lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Merge

Browse Source 
--HG--
branch : dev
This commit is contained in:
Nathan Heskew
2010-12-08 13:24:40 -08:00
parent e83d93bf28 b3f463fdc6
commit 462cf20eaa
12 changed files with 57 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Orchard.Specs/Bindings/ContentRights.cs
View File

@@ -94,11 +94,11 @@ namespace Orchard.Specs.Bindings {
private static Permission GetPermissionForAction(string action) { private static Permission GetPermissionForAction(string action) {
switch ( action ) { switch ( action ) {
case "publish": case "publish":
return Permissions.PublishContent; return Permissions.PublishOthersContent;
case "edit": case "edit":
return Permissions.EditContent; return Permissions.EditOthersContent;
case "delete": case "delete":
return Permissions.DeleteContent; return Permissions.DeleteOthersContent;
default: default:
return null; return null;
} }

20
src/Orchard.Web/Core/Contents/Controllers/AdminController.cs
View File

@@ -132,7 +132,7 @@ namespace Orchard.Core.Contents.Controllers {
break; break;
case ContentsBulkAction.PublishNow: case ContentsBulkAction.PublishNow:
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't publish selected content."))) if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't publish selected content.")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
accessChecked = true; accessChecked = true;
@@ -143,7 +143,7 @@ namespace Orchard.Core.Contents.Controllers {
break; break;
case ContentsBulkAction.Unpublish: case ContentsBulkAction.Unpublish:
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't unpublish selected content."))) if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't unpublish selected content.")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
accessChecked = true; accessChecked = true;
@@ -154,7 +154,7 @@ namespace Orchard.Core.Contents.Controllers {
break; break;
case ContentsBulkAction.Remove: case ContentsBulkAction.Remove:
foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteContent, item, T("Couldn't remove selected content."))) if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteOthersContent, item, T("Couldn't remove selected content.")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
accessChecked = true; accessChecked = true;
@@ -187,7 +187,7 @@ namespace Orchard.Core.Contents.Controllers {
var contentItem = _contentManager.New(id); var contentItem = _contentManager.New(id);
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Cannot create content"))) if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Cannot create content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.BuildEditor(contentItem); dynamic model = _contentManager.BuildEditor(contentItem);
@@ -213,7 +213,7 @@ namespace Orchard.Core.Contents.Controllers {
private ActionResult CreatePOST(string id, Action<ContentItem> conditionallyPublish) { private ActionResult CreatePOST(string id, Action<ContentItem> conditionallyPublish) {
var contentItem = _contentManager.New(id); var contentItem = _contentManager.New(id);
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't create content"))) if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't create content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_contentManager.Create(contentItem, VersionOptions.Draft); _contentManager.Create(contentItem, VersionOptions.Draft);
@@ -239,7 +239,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content"))) if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Cannot edit content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.BuildEditor(contentItem); dynamic model = _contentManager.BuildEditor(contentItem);
@@ -268,7 +268,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Couldn't edit content"))) if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Couldn't edit content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
dynamic model = _contentManager.UpdateEditor(contentItem, this); dynamic model = _contentManager.UpdateEditor(contentItem, this);
@@ -293,7 +293,7 @@ namespace Orchard.Core.Contents.Controllers {
public ActionResult Remove(int id, string returnUrl) { public ActionResult Remove(int id, string returnUrl) {
var contentItem = _contentManager.Get(id, VersionOptions.Latest); var contentItem = _contentManager.Get(id, VersionOptions.Latest);
if (!Services.Authorizer.Authorize(Permissions.DeleteContent, contentItem, T("Couldn't remove content"))) if (!Services.Authorizer.Authorize(Permissions.DeleteOthersContent, contentItem, T("Couldn't remove content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
if (contentItem != null) { if (contentItem != null) {
@@ -315,7 +315,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish content"))) if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_contentManager.Publish(contentItem); _contentManager.Publish(contentItem);
@@ -334,7 +334,7 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't unpublish content"))) if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't unpublish content")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
_contentManager.Unpublish(contentItem); _contentManager.Unpublish(contentItem);

