lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 03:25:23 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Merge

Browse Source 
--HG--
branch : 1.x
This commit is contained in:
Andre Rodrigues
2011-01-10 15:25:34 -08:00
parent 1873ada9ff 84766a2d87
commit 04e88eb216
20 changed files with 92 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Orchard.Specs/Bindings/ContentRights.cs
View File

@@ -59,11 +59,11 @@ namespace Orchard.Specs.Bindings {
private static Permission GetPermissionForAction(string action) { private static Permission GetPermissionForAction(string action) {
switch ( action ) { switch ( action ) {
case "publish": case "publish":
return Permissions.PublishOthersContent; return Permissions.PublishContent;
case "edit": case "edit":
return Permissions.EditOthersContent; return Permissions.EditContent;
case "delete": case "delete":
return Permissions.DeleteOthersContent; return Permissions.DeleteContent;
default: default:
return null; return null;
} }

6
src/Orchard.Specs/ContentRights.feature
View File

@@ -11,7 +11,7 @@ Scenario: Administrators can manage a Page
Scenario: Users can't create a Page if they don't have the PublishContent permission Scenario: Users can't create a Page if they don't have the PublishContent permission
Given I have installed Orchard Given I have installed Orchard
When I have a role "CustomRole" with permissions "EditOthersContent, DeleteOthersContent" When I have a role "CustomRole" with permissions "EditContent, DeleteContent"
And I have a user "user1" with roles "CustomRole" And I have a user "user1" with roles "CustomRole"
Then "user1" should not be able to "publish" a "Page" owned by "user1" Then "user1" should not be able to "publish" a "Page" owned by "user1"
And "user1" should be able to "edit" a "Page" owned by "user1" And "user1" should be able to "edit" a "Page" owned by "user1"
@@ -19,7 +19,7 @@ Scenario: Users can't create a Page if they don't have the PublishContent permis
Scenario: Users can create a Page of others if they have PublishContent permission Scenario: Users can create a Page of others if they have PublishContent permission
Given I have installed Orchard Given I have installed Orchard
When I have a role "CustomRole" with permissions "PublishOthersContent" When I have a role "CustomRole" with permissions "PublishContent"
And I have a user "user1" with roles "CustomRole" And I have a user "user1" with roles "CustomRole"
And I have a user "user2" with roles "Administrator" And I have a user "user2" with roles "Administrator"
Then "user1" should be able to "publish" a "Page" owned by "user2" Then "user1" should be able to "publish" a "Page" owned by "user2"
@@ -44,7 +44,7 @@ Scenario: Users can create and edit a Page even if they only have the PublishOwn
Scenario: Users can't edit a Page if they don't have the EditContent permission Scenario: Users can't edit a Page if they don't have the EditContent permission
Given I have installed Orchard Given I have installed Orchard
When I have a role "CustomRole" with permissions "DeleteOthersContent" When I have a role "CustomRole" with permissions "DeleteContent"
And I have a user "user1" with roles "CustomRole" And I have a user "user1" with roles "CustomRole"
Then "user1" should not be able to "publish" a "Page" owned by "user1" Then "user1" should not be able to "publish" a "Page" owned by "user1"
And "user1" should not be able to "edit" a "Page" owned by "user1" And "user1" should not be able to "edit" a "Page" owned by "user1"

6
src/Orchard.Specs/ContentRights.feature.cs generated
View File

@@ -82,7 +82,7 @@ this.ScenarioSetup(scenarioInfo);
#line 13 #line 13
testRunner.Given("I have installed Orchard"); testRunner.Given("I have installed Orchard");
#line 14 #line 14
testRunner.When("I have a role \"CustomRole\" with permissions \"EditOthersContent, DeleteOthersConte" + testRunner.When("I have a role \"CustomRole\" with permissions \"EditContent, DeleteConte" +
"nt\""); "nt\"");
#line 15 #line 15
testRunner.And("I have a user \"user1\" with roles \"CustomRole\""); testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
@@ -106,7 +106,7 @@ this.ScenarioSetup(scenarioInfo);
#line 21 #line 21
testRunner.Given("I have installed Orchard"); testRunner.Given("I have installed Orchard");
#line 22 #line 22
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishOthersContent\""); testRunner.When("I have a role \"CustomRole\" with permissions \"PublishContent\"");
#line 23 #line 23
testRunner.And("I have a user \"user1\" with roles \"CustomRole\""); testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 24 #line 24
@@ -179,7 +179,7 @@ this.ScenarioSetup(scenarioInfo);
#line 46 #line 46
testRunner.Given("I have installed Orchard"); testRunner.Given("I have installed Orchard");
#line 47 #line 47
testRunner.When("I have a role \"CustomRole\" with permissions \"DeleteOthersContent\""); testRunner.When("I have a role \"CustomRole\" with permissions \"DeleteContent\"");
#line 48 #line 48
testRunner.And("I have a user \"user1\" with roles \"CustomRole\""); testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 49 #line 49

