lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

- Fixing some broken unit tests (due to Localizer/Authorize changes).

Browse Source 
- Refactoring Media module (Authorize,Localize).
- Minor cleanup...

--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4040469
This commit is contained in:
suhacan
2009-11-14 21:34:37 +00:00
parent 7cb77e9870
commit 5f659dbedb
10 changed files with 56 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Packages/Orchard.CmsPages/Controllers/AdminController.cs
View File

@@ -127,7 +127,7 @@ namespace Orchard.CmsPages.Controllers {
break;
case PageIndexBulkAction.Unpublish:
if (!_authorizer.Authorize(Permissions.UnpublishPages, T("Couldn't publish page")))
if (!_authorizer.Authorize(Permissions.UnpublishPages, T("Couldn't unpublish page")))
return new HttpUnauthorizedResult();
foreach (PageEntry entry in checkedEntries) {

83
src/Orchard.Web/Packages/Orchard.Media/Controllers/AdminController.cs
View File

@@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.Web;
using System.Web.Mvc;
using Orchard.Localization;
using Orchard.Media.Models;
using Orchard.Media.Services;
using Orchard.Media.ViewModels;
@@ -12,12 +13,12 @@ namespace Orchard.Media.Controllers {
[ValidateInput(false)]
public class AdminController : Controller {
private readonly IMediaService _mediaService;
private readonly IAuthorizationService _authorizationService;
private readonly IAuthorizer _authorizer;
private readonly INotifier _notifier;
public AdminController(IMediaService mediaService, IAuthorizationService authorizationService, INotifier notifier) {
public AdminController(IMediaService mediaService, IAuthorizer authorizer, INotifier notifier) {
_mediaService = mediaService;
_authorizationService = authorizationService;
_authorizer = authorizer;
_notifier = notifier;
}
@@ -25,6 +26,8 @@ namespace Orchard.Media.Controllers {
// See Orchard.Security.SecurityModule.
public IUser CurrentUser { get; set; }
public Localizer T { get; set; }
public ActionResult Index() {
// Root media folders
IEnumerable<MediaFolder> mediaFolders = _mediaService.GetMediaFolders(null);
@@ -58,13 +61,8 @@ namespace Orchard.Media.Controllers {
var viewModel = new MediaFolderCreateViewModel();
try {
UpdateModel(viewModel, input.ToValueProvider());
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.CreateMediaFolder)) {
_notifier.Error("Couldn't create media folder, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.CreateMediaFolder.Name);
//return new HttpUnauthorizedResult();
return View(viewModel);
}
if (!_authorizer.Authorize(Permissions.CreateMediaFolder, T("Couldn't create media folder")))
return new HttpUnauthorizedResult();
_mediaService.CreateFolder(viewModel.MediaPath, viewModel.Name);
return RedirectToAction("Index");
}
@@ -88,25 +86,15 @@ namespace Orchard.Media.Controllers {
if (key.StartsWith("Checkbox.File.") && input[key] == "true") {
string fileName = key.Substring("Checkbox.File.".Length);
string folderName = input[fileName];
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.DeleteMedia)) {
_notifier.Error("Couldn't delete media file, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.DeleteMedia.Name);
//return new HttpUnauthorizedResult();
return RedirectToAction("Index");
}
if (!_authorizer.Authorize(Permissions.DeleteMedia, T("Couldn't delete media file")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFile(fileName, folderName);
}
else if (key.StartsWith("Checkbox.Folder.") && input[key] == "true") {
string folderName = key.Substring("Checkbox.Folder.".Length);
string folderPath = input[folderName];
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.DeleteMediaFolder)) {
_notifier.Error("Couldn't delete media folder, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.DeleteMediaFolder.Name);
//return new HttpUnauthorizedResult();
return RedirectToAction("Index");
}
if (!_authorizer.Authorize(Permissions.DeleteMediaFolder, T("Couldn't delete media folder")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFolder(folderPath);
}
}
@@ -131,24 +119,14 @@ namespace Orchard.Media.Controllers {
//TODO: There may be better ways to do this.
// Delete
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.DeleteMediaFolder)) {
_notifier.Error("Couldn't delete media folder, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.DeleteMediaFolder.Name);
//return new HttpUnauthorizedResult();
return View(viewModel);
}
if (!_authorizer.Authorize(Permissions.DeleteMediaFolder, T("Couldn't delete media folder")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFolder(viewModel.MediaPath);
}
// Save
else {
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.RenameMediaFolder)) {
_notifier.Error("Couldn't rename media folder, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.RenameMediaFolder.Name);
//return new HttpUnauthorizedResult();
return View(viewModel);
}
if (!_authorizer.Authorize(Permissions.RenameMediaFolder, T("Couldn't rename media folder")))
return new HttpUnauthorizedResult();
_mediaService.RenameFolder(viewModel.MediaPath, viewModel.Name);
}
@@ -170,14 +148,8 @@ namespace Orchard.Media.Controllers {
var viewModel = new MediaItemAddViewModel();
try {
UpdateModel(viewModel, input.ToValueProvider());
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.UploadMedia)) {
_notifier.Error("Couldn't upload media file, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.UploadMedia.Name);
//return new HttpUnauthorizedResult();
return View(viewModel);
}
if (!_authorizer.Authorize(Permissions.UploadMedia, T("Couldn't upload media file")))
return new HttpUnauthorizedResult();
foreach (string fileName in Request.Files) {
HttpPostedFileBase file = Request.Files[fileName];
@@ -208,23 +180,12 @@ namespace Orchard.Media.Controllers {
var viewModel = new MediaItemEditViewModel();
try {
UpdateModel(viewModel, input.ToValueProvider());
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.ModifyMedia)) {
_notifier.Error("Couldn't modify media file, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.ModifyMedia.Name);
//return new HttpUnauthorizedResult();
return View(viewModel);
}
//TODO: There may be better ways to do this.
if (!_authorizer.Authorize(Permissions.ModifyMedia, T("Couldn't modify media file")))
return new HttpUnauthorizedResult();
// Delete
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
if (!_authorizationService.CheckAccess(CurrentUser, Permissions.DeleteMedia)) {
_notifier.Error("Couldn't delete media file, user " +
(CurrentUser != null ? CurrentUser.UserName : String.Empty) + " doesn't have " +
Permissions.DeleteMedia.Name);
//return new HttpUnauthorizedResult();
return View(viewModel);
}
if (!_authorizer.Authorize(Permissions.DeleteMedia, T("Couldn't delete media file")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFile(viewModel.Name, viewModel.MediaPath);
return RedirectToAction("Edit", new { name = viewModel.FolderName, mediaPath = viewModel.MediaPath });
}

2
src/Orchard.Web/Packages/Orchard.Media/Views/Admin/EditMedia.aspx
View File

@@ -7,7 +7,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>Create Media Folder</title>
<title>Edit Media File</title>
<% Html.Include("Head"); %>
</head>
<body>