From 593f99b758be5dcefcbd188715696d7a285475bb Mon Sep 17 00:00:00 2001 From: Jason Burgard Date: Thu, 13 Nov 2014 12:50:50 -0800 Subject: [PATCH] #20526: Adding Preview permissions Work Item: 20526 --- .../Contents/Controllers/ItemController.cs | 6 +---- .../Core/Contents/DynamicPermissions.cs | 6 ++++- src/Orchard.Web/Core/Contents/Permissions.cs | 16 +++++++----- .../Security/AuthorizationEventHandler.cs | 3 +++ ...Parts.Contents.Publish.SummaryAdmin.cshtml | 16 +++++++----- .../Drivers/ContentPermissionsPartDriver.cs | 22 ++++++++++++++++ .../Models/ContentPermissionsPart.cs | 10 ++++++++ ...ermissionsPartAuthorizationEventHandler.cs | 4 +++ ...leContentItemsAuthorizationEventHandler.cs | 3 +++ .../Services/DynamicPermissions.cs | 7 +++++- .../ContentPermissionsPartSettings.cs | 22 ++++++++++++++++ .../ContentPermissionsPartViewModel.cs | 2 ++ .../ContentPermissionsPartViewModel.cshtml | 25 ++++++++++++++++--- .../Parts.ContentPermissions.cshtml | 25 ++++++++++++++++--- 14 files changed, 140 insertions(+), 27 deletions(-) diff --git a/src/Orchard.Web/Core/Contents/Controllers/ItemController.cs b/src/Orchard.Web/Core/Contents/Controllers/ItemController.cs index 68dc0e186..38b1c4240 100644 --- a/src/Orchard.Web/Core/Contents/Controllers/ItemController.cs +++ b/src/Orchard.Web/Core/Contents/Controllers/ItemController.cs @@ -57,11 +57,7 @@ namespace Orchard.Core.Contents.Controllers { if (contentItem == null) return HttpNotFound(); - if (!Services.Authorizer.Authorize(Permissions.ViewContent, contentItem, T("Cannot preview content"))) { - return new HttpUnauthorizedResult(); - } - - if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot preview content"))) { + if (!Services.Authorizer.Authorize(Permissions.PreviewContent, contentItem, T("Cannot preview content"))) { return new HttpUnauthorizedResult(); } diff --git a/src/Orchard.Web/Core/Contents/DynamicPermissions.cs b/src/Orchard.Web/Core/Contents/DynamicPermissions.cs index 02f2c9b5c..a015e59bd 100644 --- a/src/Orchard.Web/Core/Contents/DynamicPermissions.cs +++ b/src/Orchard.Web/Core/Contents/DynamicPermissions.cs @@ -17,6 +17,8 @@ namespace Orchard.Core.Contents { private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } }; private static readonly Permission ViewContent = new Permission { Description = "View {0} by others", Name = "View_{0}", ImpliedBy = new[] { EditContent, Permissions.ViewContent } }; private static readonly Permission ViewOwnContent = new Permission { Description = "View own {0}", Name = "ViewOwn_{0}", ImpliedBy = new[] { ViewContent, Permissions.ViewOwnContent } }; + private static readonly Permission PreviewContent = new Permission { Description = "Preview {0} by others", Name = "Preview_{0}", ImpliedBy = new[] { EditContent, Permissions.PreviewContent } }; + private static readonly Permission PreviewOwnContent = new Permission { Description = "Preview own {0}", Name = "PreviewOwn_{0}", ImpliedBy = new[] { PreviewContent, Permissions.PreviewOwnContent } }; public static readonly Dictionary PermissionTemplates = new Dictionary { {Permissions.PublishContent.Name, PublishContent}, @@ -26,7 +28,9 @@ namespace Orchard.Core.Contents { {Permissions.DeleteContent.Name, DeleteContent}, {Permissions.DeleteOwnContent.Name, DeleteOwnContent}, {Permissions.ViewContent.Name, ViewContent}, - {Permissions.ViewOwnContent.Name, ViewOwnContent} + {Permissions.ViewOwnContent.Name, ViewOwnContent}, + {Permissions.PreviewContent.Name, PreviewContent}, + {Permissions.PreviewOwnContent.Name, PreviewOwnContent} }; private readonly IContentDefinitionManager _contentDefinitionManager; diff --git a/src/Orchard.Web/Core/Contents/Permissions.cs b/src/Orchard.Web/Core/Contents/Permissions.cs index 115b33e34..ef8b756bd 100644 --- a/src/Orchard.Web/Core/Contents/Permissions.cs +++ b/src/Orchard.Web/Core/Contents/Permissions.cs @@ -16,6 +16,8 @@ namespace Orchard.Core.Contents { public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } }; public static readonly Permission ViewContent = new Permission { Description = "View all content", Name = "ViewContent", ImpliedBy = new[] { EditContent } }; public static readonly Permission ViewOwnContent = new Permission { Description = "View own content", Name = "ViewOwnContent", ImpliedBy = new[] { ViewContent } }; + public static readonly Permission PreviewContent = new Permission { Description = "Preview content", Name = "PreviewContent", ImpliedBy = new[] { EditContent, PublishContent } }; + public static readonly Permission PreviewOwnContent = new Permission { Description = "Preview own content", Name = "PreviewOwnContent", ImpliedBy = new[] { PreviewContent } }; public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } }; @@ -31,7 +33,9 @@ namespace Orchard.Core.Contents { DeleteOwnContent, DeleteContent, ViewContent, - ViewOwnContent + ViewOwnContent, + PreviewOwnContent, + PreviewContent }; } @@ -39,22 +43,22 @@ namespace Orchard.Core.Contents { return new[] { new PermissionStereotype { Name = "Administrator", - Permissions = new[] {PublishContent,EditContent,DeleteContent} + Permissions = new[] {PublishContent,EditContent,DeleteContent,PreviewContent} }, new PermissionStereotype { Name = "Editor", - Permissions = new[] {PublishContent,EditContent,DeleteContent} + Permissions = new[] {PublishContent,EditContent,DeleteContent,PreviewContent} }, new PermissionStereotype { - Name = "Moderator", + Name = "Moderator" }, new PermissionStereotype { Name = "Author", - Permissions = new[] {PublishOwnContent,EditOwnContent,DeleteOwnContent} + Permissions = new[] {PublishOwnContent,EditOwnContent,DeleteOwnContent,PreviewOwnContent} }, new PermissionStereotype { Name = "Contributor", - Permissions = new[] {EditOwnContent} + Permissions = new[] {EditOwnContent,PreviewOwnContent} }, new PermissionStereotype { Name = "Authenticated", diff --git a/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs b/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs index 9dcadc4cc..47e34a6d9 100644 --- a/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs +++ b/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs @@ -60,6 +60,9 @@ namespace Orchard.Core.Contents.Security { return Permissions.DeleteOwnContent; if (permission.Name == Permissions.ViewContent.Name) return Permissions.ViewOwnContent; + if (permission.Name == Permissions.PreviewContent.Name) + return Permissions.PreviewOwnContent; + return null; } diff --git a/src/Orchard.Web/Core/Contents/Views/Parts.Contents.Publish.SummaryAdmin.cshtml b/src/Orchard.Web/Core/Contents/Views/Parts.Contents.Publish.SummaryAdmin.cshtml index 053d06a00..219e60c78 100644 --- a/src/Orchard.Web/Core/Contents/Views/Parts.Contents.Publish.SummaryAdmin.cshtml +++ b/src/Orchard.Web/Core/Contents/Views/Parts.Contents.Publish.SummaryAdmin.cshtml @@ -12,10 +12,12 @@ if (contentPart.HasDraft()) { if (Authorizer.Authorize(Permissions.PublishContent, contentPart)) { - @Html.Link(T("Publish Draft").Text, Url.Action("Publish", "Admin", new { area = "Contents", id = contentPart.ContentItem.Id, returnUrl = Request.ToUrlString() }), new { itemprop = "UnsafeUrl" }) + @Html.Link(T("Publish Draft").Text, Url.Action("Publish", "Admin", new {area = "Contents", id = contentPart.ContentItem.Id, returnUrl = Request.ToUrlString()}), new {itemprop = "UnsafeUrl"}) @T(" | ") - - @Html.ActionLink(T("Preview").Text, "Display", "Item", new {area = "Contents", id = ((ContentItem) Model.ContentPart.ContentItem).Id, version = ((ContentItem)Model.ContentPart.ContentItem).Version }, new {}) + } + + if (Authorizer.Authorize(Permissions.PreviewContent, contentPart)) { + @Html.ActionLink(T("Preview").Text, "Display", "Item", new { area = "Contents", id = ((ContentItem)Model.ContentPart.ContentItem).Id, version = ((ContentItem)Model.ContentPart.ContentItem).Version }, new { }) @T(" | ") } } @@ -25,9 +27,11 @@ @T(" | ") } } else { - if ( contentPart.HasDraft() ) { - @Html.ActionLink(T("Preview").Text, "Display", "Item", new { area = "Contents", id = ((ContentItem)Model.ContentPart.ContentItem).Id, version = ((ContentItem)Model.ContentPart.ContentItem).Version }, new { }) - @T(" | ") + if (contentPart.HasDraft()) { + if (Authorizer.Authorize(Permissions.PreviewContent, contentPart)) { + @Html.ActionLink(T("Preview").Text, "Display", "Item", new { area = "Contents", id = ((ContentItem)Model.ContentPart.ContentItem).Id, version = ((ContentItem)Model.ContentPart.ContentItem).Version }, new { }) + @T(" | ") + } } if (Authorizer.Authorize(Permissions.PublishContent, contentPart)) { diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs index 5e3fcf9af..c64e3b779 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs @@ -60,6 +60,8 @@ namespace Orchard.ContentPermissions.Drivers { EditOwn = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.EditOwnContent, UserSimulation.Create(x), null) }).ToList()), Delete = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteContent, UserSimulation.Create(x), null) }).ToList()), DeleteOwn = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteOwnContent, UserSimulation.Create(x), null) }).ToList()), + Preview = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewContent, UserSimulation.Create(x), null) }).ToList()), + PreviewOwn = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewOwnContent, UserSimulation.Create(x), null) }).ToList()), DisplayedRoles = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = true }).ToList()), }; } @@ -77,6 +79,8 @@ namespace Orchard.ContentPermissions.Drivers { EditOwnRoles= ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.EditOwn), DeleteRoles= ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.Delete), DeleteOwnRoles= ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.DeleteOwn), + PreviewRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.Preview), + PreviewOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.PreviewOwn), AllRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.DisplayedRoles) }; } @@ -90,6 +94,8 @@ namespace Orchard.ContentPermissions.Drivers { EditOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, part.EditOwnContent), DeleteRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, part.DeleteContent), DeleteOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, part.DeleteOwnContent), + PreviewRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, part.PreviewContent), + PreviewOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, part.PreviewOwnContent), AllRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.DisplayedRoles) }; } @@ -103,6 +109,8 @@ namespace Orchard.ContentPermissions.Drivers { model.EditOwnRoles = model.EditOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.EditOwnContent, part.ContentItem), Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.EditOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); model.DeleteRoles = model.DeleteRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.DeleteContent, part.ContentItem), Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteContent, UserSimulation.Create(x.Role), null) }).ToList(); model.DeleteOwnRoles = model.DeleteOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.DeleteOwnContent, part.ContentItem), Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); + model.PreviewRoles = model.PreviewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.PreviewContent, part.ContentItem), Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewContent, UserSimulation.Create(x.Role), null) }).ToList(); + model.PreviewOwnRoles = model.PreviewOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.PreviewOwnContent, part.ContentItem), Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); model.Enabled = part.Enabled; @@ -129,6 +137,8 @@ namespace Orchard.ContentPermissions.Drivers { part.EditOwnContent = ContentPermissionsPartViewModel.SerializePermissions(model.EditOwnRoles); part.DeleteContent = ContentPermissionsPartViewModel.SerializePermissions(model.DeleteRoles); part.DeleteOwnContent = ContentPermissionsPartViewModel.SerializePermissions(model.DeleteOwnRoles); + part.PreviewContent = ContentPermissionsPartViewModel.SerializePermissions(model.PreviewRoles); + part.PreviewOwnContent = ContentPermissionsPartViewModel.SerializePermissions(model.PreviewOwnRoles); var settings = part.Settings.TryGetModel(); @@ -144,10 +154,12 @@ namespace Orchard.ContentPermissions.Drivers { context.Element(part.PartDefinition.Name).SetAttributeValue("EditContent", part.EditContent); context.Element(part.PartDefinition.Name).SetAttributeValue("PublishContent", part.PublishContent); context.Element(part.PartDefinition.Name).SetAttributeValue("DeleteContent", part.DeleteContent); + context.Element(part.PartDefinition.Name).SetAttributeValue("PreviewContent", part.PreviewContent); context.Element(part.PartDefinition.Name).SetAttributeValue("ViewOwnContent", part.ViewOwnContent); context.Element(part.PartDefinition.Name).SetAttributeValue("EditOwnContent", part.EditOwnContent); context.Element(part.PartDefinition.Name).SetAttributeValue("PublishOwnContent", part.PublishOwnContent); context.Element(part.PartDefinition.Name).SetAttributeValue("DeleteOwnContent", part.DeleteOwnContent); + context.Element(part.PartDefinition.Name).SetAttributeValue("PreviewOwnContent", part.PreviewOwnContent); } protected override void Importing(ContentPermissionsPart part, ImportContentContext context) { @@ -156,10 +168,12 @@ namespace Orchard.ContentPermissions.Drivers { context.ImportAttribute(part.PartDefinition.Name, "EditContent", s => part.EditContent = s); context.ImportAttribute(part.PartDefinition.Name, "PublishContent", s => part.PublishContent = s); context.ImportAttribute(part.PartDefinition.Name, "DeleteContent", s => part.DeleteContent = s); + context.ImportAttribute(part.PartDefinition.Name, "PreviewContent", s => part.PreviewContent = s); context.ImportAttribute(part.PartDefinition.Name, "ViewOwnContent", s => part.ViewOwnContent = s); context.ImportAttribute(part.PartDefinition.Name, "EditOwnContent", s => part.EditOwnContent = s); context.ImportAttribute(part.PartDefinition.Name, "PublishOwnContent", s => part.PublishOwnContent = s); context.ImportAttribute(part.PartDefinition.Name, "DeleteOwnContent", s => part.DeleteOwnContent = s); + context.ImportAttribute(part.PartDefinition.Name, "PreviewOwnContent", s => part.PreviewOwnContent = s); } private void OverrideDefaultPermissions(ContentPermissionsPart part, List allRoles, ContentPermissionsPartSettings settings) { @@ -195,6 +209,14 @@ namespace Orchard.ContentPermissions.Drivers { if (!