24
src/Orchard.Web/Core/Contents/Controllers/AdminController.cs
View File

@@ -138,7 +138,7 @@ namespace Orchard.Core.Contents.Controllers {
break; break;
case ContentsBulkAction.PublishNow: case ContentsBulkAction.PublishNow:
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't publish selected content."))) if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't publish selected content.")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
accessChecked = true; accessChecked = true;
@@ -149,7 +149,7 @@ namespace Orchard.Core.Contents.Controllers {
break; break;
case ContentsBulkAction.Unpublish: case ContentsBulkAction.Unpublish:
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't unpublish selected content."))) if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't unpublish selected content.")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
accessChecked = true; accessChecked = true;
@@ -160,7 +160,7 @@ namespace Orchard.Core.Contents.Controllers {
break; break;
case ContentsBulkAction.Remove: case ContentsBulkAction.Remove:
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteOthersContent, item, T("Couldn't remove selected content."))) if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteContent, item, T("Couldn't remove selected content.")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
accessChecked = true; accessChecked = true;
@@ -190,7 +190,7 @@ namespace Orchard.Core.Contents.Controllers {
var contentItem = _contentManager.New(id); var contentItem = _contentManager.New(id);
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Cannot create content"))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Cannot create content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.BuildEditor(contentItem); dynamic model = _contentManager.BuildEditor(contentItem);
@@ -210,7 +210,7 @@ namespace Orchard.Core.Contents.Controllers {
[HttpPost, ActionName("Create")] [HttpPost, ActionName("Create")]
[FormValueRequired("submit.Publish")] [FormValueRequired("submit.Publish")]
public ActionResult CreateAndPublishPOST(string id) { public ActionResult CreateAndPublishPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.PublishOwnContent, T("Couldn't create content"))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, T("Couldn't create content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
return CreatePOST(id, contentItem => _contentManager.Publish(contentItem)); return CreatePOST(id, contentItem => _contentManager.Publish(contentItem));
@@ -219,7 +219,7 @@ namespace Orchard.Core.Contents.Controllers {
private ActionResult CreatePOST(string id, Action<ContentItem> conditionallyPublish) { private ActionResult CreatePOST(string id, Action<ContentItem> conditionallyPublish) {
var contentItem = _contentManager.New(id); var contentItem = _contentManager.New(id);
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't create content"))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't create content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_contentManager.Create(contentItem, VersionOptions.Draft); _contentManager.Create(contentItem, VersionOptions.Draft);
@@ -245,7 +245,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Cannot edit content"))) if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.BuildEditor(contentItem); dynamic model = _contentManager.BuildEditor(contentItem);
@@ -270,7 +270,7 @@ namespace Orchard.Core.Contents.Controllers {
if (content == null) if (content == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, content, T("Couldn't publish content"))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, content, T("Couldn't publish content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
return EditPOST(id, returnUrl, contentItem => _contentManager.Publish(contentItem)); return EditPOST(id, returnUrl, contentItem => _contentManager.Publish(contentItem));
@@ -282,7 +282,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Couldn't edit content"))) if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Couldn't edit content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.UpdateEditor(contentItem, this); dynamic model = _contentManager.UpdateEditor(contentItem, this);
@@ -304,7 +304,7 @@ namespace Orchard.Core.Contents.Controllers {
public ActionResult Remove(int id, string returnUrl) { public ActionResult Remove(int id, string returnUrl) {
var contentItem = _contentManager.Get(id, VersionOptions.Latest); var contentItem = _contentManager.Get(id, VersionOptions.Latest);
if (!Services.Authorizer.Authorize(Permissions.DeleteOthersContent, contentItem, T("Couldn't remove content"))) if (!Services.Authorizer.Authorize(Permissions.DeleteContent, contentItem, T("Couldn't remove content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
if (contentItem != null) { if (contentItem != null) {
@@ -323,7 +323,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish content"))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_contentManager.Publish(contentItem); _contentManager.Publish(contentItem);
@@ -339,7 +339,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't unpublish content"))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't unpublish content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_contentManager.Unpublish(contentItem); _contentManager.Unpublish(contentItem);

