2009-11-11 00:25:29 +00:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.Collections.Generic;
|
2010-01-22 05:25:54 +00:00
|
|
|
|
using System.Linq;
|
2009-11-11 00:25:29 +00:00
|
|
|
|
using System.Web;
|
2009-11-10 20:36:20 +00:00
|
|
|
|
using System.Web.Mvc;
|
2010-01-22 05:25:54 +00:00
|
|
|
|
using Orchard.Localization;
|
|
|
|
|
|
using Orchard.Roles.Models;
|
2009-11-14 02:35:43 +00:00
|
|
|
|
using Orchard.Roles.Records;
|
2009-11-11 00:25:29 +00:00
|
|
|
|
using Orchard.Roles.Services;
|
2009-11-10 20:36:20 +00:00
|
|
|
|
using Orchard.Roles.ViewModels;
|
2010-01-22 05:25:54 +00:00
|
|
|
|
using Orchard.Security;
|
|
|
|
|
|
using Orchard.Security.Permissions;
|
2009-11-12 19:19:45 +00:00
|
|
|
|
using Orchard.UI.Notify;
|
2009-11-10 19:26:37 +00:00
|
|
|
|
|
|
|
|
|
|
namespace Orchard.Roles.Controllers {
|
|
|
|
|
|
[ValidateInput(false)]
|
|
|
|
|
|
public class AdminController : Controller {
|
2009-11-11 00:25:29 +00:00
|
|
|
|
private readonly IRoleService _roleService;
|
2009-11-10 19:26:37 +00:00
|
|
|
|
private readonly INotifier _notifier;
|
2010-01-22 05:25:54 +00:00
|
|
|
|
private readonly IAuthorizationService _authorizationService;
|
2009-11-10 19:26:37 +00:00
|
|
|
|
|
2010-01-22 05:25:54 +00:00
|
|
|
|
public AdminController(
|
|
|
|
|
|
IOrchardServices services,
|
|
|
|
|
|
IRoleService roleService,
|
|
|
|
|
|
INotifier notifier,
|
|
|
|
|
|
IAuthorizationService authorizationService) {
|
|
|
|
|
|
Services = services;
|
2009-11-11 00:25:29 +00:00
|
|
|
|
_roleService = roleService;
|
2009-11-10 19:26:37 +00:00
|
|
|
|
_notifier = notifier;
|
2010-01-22 05:25:54 +00:00
|
|
|
|
_authorizationService = authorizationService;
|
2009-11-10 19:26:37 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2010-01-22 05:25:54 +00:00
|
|
|
|
public IOrchardServices Services { get; set; }
|
|
|
|
|
|
public Localizer T { get; set; }
|
|
|
|
|
|
|
|
|
|
|
|
|
2009-11-10 19:26:37 +00:00
|
|
|
|
public ActionResult Index() {
|
2010-01-22 05:25:54 +00:00
|
|
|
|
if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
|
|
|
|
|
|
return new HttpUnauthorizedResult();
|
|
|
|
|
|
|
2009-11-11 00:25:29 +00:00
|
|
|
|
var model = new RolesIndexViewModel { Rows = _roleService.GetRoles() as IList<RoleRecord> };
|
2009-11-10 20:36:20 +00:00
|
|
|
|
|
|
|
|
|
|
return View(model);
|
2009-11-10 19:26:37 +00:00
|
|
|
|
}
|
2009-11-10 22:04:02 +00:00
|
|
|
|
|
2010-01-05 02:28:47 +00:00
|
|
|
|
[HttpPost, ActionName("Index")]
|
|
|
|
|
|
public ActionResult IndexPOST() {
|
2010-01-22 05:25:54 +00:00
|
|
|
|
if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
|
|
|
|
|
|
return new HttpUnauthorizedResult();
|
|
|
|
|
|
|
2009-11-11 00:25:29 +00:00
|
|
|
|
try {
|
2010-01-05 02:28:47 +00:00
|
|
|
|
foreach (string key in Request.Form.Keys) {
|
|
|
|
|
|
if (key.StartsWith("Checkbox.") && Request.Form[key] == "true") {
|
2009-11-11 00:25:29 +00:00
|
|
|
|
int roleId = Convert.ToInt32(key.Substring("Checkbox.".Length));
|
|
|
|
|
|
_roleService.DeleteRole(roleId);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return RedirectToAction("Index");
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception exception) {
|
|
|
|
|
|
_notifier.Error("Deleting Role failed: " + exception.Message);
|
|
|
|
|
|
return View();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2009-11-10 22:04:02 +00:00
|
|
|
|
public ActionResult Create() {
|
2010-01-22 05:25:54 +00:00
|
|
|
|
if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
|
|
|
|
|
|
return new HttpUnauthorizedResult();
|
|
|
|
|
|
|
2009-11-12 00:40:40 +00:00
|
|
|
|
var model = new RoleCreateViewModel { PackagePermissions = _roleService.GetInstalledPermissions() };
|
2009-11-10 22:04:02 +00:00
|
|
|
|
return View(model);
|
|
|
|
|
|
}
|
2009-11-10 22:10:45 +00:00
|
|
|
|
|
2010-01-05 02:28:47 +00:00
|
|
|
|
[HttpPost, ActionName("Create")]
|
|
|
|
|
|
public ActionResult CreatePOST() {
|
2010-01-22 05:25:54 +00:00
|
|
|
|
if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
|
|
|
|
|
|
return new HttpUnauthorizedResult();
|
|
|
|
|
|
|
2009-11-11 00:25:29 +00:00
