mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-10-14 02:44:52 +08:00
Merge
--HG-- branch : 1.x
This commit is contained in:
Andre Rodrigues
@@ -59,11 +59,11 @@ namespace Orchard.Specs.Bindings {
|
||||
private static Permission GetPermissionForAction(string action) {
|
||||
switch ( action ) {
|
||||
case "publish":
|
||||
return Permissions.PublishOthersContent;
|
||||
return Permissions.PublishContent;
|
||||
case "edit":
|
||||
return Permissions.EditOthersContent;
|
||||
return Permissions.EditContent;
|
||||
case "delete":
|
||||
return Permissions.DeleteOthersContent;
|
||||
return Permissions.DeleteContent;
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ Scenario: Administrators can manage a Page
|
||||
|
||||
Scenario: Users can't create a Page if they don't have the PublishContent permission
|
||||
Given I have installed Orchard
|
||||
When I have a role "CustomRole" with permissions "EditOthersContent, DeleteOthersContent"
|
||||
When I have a role "CustomRole" with permissions "EditContent, DeleteContent"
|
||||
And I have a user "user1" with roles "CustomRole"
|
||||
Then "user1" should not be able to "publish" a "Page" owned by "user1"
|
||||
And "user1" should be able to "edit" a "Page" owned by "user1"
|
||||
@@ -19,7 +19,7 @@ Scenario: Users can't create a Page if they don't have the PublishContent permis
|
||||
|
||||
Scenario: Users can create a Page of others if they have PublishContent permission
|
||||
Given I have installed Orchard
|
||||
When I have a role "CustomRole" with permissions "PublishOthersContent"
|
||||
When I have a role "CustomRole" with permissions "PublishContent"
|
||||
And I have a user "user1" with roles "CustomRole"
|
||||
And I have a user "user2" with roles "Administrator"
|
||||
Then "user1" should be able to "publish" a "Page" owned by "user2"
|
||||
@@ -44,7 +44,7 @@ Scenario: Users can create and edit a Page even if they only have the PublishOwn
|
||||
|
||||
Scenario: Users can't edit a Page if they don't have the EditContent permission
|
||||
Given I have installed Orchard
|
||||
When I have a role "CustomRole" with permissions "DeleteOthersContent"
|
||||
When I have a role "CustomRole" with permissions "DeleteContent"
|
||||
And I have a user "user1" with roles "CustomRole"
|
||||
Then "user1" should not be able to "publish" a "Page" owned by "user1"
|
||||
And "user1" should not be able to "edit" a "Page" owned by "user1"
|
||||
|
||||
6
src/Orchard.Specs/ContentRights.feature.cs
generated
6
src/Orchard.Specs/ContentRights.feature.cs
generated
@@ -82,7 +82,7 @@ this.ScenarioSetup(scenarioInfo);
|
||||
#line 13
|
||||
testRunner.Given("I have installed Orchard");
|
||||
#line 14
|
||||
testRunner.When("I have a role \"CustomRole\" with permissions \"EditOthersContent, DeleteOthersConte" +
|
||||
testRunner.When("I have a role \"CustomRole\" with permissions \"EditContent, DeleteConte" +
|
||||
"nt\"");
|
||||
#line 15
|
||||
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
|
||||
@@ -106,7 +106,7 @@ this.ScenarioSetup(scenarioInfo);
|
||||
#line 21
|
||||
testRunner.Given("I have installed Orchard");
|
||||
#line 22
|
||||
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishOthersContent\"");
|
||||
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishContent\"");
|
||||
#line 23
|
||||
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
|
||||
#line 24
|
||||
@@ -179,7 +179,7 @@ this.ScenarioSetup(scenarioInfo);
|
||||
#line 46
|
||||
testRunner.Given("I have installed Orchard");
|
||||
#line 47
|
||||
testRunner.When("I have a role \"CustomRole\" with permissions \"DeleteOthersContent\"");
|
||||
testRunner.When("I have a role \"CustomRole\" with permissions \"DeleteContent\"");
|
||||
#line 48
|
||||
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
|
||||
#line 49
|
||||
|
||||
@@ -138,7 +138,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
break;
|
||||
case ContentsBulkAction.PublishNow:
|
||||
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
|
||||
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't publish selected content.")))