12
src/Orchard.Web/Core/Contents/DynamicPermissions.cs
View File

@@ -9,19 +9,19 @@ using Orchard.Security.Permissions;
namespace Orchard.Core.Contents { namespace Orchard.Core.Contents {
public class DynamicPermissions : IPermissionProvider { public class DynamicPermissions : IPermissionProvider {
private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishContent } }; private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishOthersContent } };
private static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish {0}", Name = "PublishOwn_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOwnContent } }; private static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish {0}", Name = "PublishOwn_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOwnContent } };
private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishContent } }; private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOthersContent } };
private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } }; private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } };
private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } }; private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteOthersContent } };
private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } }; private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } };
public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> { public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> {
{Permissions.PublishContent.Name, PublishContent}, {Permissions.PublishOthersContent.Name, PublishContent},
{Permissions.PublishOwnContent.Name, PublishOwnContent}, {Permissions.PublishOwnContent.Name, PublishOwnContent},
{Permissions.EditContent.Name, EditContent}, {Permissions.EditOthersContent.Name, EditContent},
{Permissions.EditOwnContent.Name, EditOwnContent}, {Permissions.EditOwnContent.Name, EditOwnContent},
{Permissions.DeleteContent.Name, DeleteContent}, {Permissions.DeleteOthersContent.Name, DeleteContent},
{Permissions.DeleteOwnContent.Name, DeleteOwnContent} {Permissions.DeleteOwnContent.Name, DeleteOwnContent}
}; };

23
src/Orchard.Web/Core/Contents/Permissions.cs
View File

@@ -4,12 +4,12 @@ using Orchard.Security.Permissions;
namespace Orchard.Core.Contents { namespace Orchard.Core.Contents {
public class Permissions : IPermissionProvider { public class Permissions : IPermissionProvider {
public static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishContent" }; public static readonly Permission PublishOthersContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishOthersContent" };
public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishContent } }; public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish own content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishOthersContent } };
public static readonly Permission EditContent = new Permission { Description = "Edit content for others", Name = "EditContent", ImpliedBy = new[] { PublishContent } }; public static readonly Permission EditOthersContent = new Permission { Description = "Edit content for others", Name = "EditOthersContent", ImpliedBy = new[] { PublishOthersContent } };
public static readonly Permission EditOwnContent = new Permission { Description = "Edit content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } }; public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditOthersContent, PublishOwnContent } };
public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" }; public static readonly Permission DeleteOthersContent = new Permission { Description = "Delete content for others", Name = "DeleteOthersContent" };
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } }; public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteOthersContent } };
public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } }; public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } };
@@ -18,11 +18,11 @@ namespace Orchard.Core.Contents {
public IEnumerable<Permission> GetPermissions() { public IEnumerable<Permission> GetPermissions() {
return new [] { return new [] {
EditOwnContent, EditOwnContent,
EditContent, EditOthersContent,
PublishOwnContent, PublishOwnContent,
PublishContent, PublishOthersContent,
DeleteOwnContent, DeleteOwnContent,
DeleteContent, DeleteOthersContent,
}; };
} }
@@ -30,15 +30,14 @@ namespace Orchard.Core.Contents {
return new[] { return new[] {
new PermissionStereotype { new PermissionStereotype {
Name = "Administrator", Name = "Administrator",
Permissions = new[] {PublishContent,EditContent,DeleteContent} Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Editor", Name = "Editor",
Permissions = new[] {PublishContent,EditContent,DeleteContent} Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Moderator", Name = "Moderator",
//Permissions = new[] {}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Author", Name = "Author",

6
src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs
View File

@@ -54,11 +54,11 @@ namespace Orchard.Core.Contents.Security
} }
private static Permission GetOwnerVariation(Permission permission) { private static Permission GetOwnerVariation(Permission permission) {
if (permission.Name == Permissions.PublishContent.Name) if (permission.Name == Permissions.PublishOthersContent.Name)
return Permissions.PublishOwnContent; return Permissions.PublishOwnContent;
if (permission.Name == Permissions.EditContent.Name) if (permission.Name == Permissions.EditOthersContent.Name)
return Permissions.EditOwnContent; return Permissions.EditOwnContent;
if (permission.Name == Permissions.DeleteContent.Name) if (permission.Name == Permissions.DeleteOthersContent.Name)
return Permissions.DeleteOwnContent; return Permissions.DeleteOwnContent;
return null; return null;
} }

