-danger"></i></td>
                         </tr>
                         <tr>
                             <td class="text-left">Url Shortening</td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
-                            <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
+                            <td class="text-center"><i class="fa fa-times fa-2x text-danger"></i></td>
                         </tr>
                         <tr>
                             <td class="text-left">Vault Creation</td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
                             <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
-                            <td class="text-center"><i class="fa fa-check fa-2x text-success"></i></td>
+                            <td class="text-center"><i class="fa fa-times fa-2x text-danger"></i></td>
                         </tr>
                         <tr>
                             <td class="text-left">Technical Podcasts</td>
diff --git a/Teknik/Areas/Paste/Controllers/PasteController.cs b/Teknik/Areas/Paste/Controllers/PasteController.cs
index e479318..7995bac 100644
--- a/Teknik/Areas/Paste/Controllers/PasteController.cs
+++ b/Teknik/Areas/Paste/Controllers/PasteController.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Data.Entity;
 using System.Linq;
@@ -23,7 +23,6 @@ namespace Teknik.Areas.Paste.Controllers
     public class PasteController : DefaultController
     {
         [TrackPageView]
-        [AllowAnonymous]
         public ActionResult Index()
         {
             ViewBag.Title = "Paste - " + Config.Title;
@@ -147,7 +146,6 @@ namespace Teknik.Areas.Paste.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         public ActionResult Paste([Bind(Include = "Content, Title, Syntax, ExpireLength, ExpireUnit, Password, Hide")]PasteCreateViewModel model)
         {
             if (ModelState.IsValid)
@@ -190,4 +188,4 @@ namespace Teknik.Areas.Paste.Controllers
             return View("~/Areas/Paste/Views/Paste/Index.cshtml", model);
         }
     }
-}
\ No newline at end of file
+}
diff --git a/Teknik/Areas/Shortener/Controllers/ShortenerController.cs b/Teknik/Areas/Shortener/Controllers/ShortenerController.cs
index 42a4ff6..c7b6bd4 100644
--- a/Teknik/Areas/Shortener/Controllers/ShortenerController.cs
+++ b/Teknik/Areas/Shortener/Controllers/ShortenerController.cs
@@ -18,7 +18,6 @@ namespace Teknik.Areas.Shortener.Controllers
     public class ShortenerController : DefaultController
     {
         [TrackPageView]
-        [AllowAnonymous]
         public ActionResult Index()
         {
             ViewBag.Title = "Url Shortener - " + Config.Title;
@@ -45,7 +44,6 @@ namespace Teknik.Areas.Shortener.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         public ActionResult ShortenUrl(string url)
         {
             if (url.IsValidUrl())
diff --git a/Teknik/Areas/Upload/Controllers/UploadController.cs b/Teknik/Areas/Upload/Controllers/UploadController.cs
index cf73567..de74699 100644
--- a/Teknik/Areas/Upload/Controllers/UploadController.cs
+++ b/Teknik/Areas/Upload/Controllers/UploadController.cs
@@ -30,7 +30,6 @@ namespace Teknik.Areas.Upload.Controllers
         // GET: Upload/Upload
         [HttpGet]
         [TrackPageView]
-        [AllowAnonymous]
         public ActionResult Index()
         {
             ViewBag.Title = "Teknik Upload - End to End Encryption";
@@ -53,7 +52,6 @@ namespace Teknik.Areas.Upload.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         public ActionResult Upload(string fileType, string fileExt, string iv, int keySize, int blockSize, bool encrypt, HttpPostedFileWrapper data)
         {
             try
diff --git a/Teknik/Areas/Vault/Controllers/VaultController.cs b/Teknik/Areas/Vault/Controllers/VaultController.cs
index 1447ceb..75e141d 100644
--- a/Teknik/Areas/Vault/Controllers/VaultController.cs
+++ b/Teknik/Areas/Vault/Controllers/VaultController.cs
@@ -103,7 +103,6 @@ namespace Teknik.Areas.Vault.Controllers
 
         [HttpGet]
         [TrackPageView]
-        [AllowAnonymous]
         public ActionResult NewVault()
         {
             ViewBag.Title = "Create Vault";
@@ -114,7 +113,6 @@ namespace Teknik.Areas.Vault.Controllers
 