|
||||
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't publish selected content.")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
accessChecked = true;
|
||||
@@ -149,7 +149,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
break;
|
||||
case ContentsBulkAction.Unpublish:
|
||||
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
|
||||
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't unpublish selected content.")))
|
||||
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't unpublish selected content.")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
accessChecked = true;
|
||||
@@ -160,7 +160,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
break;
|
||||
case ContentsBulkAction.Remove:
|
||||
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
|
||||
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteOthersContent, item, T("Couldn't remove selected content.")))
|
||||
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteContent, item, T("Couldn't remove selected content.")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
accessChecked = true;
|
||||
@@ -190,7 +190,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
|
||||
var contentItem = _contentManager.New(id);
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Cannot create content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Cannot create content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
dynamic model = _contentManager.BuildEditor(contentItem);
|
||||
@@ -210,7 +210,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
[HttpPost, ActionName("Create")]
|
||||
[FormValueRequired("submit.Publish")]
|
||||
public ActionResult CreateAndPublishPOST(string id) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOwnContent, T("Couldn't create content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, T("Couldn't create content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
return CreatePOST(id, contentItem => _contentManager.Publish(contentItem));
|
||||
@@ -219,7 +219,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
private ActionResult CreatePOST(string id, Action<ContentItem> conditionallyPublish) {
|
||||
var contentItem = _contentManager.New(id);
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't create content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't create content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
_contentManager.Create(contentItem, VersionOptions.Draft);
|
||||
@@ -245,7 +245,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Cannot edit content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
dynamic model = _contentManager.BuildEditor(contentItem);
|
||||
@@ -270,7 +270,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
if (content == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, content, T("Couldn't publish content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, content, T("Couldn't publish content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
return EditPOST(id, returnUrl, contentItem => _contentManager.Publish(contentItem));
|
||||
@@ -282,7 +282,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Couldn't edit content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Couldn't edit content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
dynamic model = _contentManager.UpdateEditor(contentItem, this);
|
||||
@@ -304,7 +304,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
public ActionResult Remove(int id, string returnUrl) {
|
||||
var contentItem = _contentManager.Get(id, VersionOptions.Latest);
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.DeleteOthersContent, contentItem, T("Couldn't remove content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.DeleteContent, contentItem, T("Couldn't remove content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
if (contentItem != null) {
|
||||
@@ -323,7 +323,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
_contentManager.Publish(contentItem);
|
||||
@@ -339,7 +339,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't unpublish content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't unpublish content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
_contentManager.Unpublish(contentItem);
|
||||
|
||||
@@ -37,7 +37,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
|
||||
var contentItem = _contentManager.Get(id, versionOptions);
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Cannot edit content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
dynamic model = _contentManager.BuildDisplay(contentItem);
|
||||
|
||||
@@ -9,19 +9,19 @@ using Orchard.Security.Permissions;
|
||||
|
||||
namespace Orchard.Core.Contents {
|
||||
public class DynamicPermissions : IPermissionProvider {
|
||||
private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishOthersContent } };
|
||||
private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishContent } };
|
||||
private static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish {0}", Name = "PublishOwn_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOwnContent } };
|
||||
private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOthersContent } };
|
||||
private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishContent } };
|
||||
private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } };
|
||||
private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteOthersContent } };
|
||||
private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } };
|
||||
private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } };
|
||||
|
||||
public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> {
|
||||
{Permissions.PublishOthersContent.Name, PublishContent},
|
||||
{Permissions.PublishContent.Name, PublishContent},
|
||||
{Permissions.PublishOwnContent.Name, PublishOwnContent},
|
||||
{Permissions.EditOthersContent.Name, EditContent},
|
||||
{Permissions.EditContent.Name, EditContent},
|
||||
{Permissions.EditOwnContent.Name, EditOwnContent},
|
||||
{Permissions.DeleteOthersContent.Name, DeleteContent},
|
||||
{Permissions.DeleteContent.Name, DeleteContent},
|
||||
{Permissions.DeleteOwnContent.Name, DeleteOwnContent}
|
||||
};
|
||||
|
||||
|
||||
@@ -4,12 +4,20 @@ using Orchard.Security.Permissions;
|
||||
|
||||
namespace Orchard.Core.Contents {
|
||||
public class Permissions : IPermissionProvider {
|
||||
public static readonly Permission PublishOthersContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishOthersContent" };
|
||||
public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish own content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishOthersContent } };
|
||||
public static readonly Permission EditOthersContent = new Permission { Description = "Edit content for others", Name = "EditOthersContent", ImpliedBy = new[] { PublishOthersContent } };
|
||||
public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditOthersContent, PublishOwnContent } };
|
||||
public static readonly Permission DeleteOthersContent = new Permission { Description = "Delete content for others", Name = "DeleteOthersContent" };
|
||||
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteOthersContent } };
|
||||
|
||||
// Note - in code you should demand PublishContent, EditContent, or DeleteContent
|
||||
// Do not demand the "Own" variation - those are applied automatically when you demand the main three
|
||||
|
||||
// Also - the internal name EditContent is used instead of EditOthersContent
|
||||
// because demanding "EditContent" is correct and looks right,
|
||||
// but demanding "EditOthersContent" looks wrong so wasn't used when it should have been
|
||||
|
||||
public static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishContent" };
|
||||
public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish own content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishContent } };
|
||||
public static readonly Permission EditContent = new Permission { Description = "Edit content for others", Name = "EditContent", ImpliedBy = new[] { PublishContent } };
|
||||
public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } };
|
||||
public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" };
|
||||
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } };
|
||||
|
||||
public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } };
|
||||
|
||||
@@ -18,11 +26,11 @@ namespace Orchard.Core.Contents {
|
||||
public IEnumerable<Permission> GetPermissions() {
|
||||
return new [] {
|
||||
EditOwnContent,
|
||||
EditOthersContent,
|
||||
EditContent,
|
||||
PublishOwnContent,
|
||||
PublishOthersContent,
|
||||
PublishContent,
|
||||
DeleteOwnContent,
|
||||
DeleteOthersContent,
|
||||
DeleteContent,
|
||||
};
|
||||
}
|
||||
|
||||
@@ -30,11 +38,11 @@ namespace Orchard.Core.Contents {
|
||||
return new[] {
|
||||
new PermissionStereotype {
|
||||
Name = "Administrator",
|
||||
Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent}
|
||||
Permissions = new[] {PublishContent,EditContent,DeleteContent}
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Editor",
|
||||
Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent}
|
||||
Permissions = new[] {PublishContent,EditContent,DeleteContent}
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Moderator",
|
||||
|
||||
@@ -54,11 +54,11 @@ namespace Orchard.Core.Contents.Security
|
||||
}
|
||||
|
||||
private static Permission GetOwnerVariation(Permission permission) {
|
||||
if (permission.Name == Permissions.PublishOthersContent.Name)
|
||||
if (permission.Name == Permissions.PublishContent.Name)
|
||||
return Permissions.PublishOwnContent;
|
||||
if (permission.Name == Permissions.EditOthersContent.Name)
|
||||
if (permission.Name == Permissions.EditContent.Name)
|
||||
return Permissions.EditOwnContent;
|
||||
if (permission.Name == Permissions.DeleteOthersContent.Name)
|
||||
if (permission.Name == Permissions.DeleteContent.Name)
|
||||
return Permissions.DeleteOwnContent;
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
@using Orchard.ContentManagement;
|
||||
@using Orchard.Core.Contents;
|
||||
@if (AuthorizedFor(Permissions.EditOthersContent)) {
|
||||
@if (AuthorizedFor(Permissions.EditContent)) {
|
||||
<div class="content-control">
|
||||
<div class="manage-actions">@Html.ItemEditLinkWithReturnUrl(T("Edit").Text, (ContentItem)Model.ContentItem)</div>
|
||||
@Display(Model.Child)
|
||||
|
||||
@@ -24,7 +24,7 @@ namespace Orchard.ArchiveLater.Services {
|
||||
public Localizer T { get; set; }
|
||||
|
||||
void IArchiveLaterService.ArchiveLater(ContentItem contentItem, DateTime scheduledArchiveUtc) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't archive selected content.")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't archive selected content.")))