|
|
|
|
var viewModel = new RoleCreateViewModel();
|
|
|
|
|
|
try {
|
2010-01-05 02:28:47 +00:00
|
|
|
|
UpdateModel(viewModel);
|
2009-11-11 00:25:29 +00:00
|
|
|
|
_roleService.CreateRole(viewModel.Name);
|
2010-01-05 02:28:47 +00:00
|
|
|
|
foreach (string key in Request.Form.Keys) {
|
|
|
|
|
|
if (key.StartsWith("Checkbox.") && Request.Form[key] == "true") {
|
2009-11-12 00:40:40 +00:00
|
|
|
|
string permissionName = key.Substring("Checkbox.".Length);
|
2010-01-22 05:25:54 +00:00
|
|
|
|
_roleService.CreatePermissionForRole(viewModel.Name,
|
2009-11-12 00:40:40 +00:00
|
|
|
|
permissionName);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2009-11-11 00:25:29 +00:00
|
|
|
|
return RedirectToAction("Index");
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception exception) {
|
|
|
|
|
|
_notifier.Error("Creating Role failed: " + exception.Message);
|
2009-11-12 00:40:40 +00:00
|
|
|
|
return RedirectToAction("Create");
|
2009-11-11 00:25:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2009-11-10 22:10:45 +00:00
|
|
|
|
public ActionResult Edit(int id) {
|
2010-01-22 05:25:54 +00:00
|
|
|
|
if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
|
|
|
|
|
|
return new HttpUnauthorizedResult();
|
|
|
|
|
|
|
2009-11-11 00:25:29 +00:00
|
|
|
|
var role = _roleService.GetRole(id);
|
|
|
|
|
|
if (role == null) {
|
|
|
|
|
|
//TODO: Error message
|
|
|
|
|
|
throw new HttpException(404, "page with id " + id + " was not found");
|
|
|
|
|
|
}
|
2009-11-12 00:40:40 +00:00
|
|
|
|
var model = new RoleEditViewModel { Name = role.Name, Id = role.Id,
|
|
|
|
|
|
PackagePermissions = _roleService.GetInstalledPermissions(),
|
|
|
|
|
|
CurrentPermissions = _roleService.GetPermissionsForRole(id)};
|
2009-11-11 00:25:29 +00:00
|
|
|
|
|
2010-01-22 05:25:54 +00:00
|
|
|
|
var simulation = UserSimulation.Create(role.Name);
|
|
|
|
|
|
model.EffectivePermissions = model.PackagePermissions
|
|
|
|
|
|
.SelectMany(group => group.Value)
|
2010-01-22 06:32:54 +00:00
|
|
|
|
.Where(permission => _authorizationService.TryCheckAccess(simulation, permission))
|
2010-01-22 05:25:54 +00:00
|
|
|
|
.Select(permission=>permission.Name)
|
|
|
|
|
|
.Distinct()
|
|
|
|
|
|
.ToList();
|
|
|
|
|
|
|
2009-11-10 22:10:45 +00:00
|
|
|
|
return View(model);
|
|
|
|
|
|
}
|
2009-11-11 00:25:29 +00:00
|
|
|
|
|
2010-01-05 02:28:47 +00:00
|
|
|
|
[HttpPost, ActionName("Edit")]
|
|
|
|
|
|
public ActionResult EditPOST() {
|
2010-01-22 05:25:54 +00:00
|
|
|
|
if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
|
|
|
|
|
|
return new HttpUnauthorizedResult();
|
|
|
|
|
|
|
2009-11-11 00:25:29 +00:00
|
|
|
|
var viewModel = new RoleEditViewModel();
|
|
|
|
|
|
try {
|
2010-01-05 02:28:47 +00:00
|
|
|
|
UpdateModel(viewModel);
|
2009-11-11 00:25:29 +00:00
|
|
|
|
// Save
|
|
|
|
|
|
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Save"])) {
|
2009-11-12 00:40:40 +00:00
|
|
|
|
List<string> rolePermissions = new List<string>();
|
2010-01-05 02:28:47 +00:00
|
|
|
|
foreach (string key in Request.Form.Keys) {
|
|
|
|
|
|
if (key.StartsWith("Checkbox.") && Request.Form[key] == "true") {
|
2009-11-12 00:40:40 +00:00
|
|
|
|
string permissionName = key.Substring("Checkbox.".Length);
|
|
|
|
|
|
rolePermissions.Add(permissionName);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
_roleService.UpdateRole(viewModel.Id, viewModel.Name, rolePermissions);
|
2009-11-11 00:25:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
else if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
|
|
|
|
|
|
_roleService.DeleteRole(viewModel.Id);
|
|
|
|
|
|
}
|
2010-01-22 05:25:54 +00:00
|
|
|
|
return RedirectToAction("Edit", new { viewModel.Id });
|
2009-11-11 00:25:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
catch (Exception exception) {
|
2009-11-12 00:40:40 +00:00
|
|
|
|
_notifier.Error("Editing Role failed: " + exception.Message);
|
|
|
|
|
|
return RedirectToAction("Edit", viewModel.Id);
|
2009-11-11 00:25:29 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2009-11-10 19:26:37 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