         [HttpGet]
         [TrackPageView]
-        [AllowAnonymous]
         public ActionResult NewVaultFromService(string type, string items)
         {
             ViewBag.Title = "Create Vault";
@@ -239,7 +237,6 @@ namespace Teknik.Areas.Vault.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         [ValidateAntiForgeryToken]
         public ActionResult CreateVault(ModifyVaultViewModel model)
         {
@@ -415,7 +412,6 @@ namespace Teknik.Areas.Vault.Controllers
         }
 
         [HttpPost]
-        [AllowAnonymous]
         [ValidateAntiForgeryToken]
         public ActionResult ValidateItem(string type, string url)
         {

From 8cb92c08a2bce8977af0f3833d5ff5b4cbb340a7 Mon Sep 17 00:00:00 2001
From: Chris Woodward <cwoodward@brightmetrics.com>
Date: Wed, 25 Jul 2018 09:20:49 -0700
Subject: [PATCH 2/2] Added username to upload results in admin

---
 Teknik/Areas/Admin/Controllers/AdminController.cs   |  1 +
 .../Areas/Admin/ViewModels/UploadResultViewModel.cs |  5 +++--
 Teknik/Areas/Admin/Views/Admin/UploadResult.cshtml  | 13 +++++++++++--
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/Teknik/Areas/Admin/Controllers/AdminController.cs b/Teknik/Areas/Admin/Controllers/AdminController.cs
index f3b5706..a39acdb 100644
--- a/Teknik/Areas/Admin/Controllers/AdminController.cs
+++ b/Teknik/Areas/Admin/Controllers/AdminController.cs
@@ -105,6 +105,7 @@ namespace Teknik.Areas.Admin.Controllers
                 model.DateUploaded = foundUpload.DateUploaded;
                 model.Downloads = foundUpload.Downloads;
                 model.DeleteKey = foundUpload.DeleteKey;
+                model.Username = foundUpload.User?.Username;
 
                 return Json(new { result = new { html = PartialView("~/Areas/Admin/Views/Admin/UploadResult.cshtml", model).RenderToString() } });
             }
diff --git a/Teknik/Areas/Admin/ViewModels/UploadResultViewModel.cs b/Teknik/Areas/Admin/ViewModels/UploadResultViewModel.cs
index 91af46f..a2871b2 100644
--- a/Teknik/Areas/Admin/ViewModels/UploadResultViewModel.cs
+++ b/Teknik/Areas/Admin/ViewModels/UploadResultViewModel.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Web;
@@ -14,5 +14,6 @@ namespace Teknik.Areas.Admin.ViewModels
         public DateTime DateUploaded { get; set; }
         public int Downloads { get; set; }
         public string DeleteKey { get; set; }
+        public string Username { get; set; }
     }
-}
\ No newline at end of file
+}
diff --git a/Teknik/Areas/Admin/Views/Admin/UploadResult.cshtml b/Teknik/Areas/Admin/Views/Admin/UploadResult.cshtml
index 006e5a5..e9a37ce 100644
--- a/Teknik/Areas/Admin/Views/Admin/UploadResult.cshtml
+++ b/Teknik/Areas/Admin/Views/Admin/UploadResult.cshtml
@@ -7,15 +7,24 @@
         <a id="upload-url" href="@Url.SubRouteUrl("u", "Upload.Download", new { file = Model.Url })">@Url.SubRouteUrl("u", "Upload.Download", new { file = Model.Url })</a>
     </div>
     <div class="panel-body">
+        <div class="col-sm-2 text-center">
+            <label for="type">Username</label>
+            <p id="type">
+            @if (!string.IsNullOrEmpty(Model.Username))
+            { 
+                @:<a href="@Url.SubRouteUrl("admin", "Admin.UserInfo", new { username = Model.Username })">@Model.Username</a>
+            }
+            </p>
+        </div>
         <div class="col-sm-2 text-center">
             <label for="size">Size</label>
             <p id="size">@StringHelper.GetBytesReadable(Model.ContentLength)</p>
         </div>
-        <div class="col-sm-3 text-center">
+        <div class="col-sm-2 text-center">
             <label for="type">Type</label>
             <p id="type">@Model.ContentType</p>
         </div>
-        <div class="col-sm-3 text-center">
+        <div class="col-sm-2 text-center">
             <label for="dateUploaded">Date Uploaded</label>
             <p id="dateUploaded"><time datetime="@Model.DateUploaded.ToString("s")">@Model.DateUploaded.ToString("MMMM dd, yyyy")</time></p>
         </div>