lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-14 19:04:51 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

16960 Add root permission and remove permissions that would effectively enable elevation to root

Browse Source 
16970 Merge content type permissions

--HG--
branch : dev
This commit is contained in:
Suha Can
2010-12-08 13:52:59 -08:00
parent b3f463fdc6
commit 29f976265a
4 changed files with 21 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/Orchard.Web/Modules/Orchard.ContentTypes/Controllers/AdminController.cs
View File

@@ -36,7 +36,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult Create() {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content type.")))
return new HttpUnauthorizedResult();
return View(new CreateTypeViewModel());
@@ -44,7 +44,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("Create")]
public ActionResult CreatePOST(CreateTypeViewModel viewModel) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content type.")))
return new HttpUnauthorizedResult();
viewModel.DisplayName = viewModel.DisplayName ?? String.Empty;
@@ -81,7 +81,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult Edit(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
return new HttpUnauthorizedResult();
var typeViewModel = _contentDefinitionService.GetType(id);
@@ -94,7 +94,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("Edit")]
public ActionResult EditPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
return new HttpUnauthorizedResult();
var typeViewModel = _contentDefinitionService.GetType(id);
@@ -131,7 +131,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult AddPartsTo(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
return new HttpUnauthorizedResult();
var typeViewModel = _contentDefinitionService.GetType(id);
@@ -151,7 +151,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("AddPartsTo")]
public ActionResult AddPartsToPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
return new HttpUnauthorizedResult();
var typeViewModel = _contentDefinitionService.GetType(id);
@@ -178,7 +178,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult RemovePartFrom(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
return new HttpUnauthorizedResult();
var typeViewModel = _contentDefinitionService.GetType(id);
@@ -195,7 +195,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("RemovePartFrom")]
public ActionResult RemovePartFromPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
return new HttpUnauthorizedResult();
var typeViewModel = _contentDefinitionService.GetType(id);
@@ -231,7 +231,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult CreatePart() {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content part.")))
return new HttpUnauthorizedResult();
return View(new CreatePartViewModel());
@@ -239,7 +239,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("CreatePart")]
public ActionResult CreatePartPOST(CreatePartViewModel viewModel) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content part.")))
return new HttpUnauthorizedResult();
if (!ModelState.IsValid)
@@ -257,7 +257,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult EditPart(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
return new HttpUnauthorizedResult();
var partViewModel = _contentDefinitionService.GetPart(id);
@@ -270,7 +270,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("EditPart")]
public ActionResult EditPartPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
return new HttpUnauthorizedResult();
var partViewModel = _contentDefinitionService.GetPart(id);
@@ -294,7 +294,7 @@ namespace Orchard.ContentTypes.Controllers {
}
public ActionResult AddFieldTo(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
return new HttpUnauthorizedResult();
var partViewModel = _contentDefinitionService.GetPart(id);
@@ -318,7 +318,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("AddFieldTo")]
public ActionResult AddFieldToPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
return new HttpUnauthorizedResult();
var partViewModel = _contentDefinitionService.GetPart(id);
@@ -365,7 +365,7 @@ namespace Orchard.ContentTypes.Controllers {
public ActionResult RemoveFieldFrom(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
return new HttpUnauthorizedResult();
var partViewModel = _contentDefinitionService.GetPart(id);
@@ -382,7 +382,7 @@ namespace Orchard.ContentTypes.Controllers {
[HttpPost, ActionName("RemoveFieldFrom")]
public ActionResult RemoveFieldFromPOST(string id) {
if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
return new HttpUnauthorizedResult();
var partViewModel = _contentDefinitionService.GetPart(id);

2
src/Orchard.Web/Modules/Orchard.ContentTypes/Permissions.cs
View File

@@ -4,14 +4,12 @@ using Orchard.Security.Permissions;
namespace Orchard.ContentTypes {
public class Permissions : IPermissionProvider {
public static readonly Permission CreateContentTypes = new Permission { Name = "CreateContentTypes", Description = "Create custom content types." };
public static readonly Permission EditContentTypes = new Permission { Name = "EditContentTypes", Description = "Edit content types." };
public virtual Feature Feature { get; set; }
public IEnumerable<Permission> GetPermissions() {
return new [] {
CreateContentTypes,
EditContentTypes,
};
}

2
src/Orchard.Web/Modules/Orchard.Roles/Services/RolesBasedAuthorizationService.cs
View File

@@ -114,6 +114,8 @@ namespace Orchard.Roles.Services {
}
}
}
yield return StandardPermissions.SiteOwner.Name;
}
}

4
src/Orchard/Security/StandardPermissions.cs
View File

@@ -8,6 +8,7 @@ namespace Orchard.Security {
public class StandardPermissions : IPermissionProvider {
public static readonly Permission AccessAdminPanel = new Permission { Name = "AccessAdminPanel", Description = "Access admin panel" };
public static readonly Permission AccessFrontEnd = new Permission { Name = "AccessFrontEnd", Description = "Access site front-end" };
public static readonly Permission SiteOwner = new Permission { Name = "SiteOwner", Description = "Site Owners Permission" };
public Feature Feature {
get {
@@ -31,6 +32,7 @@ namespace Orchard.Security {
return new[] {
AccessAdminPanel,
AccessFrontEnd,
SiteOwner
};
}
@@ -38,7 +40,7 @@ namespace Orchard.Security {
return new[] {
new PermissionStereotype {
Name = "Administrator",
Permissions = new[] {AccessAdminPanel}
Permissions = new[] {SiteOwner, AccessAdminPanel}
},
new PermissionStereotype {
Name = "Anonymous",