lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2026-01-22 21:02:08 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Mapping permissions into default role stereotypes

Browse Source 
--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4045975
This commit is contained in:
loudej
2010-01-26 01:17:04 +00:00
parent cc079a8aa4
commit 1db442e2dc
13 changed files with 209 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Core/Settings/Permissions.cs
View File

@@ -21,7 +21,7 @@ namespace Orchard.Core.Settings {
return new[] { return new[] {
new PermissionStereotype { new PermissionStereotype {
Name = "Administrators", Name = "Administrators",
//Permissions = new[] {ChangeOwner} Permissions = new[] {ManageSettings}
} }
}; };
} }

7
src/Orchard.Web/Core/Themes/Permissions.cs
View File

@@ -21,7 +21,12 @@ namespace Orchard.Core.Themes {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageThemes, ApplyTheme}
},
};
} }
} }
} }

24
src/Orchard.Web/Packages/Orchard.Blogs/Permissions.cs
View File

@@ -35,8 +35,30 @@ namespace Orchard.Blogs {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageBlogs}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {PublishOthersBlogPost,EditOthersBlogPost,DeleteOthersBlogPost}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {EditBlogPost}
},
};
} }
} }
} }

17
src/Orchard.Web/Packages/Orchard.Comments/Permissions.cs
View File

@@ -38,8 +38,23 @@ namespace Orchard.Comments {
Name = "Anonymous", Name = "Anonymous",
Permissions = new[] {AddComment} Permissions = new[] {AddComment}
}, },
new PermissionStereotype {
Name = "Editor",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Contributor",
//Permissions = new[] {}
},
}; };
} }
} }
} }

29
src/Orchard.Web/Packages/Orchard.Media/Permissions.cs
View File

@@ -2,11 +2,11 @@
using System.Linq; using System.Linq;
using Orchard.Security.Permissions; using Orchard.Security.Permissions;
namespace Orchard.Media { namespace Orchard.Media {
public class Permissions : IPermissionProvider { public class Permissions : IPermissionProvider {
public static readonly Permission ManageMediaFiles = new Permission { Description = "Modifying Media Files", Name = "ManageMediaFiles" }; public static readonly Permission ManageMediaFiles = new Permission { Description = "Modifying Media Files", Name = "ManageMediaFiles" };
public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles" }; public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles", ImpliedBy = new[] { ManageMediaFiles } };
public string PackageName { public string PackageName {
get { get {
return "Media"; return "Media";
@@ -21,7 +21,28 @@ namespace Orchard.Media {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageMediaFiles}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {ManageMediaFiles}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {ManageMediaFiles}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {UploadMediaFiles}
},
};
} }
} }

23
src/Orchard.Web/Packages/Orchard.Pages/Permissions.cs
View File

@@ -31,7 +31,28 @@ namespace Orchard.Pages {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {PublishOthersPages,EditOthersPages,DeleteOthersPages}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {PublishOthersPages,EditOthersPages,DeleteOthersPages}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {PublishPages,EditPages,DeletePages}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {EditPages}
},
};
} }
} }

