lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Giving UI permission checking to the views

Browse Source 
(via Orchard.Mvc.ViewUserControl and Orchard.Mvc.ViewPage)
- Pulled conditional template part inclusion from Page, Blog and BlogPost drivers in favor of doing UI trimming on the front
- Wrapped the respective manage template markup with the appropriate permission checks

--HG--
branch : dev
This commit is contained in:
Nathan Heskew
2010-03-02 05:49:36 -08:00
parent ad2bfffb69
commit 478ca3d79d
9 changed files with 64 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogDriver.cs
View File

@@ -82,7 +82,7 @@ namespace Orchard.Blogs.Controllers {
return Combined(
ContentItemTemplate("Items/Blogs.Blog").LongestMatch(displayType, "Summary", "DetailAdmin", "SummaryAdmin"),
Services.Authorizer.Authorize(Permissions.ManageBlogs) ? ContentPartTemplate(blog, "Parts/Blogs.Blog.Manage").Location("primary:manage") : null,
ContentPartTemplate(blog, "Parts/Blogs.Blog.Manage").Location("primary:manage"),
ContentPartTemplate(blog, "Parts/Blogs.Blog.Metadata").Location("primary:metadata"),
ContentPartTemplate(blog, "Parts/Blogs.Blog.Description").Location("primary"),
blogPosts == null ? null : ContentPartTemplate(blogPosts, "Parts/Blogs.BlogPost.List", "").Location("primary"));

2
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostDriver.cs
View File

@@ -66,7 +66,7 @@ namespace Orchard.Blogs.Controllers {
protected override DriverResult Display(BlogPost post, string displayType) {
return Combined(
ContentItemTemplate("Items/Blogs.BlogPost").LongestMatch(displayType, "Summary", "SummaryAdmin"),
Services.Authorizer.Authorize(Permissions.EditOthersBlogPost) ? ContentPartTemplate(post, "Parts/Blogs.BlogPost.Manage").Location("primary:manage") : null,
ContentPartTemplate(post, "Parts/Blogs.BlogPost.Manage").Location("primary:manage"),
ContentPartTemplate(post, "Parts/Blogs.BlogPost.Metadata").Location("primary:metadata"));
}

7
src/Orchard.Web/Modules/Orchard.Blogs/Views/DisplayTemplates/Parts/Blogs.Blog.Manage.ascx
View File

@@ -1,6 +1,9 @@
<%@ Control Language="C#" Inherits="Orchard.Mvc.ViewUserControl<Blog>" %>
<%@ Import Namespace="Orchard.Blogs"%>
<%@ Import Namespace="Orchard.Blogs.Extensions"%>
<%@ Import Namespace="Orchard.Blogs.Models"%>
<%@ Import Namespace="Orchard.Blogs.Models"%><%
if (AuthorizedFor(Permissions.ManageBlogs)) { %>
<div class="manage">
<a href="<%=Url.BlogEdit(Model.Slug) %>" class="edit"><%=_Encoded("Edit") %></a>
</div>
</div><%
} %>

7
src/Orchard.Web/Modules/Orchard.Blogs/Views/DisplayTemplates/Parts/Blogs.BlogPost.Manage.ascx
View File

@@ -1,6 +1,9 @@
<%@ Control Language="C#" Inherits="Orchard.Mvc.ViewUserControl<BlogPost>" %>
<%@ Import Namespace="Orchard.Blogs"%>
<%@ Import Namespace="Orchard.Blogs.Extensions"%>
<%@ Import Namespace="Orchard.Blogs.Models"%>
<%@ Import Namespace="Orchard.Blogs.Models"%><%
if (AuthorizedFor(Permissions.EditOthersBlogPost)) { %>
<div class="manage">
<a href="<%=Url.BlogPostEdit(Model.Blog.Slug, Model.Id) %>" class="edit"><%=_Encoded("Edit") %></a>
</div>
</div><%
} %>

2
src/Orchard.Web/Modules/Orchard.Pages/Controllers/PageDriver.cs
View File

@@ -62,7 +62,7 @@ namespace Orchard.Pages.Controllers {
protected override DriverResult Display(Page page, string displayType) {
return Combined(
ContentItemTemplate("Items/Pages.Page").LongestMatch(displayType, "Summary", "SummaryAdmin"),
Services.Authorizer.Authorize(Permissions.EditOthersPages) ? ContentPartTemplate(page, "Parts/Pages.Page.Manage").Location("primary:manage") : null,
ContentPartTemplate(page, "Parts/Pages.Page.Manage").Location("primary:manage"),
ContentPartTemplate(page, "Parts/Pages.Page.Metadata").Location("primary:metadata"));
}

7
src/Orchard.Web/Modules/Orchard.Pages/Views/DisplayTemplates/Parts/Pages.Page.Manage.ascx
View File

