lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Merge

Browse Source 
--HG--
branch : 1.x
This commit is contained in:
Andre Rodrigues
2011-01-10 15:25:34 -08:00
parent 1873ada9ff 84766a2d87
commit 04e88eb216
20 changed files with 92 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Modules/Orchard.ArchiveLater/Services/ArchiveLaterService.cs
View File

@@ -24,7 +24,7 @@ namespace Orchard.ArchiveLater.Services {
public Localizer T { get; set; }
void IArchiveLaterService.ArchiveLater(ContentItem contentItem, DateTime scheduledArchiveUtc) {
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't archive selected content.")))
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't archive selected content.")))
return;
RemoveArchiveLaterTasks(contentItem);

6
src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
View File

@@ -26,16 +26,16 @@ namespace Orchard.Blogs {
if (blogCount > 0 && singleBlog == null) {
menu.Add(T("Manage Blogs"), "3",
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListOwnBlogs));
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListBlogs));
}
else if (singleBlog != null)
menu.Add(T("Manage Blog"), "1.0",
item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListOwnBlogs));
item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListBlogs));
if (singleBlog != null)
menu.Add(T("Create New Post"), "1.1",
item =>
item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishOwnBlogPost));
item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishBlogPost));
menu.Add(T("Create New Blog"), "1.2",
item =>

22
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
View File

@@ -30,7 +30,7 @@ namespace Orchard.Blogs.Controllers {
public Localizer T { get; set; }
public ActionResult Create(int blogId) {
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Not allowed to create blog post")))
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Not allowed to create blog post")))
return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
@@ -57,14 +57,14 @@ namespace Orchard.Blogs.Controllers {
[HttpPost, ActionName("Create")]
[FormValueRequired("submit.Publish")]
public ActionResult CreateAndPublishPOST(int blogId) {
if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't create blog post")))
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't create blog post")))
return new HttpUnauthorizedResult();
return CreatePOST(blogId, contentItem => Services.ContentManager.Publish(contentItem));
}
private ActionResult CreatePOST(int blogId, Action<ContentItem> conditionallyPublish) {
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't create blog post")))
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't create blog post")))
return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
@@ -99,7 +99,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, post, T("Couldn't edit blog post")))
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, post, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult();
dynamic model = Services.ContentManager.BuildEditor(post);
@@ -128,7 +128,7 @@ namespace Orchard.Blogs.Controllers {
if (blogPost == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, blogPost, T("Couldn't publish blog post")))
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, blogPost, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult();
return EditPOST(blogId, postId, returnUrl, contentItem => Services.ContentManager.Publish(contentItem));
@@ -144,7 +144,7 @@ namespace Orchard.Blogs.Controllers {
if (blogPost == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, blogPost, T("Couldn't edit blog post")))
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blogPost, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult();
// Validate form input
@@ -171,7 +171,7 @@ namespace Orchard.Blogs.Controllers {
}
// check edit permission
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, draft, T("Couldn't discard blog post draft")))
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, draft, T("Couldn't discard blog post draft")))
return new HttpUnauthorizedResult();
// locate the published revision to revert onto
@@ -202,7 +202,7 @@ namespace Orchard.Blogs.Controllers {
[ValidateAntiForgeryTokenOrchard]
public ActionResult Delete(int blogId, int postId) {
//refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published
//refactoring: test PublishBlogPost/PublishBlogPost in addition if published
var blog = _blogService.Get(blogId, VersionOptions.Latest);
if (blog == null)
@@ -212,7 +212,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.DeleteOthersBlogPost, post, T("Couldn't delete blog post")))
if (!Services.Authorizer.Authorize(Permissions.DeleteBlogPost, post, T("Couldn't delete blog post")))
return new HttpUnauthorizedResult();
_blogPostService.Delete(post);
@@ -231,7 +231,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, post, T("Couldn't publish blog post")))
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, post, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult();
_blogPostService.Publish(post);
@@ -250,7 +250,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, post, T("Couldn't unpublish blog post")))
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, post, T("Couldn't unpublish blog post")))
return new HttpUnauthorizedResult();
_blogPostService.Unpublish(post);

22
src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs
View File

@@ -6,14 +6,14 @@ namespace Orchard.Blogs {
public class Permissions : IPermissionProvider {
public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };
public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishOwnBlogPost } };
public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } };
public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishBlogPost } };
public static readonly Permission EditBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditBlogPost", ImpliedBy = new[] { PublishBlogPost } };
public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditBlogPost, PublishOwnBlogPost } };
public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteBlogPost } };
public static readonly Permission MetaListOthersBlogs = new Permission { ImpliedBy = new[] { EditOthersBlogPost, PublishOthersBlogPost, DeleteOthersBlogPost } };
public static readonly Permission MetaListBlogs = new Permission { ImpliedBy = new[] { EditBlogPost, PublishBlogPost, DeleteBlogPost } };
public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost } };
public virtual Feature Feature { get; set; }
@@ -22,11 +22,11 @@ namespace Orchard.Blogs {
return new[] {
ManageBlogs,
EditOwnBlogPost,
EditOthersBlogPost,
EditBlogPost,
PublishOwnBlogPost,
PublishOthersBlogPost,
PublishBlogPost,
DeleteOwnBlogPost,
DeleteOthersBlogPost,
DeleteBlogPost,
};
}
@@ -38,7 +38,7 @@ namespace Orchard.Blogs {
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {PublishOthersBlogPost,EditOthersBlogPost,DeleteOthersBlogPost}
Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost}
},
new PermissionStereotype {
Name = "Moderator",

