lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

#19861: Implementing menu permissions

Browse Source 
Work Item: 19861
This commit is contained in:
Walance
2014-08-20 15:33:30 -07:00
committed by Sebastien Ros
parent 651175c499
commit 126efc2028
4 changed files with 39 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/Orchard.Web/Core/Navigation/Controllers/AdminController.cs
View File

@@ -44,19 +44,25 @@ namespace Orchard.Core.Navigation.Controllers {
public IOrchardServices Services { get; set; }
public ActionResult Index(NavigationManagementViewModel model, int? menuId) {
if (!Services.Authorizer.Authorize(Permissions.ManageMainMenu, T("Not allowed to manage the main menu"))) {
var menus = Services.ContentManager.Query<TitlePart, TitlePartRecord>().OrderBy(x => x.Title).ForType("Menu").List().ToList();
if (!menus.Any()) {
if (!Services.Authorizer.Authorize(Permissions.ManageMainMenu, T("Not allowed to manage menus"))) {
return new HttpUnauthorizedResult();
}
return RedirectToAction("Create", "Admin", new { area = "Contents", id = "Menu", returnUrl = Request.RawUrl });
}
var allowedMenus = menus.Where(menu => Services.Authorizer.Authorize(Permissions.ManageMainMenu, menu)).ToList();
if (!allowedMenus.Any()) {
return new HttpUnauthorizedResult();
}
IEnumerable<TitlePart> menus = Services.ContentManager.Query<TitlePart, TitlePartRecord>().OrderBy(x => x.Title).ForType("Menu").List();
if (!menus.Any()) {
return RedirectToAction("Create", "Admin", new {area = "Contents", id = "Menu", returnUrl = Request.RawUrl});
}
IContent currentMenu = menuId == null
? menus.FirstOrDefault()
: menus.FirstOrDefault(menu => menu.Id == menuId);
? allowedMenus.FirstOrDefault()
: allowedMenus.FirstOrDefault(menu => menu.Id == menuId);
if (currentMenu == null && menuId != null) { // incorrect menu id passed
return RedirectToAction("Index");
@@ -71,7 +77,7 @@ namespace Orchard.Core.Navigation.Controllers {
}
model.MenuItemDescriptors = _menuManager.GetMenuItemTypes();
model.Menus = menus;
model.Menus = allowedMenus;
model.CurrentMenu = currentMenu;
// need action name as this action is referenced from another action
@@ -148,7 +154,7 @@ namespace Orchard.Core.Navigation.Controllers {
}
public ActionResult CreateMenuItem(string id, int menuId, string returnUrl) {
if (!Services.Authorizer.Authorize(Permissions.ManageMainMenu, T("Couldn't manage the main menu")))
if (!Services.Authorizer.Authorize(Permissions.ManageMainMenu, _menuService.GetMenu(menuId), T("Couldn't manage the main menu")))
return new HttpUnauthorizedResult();
// create a new temporary menu item
@@ -180,7 +186,7 @@ namespace Orchard.Core.Navigation.Controllers {
[HttpPost, ActionName("CreateMenuItem")]
public ActionResult CreateMenuItemPost(string id, int menuId, string returnUrl) {
if (!Services.Authorizer.Authorize(Permissions.ManageMainMenu, T("Couldn't manage the main menu")))
if (!Services.Authorizer.Authorize(Permissions.ManageMainMenu, _menuService.GetMenu(menuId), T("Couldn't manage the main menu")))
return new HttpUnauthorizedResult();
var menuPart = Services.ContentManager.New<MenuPart>(id);

15
src/Orchard.Web/Core/Navigation/Drivers/MenuPartDriver.cs
View File

@@ -1,4 +1,5 @@
using JetBrains.Annotations;
using System.Linq;
using JetBrains.Annotations;
using Orchard.ContentManagement;
using Orchard.ContentManagement.Drivers;
using Orchard.Core.Navigation.Models;
@@ -38,14 +39,16 @@ namespace Orchard.Core.Navigation.Drivers {
}
protected override DriverResult Editor(MenuPart part, dynamic shapeHelper) {
if (!_authorizationService.TryCheckAccess(Permissions.ManageMainMenu, _orchardServices.WorkContext.CurrentUser, part))
var allowedMenus = _menuService.GetMenus().Where(menu => _authorizationService.TryCheckAccess(Permissions.ManageMainMenu, _orchardServices.WorkContext.CurrentUser, menu)).ToList();
if (!allowedMenus.Any())
return null;
return ContentShape("Parts_Navigation_Menu_Edit", () => {
var model = new MenuPartViewModel {
CurrentMenuId = part.Menu == null ? -1 : part.Menu.Id,
ContentItem = part.ContentItem,
Menus = _menuService.GetMenus(),
Menus = allowedMenus,
OnMenu = part.Menu != null,
MenuText = part.MenuText
};
@@ -55,14 +58,14 @@ namespace Orchard.Core.Navigation.Drivers {
}
protected override DriverResult Editor(MenuPart part, IUpdateModel updater, dynamic shapeHelper) {
if (!_authorizationService.TryCheckAccess(Permissions.ManageMainMenu, _orchardServices.WorkContext.CurrentUser, part))
return null;
var model = new MenuPartViewModel();
if(updater.TryUpdateModel(model, Prefix, null, null)) {
var menu = model.OnMenu ? _orchardServices.ContentManager.Get(model.CurrentMenuId) : null;
if (!_authorizationService.TryCheckAccess(Permissions.ManageMainMenu, _orchardServices.WorkContext.CurrentUser, menu))
return null;
part.MenuText = model.MenuText;
part.Menu = menu;

