mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-10-15 19:54:57 +08:00
Adding View permission
--HG-- branch : 1.x
This commit is contained in:
Sebastien Ros
@@ -20,7 +20,7 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
dynamic Shape { get; set; }
|
||||
public IOrchardServices Services { get; private set; }
|
||||
public Localizer T { get; set; }
|
||||
|
||||
|
||||
// /Contents/Item/Display/72
|
||||
public ActionResult Display(int id) {
|
||||
var contentItem = _contentManager.Get(id, VersionOptions.Published);
|
||||
@@ -28,6 +28,10 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.ViewContent, contentItem, T("Cannot view content"))) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
dynamic model = _contentManager.BuildDisplay(contentItem);
|
||||
return new ShapeResult(this, model);
|
||||
}
|
||||
@@ -41,12 +45,16 @@ namespace Orchard.Core.Contents.Controllers {
|
||||
versionOptions = VersionOptions.Number((int)version);
|
||||
|
||||
var contentItem = _contentManager.Get(id, versionOptions);
|
||||
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot preview content")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ViewContent, contentItem, T("Cannot preview content"))) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot preview content"))) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
dynamic model = _contentManager.BuildDisplay(contentItem);
|
||||
return new ShapeResult(this, model);
|
||||
|
||||
@@ -15,6 +15,8 @@ namespace Orchard.Core.Contents {
|
||||
private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } };
|
||||
private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } };
|
||||
private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } };
|
||||
private static readonly Permission ViewContent = new Permission { Description = "View {0} by others", Name = "View_{0}", ImpliedBy = new[] { Permissions.EditContent } };
|
||||
private static readonly Permission ViewOwnContent = new Permission { Description = "View own {0}", Name = "ViewOwn_{0}", ImpliedBy = new[] { ViewContent, Permissions.ViewOwnContent } };
|
||||
|
||||
public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> {
|
||||
{Permissions.PublishContent.Name, PublishContent},
|
||||
@@ -22,7 +24,9 @@ namespace Orchard.Core.Contents {
|
||||
{Permissions.EditContent.Name, EditContent},
|
||||
{Permissions.EditOwnContent.Name, EditOwnContent},
|
||||
{Permissions.DeleteContent.Name, DeleteContent},
|
||||
{Permissions.DeleteOwnContent.Name, DeleteOwnContent}
|
||||
{Permissions.DeleteOwnContent.Name, DeleteOwnContent},
|
||||
{Permissions.ViewContent.Name, ViewContent},
|
||||
{Permissions.ViewOwnContent.Name, ViewOwnContent}
|
||||
};
|
||||
|
||||
private readonly IContentDefinitionManager _contentDefinitionManager;
|
||||
@@ -38,8 +42,8 @@ namespace Orchard.Core.Contents {
|
||||
var creatableTypes = _contentDefinitionManager.ListTypeDefinitions()
|
||||
.Where(ctd => ctd.Settings.GetModel<ContentTypeSettings>().Creatable);
|
||||
|
||||
foreach(var typeDefinition in creatableTypes) {
|
||||
foreach ( var permissionTemplate in PermissionTemplates.Values ) {
|
||||
foreach (var typeDefinition in creatableTypes) {
|
||||
foreach (var permissionTemplate in PermissionTemplates.Values) {
|
||||
yield return CreateDynamicPermission(permissionTemplate, typeDefinition);
|
||||
}
|
||||
}
|
||||
@@ -53,7 +57,7 @@ namespace Orchard.Core.Contents {
|
||||
/// Returns a dynamic permission for a content type, based on a global content permission template
|
||||
/// </summary>
|
||||
public static Permission ConvertToDynamicPermission(Permission permission) {
|
||||
if (PermissionTemplates.ContainsKey(permission.Name) ) {
|
||||
if (PermissionTemplates.ContainsKey(permission.Name)) {
|
||||
return PermissionTemplates[permission.Name];
|
||||
}
|
||||
|
||||
@@ -68,7 +72,7 @@ namespace Orchard.Core.Contents {
|
||||
Name = String.Format(template.Name, typeDefinition.Name),
|
||||
Description = String.Format(template.Description, typeDefinition.DisplayName),
|
||||
Category = typeDefinition.DisplayName,
|
||||
ImpliedBy = ( template.ImpliedBy ?? new Permission[0] ).Select(t => CreateDynamicPermission(t, typeDefinition))
|
||||
ImpliedBy = (template.ImpliedBy ?? new Permission[0]).Select(t => CreateDynamicPermission(t, typeDefinition))