2
src/Orchard.Web/Core/Contents/Controllers/ItemController.cs
View File

@@ -37,7 +37,7 @@ namespace Orchard.Core.Contents.Controllers {
var contentItem = _contentManager.Get(id, versionOptions); var contentItem = _contentManager.Get(id, versionOptions);
if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Cannot edit content"))) if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.BuildDisplay(contentItem); dynamic model = _contentManager.BuildDisplay(contentItem);

12
src/Orchard.Web/Core/Contents/DynamicPermissions.cs
View File

@@ -9,19 +9,19 @@ using Orchard.Security.Permissions;
namespace Orchard.Core.Contents { namespace Orchard.Core.Contents {
public class DynamicPermissions : IPermissionProvider { public class DynamicPermissions : IPermissionProvider {
private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishOthersContent } }; private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishContent } };
private static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish {0}", Name = "PublishOwn_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOwnContent } }; private static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish {0}", Name = "PublishOwn_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOwnContent } };
private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOthersContent } }; private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishContent } };
private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } }; private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } };
private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteOthersContent } }; private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } };
private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } }; private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } };
public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> { public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> {
{Permissions.PublishOthersContent.Name, PublishContent}, {Permissions.PublishContent.Name, PublishContent},
{Permissions.PublishOwnContent.Name, PublishOwnContent}, {Permissions.PublishOwnContent.Name, PublishOwnContent},
{Permissions.EditOthersContent.Name, EditContent}, {Permissions.EditContent.Name, EditContent},
{Permissions.EditOwnContent.Name, EditOwnContent}, {Permissions.EditOwnContent.Name, EditOwnContent},
{Permissions.DeleteOthersContent.Name, DeleteContent}, {Permissions.DeleteContent.Name, DeleteContent},
{Permissions.DeleteOwnContent.Name, DeleteOwnContent} {Permissions.DeleteOwnContent.Name, DeleteOwnContent}
}; };

30
src/Orchard.Web/Core/Contents/Permissions.cs
View File

@@ -4,12 +4,20 @@ using Orchard.Security.Permissions;
namespace Orchard.Core.Contents { namespace Orchard.Core.Contents {
public class Permissions : IPermissionProvider { public class Permissions : IPermissionProvider {
public static readonly Permission PublishOthersContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishOthersContent" };
public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish own content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishOthersContent } }; // Note - in code you should demand PublishContent, EditContent, or DeleteContent
public static readonly Permission EditOthersContent = new Permission { Description = "Edit content for others", Name = "EditOthersContent", ImpliedBy = new[] { PublishOthersContent } }; // Do not demand the "Own" variation - those are applied automatically when you demand the main three
public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditOthersContent, PublishOwnContent } };
public static readonly Permission DeleteOthersContent = new Permission { Description = "Delete content for others", Name = "DeleteOthersContent" }; // Also - the internal name EditContent is used instead of EditOthersContent
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteOthersContent } }; // because demanding "EditContent" is correct and looks right,
// but demanding "EditOthersContent" looks wrong so wasn't used when it should have been
public static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishContent" };
public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish own content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishContent } };
public static readonly Permission EditContent = new Permission { Description = "Edit content for others", Name = "EditContent", ImpliedBy = new[] { PublishContent } };
public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } };
public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" };
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } };
public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } }; public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } };
@@ -18,11 +26,11 @@ namespace Orchard.Core.Contents {
public IEnumerable<Permission> GetPermissions() { public IEnumerable<Permission> GetPermissions() {
return new [] { return new [] {
EditOwnContent, EditOwnContent,
EditOthersContent, EditContent,
PublishOwnContent, PublishOwnContent,
PublishOthersContent, PublishContent,
DeleteOwnContent, DeleteOwnContent,
DeleteOthersContent, DeleteContent,
}; };
} }
@@ -30,11 +38,11 @@ namespace Orchard.Core.Contents {
return new[] { return new[] {
new PermissionStereotype { new PermissionStereotype {
Name = "Administrator", Name = "Administrator",
Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent} Permissions = new[] {PublishContent,EditContent,DeleteContent}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Editor", Name = "Editor",
Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent} Permissions = new[] {PublishContent,EditContent,DeleteContent}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Moderator", Name = "Moderator",