6
src/Orchard.Web/Modules/Orchard.Blogs/Security/BlogAuthorizationEventHandler.cs
View File

@@ -37,11 +37,11 @@ namespace Orchard.Blogs.Security {
}
private static Permission GetOwnerVariation(Permission permission) {
if (permission.Name == Permissions.PublishOthersBlogPost.Name)
if (permission.Name == Permissions.PublishBlogPost.Name)
return Permissions.PublishOwnBlogPost;
if (permission.Name == Permissions.EditOthersBlogPost.Name)
if (permission.Name == Permissions.EditBlogPost.Name)
return Permissions.EditOwnBlogPost;
if (permission.Name == Permissions.DeleteOthersBlogPost.Name)
if (permission.Name == Permissions.DeleteBlogPost.Name)
return Permissions.DeleteOwnBlogPost;
return null;
}

15
src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
View File

@@ -126,8 +126,9 @@ namespace Orchard.Blogs.Services {
XRpcArray array = new XRpcArray();
foreach (BlogPart blog in _blogService.Get()) {
// Check if user has permissions for each specific blog
if (_authorizationService.TryCheckAccess(Permissions.EditOthersBlogPost, user, blog)) {
// User needs to at least have permission to edit its own blog posts to access the service
if (_authorizationService.TryCheckAccess(Permissions.EditBlogPost, user, blog)) {
BlogPart blogPart = blog;
array.Add(new XRpcStruct()
.Set("url", urlHelper.AbsoluteAction(() => urlHelper.Blog(blogPart)))
@@ -150,7 +151,7 @@ namespace Orchard.Blogs.Services {
IUser user = ValidateUser(userName, password);
// User needs to at least have permission to edit its own blog posts to access the service
_authorizationService.CheckAccess(Permissions.EditOwnBlogPost, user, null);
_authorizationService.CheckAccess(Permissions.EditBlogPost, user, null);
BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null) {
@@ -180,7 +181,7 @@ namespace Orchard.Blogs.Services {
IUser user = ValidateUser(userName, password);
// User needs permission to edit or publish its own blog posts
_authorizationService.CheckAccess(publish ? Permissions.PublishOwnBlogPost : Permissions.EditOwnBlogPost, user, null);
_authorizationService.CheckAccess(publish ? Permissions.PublishBlogPost : Permissions.EditBlogPost, user, null);
BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null)
@@ -235,7 +236,7 @@ namespace Orchard.Blogs.Services {
if (blogPost == null)
throw new ArgumentException();
_authorizationService.CheckAccess(Permissions.EditOthersBlogPost, user, blogPost);
_authorizationService.CheckAccess(Permissions.EditBlogPost, user, blogPost);
var postStruct = CreateBlogStruct(blogPost, urlHelper);
@@ -258,7 +259,7 @@ namespace Orchard.Blogs.Services {
if (blogPost == null)
throw new ArgumentException();
_authorizationService.CheckAccess(publish ? Permissions.PublishOthersBlogPost : Permissions.EditOthersBlogPost, user, blogPost);
_authorizationService.CheckAccess(publish ? Permissions.PublishBlogPost : Permissions.EditBlogPost, user, blogPost);
var title = content.Optional<string>("title");
var description = content.Optional<string>("description");
@@ -298,7 +299,7 @@ namespace Orchard.Blogs.Services {
if (blogPost == null)
throw new ArgumentException();
_authorizationService.CheckAccess(Permissions.DeleteOthersBlogPost, user, blogPost);
_authorizationService.CheckAccess(Permissions.DeleteBlogPost, user, blogPost);
foreach (var driver in drivers)
driver.Process(blogPost.Id);

2
src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.Core.Contents;
@using Orchard.Localization.Models;
@if (AuthorizedFor(Permissions.PublishOthersContent)) {
@if (AuthorizedFor(Permissions.PublishContent)) {
Style.Require("LocalizationAdmin");
IEnumerable<LocalizationPart> localizations = Model.Localizations;
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");

2
src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.Core.Contents;
@using Orchard.Localization.Models;
@if (AuthorizedFor(Permissions.PublishOthersContent)) {
@if (AuthorizedFor(Permissions.PublishContent)) {
Style.Require("LocalizationAdmin");
IEnumerable<LocalizationPart> localizations = Model.Localizations;
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");

2
src/Orchard.Web/Modules/Orchard.PublishLater/Services/PublishLaterService.cs
View File

@@ -21,7 +21,7 @@ namespace Orchard.PublishLater.Services {
public Localizer T { get; set; }
void IPublishLaterService.Publish(ContentItem contentItem, DateTime scheduledPublishUtc) {
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish selected content.")))
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish selected content.")))
return;
_publishingTaskManager.Publish(contentItem, scheduledPublishUtc);

2
src/Orchard.Web/Modules/Orchard.PublishLater/Services/XmlRpcHandler.cs
View File

@@ -122,7 +122,7 @@ namespace Orchard.PublishLater.Services {
if (contentItem == null || !contentItem.Is<PublishLaterPart>())
return;
_authorizationService.CheckAccess(Permissions.PublishOthersContent, user, null);
_authorizationService.CheckAccess(Permissions.PublishContent, user, null);
contentItem.As<PublishLaterPart>().ScheduledPublishUtc.Value = publishedUtc;
_publishingTaskManager.Publish(contentItem, (DateTime)publishedUtc);

1
src/Orchard.Web/Modules/Orchard.Setup/Module.txt
View File

@@ -1,5 +1,4 @@
Name: Setup
AntiForgery: enabled
Author: The Orchard Team
Website: http://orchardproject.net
Version: 0.9.0