_authorizer.Authorize(Core.Contents.Permissions.DeleteOwnContent, part.ContentItem)) { part.DeleteOwnContent = settings == null ? ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry {Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteOwnContent, UserSimulation.Create(x), null)})) : settings.DeleteOwn; } + + if (!_authorizer.Authorize(Core.Contents.Permissions.PreviewContent, part.ContentItem)) { + part.PreviewContent = settings == null ? ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry {Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewContent, UserSimulation.Create(x), null)})) : settings.Preview; + } + + if (!_authorizer.Authorize(Core.Contents.Permissions.PreviewOwnContent, part.ContentItem)) { + part.PreviewOwnContent = settings == null ? ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry {Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewOwnContent, UserSimulation.Create(x), null)})) : settings.PreviewOwn; + } } } } diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Models/ContentPermissionsPart.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Models/ContentPermissionsPart.cs index 6ddee5d40..eb5a13474 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Models/ContentPermissionsPart.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Models/ContentPermissionsPart.cs @@ -49,5 +49,15 @@ namespace Orchard.ContentPermissions.Models { get { return this.Retrieve(x => x.DeleteOwnContent); } set { this.Store(x => x.DeleteOwnContent, value); } } + + public string PreviewContent { + get { return this.Retrieve(x => x.PreviewContent); } + set { this.Store(x => x.PreviewContent, value); } + } + + public string PreviewOwnContent { + get { return this.Retrieve(x => x.PreviewOwnContent); } + set { this.Store(x => x.PreviewOwnContent, value); } + } } } diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/ContentPermissionsPartAuthorizationEventHandler.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/ContentPermissionsPartAuthorizationEventHandler.cs index 8d9cf1cad..415247090 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/ContentPermissionsPartAuthorizationEventHandler.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/ContentPermissionsPartAuthorizationEventHandler.cs @@ -70,6 +70,10 @@ namespace Orchard.ContentPermissions.Security { { authorizedRoles = (hasOwnership ? part.DeleteOwnContent : part.DeleteContent).Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries); } + else if (grantingPermissions.Any(grantingPermission => String.Equals(Core.Contents.Permissions.PreviewContent.Name, grantingPermission, StringComparison.OrdinalIgnoreCase))) + { + authorizedRoles = (hasOwnership ? part.PreviewOwnContent : part.PreviewContent).Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries); + } else { return; diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/SecurableContentItemsAuthorizationEventHandler.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/SecurableContentItemsAuthorizationEventHandler.cs index 1b841283f..e2751fa12 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/SecurableContentItemsAuthorizationEventHandler.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Security/SecurableContentItemsAuthorizationEventHandler.cs @@ -71,6 +71,9 @@ namespace Orchard.ContentPermissions.Security { return Orchard.Core.Contents.Permissions.DeleteOwnContent; if (permission.Name == Orchard.Core.Contents.Permissions.ViewContent.Name) return Orchard.Core.Contents.Permissions.ViewOwnContent; + if (permission.Name == Orchard.Core.Contents.Permissions.PreviewContent.Name) + return Orchard.Core.Contents.Permissions.PreviewOwnContent; + return null; } diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Services/DynamicPermissions.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Services/DynamicPermissions.cs index f95dd974d..8cd51bc21 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Services/DynamicPermissions.