lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-11-28 17:32:44 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Mapping permissions into default role stereotypes

Browse Source 
--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4045975
This commit is contained in:
loudej
2010-01-26 01:17:04 +00:00
parent cc079a8aa4
commit 1db442e2dc
13 changed files with 209 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Core/Settings/Permissions.cs
View File

@@ -21,7 +21,7 @@ namespace Orchard.Core.Settings {
return new[] {
new PermissionStereotype {
Name = "Administrators",
//Permissions = new[] {ChangeOwner}
Permissions = new[] {ManageSettings}
}
};
}

7
src/Orchard.Web/Core/Themes/Permissions.cs
View File

@@ -21,7 +21,12 @@ namespace Orchard.Core.Themes {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageThemes, ApplyTheme}
},
};
}
}
}

24
src/Orchard.Web/Packages/Orchard.Blogs/Permissions.cs
View File

@@ -35,8 +35,30 @@ namespace Orchard.Blogs {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageBlogs}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {PublishOthersBlogPost,EditOthersBlogPost,DeleteOthersBlogPost}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {EditBlogPost}
},
};
}
}
}

17
src/Orchard.Web/Packages/Orchard.Comments/Permissions.cs
View File

@@ -38,8 +38,23 @@ namespace Orchard.Comments {
Name = "Anonymous",
Permissions = new[] {AddComment}
},
new PermissionStereotype {
Name = "Editor",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Contributor",
//Permissions = new[] {}
},
};
}
}
}

29
src/Orchard.Web/Packages/Orchard.Media/Permissions.cs
View File

@@ -2,11 +2,11 @@
using System.Linq;
using Orchard.Security.Permissions;
namespace Orchard.Media {
namespace Orchard.Media {
public class Permissions : IPermissionProvider {
public static readonly Permission ManageMediaFiles = new Permission { Description = "Modifying Media Files", Name = "ManageMediaFiles" };
public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles" };
public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles", ImpliedBy = new[] { ManageMediaFiles } };
public string PackageName {
get {
return "Media";
@@ -21,7 +21,28 @@ namespace Orchard.Media {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageMediaFiles}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {ManageMediaFiles}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {ManageMediaFiles}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {UploadMediaFiles}
},
};
}
}

23
src/Orchard.Web/Packages/Orchard.Pages/Permissions.cs
View File

@@ -31,7 +31,28 @@ namespace Orchard.Pages {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {PublishOthersPages,EditOthersPages,DeleteOthersPages}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {PublishOthersPages,EditOthersPages,DeleteOthersPages}
},
new PermissionStereotype {
Name = "Moderator",
//Permissions = new[] {}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {PublishPages,EditPages,DeletePages}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {EditPages}
},
};
}
}

44
src/Orchard.Web/Packages/Orchard.Roles/Extension.cs
View File

@@ -2,6 +2,7 @@
using System.Linq;
using JetBrains.Annotations;
using Orchard.Extensions;
using Orchard.Logging;
using Orchard.Roles.Services;
using Orchard.Security.Permissions;
@@ -16,31 +17,58 @@ namespace Orchard.Roles {
IEnumerable<IPermissionProvider> permissionProviders) {
_roleService = roleService;
_permissionProviders = permissionProviders;
Logger = NullLogger.Instance;
}
public ILogger Logger { get; set; }
public override void Enabled(ExtensionEventContext context) {
var extensionDisplayName = context.Extension.Descriptor.DisplayName ?? context.Extension.Descriptor.Name;
// when another package is being enabled, locate matching permission providers
var providersForEnabledPackage =
_permissionProviders.Where(x => x.PackageName == context.Extension.Descriptor.Name);
_permissionProviders.Where(x => x.PackageName == extensionDisplayName);
if (providersForEnabledPackage.Any()) {
Logger.Debug("Configuring default roles for module {0}", extensionDisplayName);
}
else {
Logger.Debug("No default roles for module {0}", extensionDisplayName);
}
foreach (var permissionProvider in providersForEnabledPackage) {
// get and iterate stereotypical groups of permissions
var stereotypes = permissionProvider.GetDefaultStereotypes();
foreach(var stereotype in stereotypes) {
foreach (var stereotype in stereotypes) {
// turn those stereotypes into roles
var role = _roleService.GetRoleByName(stereotype.Name);
if (role == null){
if (role == null) {
Logger.Information("Defining new role {0} for permission stereotype", stereotype.Name);
_roleService.CreateRole(stereotype.Name);
role = _roleService.GetRoleByName(stereotype.Name);
}
// and merge the stereotypical permissions into that role
var distinctPermissionNames = role.RolesPermissions.Select(x => x.Permission.Name)
.Union(stereotype.Permissions.Select(x => x.Name))
// and merge the stereotypical permissions into that role
var stereotypePermissionNames = (stereotype.Permissions ?? Enumerable.Empty<Permission>()).Select(x => x.Name);
var currentPermissionNames = role.RolesPermissions.Select(x => x.Permission.Name);
var distinctPermissionNames = currentPermissionNames
.Union(stereotypePermissionNames)
.Distinct();
_roleService.UpdateRole(role.Id, role.Name, distinctPermissionNames);
// update role if set of permissions has increased
var additionalPermissionNames = distinctPermissionNames.Except(currentPermissionNames);
if (additionalPermissionNames.Any()) {
foreach (var permissionName in additionalPermissionNames) {
Logger.Information("Default role {0} granted permission {1}", stereotype.Name, permissionName);
_roleService.CreatePermissionForRole(role.Name, permissionName);
}
}
}
}
}

