lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Adding View permission

Browse Source 
--HG--
branch : 1.x
This commit is contained in:
Sebastien Ros
2012-05-10 13:55:20 -07:00
parent da1d61cfa1
commit 57100b4e77
5 changed files with 46 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/Orchard.Web/Core/Contents/Controllers/ItemController.cs
View File

@@ -28,6 +28,10 @@ namespace Orchard.Core.Contents.Controllers {
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.ViewContent, contentItem, T("Cannot view content"))) {
return new HttpUnauthorizedResult();
}
dynamic model = _contentManager.BuildDisplay(contentItem); dynamic model = _contentManager.BuildDisplay(contentItem);
return new ShapeResult(this, model); return new ShapeResult(this, model);
} }
@@ -41,12 +45,16 @@ namespace Orchard.Core.Contents.Controllers {
versionOptions = VersionOptions.Number((int)version); versionOptions = VersionOptions.Number((int)version);
var contentItem = _contentManager.Get(id, versionOptions); var contentItem = _contentManager.Get(id, versionOptions);
if (contentItem == null) if (contentItem == null)
return HttpNotFound(); return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot preview content"))) if (!Services.Authorizer.Authorize(Permissions.ViewContent, contentItem, T("Cannot preview content"))) {
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
}
if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot preview content"))) {
return new HttpUnauthorizedResult();
}
dynamic model = _contentManager.BuildDisplay(contentItem); dynamic model = _contentManager.BuildDisplay(contentItem);
return new ShapeResult(this, model); return new ShapeResult(this, model);

14
src/Orchard.Web/Core/Contents/DynamicPermissions.cs
View File

@@ -15,6 +15,8 @@ namespace Orchard.Core.Contents {
private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } }; private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } };
private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } }; private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } };
private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } }; private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } };
private static readonly Permission ViewContent = new Permission { Description = "View {0} by others", Name = "View_{0}", ImpliedBy = new[] { Permissions.EditContent } };
private static readonly Permission ViewOwnContent = new Permission { Description = "View own {0}", Name = "ViewOwn_{0}", ImpliedBy = new[] { ViewContent, Permissions.ViewOwnContent } };
public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> { public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> {
{Permissions.PublishContent.Name, PublishContent}, {Permissions.PublishContent.Name, PublishContent},
@@ -22,7 +24,9 @@ namespace Orchard.Core.Contents {
{Permissions.EditContent.Name, EditContent}, {Permissions.EditContent.Name, EditContent},
{Permissions.EditOwnContent.Name, EditOwnContent}, {Permissions.EditOwnContent.Name, EditOwnContent},
{Permissions.DeleteContent.Name, DeleteContent}, {Permissions.DeleteContent.Name, DeleteContent},
{Permissions.DeleteOwnContent.Name, DeleteOwnContent} {Permissions.DeleteOwnContent.Name, DeleteOwnContent},
{Permissions.ViewContent.Name, ViewContent},
{Permissions.ViewOwnContent.Name, ViewOwnContent}
}; };
private readonly IContentDefinitionManager _contentDefinitionManager; private readonly IContentDefinitionManager _contentDefinitionManager;
@@ -38,8 +42,8 @@ namespace Orchard.Core.Contents {
var creatableTypes = _contentDefinitionManager.ListTypeDefinitions() var creatableTypes = _contentDefinitionManager.ListTypeDefinitions()
.Where(ctd => ctd.Settings.GetModel<ContentTypeSettings>().Creatable); .Where(ctd => ctd.Settings.GetModel<ContentTypeSettings>().Creatable);
foreach(var typeDefinition in creatableTypes) { foreach (var typeDefinition in creatableTypes) {
foreach ( var permissionTemplate in PermissionTemplates.Values ) { foreach (var permissionTemplate in PermissionTemplates.Values) {
yield return CreateDynamicPermission(permissionTemplate, typeDefinition); yield return CreateDynamicPermission(permissionTemplate, typeDefinition);
} }
} }
@@ -53,7 +57,7 @@ namespace Orchard.Core.Contents {
/// Returns a dynamic permission for a content type, based on a global content permission template /// Returns a dynamic permission for a content type, based on a global content permission template
/// </summary> /// </summary>
public static Permission ConvertToDynamicPermission(Permission permission) { public static Permission ConvertToDynamicPermission(Permission permission) {
if (PermissionTemplates.ContainsKey(permission.Name) ) { if (PermissionTemplates.ContainsKey(permission.Name)) {
return PermissionTemplates[permission.Name]; return PermissionTemplates[permission.Name];
} }
@@ -68,7 +72,7 @@ namespace Orchard.Core.Contents {
Name = String.Format(template.Name, typeDefinition.Name), Name = String.Format(template.Name, typeDefinition.Name),
Description = String.Format(template.Description, typeDefinition.DisplayName), Description = String.Format(template.Description, typeDefinition.DisplayName),
Category = typeDefinition.DisplayName, Category = typeDefinition.DisplayName,
ImpliedBy = ( template.ImpliedBy ?? new Permission[0] ).Select(t => CreateDynamicPermission(t, typeDefinition)) ImpliedBy = (template.ImpliedBy ?? new Permission[0]).Select(t => CreateDynamicPermission(t, typeDefinition))
}; };
} }
} }