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,19 +14,24 @@ namespace Orchard.Core.Contents {
|
||||
public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } };
|
||||
public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" };
|
||||
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } };
|
||||
public static readonly Permission ViewContent = new Permission { Description = "View all content", Name = "ViewContent", ImpliedBy = new[] { EditContent } };
|
||||
public static readonly Permission ViewOwnContent = new Permission { Description = "View own content", Name = "ViewOwnContent", ImpliedBy = new[] { ViewContent } };
|
||||
|
||||
|
||||
public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } };
|
||||
|
||||
public virtual Feature Feature { get; set; }
|
||||
|
||||
public IEnumerable<Permission> GetPermissions() {
|
||||
return new [] {
|
||||
return new[] {
|
||||
EditOwnContent,
|
||||
EditContent,
|
||||
PublishOwnContent,
|
||||
PublishContent,
|
||||
DeleteOwnContent,
|
||||
DeleteContent,
|
||||
ViewContent,
|
||||
ViewOwnContent
|
||||
};
|
||||
}
|
||||
|
||||
@@ -51,6 +56,14 @@ namespace Orchard.Core.Contents {
|
||||
Name = "Contributor",
|
||||
Permissions = new[] {EditOwnContent}
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Authenticated",
|
||||
Permissions = new[] {ViewContent}
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Anonymous",
|
||||
Permissions = new[] {ViewContent}
|
||||
},
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
@@ -5,17 +5,15 @@ using Orchard.Core.Contents.Settings;
|
||||
using Orchard.Security;
|
||||
using Orchard.Security.Permissions;
|
||||
|
||||
namespace Orchard.Core.Contents.Security
|
||||
{
|
||||
namespace Orchard.Core.Contents.Security {
|
||||
[UsedImplicitly]
|
||||
public class AuthorizationEventHandler : IAuthorizationServiceEventHandler
|
||||
{
|
||||
public class AuthorizationEventHandler : IAuthorizationServiceEventHandler {
|
||||
public void Checking(CheckAccessContext context) { }
|
||||
public void Complete(CheckAccessContext context) { }
|
||||
|
||||
public void Adjust(CheckAccessContext context) {
|
||||
if ( !context.Granted &&
|
||||
context.Content.Is<ICommonPart>() ) {
|
||||
if (!context.Granted &&
|
||||
context.Content.Is<ICommonPart>()) {
|
||||
|
||||
if (OwnerVariationExists(context.Permission) &&
|
||||
HasOwnership(context.User, context.Content)) {
|
||||
@@ -27,10 +25,10 @@ namespace Orchard.Core.Contents.Security
|
||||
var typeDefinition = context.Content.ContentItem.TypeDefinition;
|
||||
|
||||
// replace permission if a content type specific version exists
|
||||
if ( typeDefinition.Settings.GetModel<ContentTypeSettings>().Creatable ) {
|
||||
if (typeDefinition.Settings.GetModel<ContentTypeSettings>().Creatable) {
|
||||
var permission = GetContentTypeVariation(context.Permission);
|
||||
|
||||
if ( permission != null) {
|
||||
if (permission != null) {
|
||||
context.Adjusted = true;
|
||||
context.Permission = DynamicPermissions.CreateDynamicPermission(permission, typeDefinition);
|
||||
}
|
||||
@@ -60,6 +58,8 @@ namespace Orchard.Core.Contents.Security
|
||||
return Permissions.EditOwnContent;
|
||||
if (permission.Name == Permissions.DeleteContent.Name)
|
||||
return Permissions.DeleteOwnContent;
|
||||
if (permission.Name == Permissions.ViewContent.Name)
|
||||
return Permissions.ViewOwnContent;
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -25,14 +25,14 @@ namespace Orchard.Blogs.Security {
|
||||
if (user == null || content == null)
|
||||
return false;
|
||||
|
||||
if(HasOwnershipOnContainer(user, content)) {
|
||||
if (HasOwnershipOnContainer(user, content)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
var common = content.As<ICommonPart>();
|
||||
if (common == null || common.Owner == null)
|
||||
return false;
|
||||
|
||||
|
||||
return user.Id == common.Owner.Id;
|
||||
}
|
||||
|
||||
@@ -62,6 +62,8 @@ namespace Orchard.Blogs.Security {
|
||||
return Permissions.EditOwnBlogPost;
|
||||
if (permission.Name == Permissions.DeleteBlogPost.Name)
|
||||
return Permissions.DeleteOwnBlogPost;
|
||||
if (permission.Name == Core.Contents.Permissions.ViewContent.Name)
|
||||
return Core.Contents.Permissions.ViewOwnContent;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user