6
src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs
View File

@@ -54,11 +54,11 @@ namespace Orchard.Core.Contents.Security
} }
private static Permission GetOwnerVariation(Permission permission) { private static Permission GetOwnerVariation(Permission permission) {
if (permission.Name == Permissions.PublishOthersContent.Name) if (permission.Name == Permissions.PublishContent.Name)
return Permissions.PublishOwnContent; return Permissions.PublishOwnContent;
if (permission.Name == Permissions.EditOthersContent.Name) if (permission.Name == Permissions.EditContent.Name)
return Permissions.EditOwnContent; return Permissions.EditOwnContent;
if (permission.Name == Permissions.DeleteOthersContent.Name) if (permission.Name == Permissions.DeleteContent.Name)
return Permissions.DeleteOwnContent; return Permissions.DeleteOwnContent;
return null; return null;
} }

2
src/Orchard.Web/Core/Contents/Views/Content.ControlWrapper.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.ContentManagement; @using Orchard.ContentManagement;
@using Orchard.Core.Contents; @using Orchard.Core.Contents;
@if (AuthorizedFor(Permissions.EditOthersContent)) { @if (AuthorizedFor(Permissions.EditContent)) {
<div class="content-control"> <div class="content-control">
<div class="manage-actions">@Html.ItemEditLinkWithReturnUrl(T("Edit").Text, (ContentItem)Model.ContentItem)</div> <div class="manage-actions">@Html.ItemEditLinkWithReturnUrl(T("Edit").Text, (ContentItem)Model.ContentItem)</div>
@Display(Model.Child) @Display(Model.Child)

2
src/Orchard.Web/Modules/Orchard.ArchiveLater/Services/ArchiveLaterService.cs
View File

@@ -24,7 +24,7 @@ namespace Orchard.ArchiveLater.Services {
public Localizer T { get; set; } public Localizer T { get; set; }
void IArchiveLaterService.ArchiveLater(ContentItem contentItem, DateTime scheduledArchiveUtc) { void IArchiveLaterService.ArchiveLater(ContentItem contentItem, DateTime scheduledArchiveUtc) {
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't archive selected content."))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't archive selected content.")))
return; return;
RemoveArchiveLaterTasks(contentItem); RemoveArchiveLaterTasks(contentItem);

6
src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
View File

@@ -26,16 +26,16 @@ namespace Orchard.Blogs {
if (blogCount > 0 && singleBlog == null) { if (blogCount > 0 && singleBlog == null) {
menu.Add(T("Manage Blogs"), "3", menu.Add(T("Manage Blogs"), "3",
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListOwnBlogs)); item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListBlogs));
} }
else if (singleBlog != null) else if (singleBlog != null)
menu.Add(T("Manage Blog"), "1.0", menu.Add(T("Manage Blog"), "1.0",
item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListOwnBlogs)); item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListBlogs));
if (singleBlog != null) if (singleBlog != null)
menu.Add(T("Create New Post"), "1.1", menu.Add(T("Create New Post"), "1.1",
item => item =>
item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishOwnBlogPost)); item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishBlogPost));
menu.Add(T("Create New Blog"), "1.2", menu.Add(T("Create New Blog"), "1.2",
item => item =>