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Services/DynamicPermissions.cs @@ -18,6 +18,9 @@ namespace Orchard.ContentPermissions.Services { private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Orchard.Core.Contents.Permissions.DeleteOwnContent } }; private static readonly Permission ViewContent = new Permission { Description = "View {0} by others", Name = "View_{0}", ImpliedBy = new[] { EditContent, Orchard.Core.Contents.Permissions.ViewContent } }; private static readonly Permission ViewOwnContent = new Permission { Description = "View own {0}", Name = "ViewOwn_{0}", ImpliedBy = new[] { ViewContent, Orchard.Core.Contents.Permissions.ViewOwnContent } }; + private static readonly Permission PreviewContent = new Permission { Description = "Preview {0} by others", Name = "Preview_{0}", ImpliedBy = new[] { EditContent, Orchard.Core.Contents.Permissions.PreviewContent } }; + private static readonly Permission PreviewOwnContent = new Permission { Description = "Preview own {0}", Name = "PreviewOwn_{0}", ImpliedBy = new[] { PreviewContent, Orchard.Core.Contents.Permissions.PreviewOwnContent } }; + public static readonly Dictionary PermissionTemplates = new Dictionary { {Orchard.Core.Contents.Permissions.PublishContent.Name, PublishContent}, @@ -27,7 +30,9 @@ namespace Orchard.ContentPermissions.Services { {Orchard.Core.Contents.Permissions.DeleteContent.Name, DeleteContent}, {Orchard.Core.Contents.Permissions.DeleteOwnContent.Name, DeleteOwnContent}, {Orchard.Core.Contents.Permissions.ViewContent.Name, ViewContent}, - {Orchard.Core.Contents.Permissions.ViewOwnContent.Name, ViewOwnContent} + {Orchard.Core.Contents.Permissions.ViewOwnContent.Name, ViewOwnContent}, + {Orchard.Core.Contents.Permissions.PreviewContent.Name, PreviewContent}, + {Orchard.Core.Contents.Permissions.PreviewOwnContent.Name, PreviewOwnContent} }; private readonly IContentDefinitionManager _contentDefinitionManager; diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Settings/ContentPermissionsPartSettings.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Settings/ContentPermissionsPartSettings.cs index 9ea51ffeb..7f691ff7e 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Settings/ContentPermissionsPartSettings.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Settings/ContentPermissionsPartSettings.cs @@ -20,6 +20,8 @@ namespace Orchard.ContentPermissions.Settings { public string EditOwn { get; set; } public string Delete { get; set; } public string DeleteOwn { get; set; } + public string Preview { get; set; } + public string PreviewOwn { get; set; } public string DisplayedRoles { get; set; } } @@ -63,6 +65,8 @@ namespace Orchard.ContentPermissions.Settings { EditOwn = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.EditOwnContent, UserSimulation.Create(x), null) })), Delete = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteContent, UserSimulation.Create(x), null) })), DeleteOwn = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteOwnContent, UserSimulation.Create(x), null) })), + Preview = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewContent, UserSimulation.Create(x), null) })), + PreviewOwn = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role =x, Checked = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewOwnContent, UserSimulation.Create(x), null) })), DisplayedRoles = ContentPermissionsPartViewModel.SerializePermissions(allRoles.Select(x => new RoleEntry { Role = x, Checked = true })), }; } @@ -76,6 +80,8 @@ namespace Orchard.ContentPermissions.Settings { EditOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.EditOwn), DeleteRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.Delete), DeleteOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.DeleteOwn), + PreviewRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.Preview), + PreviewOwnRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.PreviewOwn), AllRoles = ContentPermissionsPartViewModel.ExtractRoleEntries(allRoles, settings.DisplayedRoles) }; @@ -88,6 +94,8 @@ namespace Orchard.ContentPermissions.Settings { model.EditOwnRoles = model.EditOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.EditOwnContent) }).ToList(); model.DeleteRoles = model.DeleteRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.DeleteContent) }).ToList(); model.DeleteOwnRoles = model.DeleteOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.DeleteOwnContent) }).ToList(); + model.PreviewRoles = model.PreviewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.PreviewContent) }).ToList(); + model.PreviewOwnRoles = model.PreviewOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.PreviewOwnContent) }).ToList(); // initialize default value model.ViewRoles = model.ViewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.ViewContent, UserSimulation.Create(x.Role), null) }).ToList(); @@ -98,6 +106,8 @@ namespace Orchard.ContentPermissions.Settings { model.EditOwnRoles = model.EditOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.EditOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); model.DeleteRoles = model.DeleteRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteContent, UserSimulation.Create(x.Role), null) }).ToList(); model.DeleteOwnRoles = model.DeleteOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); + model.PreviewRoles = model.PreviewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewContent, UserSimulation.Create(x.Role), null) }).ToList(); + model.PreviewOwnRoles = model.PreviewOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); yield return DefinitionTemplate(model); } @@ -149,6 +159,14 @@ namespace Orchard.ContentPermissions.Settings { builder.WithSetting("ContentPermissionsPartSettings.DeleteOwn", ContentPermissionsPartViewModel.SerializePermissions(model.DeleteOwnRoles)); } + if (_authorizer.Authorize(Core.Contents.Permissions.PreviewContent)) { + builder.WithSetting("ContentPermissionsPartSettings.Preview", ContentPermissionsPartViewModel.SerializePermissions(model.PreviewRoles)); + } + + if (_authorizer.Authorize(Core.Contents.Permissions.PreviewOwnContent)) { + builder.WithSetting("ContentPermissionsPartSettings.PreviewOwn", ContentPermissionsPartViewModel.SerializePermissions(model.PreviewOwnRoles)); + } + builder.WithSetting("ContentPermissionsPartSettings.DisplayedRoles", ContentPermissionsPartViewModel.SerializePermissions(model.AllRoles)); // disable permissions the current user doesn't have @@ -160,6 +178,8 @@ namespace Orchard.ContentPermissions.Settings { model.EditOwnRoles = model.EditOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.EditOwnContent) }).ToList(); model.DeleteRoles = model.DeleteRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.DeleteContent) }).ToList(); model.DeleteOwnRoles = model.DeleteOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.DeleteOwnContent) }).ToList(); + model.PreviewRoles = model.PreviewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.PreviewContent) }).ToList(); + model.PreviewOwnRoles = model.PreviewOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = _authorizer.Authorize(Core.Contents.Permissions.PreviewOwnContent) }).ToList(); // initialize default value model.ViewRoles = model.ViewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.ViewContent, UserSimulation.Create(x.Role), null) }).ToList(); @@ -170,6 +190,8 @@ namespace Orchard.ContentPermissions.Settings { model.EditOwnRoles = model.EditOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.EditOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); model.DeleteRoles = model.DeleteRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteContent, UserSimulation.Create(x.Role), null) }).ToList(); model.DeleteOwnRoles = model.DeleteOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.DeleteOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); + model.PreviewRoles = model.PreviewRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewContent, UserSimulation.Create(x.Role), null) }).ToList(); + model.PreviewOwnRoles = model.PreviewOwnRoles.Select(x => new RoleEntry { Role = x.Role, Checked = x.Checked, Enabled = x.Enabled, Default = _authorizationService.TryCheckAccess(Core.Contents.Permissions.PreviewOwnContent, UserSimulation.Create(x.Role), null) }).ToList(); yield return DefinitionTemplate(model); } diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/ViewModels/ContentPermissionsPartViewModel.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/ViewModels/ContentPermissionsPartViewModel.cs index 8fde81da0..9599d0507 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/ViewModels/ContentPermissionsPartViewModel.cs +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/ViewModels/ContentPermissionsPartViewModel.cs @@ -17,6 +17,8 @@ namespace Orchard.ContentPermissions.ViewModels { public IList EditOwnRoles { get; set; } public IList DeleteRoles { get; set; } public IList DeleteOwnRoles { get; set; } + public IList PreviewRoles { get; set; } + public IList PreviewOwnRoles { get; set; } public static IList ExtractRoleEntries(IEnumerable allRoles, string allowed) { if(String.IsNullOrWhiteSpace(allowed)) { diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/DefinitionTemplates/ContentPermissionsPartViewModel.cshtml b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/DefinitionTemplates/ContentPermissionsPartViewModel.cshtml index b318e1c74..c0ae8d8e1 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/DefinitionTemplates/ContentPermissionsPartViewModel.cshtml +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/DefinitionTemplates/ContentPermissionsPartViewModel.cshtml @@ -15,6 +15,7 @@