@@ -1,6 +1,9 @@
<%@ Control Language="C#" Inherits="Orchard.Mvc.ViewUserControl<Orchard.Pages.Models.Page>" %>
<%@ Import Namespace="Orchard.Pages"%>
<%@ Import Namespace="Orchard.Mvc.ViewModels"%>
<%@ Import Namespace="Orchard.Mvc.Html" %>
<%@ Import Namespace="Orchard.Mvc.Html" %><%
if (AuthorizedFor(Permissions.EditOthersPages)) { %>
<div class="manage">
<a href="<%=Url.Action("Edit", "Admin", new {id = Model.Id, area = "Orchard.Pages"}) %>" class="edit"><%=_Encoded("Edit")%></a>
</div>
</div><%
} %>

33
src/Orchard/Mvc/ViewPage.cs
View File

@@ -1,5 +1,8 @@
using System.Web.Mvc;
using Orchard.Localization;
using Orchard.Mvc.Html;
using Orchard.Security;
using Orchard.Security.Permissions;
namespace Orchard.Mvc {
public class ViewPage<TModel> : System.Web.Mvc.ViewPage<TModel> {
@@ -7,13 +10,13 @@ namespace Orchard.Mvc {
T = NullLocalizer.Instance;
}
public Localizer T { get; set; }
public override void RenderView(ViewContext viewContext) {
T = LocalizationUtilities.Resolve(viewContext, AppRelativeVirtualPath);
base.RenderView(viewContext);
}
public Localizer T { get; set; }
public MvcHtmlString H(string value) {
return MvcHtmlString.Create(Html.Encode(value));
}
@@ -24,29 +27,9 @@ namespace Orchard.Mvc {
public MvcHtmlString _Encoded(string textHint, params object[] formatTokens) {
return MvcHtmlString.Create(Html.Encode(T(textHint, formatTokens)));
}
}
public class ViewUserControl<TModel> : System.Web.Mvc.ViewUserControl<TModel> {
public ViewUserControl() {
T = NullLocalizer.Instance;
}
public override void RenderView(ViewContext viewContext) {
T = LocalizationUtilities.Resolve(viewContext, AppRelativeVirtualPath);
base.RenderView(viewContext);
}
public Localizer T { get; set; }
public MvcHtmlString H(string value) {
return MvcHtmlString.Create(Html.Encode(value));
}
public MvcHtmlString _Encoded(string textHint) {
return MvcHtmlString.Create(Html.Encode(T(textHint)));
}
public MvcHtmlString _Encoded(string textHint, params object[] formatTokens) {
return MvcHtmlString.Create(Html.Encode(T(textHint, formatTokens)));
public bool AuthorizedFor(Permission permission) {
return Html.Resolve<IAuthorizer>().Authorize(permission);
}
}
}
}

35
src/Orchard/Mvc/ViewUserControl.cs Normal file
View File

@@ -0,0 +1,35 @@
using System.Web.Mvc;
using Orchard.Localization;
using Orchard.Mvc.Html;
using Orchard.Security;
using Orchard.Security.Permissions;
namespace Orchard.Mvc {
public class ViewUserControl<TModel> : System.Web.Mvc.ViewUserControl<TModel> {
public ViewUserControl() {
T = NullLocalizer.Instance;
}
public Localizer T { get; set; }
public override void RenderView(ViewContext viewContext) {
T = LocalizationUtilities.Resolve(viewContext, AppRelativeVirtualPath);
base.RenderView(viewContext);
}
public MvcHtmlString H(string value) {
return MvcHtmlString.Create(Html.Encode(value));
}
public MvcHtmlString _Encoded(string textHint) {
return MvcHtmlString.Create(Html.Encode(T(textHint)));
}
public MvcHtmlString _Encoded(string textHint, params object[] formatTokens) {
return MvcHtmlString.Create(Html.Encode(T(textHint, formatTokens)));
}
public bool AuthorizedFor(Permission permission) {
return Html.Resolve<IAuthorizer>().Authorize(permission);
}
}
}

3
src/Orchard/Orchard.csproj
View File

@@ -154,6 +154,9 @@
<Compile Include="Extensions\UriExtensions.cs" />
<Compile Include="Mvc\AntiForgery\ValidateAntiForgeryTokenOrchardAttribute.cs" />
<Compile Include="Mvc\ViewModels\AdaptedViewModel.cs" />
<Compile Include="Mvc\ViewUserControl.cs">
<SubType>ASPXCodeBehind</SubType>
</Compile>
<Compile Include="OrchardException.cs" />
<Compile Include="Security\IAuthorizationServiceEvents.cs" />
<Compile Include="Security\StandardPermissions.cs" />