22
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
View File

@@ -30,7 +30,7 @@ namespace Orchard.Blogs.Controllers {
public Localizer T { get; set; } public Localizer T { get; set; }
public ActionResult Create(int blogId) { public ActionResult Create(int blogId) {
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Not allowed to create blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Not allowed to create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>(); var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
@@ -57,14 +57,14 @@ namespace Orchard.Blogs.Controllers {
[HttpPost, ActionName("Create")] [HttpPost, ActionName("Create")]
[FormValueRequired("submit.Publish")] [FormValueRequired("submit.Publish")]
public ActionResult CreateAndPublishPOST(int blogId) { public ActionResult CreateAndPublishPOST(int blogId) {
if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't create blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
return CreatePOST(blogId, contentItem => Services.ContentManager.Publish(contentItem)); return CreatePOST(blogId, contentItem => Services.ContentManager.Publish(contentItem));
} }
private ActionResult CreatePOST(int blogId, Action<ContentItem> conditionallyPublish) { private ActionResult CreatePOST(int blogId, Action<ContentItem> conditionallyPublish) {
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't create blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>(); var blog = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
@@ -99,7 +99,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null) if (post == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, post, T("Couldn't edit blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, post, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = Services.ContentManager.BuildEditor(post); dynamic model = Services.ContentManager.BuildEditor(post);
@@ -128,7 +128,7 @@ namespace Orchard.Blogs.Controllers {
if (blogPost == null) if (blogPost == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, blogPost, T("Couldn't publish blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, blogPost, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
return EditPOST(blogId, postId, returnUrl, contentItem => Services.ContentManager.Publish(contentItem)); return EditPOST(blogId, postId, returnUrl, contentItem => Services.ContentManager.Publish(contentItem));
@@ -144,7 +144,7 @@ namespace Orchard.Blogs.Controllers {
if (blogPost == null) if (blogPost == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, blogPost, T("Couldn't edit blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blogPost, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
// Validate form input // Validate form input
@@ -171,7 +171,7 @@ namespace Orchard.Blogs.Controllers {
} }
// check edit permission // check edit permission
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, draft, T("Couldn't discard blog post draft"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, draft, T("Couldn't discard blog post draft")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
// locate the published revision to revert onto // locate the published revision to revert onto
@@ -202,7 +202,7 @@ namespace Orchard.Blogs.Controllers {
[ValidateAntiForgeryTokenOrchard] [ValidateAntiForgeryTokenOrchard]
public ActionResult Delete(int blogId, int postId) { public ActionResult Delete(int blogId, int postId) {
//refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published //refactoring: test PublishBlogPost/PublishBlogPost in addition if published
var blog = _blogService.Get(blogId, VersionOptions.Latest); var blog = _blogService.Get(blogId, VersionOptions.Latest);
if (blog == null) if (blog == null)
@@ -212,7 +212,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null) if (post == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.DeleteOthersBlogPost, post, T("Couldn't delete blog post"))) if (!Services.Authorizer.Authorize(Permissions.DeleteBlogPost, post, T("Couldn't delete blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_blogPostService.Delete(post); _blogPostService.Delete(post);
@@ -231,7 +231,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null) if (post == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, post, T("Couldn't publish blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, post, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_blogPostService.Publish(post); _blogPostService.Publish(post);
@@ -250,7 +250,7 @@ namespace Orchard.Blogs.Controllers {
if (post == null) if (post == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishOthersBlogPost, post, T("Couldn't unpublish blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, post, T("Couldn't unpublish blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_blogPostService.Unpublish(post); _blogPostService.Unpublish(post);

22
src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs
View File

@@ -6,14 +6,14 @@ namespace Orchard.Blogs {
public class Permissions : IPermissionProvider { public class Permissions : IPermissionProvider {
public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" }; public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };
public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } }; public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishBlogPost } };
public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } }; public static readonly Permission EditBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditBlogPost", ImpliedBy = new[] { PublishBlogPost } };
public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishOwnBlogPost } }; public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditBlogPost, PublishOwnBlogPost } };
public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } }; public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteBlogPost } };
public static readonly Permission MetaListOthersBlogs = new Permission { ImpliedBy = new[] { EditOthersBlogPost, PublishOthersBlogPost, DeleteOthersBlogPost } }; public static readonly Permission MetaListBlogs = new Permission { ImpliedBy = new[] { EditBlogPost, PublishBlogPost, DeleteBlogPost } };
public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost } }; public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost } };
public virtual Feature Feature { get; set; } public virtual Feature Feature { get; set; }
@@ -22,11 +22,11 @@ namespace Orchard.Blogs {
return new[] { return new[] {
ManageBlogs, ManageBlogs,
EditOwnBlogPost, EditOwnBlogPost,
EditOthersBlogPost, EditBlogPost,
PublishOwnBlogPost, PublishOwnBlogPost,
PublishOthersBlogPost, PublishBlogPost,
DeleteOwnBlogPost, DeleteOwnBlogPost,
DeleteOthersBlogPost, DeleteBlogPost,
}; };
} }
@@ -38,7 +38,7 @@ namespace Orchard.Blogs {
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Editor", Name = "Editor",
Permissions = new[] {PublishOthersBlogPost,EditOthersBlogPost,DeleteOthersBlogPost} Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Moderator", Name = "Moderator",

