From 376f1b15b1ee3b532fa271d92fd2e41408b91922 Mon Sep 17 00:00:00 2001 From: andrerod Date: Wed, 17 Nov 2010 22:56:52 -0800 Subject: [PATCH] Medium trust: Avoiding dynamic dispatch to the view method (which is protected internal) and using static invocation by casting to object. --- .../Core/Contents/Controllers/AdminController.cs | 9 ++++----- .../Orchard.Blogs/Controllers/BlogAdminController.cs | 11 ++++++----- .../Controllers/BlogPostAdminController.cs | 10 ++++------ .../Orchard.Users/Controllers/AdminController.cs | 8 ++++---- .../Orchard.Widgets/Controllers/AdminController.cs | 8 ++++---- 5 files changed, 22 insertions(+), 24 deletions(-) diff --git a/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs b/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs index 610bf27e4..1d417fc20 100644 --- a/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs +++ b/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs @@ -188,8 +188,8 @@ namespace Orchard.Core.Contents.Controllers { if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Cannot create content"))) return new HttpUnauthorizedResult(); - var model = _contentManager.BuildEditor(contentItem); - return View(model); + dynamic model = _contentManager.BuildEditor(contentItem); + return View((object)model); } [HttpPost, ActionName("Create")] @@ -241,9 +241,8 @@ namespace Orchard.Core.Contents.Controllers { if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content"))) return new HttpUnauthorizedResult(); - var model = _contentManager.BuildEditor(contentItem); - - return View(model); + dynamic model = _contentManager.BuildEditor(contentItem); + return View((object)model); } [HttpPost, ActionName("Edit")] diff --git a/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogAdminController.cs b/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogAdminController.cs index 39a7ddc4a..42edc06ce 100644 --- a/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogAdminController.cs +++ b/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogAdminController.cs @@ -1,4 +1,5 @@ using System.Linq; +using System.Reflection; using System.Web.Mvc; using Orchard.Blogs.Extensions; using Orchard.Blogs.Models; @@ -48,12 +49,12 @@ namespace Orchard.Blogs.Controllers { if (!Services.Authorizer.Authorize(Permissions.ManageBlogs, T("Not allowed to create blogs"))) return new HttpUnauthorizedResult(); - var blog = Services.ContentManager.New("Blog"); + BlogPart blog = Services.ContentManager.New("Blog"); if (blog == null) return HttpNotFound(); - var model = Services.ContentManager.BuildEditor(blog); - return View(model); + dynamic model = Services.ContentManager.BuildEditor(blog); + return View((object)model); } [HttpPost, ActionName("Create")] @@ -86,8 +87,8 @@ namespace Orchard.Blogs.Controllers { if (blog == null) return HttpNotFound(); - var model = Services.ContentManager.BuildEditor(blog); - return View(model); + dynamic model = Services.ContentManager.BuildEditor(blog); + return View((object)model); } [HttpPost, ActionName("Edit")] diff --git a/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs b/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs index e9ca608a0..b2021bf4f 100644 --- a/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs +++ b/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs @@ -33,9 +33,8 @@ namespace Orchard.Blogs.Controllers { if (blogPost.BlogPart == null) return HttpNotFound(); - var model = Services.ContentManager.BuildEditor(blogPost); - - return View(model); + dynamic model = Services.ContentManager.BuildEditor(blogPost); + return View((object)model); } [HttpPost, ActionName("Create")] @@ -76,9 +75,8 @@ namespace Orchard.Blogs.Controllers { if (post == null) return HttpNotFound(); - var model = Services.ContentManager.BuildEditor(post); - - return View(model); + dynamic model = Services.ContentManager.BuildEditor(post); + return View((object)model); } [HttpPost, ActionName("Edit")] diff --git a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs index b7b0e3e55..7cb65ee83 100644 --- a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs +++ b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs @@ -57,10 +57,10 @@ namespace Orchard.Users.Controllers { var user = Services.ContentManager.New("User"); var editor = Shape.EditorTemplate(TemplateName: "Parts/User.Create", Model: new UserCreateViewModel(), Prefix: null); editor.Metadata.Position = "2"; - var model = Services.ContentManager.BuildEditor(user); + dynamic model = Services.ContentManager.BuildEditor(user); model.Content.Add(editor); - return View(model); + return View((object)model); } [HttpPost, ActionName("Create")] @@ -111,10 +111,10 @@ namespace Orchard.Users.Controllers { var user = Services.ContentManager.Get(id); var editor = Shape.EditorTemplate(TemplateName: "Parts/User.Edit", Model: new UserEditViewModel {User = user}, Prefix: null); editor.Metadata.Position = "2"; - var model = Services.ContentManager.BuildEditor(user); + dynamic model = Services.ContentManager.BuildEditor(user); model.Content.Add(editor); - return View(model); + return View((object)model); } [HttpPost, ActionName("Edit")] diff --git a/src/Orchard.Web/Modules/Orchard.Widgets/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Widgets/Controllers/AdminController.cs index 835c371c5..5f22fa365 100644 --- a/src/Orchard.Web/Modules/Orchard.Widgets/Controllers/AdminController.cs +++ b/src/Orchard.Web/Modules/Orchard.Widgets/Controllers/AdminController.cs @@ -112,7 +112,7 @@ namespace Orchard.Widgets.Controllers { widgetPart.LayerPart = _widgetsService.GetLayer(layerId); dynamic model = Services.ContentManager.BuildEditor(widgetPart); - return View(model); + return View((object)model); } catch (Exception exception) { Services.Notifier.Error(T("Creating widget failed: {0}", exception.Message)); @@ -155,7 +155,7 @@ namespace Orchard.Widgets.Controllers { return HttpNotFound(); dynamic model = Services.ContentManager.BuildEditor(layerPart); - return View(model); + return View((object)model); } catch (Exception exception) { Services.Notifier.Error(T("Creating layer failed: {0}", exception.Message)); @@ -200,7 +200,7 @@ namespace Orchard.Widgets.Controllers { } dynamic model = Services.ContentManager.BuildEditor(layerPart); - return View(model); + return View((object)model); } catch (Exception exception) { Services.Notifier.Error(T("Editing layer failed: {0}", exception.Message)); @@ -265,7 +265,7 @@ namespace Orchard.Widgets.Controllers { } dynamic model = Services.ContentManager.BuildEditor(widgetPart); - return View(model); + return View((object)model); } catch (Exception exception) { Services.Notifier.Error(T("Editing widget failed: {0}", exception.Message));