44
src/Orchard.Web/Packages/Orchard.Roles/Extension.cs
View File

@@ -2,6 +2,7 @@
using System.Linq; using System.Linq;
using JetBrains.Annotations; using JetBrains.Annotations;
using Orchard.Extensions; using Orchard.Extensions;
using Orchard.Logging;
using Orchard.Roles.Services; using Orchard.Roles.Services;
using Orchard.Security.Permissions; using Orchard.Security.Permissions;
@@ -16,31 +17,58 @@ namespace Orchard.Roles {
IEnumerable<IPermissionProvider> permissionProviders) { IEnumerable<IPermissionProvider> permissionProviders) {
_roleService = roleService; _roleService = roleService;
_permissionProviders = permissionProviders; _permissionProviders = permissionProviders;
Logger = NullLogger.Instance;
} }
public ILogger Logger { get; set; }
public override void Enabled(ExtensionEventContext context) { public override void Enabled(ExtensionEventContext context) {
var extensionDisplayName = context.Extension.Descriptor.DisplayName ?? context.Extension.Descriptor.Name;
// when another package is being enabled, locate matching permission providers // when another package is being enabled, locate matching permission providers
var providersForEnabledPackage = var providersForEnabledPackage =
_permissionProviders.Where(x => x.PackageName == context.Extension.Descriptor.Name); _permissionProviders.Where(x => x.PackageName == extensionDisplayName);
if (providersForEnabledPackage.Any()) {
Logger.Debug("Configuring default roles for module {0}", extensionDisplayName);
}
else {
Logger.Debug("No default roles for module {0}", extensionDisplayName);
}
foreach (var permissionProvider in providersForEnabledPackage) { foreach (var permissionProvider in providersForEnabledPackage) {
// get and iterate stereotypical groups of permissions // get and iterate stereotypical groups of permissions
var stereotypes = permissionProvider.GetDefaultStereotypes(); var stereotypes = permissionProvider.GetDefaultStereotypes();
foreach(var stereotype in stereotypes) { foreach (var stereotype in stereotypes) {
// turn those stereotypes into roles // turn those stereotypes into roles
var role = _roleService.GetRoleByName(stereotype.Name); var role = _roleService.GetRoleByName(stereotype.Name);
if (role == null){ if (role == null) {
Logger.Information("Defining new role {0} for permission stereotype", stereotype.Name);
_roleService.CreateRole(stereotype.Name); _roleService.CreateRole(stereotype.Name);
role = _roleService.GetRoleByName(stereotype.Name); role = _roleService.GetRoleByName(stereotype.Name);
} }
// and merge the stereotypical permissions into that role // and merge the stereotypical permissions into that role
var distinctPermissionNames = role.RolesPermissions.Select(x => x.Permission.Name) var stereotypePermissionNames = (stereotype.Permissions ?? Enumerable.Empty<Permission>()).Select(x => x.Name);
.Union(stereotype.Permissions.Select(x => x.Name)) var currentPermissionNames = role.RolesPermissions.Select(x => x.Permission.Name);
var distinctPermissionNames = currentPermissionNames
.Union(stereotypePermissionNames)
.Distinct(); .Distinct();
_roleService.UpdateRole(role.Id, role.Name, distinctPermissionNames);
// update role if set of permissions has increased
var additionalPermissionNames = distinctPermissionNames.Except(currentPermissionNames);
if (additionalPermissionNames.Any()) {
foreach (var permissionName in additionalPermissionNames) {
Logger.Information("Default role {0} granted permission {1}", stereotype.Name, permissionName);
_roleService.CreatePermissionForRole(role.Name, permissionName);
}
}
} }
} }
} }

9
src/Orchard.Web/Packages/Orchard.Roles/Permissions.cs
View File

@@ -23,9 +23,12 @@ namespace Orchard.Roles {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageRoles, ApplyRoles}
}
};
} }
} }
} }