6
src/Orchard.Web/Modules/Orchard.Blogs/Security/BlogAuthorizationEventHandler.cs
View File

@@ -37,11 +37,11 @@ namespace Orchard.Blogs.Security {
} }
private static Permission GetOwnerVariation(Permission permission) { private static Permission GetOwnerVariation(Permission permission) {
if (permission.Name == Permissions.PublishOthersBlogPost.Name) if (permission.Name == Permissions.PublishBlogPost.Name)
return Permissions.PublishOwnBlogPost; return Permissions.PublishOwnBlogPost;
if (permission.Name == Permissions.EditOthersBlogPost.Name) if (permission.Name == Permissions.EditBlogPost.Name)
return Permissions.EditOwnBlogPost; return Permissions.EditOwnBlogPost;
if (permission.Name == Permissions.DeleteOthersBlogPost.Name) if (permission.Name == Permissions.DeleteBlogPost.Name)
return Permissions.DeleteOwnBlogPost; return Permissions.DeleteOwnBlogPost;
return null; return null;
} }

15
src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
View File

@@ -126,8 +126,9 @@ namespace Orchard.Blogs.Services {
XRpcArray array = new XRpcArray(); XRpcArray array = new XRpcArray();
foreach (BlogPart blog in _blogService.Get()) { foreach (BlogPart blog in _blogService.Get()) {
// Check if user has permissions for each specific blog // User needs to at least have permission to edit its own blog posts to access the service
if (_authorizationService.TryCheckAccess(Permissions.EditOthersBlogPost, user, blog)) { if (_authorizationService.TryCheckAccess(Permissions.EditBlogPost, user, blog)) {
BlogPart blogPart = blog; BlogPart blogPart = blog;
array.Add(new XRpcStruct() array.Add(new XRpcStruct()
.Set("url", urlHelper.AbsoluteAction(() => urlHelper.Blog(blogPart))) .Set("url", urlHelper.AbsoluteAction(() => urlHelper.Blog(blogPart)))
@@ -150,7 +151,7 @@ namespace Orchard.Blogs.Services {
IUser user = ValidateUser(userName, password); IUser user = ValidateUser(userName, password);
// User needs to at least have permission to edit its own blog posts to access the service // User needs to at least have permission to edit its own blog posts to access the service
_authorizationService.CheckAccess(Permissions.EditOwnBlogPost, user, null); _authorizationService.CheckAccess(Permissions.EditBlogPost, user, null);
BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId)); BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null) { if (blog == null) {
@@ -180,7 +181,7 @@ namespace Orchard.Blogs.Services {
IUser user = ValidateUser(userName, password); IUser user = ValidateUser(userName, password);
// User needs permission to edit or publish its own blog posts // User needs permission to edit or publish its own blog posts
_authorizationService.CheckAccess(publish ? Permissions.PublishOwnBlogPost : Permissions.EditOwnBlogPost, user, null); _authorizationService.CheckAccess(publish ? Permissions.PublishBlogPost : Permissions.EditBlogPost, user, null);
BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId)); BlogPart blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null) if (blog == null)
@@ -235,7 +236,7 @@ namespace Orchard.Blogs.Services {
if (blogPost == null) if (blogPost == null)
throw new ArgumentException(); throw new ArgumentException();
_authorizationService.CheckAccess(Permissions.EditOthersBlogPost, user, blogPost); _authorizationService.CheckAccess(Permissions.EditBlogPost, user, blogPost);
var postStruct = CreateBlogStruct(blogPost, urlHelper); var postStruct = CreateBlogStruct(blogPost, urlHelper);
@@ -258,7 +259,7 @@ namespace Orchard.Blogs.Services {
if (blogPost == null) if (blogPost == null)
throw new ArgumentException(); throw new ArgumentException();
_authorizationService.CheckAccess(publish ? Permissions.PublishOthersBlogPost : Permissions.EditOthersBlogPost, user, blogPost); _authorizationService.CheckAccess(publish ? Permissions.PublishBlogPost : Permissions.EditBlogPost, user, blogPost);
var title = content.Optional<string>("title"); var title = content.Optional<string>("title");
var description = content.Optional<string>("description"); var description = content.Optional<string>("description");
@@ -298,7 +299,7 @@ namespace Orchard.Blogs.Services {
if (blogPost == null) if (blogPost == null)
throw new ArgumentException(); throw new ArgumentException();
_authorizationService.CheckAccess(Permissions.DeleteOthersBlogPost, user, blogPost); _authorizationService.CheckAccess(Permissions.DeleteBlogPost, user, blogPost);
foreach (var driver in drivers) foreach (var driver in drivers)
driver.Process(blogPost.Id); driver.Process(blogPost.Id);