2
src/Orchard.Web/Core/Contents/Views/Content.ControlWrapper.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.ContentManagement; @using Orchard.ContentManagement;
@using Orchard.Core.Contents; @using Orchard.Core.Contents;
@if (AuthorizedFor(Permissions.EditContent)) { @if (AuthorizedFor(Permissions.EditOthersContent)) {
<div class="content-control"> <div class="content-control">
<div class="manage-actions">@Html.ItemEditLinkWithReturnUrl(T("Edit").Text, (ContentItem)Model.ContentItem)</div> <div class="manage-actions">@Html.ItemEditLinkWithReturnUrl(T("Edit").Text, (ContentItem)Model.ContentItem)</div>
@Display(Model.Child) @Display(Model.Child)

6
src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
View File

@@ -26,16 +26,16 @@ namespace Orchard.Blogs {
if (blogCount > 0 && singleBlog == null) { if (blogCount > 0 && singleBlog == null) {
menu.Add(T("List"), "3", menu.Add(T("List"), "3",
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListBlogs)); item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListOwnBlogs));
} }
else if (singleBlog != null) else if (singleBlog != null)
menu.Add(T("Manage Blog"), "1.0", menu.Add(T("Manage Blog"), "1.0",
item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListBlogs)); item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListOwnBlogs));
if (singleBlog != null) if (singleBlog != null)
menu.Add(T("Create New Post"), "1.1", menu.Add(T("Create New Post"), "1.1",
item => item =>
item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishBlogPost)); item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishOwnBlogPost));
menu.Add(T("Create New Blog"), "1.2", menu.Add(T("Create New Blog"), "1.2",
item => item =>

14
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
View File

@@ -29,7 +29,7 @@ namespace Orchard.Blogs.Controllers {
public Localizer T { get; set; } public Localizer T { get; set; }
public ActionResult Create() { public ActionResult Create() {
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Not allowed to create blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Not allowed to create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost"); var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost");
@@ -57,7 +57,7 @@ namespace Orchard.Blogs.Controllers {
} }
public ActionResult CreatePOST(Action<ContentItem> conditionallyPublish) { public ActionResult CreatePOST(Action<ContentItem> conditionallyPublish) {
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't create blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost"); var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost");
@@ -81,7 +81,7 @@ namespace Orchard.Blogs.Controllers {
//todo: the content shape template has extra bits that the core contents module does not (remove draft functionality) //todo: the content shape template has extra bits that the core contents module does not (remove draft functionality)
//todo: - move this extra functionality there or somewhere else that's appropriate? //todo: - move this extra functionality there or somewhere else that's appropriate?
public ActionResult Edit(int blogId, int postId) { public ActionResult Edit(int blogId, int postId) {
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't edit blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest); var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -113,7 +113,7 @@ namespace Orchard.Blogs.Controllers {
} }
public ActionResult EditPOST(int blogId, int postId, string returnUrl, Action<ContentItem> conditionallyPublish) { public ActionResult EditPOST(int blogId, int postId, string returnUrl, Action<ContentItem> conditionallyPublish) {
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't edit blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest); var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -184,7 +184,7 @@ namespace Orchard.Blogs.Controllers {
[ValidateAntiForgeryTokenOrchard] [ValidateAntiForgeryTokenOrchard]
public ActionResult Delete(int blogId, int postId) { public ActionResult Delete(int blogId, int postId) {
//refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published //refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published
if (!Services.Authorizer.Authorize(Permissions.DeleteBlogPost, T("Couldn't delete blog post"))) if (!Services.Authorizer.Authorize(Permissions.DeleteOwnBlogPost, T("Couldn't delete blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest); var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -203,7 +203,7 @@ namespace Orchard.Blogs.Controllers {
[ValidateAntiForgeryTokenOrchard] [ValidateAntiForgeryTokenOrchard]
public ActionResult Publish(int blogId, int postId) { public ActionResult Publish(int blogId, int postId) {
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't publish blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest); var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -222,7 +222,7 @@ namespace Orchard.Blogs.Controllers {
[ValidateAntiForgeryTokenOrchard] [ValidateAntiForgeryTokenOrchard]
public ActionResult Unpublish(int blogId, int postId) { public ActionResult Unpublish(int blogId, int postId) {
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't unpublish blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't unpublish blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest); var blog = _blogService.Get(blogId, VersionOptions.Latest);