|
||||
return;
|
||||
|
||||
RemoveArchiveLaterTasks(contentItem);
|
||||
|
||||
@@ -26,16 +26,16 @@ namespace Orchard.Blogs {
|
||||
|
||||
if (blogCount > 0 && singleBlog == null) {
|
||||
menu.Add(T("Manage Blogs"), "3",
|
||||
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListOwnBlogs));
|
||||
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListBlogs));
|
||||
}
|
||||
else if (singleBlog != null)
|
||||
menu.Add(T("Manage Blog"), "1.0",
|
||||
item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListOwnBlogs));
|
||||
item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListBlogs));
|
||||
|
||||
if (singleBlog != null)
|
||||
menu.Add(T("Create New Post"), "1.1",
|
||||
item =>
|
||||
item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishOwnBlogPost));
|
||||
item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishBlogPost));
|
||||
|
||||
menu.Add(T("Create New Blog"), "1.2",
|
||||
item =>
|
||||
|
||||
@@ -30,7 +30,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
public Localizer T { get; set; }
|
||||
|
||||
public ActionResult Create(int blogId) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Not allowed to create blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Not allowed to create blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
|
||||
@@ -57,14 +57,14 @@ namespace Orchard.Blogs.Controllers {
|
||||
[HttpPost, ActionName("Create")]
|
||||
[FormValueRequired("submit.Publish")]
|
||||
public ActionResult CreateAndPublishPOST(int blogId) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't create blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't create blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
return CreatePOST(blogId, contentItem => Services.ContentManager.Publish(contentItem));
|
||||
}
|
||||
|
||||
private ActionResult CreatePOST(int blogId, Action<ContentItem> conditionallyPublish) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't create blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't create blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
|
||||
@@ -99,7 +99,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
if (post == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, post, T("Couldn't edit blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, post, T("Couldn't edit blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
dynamic model = Services.ContentManager.BuildEditor(post);
|
||||
@@ -128,7 +128,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
if (blogPost == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, blogPost, T("Couldn't publish blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, blogPost, T("Couldn't publish blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
return EditPOST(blogId, postId, returnUrl, contentItem => Services.ContentManager.Publish(contentItem));
|
||||
@@ -144,7 +144,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
if (blogPost == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, blogPost, T("Couldn't edit blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blogPost, T("Couldn't edit blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Validate form input
|
||||
@@ -171,7 +171,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
}
|
||||
|
||||
// check edit permission
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, draft, T("Couldn't discard blog post draft")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, draft, T("Couldn't discard blog post draft")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// locate the published revision to revert onto
|
||||
@@ -202,7 +202,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
|
||||
[ValidateAntiForgeryTokenOrchard]
|
||||
public ActionResult Delete(int blogId, int postId) {
|
||||
//refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published
|
||||
//refactoring: test PublishBlogPost/PublishBlogPost in addition if published
|
||||
|
||||
var blog = _blogService.Get(blogId, VersionOptions.Latest);
|
||||
if (blog == null)
|
||||
@@ -212,7 +212,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
if (post == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.DeleteOthersBlogPost, post, T("Couldn't delete blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.DeleteBlogPost, post, T("Couldn't delete blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
_blogPostService.Delete(post);