2
src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.Core.Contents; @using Orchard.Core.Contents;
@using Orchard.Localization.Models; @using Orchard.Localization.Models;
@if (AuthorizedFor(Permissions.PublishOthersContent)) { @if (AuthorizedFor(Permissions.PublishContent)) {
Style.Require("LocalizationAdmin"); Style.Require("LocalizationAdmin");
IEnumerable<LocalizationPart> localizations = Model.Localizations; IEnumerable<LocalizationPart> localizations = Model.Localizations;
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations"); var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");

2
src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.Core.Contents; @using Orchard.Core.Contents;
@using Orchard.Localization.Models; @using Orchard.Localization.Models;
@if (AuthorizedFor(Permissions.PublishOthersContent)) { @if (AuthorizedFor(Permissions.PublishContent)) {
Style.Require("LocalizationAdmin"); Style.Require("LocalizationAdmin");
IEnumerable<LocalizationPart> localizations = Model.Localizations; IEnumerable<LocalizationPart> localizations = Model.Localizations;
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations"); var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");

2
src/Orchard.Web/Modules/Orchard.PublishLater/Services/PublishLaterService.cs
View File

@@ -21,7 +21,7 @@ namespace Orchard.PublishLater.Services {
public Localizer T { get; set; } public Localizer T { get; set; }
void IPublishLaterService.Publish(ContentItem contentItem, DateTime scheduledPublishUtc) { void IPublishLaterService.Publish(ContentItem contentItem, DateTime scheduledPublishUtc) {
if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish selected content."))) if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish selected content.")))
return; return;
_publishingTaskManager.Publish(contentItem, scheduledPublishUtc); _publishingTaskManager.Publish(contentItem, scheduledPublishUtc);

2
src/Orchard.Web/Modules/Orchard.PublishLater/Services/XmlRpcHandler.cs
View File

@@ -122,7 +122,7 @@ namespace Orchard.PublishLater.Services {
if (contentItem == null || !contentItem.Is<PublishLaterPart>()) if (contentItem == null || !contentItem.Is<PublishLaterPart>())
return; return;
_authorizationService.CheckAccess(Permissions.PublishOthersContent, user, null); _authorizationService.CheckAccess(Permissions.PublishContent, user, null);
contentItem.As<PublishLaterPart>().ScheduledPublishUtc.Value = publishedUtc; contentItem.As<PublishLaterPart>().ScheduledPublishUtc.Value = publishedUtc;
_publishingTaskManager.Publish(contentItem, (DateTime)publishedUtc); _publishingTaskManager.Publish(contentItem, (DateTime)publishedUtc);

1
src/Orchard.Web/Modules/Orchard.Setup/Module.txt
View File

@@ -1,5 +1,4 @@
Name: Setup Name: Setup
AntiForgery: enabled
Author: The Orchard Team Author: The Orchard Team
Website: http://orchardproject.net Website: http://orchardproject.net
Version: 0.9.0 Version: 0.9.0