21
src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs
View File

@@ -4,28 +4,28 @@ using Orchard.Security.Permissions;
namespace Orchard.Blogs { namespace Orchard.Blogs {
public class Permissions : IPermissionProvider { public class Permissions : IPermissionProvider {
public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };//q: Should edit_blog be ManageBlogs? public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };
public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post", Name = "PublishBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } }; public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } }; public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
public static readonly Permission EditBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishBlogPost } }; public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishOwnBlogPost } };
public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost", ImpliedBy = new[] { ManageBlogs } }; public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post", Name = "DeleteBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } }; public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } };
public static readonly Permission MetaListOthersBlogs = new Permission { ImpliedBy = new[] { EditOthersBlogPost, PublishOthersBlogPost, DeleteOthersBlogPost } }; public static readonly Permission MetaListOthersBlogs = new Permission { ImpliedBy = new[] { EditOthersBlogPost, PublishOthersBlogPost, DeleteOthersBlogPost } };
public static readonly Permission MetaListBlogs = new Permission { ImpliedBy = new[] { EditBlogPost, PublishBlogPost, DeleteBlogPost } }; public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost } };
public virtual Feature Feature { get; set; } public virtual Feature Feature { get; set; }
public IEnumerable<Permission> GetPermissions() { public IEnumerable<Permission> GetPermissions() {
return new[] { return new[] {
ManageBlogs, ManageBlogs,
EditBlogPost, EditOwnBlogPost,
EditOthersBlogPost, EditOthersBlogPost,
PublishBlogPost, PublishOwnBlogPost,
PublishOthersBlogPost, PublishOthersBlogPost,
DeleteBlogPost, DeleteOwnBlogPost,
DeleteOthersBlogPost, DeleteOthersBlogPost,
}; };
} }
@@ -42,15 +42,14 @@ namespace Orchard.Blogs {
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Moderator", Name = "Moderator",
//Permissions = new[] {}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Author", Name = "Author",
Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost} Permissions = new[] {PublishOwnBlogPost,EditOwnBlogPost,DeleteOwnBlogPost}
}, },
new PermissionStereotype { new PermissionStereotype {
Name = "Contributor", Name = "Contributor",
Permissions = new[] {EditBlogPost} Permissions = new[] {EditOwnBlogPost}
}, },
}; };
} }

2
src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
View File

@@ -166,7 +166,7 @@ namespace Orchard.Blogs.Services {
IEnumerable<IXmlRpcDriver> drivers) { IEnumerable<IXmlRpcDriver> drivers) {
var user = _membershipService.ValidateUser(userName, password); var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(Permissions.EditBlogPost, user, null); _authorizationService.CheckAccess(Permissions.EditOwnBlogPost, user, null);
var blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId)); var blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null) if (blog == null)

2
src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.Core.Contents; @using Orchard.Core.Contents;
@using Orchard.Localization.Models; @using Orchard.Localization.Models;
@if (AuthorizedFor(Permissions.PublishContent)) { @if (AuthorizedFor(Permissions.PublishOthersContent)) {
Style.Require("LocalizationAdmin"); Style.Require("LocalizationAdmin");
IEnumerable<LocalizationPart> localizations = Model.Localizations; IEnumerable<LocalizationPart> localizations = Model.Localizations;
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations"); var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");

2
src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml
View File

@@ -1,6 +1,6 @@
@using Orchard.Core.Contents; @using Orchard.Core.Contents;
@using Orchard.Localization.Models; @using Orchard.Localization.Models;
@if (AuthorizedFor(Permissions.PublishContent)) { @if (AuthorizedFor(Permissions.PublishOthersContent)) {
Style.Require("LocalizationAdmin"); Style.Require("LocalizationAdmin");
IEnumerable<LocalizationPart> localizations = Model.Localizations; IEnumerable<LocalizationPart> localizations = Model.Localizations;
var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations"); var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");