|
||||
@@ -231,7 +231,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
if (post == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, post, T("Couldn't publish blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, post, T("Couldn't publish blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
_blogPostService.Publish(post);
|
||||
@@ -250,7 +250,7 @@ namespace Orchard.Blogs.Controllers {
|
||||
if (post == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, post, T("Couldn't unpublish blog post")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, post, T("Couldn't unpublish blog post")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
_blogPostService.Unpublish(post);
|
||||
|
||||
@@ -6,14 +6,14 @@ namespace Orchard.Blogs {
|
||||
public class Permissions : IPermissionProvider {
|
||||
public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };
|
||||
|
||||
public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
|
||||
public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
|
||||
public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
|
||||
public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishOwnBlogPost } };
|
||||
public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
|
||||
public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } };
|
||||
public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishBlogPost", ImpliedBy = new[] { ManageBlogs } };
|
||||
public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishBlogPost } };
|
||||
public static readonly Permission EditBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditBlogPost", ImpliedBy = new[] { PublishBlogPost } };
|
||||
public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditBlogPost, PublishOwnBlogPost } };
|
||||
public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteBlogPost", ImpliedBy = new[] { ManageBlogs } };
|
||||
public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteBlogPost } };
|
||||
|
||||
public static readonly Permission MetaListOthersBlogs = new Permission { ImpliedBy = new[] { EditOthersBlogPost, PublishOthersBlogPost, DeleteOthersBlogPost } };
|
||||
public static readonly Permission MetaListBlogs = new Permission { ImpliedBy = new[] { EditBlogPost, PublishBlogPost, DeleteBlogPost } };
|
||||
public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost } };
|
||||
|
||||
public virtual Feature Feature { get; set; }
|
||||
@@ -22,11 +22,11 @@ namespace Orchard.Blogs {
|
||||
return new[] {
|
||||
ManageBlogs,
|
||||
EditOwnBlogPost,
|
||||
EditOthersBlogPost,
|
||||
EditBlogPost,
|
||||
PublishOwnBlogPost,
|
||||
PublishOthersBlogPost,
|
||||
PublishBlogPost,
|
||||
DeleteOwnBlogPost,
|
||||
DeleteOthersBlogPost,
|
||||
DeleteBlogPost,
|
||||
};
|
||||
}
|
||||
|
||||
@@ -38,7 +38,7 @@ namespace Orchard.Blogs {
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Editor",
|
||||
Permissions = new[] {PublishOthersBlogPost,EditOthersBlogPost,DeleteOthersBlogPost}
|
||||
Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost}
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Moderator",
|
||||
|
||||
@@ -37,11 +37,11 @@ namespace Orchard.Blogs.Security {
|
||||
}
|
||||
|
||||
private static Permission GetOwnerVariation(Permission permission) {
|
||||
if (permission.Name == Permissions.PublishOthersBlogPost.Name)
|
||||
if (permission.Name == Permissions.PublishBlogPost.Name)
|
||||
return Permissions.PublishOwnBlogPost;
|
||||
if (permission.Name == Permissions.EditOthersBlogPost.Name)
|
||||
if (permission.Name == Permissions.EditBlogPost.Name)
|
||||
return Permissions.EditOwnBlogPost;
|
||||
if (permission.Name == Permissions.DeleteOthersBlogPost.Name)
|
||||
if (permission.Name == Permissions.DeleteBlogPost.Name)
|
||||
return Permissions.DeleteOwnBlogPost;
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -126,8 +126,9 @@ namespace Orchard.Blogs.Services {
|
||||
|
||||
XRpcArray array = new XRpcArray();
|
||||
foreach (BlogPart blog in _blogService.Get()) {
|
||||
// Check if user has permissions for each specific blog
|
||||
if (_authorizationService.TryCheckAccess(Permissions.EditOthersBlogPost, user, blog)) {
|
||||
// User needs to at least have permission to edit its own blog posts to access the service
|
||||
if (_authorizationService.TryCheckAccess(Permissions.EditBlogPost, user, blog)) {
|
||||
|
||||
BlogPart blogPart = blog;
|
||||
array.Add(new XRpcStruct()