21
src/Orchard.Web/Packages/Orchard.Roles/Services/RoleService.cs
View File

@@ -57,10 +57,10 @@ namespace Orchard.Roles.Services {
public void CreatePermissionForRole(string roleName, string permissionName) { public void CreatePermissionForRole(string roleName, string permissionName) {
if (_permissionRepository.Get(x => x.Name == permissionName) == null) { if (_permissionRepository.Get(x => x.Name == permissionName) == null) {
_permissionRepository.Create(new PermissionRecord { _permissionRepository.Create(new PermissionRecord {
Description = GetPermissionDescription(permissionName), Description = GetPermissionDescription(permissionName),
Name = permissionName, Name = permissionName,
PackageName = GetPackageName(permissionName) PackageName = GetPackageName(permissionName)
}); });
} }
RoleRecord roleRecord = GetRoleByName(roleName); RoleRecord roleRecord = GetRoleByName(roleName);
PermissionRecord permissionRecord = _permissionRepository.Get(x => x.Name == permissionName); PermissionRecord permissionRecord = _permissionRepository.Get(x => x.Name == permissionName);
@@ -75,10 +75,10 @@ namespace Orchard.Roles.Services {
string permission = rolePermission; string permission = rolePermission;
if (_permissionRepository.Get(x => x.Name == permission) == null) { if (_permissionRepository.Get(x => x.Name == permission) == null) {
_permissionRepository.Create(new PermissionRecord { _permissionRepository.Create(new PermissionRecord {
Description = GetPermissionDescription(permission), Description = GetPermissionDescription(permission),
Name = permission, Name = permission,
PackageName = GetPackageName(permission) PackageName = GetPackageName(permission)
}); });
} }
PermissionRecord permissionRecord = _permissionRepository.Get(x => x.Name == permission); PermissionRecord permissionRecord = _permissionRepository.Get(x => x.Name == permission);
roleRecord.RolesPermissions.Add(new RolesPermissions { Permission = permissionRecord, Role = roleRecord }); roleRecord.RolesPermissions.Add(new RolesPermissions { Permission = permissionRecord, Role = roleRecord });
@@ -115,7 +115,10 @@ namespace Orchard.Roles.Services {
Dictionary<string, IEnumerable<Permission>> installedPermissions = new Dictionary<string, IEnumerable<Permission>>(); Dictionary<string, IEnumerable<Permission>> installedPermissions = new Dictionary<string, IEnumerable<Permission>>();
foreach (var permissionProvider in _permissionProviders) { foreach (var permissionProvider in _permissionProviders) {
IEnumerable<Permission> permissions = permissionProvider.GetPermissions(); IEnumerable<Permission> permissions = permissionProvider.GetPermissions();
installedPermissions.Add(permissionProvider.PackageName, permissions); if (installedPermissions.ContainsKey(permissionProvider.PackageName))
installedPermissions[permissionProvider.PackageName] = installedPermissions[permissionProvider.PackageName].Concat(permissions);
else
installedPermissions.Add(permissionProvider.PackageName, permissions);
} }
return installedPermissions; return installedPermissions;

23
src/Orchard.Web/Packages/Orchard.Tags/Permissions.cs
View File

@@ -23,7 +23,28 @@ namespace Orchard.Tags {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageTags}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {ManageTags}
},
new PermissionStereotype {
Name = "Moderator",
Permissions = new[] {ManageTags}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {CreateTag, ApplyTag}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {ApplyTag}
},
};
} }
} }

7
src/Orchard.Web/Packages/Orchard.Users/Permissions.cs
View File

@@ -21,7 +21,12 @@ namespace Orchard.Users {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageUsers}
}
};
} }
} }

4
src/Orchard/Mvc/Html/ContentItemExtensions.cs
View File

@@ -43,9 +43,5 @@ namespace Orchard.Mvc.Html {
public static MvcHtmlString ItemEditLink(this HtmlHelper html, IContent content) { public static MvcHtmlString ItemEditLink(this HtmlHelper html, IContent content) {
return ItemEditLink(html, null, content); return ItemEditLink(html, null, content);
} }
public static MvcHtmlString ItemDisplayTemplate(this HtmlHelper html, IContent content, string template) {
return html.Partial(string.Format("{0}/{1}", content.ContentItem.ContentType, template), new ContentItemViewModel(content.ContentItem));
}
} }
} }

36
src/Orchard/Security/StandardPermissions.cs
View File

@@ -8,7 +8,10 @@ namespace Orchard.Security {
public static readonly Permission AccessFrontEnd = new Permission { Name = "AccessFrontEnd", Description = "Access site front-end" }; public static readonly Permission AccessFrontEnd = new Permission { Name = "AccessFrontEnd", Description = "Access site front-end" };
public string PackageName { public string PackageName {
get { return "Orchard"; } get {
// This is a lie, but it enables the permissions and stereotypes to be created
return "Common";
}
} }
public IEnumerable<Permission> GetPermissions() { public IEnumerable<Permission> GetPermissions() {
@@ -19,7 +22,36 @@ namespace Orchard.Security {
} }
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() { public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>(); return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Anonymous",
Permissions = new[] {AccessFrontEnd}
},
new PermissionStereotype {
Name = "Authenticated",
Permissions = new[] {AccessFrontEnd}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Moderator",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {AccessAdminPanel}
},
};
} }
} }