9
src/Orchard.Web/Packages/Orchard.Roles/Permissions.cs
View File

@@ -23,9 +23,12 @@ namespace Orchard.Roles {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageRoles, ApplyRoles}
}
};
}
}
}

21
src/Orchard.Web/Packages/Orchard.Roles/Services/RoleService.cs
View File

@@ -57,10 +57,10 @@ namespace Orchard.Roles.Services {
public void CreatePermissionForRole(string roleName, string permissionName) {
if (_permissionRepository.Get(x => x.Name == permissionName) == null) {
_permissionRepository.Create(new PermissionRecord {
Description = GetPermissionDescription(permissionName),
Name = permissionName,
PackageName = GetPackageName(permissionName)
});
Description = GetPermissionDescription(permissionName),
Name = permissionName,
PackageName = GetPackageName(permissionName)
});
}
RoleRecord roleRecord = GetRoleByName(roleName);
PermissionRecord permissionRecord = _permissionRepository.Get(x => x.Name == permissionName);
@@ -75,10 +75,10 @@ namespace Orchard.Roles.Services {
string permission = rolePermission;
if (_permissionRepository.Get(x => x.Name == permission) == null) {
_permissionRepository.Create(new PermissionRecord {
Description = GetPermissionDescription(permission),
Name = permission,
PackageName = GetPackageName(permission)
});
Description = GetPermissionDescription(permission),
Name = permission,
PackageName = GetPackageName(permission)
});
}
PermissionRecord permissionRecord = _permissionRepository.Get(x => x.Name == permission);
roleRecord.RolesPermissions.Add(new RolesPermissions { Permission = permissionRecord, Role = roleRecord });
@@ -115,7 +115,10 @@ namespace Orchard.Roles.Services {
Dictionary<string, IEnumerable<Permission>> installedPermissions = new Dictionary<string, IEnumerable<Permission>>();
foreach (var permissionProvider in _permissionProviders) {
IEnumerable<Permission> permissions = permissionProvider.GetPermissions();
installedPermissions.Add(permissionProvider.PackageName, permissions);
if (installedPermissions.ContainsKey(permissionProvider.PackageName))
installedPermissions[permissionProvider.PackageName] = installedPermissions[permissionProvider.PackageName].Concat(permissions);
else
installedPermissions.Add(permissionProvider.PackageName, permissions);
}
return installedPermissions;

23
src/Orchard.Web/Packages/Orchard.Tags/Permissions.cs
View File

@@ -23,7 +23,28 @@ namespace Orchard.Tags {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageTags}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {ManageTags}
},
new PermissionStereotype {
Name = "Moderator",
Permissions = new[] {ManageTags}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {CreateTag, ApplyTag}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {ApplyTag}
},
};
}
}

7
src/Orchard.Web/Packages/Orchard.Users/Permissions.cs
View File

@@ -21,7 +21,12 @@ namespace Orchard.Users {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {ManageUsers}
}
};
}
}

4
src/Orchard/Mvc/Html/ContentItemExtensions.cs
View File

@@ -43,9 +43,5 @@ namespace Orchard.Mvc.Html {
public static MvcHtmlString ItemEditLink(this HtmlHelper html, IContent content) {
return ItemEditLink(html, null, content);
}
public static MvcHtmlString ItemDisplayTemplate(this HtmlHelper html, IContent content, string template) {
return html.Partial(string.Format("{0}/{1}", content.ContentItem.ContentType, template), new ContentItemViewModel(content.ContentItem));
}
}
}

36
src/Orchard/Security/StandardPermissions.cs
View File

@@ -8,7 +8,10 @@ namespace Orchard.Security {
public static readonly Permission AccessFrontEnd = new Permission { Name = "AccessFrontEnd", Description = "Access site front-end" };
public string PackageName {
get { return "Orchard"; }
get {
// This is a lie, but it enables the permissions and stereotypes to be created
return "Common";
}
}
public IEnumerable<Permission> GetPermissions() {
@@ -19,7 +22,36 @@ namespace Orchard.Security {
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return Enumerable.Empty<PermissionStereotype>();
return new[] {
new PermissionStereotype {
Name = "Administrators",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Anonymous",
Permissions = new[] {AccessFrontEnd}
},
new PermissionStereotype {
Name = "Authenticated",
Permissions = new[] {AccessFrontEnd}
},
new PermissionStereotype {
Name = "Editor",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Moderator",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Author",
Permissions = new[] {AccessAdminPanel}
},
new PermissionStereotype {
Name = "Contributor",
Permissions = new[] {AccessAdminPanel}
},
};
}
}