15
src/Orchard.Web/Core/Contents/Permissions.cs
View File

@@ -14,19 +14,24 @@ namespace Orchard.Core.Contents {
public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } }; public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } };
public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" }; public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" };
public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } }; public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } };
public static readonly Permission ViewContent = new Permission { Description = "View all content", Name = "ViewContent", ImpliedBy = new[] { EditContent } };
public static readonly Permission ViewOwnContent = new Permission { Description = "View own content", Name = "ViewOwnContent", ImpliedBy = new[] { ViewContent } };
public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } }; public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } };
public virtual Feature Feature { get; set; } public virtual Feature Feature { get; set; }
public IEnumerable<Permission> GetPermissions() { public IEnumerable<Permission> GetPermissions() {
return new [] { return new[] {
EditOwnContent, EditOwnContent,
EditContent, EditContent,
PublishOwnContent, PublishOwnContent,
PublishContent, PublishContent,
DeleteOwnContent, DeleteOwnContent,
DeleteContent, DeleteContent,
ViewContent,
ViewOwnContent
}; };
} }
@@ -51,6 +56,14 @@ namespace Orchard.Core.Contents {
Name = "Contributor", Name = "Contributor",
Permissions = new[] {EditOwnContent} Permissions = new[] {EditOwnContent}
}, },
new PermissionStereotype {
Name = "Authenticated",
Permissions = new[] {ViewContent}
},
new PermissionStereotype {
Name = "Anonymous",
Permissions = new[] {ViewContent}
},
}; };
} }

16
src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs
View File

@@ -5,17 +5,15 @@ using Orchard.Core.Contents.Settings;
using Orchard.Security; using Orchard.Security;
using Orchard.Security.Permissions; using Orchard.Security.Permissions;
namespace Orchard.Core.Contents.Security namespace Orchard.Core.Contents.Security {
{
[UsedImplicitly] [UsedImplicitly]
public class AuthorizationEventHandler : IAuthorizationServiceEventHandler public class AuthorizationEventHandler : IAuthorizationServiceEventHandler {
{
public void Checking(CheckAccessContext context) { } public void Checking(CheckAccessContext context) { }
public void Complete(CheckAccessContext context) { } public void Complete(CheckAccessContext context) { }
public void Adjust(CheckAccessContext context) { public void Adjust(CheckAccessContext context) {
if ( !context.Granted && if (!context.Granted &&
context.Content.Is<ICommonPart>() ) { context.Content.Is<ICommonPart>()) {
if (OwnerVariationExists(context.Permission) && if (OwnerVariationExists(context.Permission) &&
HasOwnership(context.User, context.Content)) { HasOwnership(context.User, context.Content)) {
@@ -27,10 +25,10 @@ namespace Orchard.Core.Contents.Security
var typeDefinition = context.Content.ContentItem.TypeDefinition; var typeDefinition = context.Content.ContentItem.TypeDefinition;
// replace permission if a content type specific version exists // replace permission if a content type specific version exists
if ( typeDefinition.Settings.GetModel<ContentTypeSettings>().Creatable ) { if (typeDefinition.Settings.GetModel<ContentTypeSettings>().Creatable) {
var permission = GetContentTypeVariation(context.Permission); var permission = GetContentTypeVariation(context.Permission);
if ( permission != null) { if (permission != null) {
context.Adjusted = true; context.Adjusted = true;
context.Permission = DynamicPermissions.CreateDynamicPermission(permission, typeDefinition); context.Permission = DynamicPermissions.CreateDynamicPermission(permission, typeDefinition);
} }
@@ -60,6 +58,8 @@ namespace Orchard.Core.Contents.Security
return Permissions.EditOwnContent; return Permissions.EditOwnContent;
if (permission.Name == Permissions.DeleteContent.Name) if (permission.Name == Permissions.DeleteContent.Name)
return Permissions.DeleteOwnContent; return Permissions.DeleteOwnContent;
if (permission.Name == Permissions.ViewContent.Name)
return Permissions.ViewOwnContent;
return null; return null;
} }

4
src/Orchard.Web/Modules/Orchard.Blogs/Security/BlogAuthorizationEventHandler.cs
View File

@@ -25,7 +25,7 @@ namespace Orchard.Blogs.Security {
if (user == null || content == null) if (user == null || content == null)
return false; return false;
if(HasOwnershipOnContainer(user, content)) { if (HasOwnershipOnContainer(user, content)) {
return true; return true;
} }
@@ -62,6 +62,8 @@ namespace Orchard.Blogs.Security {
return Permissions.EditOwnBlogPost; return Permissions.EditOwnBlogPost;
if (permission.Name == Permissions.DeleteBlogPost.Name) if (permission.Name == Permissions.DeleteBlogPost.Name)
return Permissions.DeleteOwnBlogPost; return Permissions.DeleteOwnBlogPost;
if (permission.Name == Core.Contents.Permissions.ViewContent.Name)
return Core.Contents.Permissions.ViewOwnContent;
return null; return null;
} }
} }