2
src/Orchard.Web/Core/Orchard.Core.csproj
View File

@@ -152,6 +152,7 @@
<Compile Include="Navigation\Drivers\MenuItemPartDriver.cs" />
<Compile Include="Navigation\Drivers\MenuWidgetPartDriver.cs" />
<Compile Include="Navigation\Drivers\ShapeMenuItemPartDriver.cs" />
<Compile Include="Navigation\DynamicPermissions.cs" />
<Compile Include="Navigation\Handlers\AdminMenuPartHandler.cs" />
<Compile Include="Navigation\Handlers\MenuHandler.cs" />
<Compile Include="Navigation\Handlers\MenuItemPartHandler.cs" />
@@ -160,6 +161,7 @@
<Compile Include="Navigation\Models\AdminMenuPartRecord.cs" />
<Compile Include="Navigation\Models\MenuWidgetPart.cs" />
<Compile Include="Navigation\Models\ShapeMenuItemPart.cs" />
<Compile Include="Navigation\Security\AuthorizationEventHandler.cs" />
<Compile Include="Navigation\Services\AdminMenuNavigationProvider.cs" />
<Compile Include="Navigation\Services\DefaultMenuManager.cs" />
<Compile Include="Navigation\Services\IMenuManager.cs" />

15
src/Orchard.Web/Modules/Orchard.ContentPicker/Drivers/NavigationPartDriver.cs
View File

@@ -1,4 +1,5 @@
using Orchard.ContentManagement;
using System.Linq;
using Orchard.ContentManagement;
using Orchard.ContentManagement.Drivers;
using Orchard.ContentPicker.Models;
using Orchard.ContentPicker.ViewModels;
@@ -45,7 +46,9 @@ namespace Orchard.ContentPicker.Drivers {
protected override DriverResult Editor(NavigationPart part, dynamic shapeHelper) {
var currentUser = _workContextAccessor.GetContext().CurrentUser;
if (!_authorizationService.TryCheckAccess(Permissions.ManageMainMenu, currentUser, part))
var allowedMenus = _menuService.GetMenus().Where(menu => _authorizationService.TryCheckAccess(Permissions.ManageMainMenu, currentUser, menu)).ToList();
if (!allowedMenus.Any())
return null;
return ContentShape("Parts_Navigation_Edit",
@@ -58,7 +61,7 @@ namespace Orchard.ContentPicker.Drivers {
.Join<ContentMenuItemPartRecord>()
.Where(x => x.ContentMenuItemRecord == part.ContentItem.Record)
.List(),
Menus = _menuService.GetMenus(),
Menus = allowedMenus,
};
return shapeHelper.EditorTemplate(TemplateName: "Parts.Navigation.Edit", Model: model, Prefix: Prefix);
@@ -67,7 +70,9 @@ namespace Orchard.ContentPicker.Drivers {
protected override DriverResult Editor(NavigationPart part, IUpdateModel updater, dynamic shapeHelper) {
var currentUser = _workContextAccessor.GetContext().CurrentUser;
if (!_authorizationService.TryCheckAccess(Permissions.ManageMainMenu, currentUser, part))
var allowedMenus = _menuService.GetMenus().Where(menu => _authorizationService.TryCheckAccess(Permissions.ManageMainMenu, currentUser, menu)).ToList();
if (!allowedMenus.Any())
return null;
var model = new NavigationPartViewModel();
@@ -78,7 +83,7 @@ namespace Orchard.ContentPicker.Drivers {
updater.AddModelError("MenuText", T("The MenuText field is required"));
}
else {
var menu = _contentManager.Get(model.CurrentMenuId);
var menu = allowedMenus.FirstOrDefault(m => m.Id == model.CurrentMenuId);
if(menu != null) {
var menuItem = _contentManager.Create<ContentMenuItemPart>("ContentMenuItem");