@T("Edit any content")

@T("Publish any content")

@T("Delete any content")

+

@T("Preview any content")

@foreach (var r in Model.AllRoles.Select((x, i) => new { Index = i, Name = x.Role })) { @@ -49,6 +50,13 @@ @Html.HiddenFor(m => m.DeleteRoles[role.Index].Role) + + + @Html.HiddenFor(m => m.PreviewRoles[role.Index].Role) + } @@ -59,6 +67,7 @@

@T("Edit own content")

@T("Publish own content")

@T("Delete own content")

+

@T("Preview own content")

@foreach (var r in Model.AllRoles.Select((x, i) => new { Index = i, Name = x.Role })) { @@ -88,10 +97,18 @@ - @Html.HiddenFor(m => m.DeleteOwnRoles[role.Index].Role) + x.Role == role.Name && x.Default)) { checked="checked" } title="Default value" /> + x.Role == role.Name && x.Checked)) { checked="checked" } name="@Html.FieldNameFor(m => m.DeleteOwnRoles[role.Index].Checked)" id="@Html.FieldIdFor(m => m.DeleteOwnRoles[role.Index].Checked)" @if (!Model.DeleteOwnRoles[role.Index].Enabled) { disabled="disabled" } /> + + @Html.HiddenFor(m => m.DeleteOwnRoles[role.Index].Role) + + + + @Html.HiddenFor(m => m.PreviewOwnRoles[role.Index].Role) + } diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/EditorTemplates/Parts.ContentPermissions.cshtml b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/EditorTemplates/Parts.ContentPermissions.cshtml index 7a476dfb7..89b73cd4c 100644 --- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/EditorTemplates/Parts.ContentPermissions.cshtml +++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Views/EditorTemplates/Parts.ContentPermissions.cshtml @@ -21,6 +21,7 @@

@T("Edit this item")

@T("Publish this item")

@T("Delete this item")

+

@T("Preview this item")

@foreach (var r in Model.AllRoles.Select((x, i) => new { Index = i, Name = x.Role, x.Checked })) { @@ -55,6 +56,13 @@ @Html.HiddenFor(m => m.DeleteRoles[role.Index].Role) + + + @Html.HiddenFor(m => m.PreviewRoles[role.Index].Role) + } @@ -65,6 +73,7 @@

@T("Edit own")

@T("Publish own")

@T("Delete own")

+

@T("Preview own")

@foreach (var r in Model.AllRoles.Select((x, i) => new { Index = i, Name = x.Role, x.Checked })) { @@ -94,10 +103,18 @@ - @Html.HiddenFor(m => m.DeleteOwnRoles[role.Index].Role) + x.Role == role.Name && x.Default)) { checked="checked" } title="Current value" /> + x.Role == role.Name && x.Checked)) { checked="checked" } name="@Html.FieldNameFor(m => m.DeleteOwnRoles[role.Index].Checked)" id="@Html.FieldIdFor(m => m.DeleteOwnRoles[role.Index].Checked)" @if (!Model.DeleteOwnRoles[role.Index].Enabled) { disabled="disabled" } /> + + @Html.HiddenFor(m => m.DeleteOwnRoles[role.Index].Role) + + + + @Html.HiddenFor(m => m.PreviewOwnRoles[role.Index].Role) + }