|
||||
.Set("url", urlHelper.AbsoluteAction(() => urlHelper.Blog(blogPart)))
|
||||
@@ -150,7 +151,7 @@ namespace Orchard.Blogs.Services {
|
||||
IUser user = ValidateUser(userName, password);
|
||||
|
||||
// User needs to at least have permission to edit its own blog posts to access the service
|
||||
_authorizationService.CheckAccess(Permissions.EditOwnBlogPost, user, null);
|
||||
_authorizationService.CheckAccess(Permissions.EditBlogPost, user, null);
|
||||
|
||||
BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
|
||||
if (blog == null) {
|
||||
@@ -180,7 +181,7 @@ namespace Orchard.Blogs.Services {
|
||||
IUser user = ValidateUser(userName, password);
|
||||
|
||||
// User needs permission to edit or publish its own blog posts
|
||||
_authorizationService.CheckAccess(publish ? Permissions.PublishOwnBlogPost : Permissions.EditOwnBlogPost, user, null);
|
||||
_authorizationService.CheckAccess(publish ? Permissions.PublishBlogPost : Permissions.EditBlogPost, user, null);
|
||||
|
||||
BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
|
||||
if (blog == null)
|
||||
@@ -235,7 +236,7 @@ namespace Orchard.Blogs.Services {
|
||||
if (blogPost == null)
|
||||
throw new ArgumentException();
|
||||
|
||||
_authorizationService.CheckAccess(Permissions.EditOthersBlogPost, user, blogPost);
|
||||
_authorizationService.CheckAccess(Permissions.EditBlogPost, user, blogPost);
|
||||
|
||||
var postStruct = CreateBlogStruct(blogPost, urlHelper);
|
||||
|
||||
@@ -258,7 +259,7 @@ namespace Orchard.Blogs.Services {
|
||||
if (blogPost == null)
|
||||
throw new ArgumentException();
|
||||
|
||||
_authorizationService.CheckAccess(publish ? Permissions.PublishOthersBlogPost : Permissions.EditOthersBlogPost, user, blogPost);
|
||||
_authorizationService.CheckAccess(publish ? Permissions.PublishBlogPost : Permissions.EditBlogPost, user, blogPost);
|
||||
|
||||
var title = content.Optional<string>("title");
|
||||
var description = content.Optional<string>("description");
|
||||
@@ -298,7 +299,7 @@ namespace Orchard.Blogs.Services {
|
||||
if (blogPost == null)
|
||||
throw new ArgumentException();
|
||||
|
||||
_authorizationService.CheckAccess(Permissions.DeleteOthersBlogPost, user, blogPost);
|
||||
_authorizationService.CheckAccess(Permissions.DeleteBlogPost, user, blogPost);
|
||||
|
||||
foreach (var driver in drivers)
|
||||
driver.Process(blogPost.Id);
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
@using Orchard.Core.Contents;
|
||||
@using Orchard.Localization.Models;
|
||||
@if (AuthorizedFor(Permissions.PublishOthersContent)) {
|
||||
@if (AuthorizedFor(Permissions.PublishContent)) {
|
||||
Style.Require("LocalizationAdmin");
|
||||
IEnumerable<LocalizationPart> localizations = Model.Localizations;
|
||||
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
@using Orchard.Core.Contents;
|
||||
@using Orchard.Localization.Models;
|
||||
@if (AuthorizedFor(Permissions.PublishOthersContent)) {
|
||||
@if (AuthorizedFor(Permissions.PublishContent)) {
|
||||
Style.Require("LocalizationAdmin");
|
||||
IEnumerable<LocalizationPart> localizations = Model.Localizations;
|
||||
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");
|
||||
|
||||
@@ -21,7 +21,7 @@ namespace Orchard.PublishLater.Services {
|
||||
public Localizer T { get; set; }
|
||||
|
||||
void IPublishLaterService.Publish(ContentItem contentItem, DateTime scheduledPublishUtc) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish selected content.")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish selected content.")))
|
||||
return;
|
||||
|
||||
_publishingTaskManager.Publish(contentItem, scheduledPublishUtc);
|
||||
|
||||
@@ -122,7 +122,7 @@ namespace Orchard.PublishLater.Services {
|
||||
if (contentItem == null || !contentItem.Is<PublishLaterPart>())
|
||||
return;
|
||||
|
||||
_authorizationService.CheckAccess(Permissions.PublishOthersContent, user, null);
|
||||
_authorizationService.CheckAccess(Permissions.PublishContent, user, null);
|
||||
|
||||
contentItem.As<PublishLaterPart>().ScheduledPublishUtc.Value = publishedUtc;
|
||||
_publishingTaskManager.Publish(contentItem, (DateTime)publishedUtc);
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
Name: Setup
|
||||
AntiForgery: enabled
|
||||
Author: The Orchard Team
|
||||
Website: http://orchardproject.net
|
||||
Version: 0.9.0
|
||||
|
||||
Reference in New Issue
Block a user