mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2026-02-09 09:16:41 +08:00
Refactoring permissions. First stage is renaming and collapsing some fine-grained permissions.
--HG-- extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4045742
This commit is contained in:
@@ -11,7 +11,9 @@ namespace Orchard.Core.Common {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new[] { ChangeOwner };
|
return new Permission[] {
|
||||||
|
ChangeOwner,
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
||||||
|
|||||||
@@ -109,6 +109,7 @@
|
|||||||
<Compile Include="Scheduling\Services\ScheduledTaskExecutor.cs" />
|
<Compile Include="Scheduling\Services\ScheduledTaskExecutor.cs" />
|
||||||
<Compile Include="Scheduling\Models\Task.cs" />
|
<Compile Include="Scheduling\Models\Task.cs" />
|
||||||
<Compile Include="Settings\Controllers\SiteSettingsDriver.cs" />
|
<Compile Include="Settings\Controllers\SiteSettingsDriver.cs" />
|
||||||
|
<Compile Include="Settings\Permissions.cs" />
|
||||||
<Compile Include="Themes\Services\AdminThemeSelector.cs" />
|
<Compile Include="Themes\Services\AdminThemeSelector.cs" />
|
||||||
<Compile Include="Themes\Services\SafeModeThemeSelector.cs" />
|
<Compile Include="Themes\Services\SafeModeThemeSelector.cs" />
|
||||||
<Compile Include="Settings\AdminMenu.cs" />
|
<Compile Include="Settings\AdminMenu.cs" />
|
||||||
|
|||||||
29
src/Orchard.Web/Core/Settings/Permissions.cs
Normal file
29
src/Orchard.Web/Core/Settings/Permissions.cs
Normal file
@@ -0,0 +1,29 @@
|
|||||||
|
using System.Collections.Generic;
|
||||||
|
using Orchard.Security.Permissions;
|
||||||
|
|
||||||
|
namespace Orchard.Core.Settings {
|
||||||
|
public class Permissions : IPermissionProvider {
|
||||||
|
public static readonly Permission ManageSettings = new Permission { Name = "ManageSettings", Description = "Manage site settings" };
|
||||||
|
public static readonly Permission ChangeSuperuser = new Permission { Name = "ChangeSuperuser", Description = "Change the superuser for the site" };
|
||||||
|
|
||||||
|
public string PackageName {
|
||||||
|
get { return "Settings"; }
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
|
return new Permission[] {
|
||||||
|
ManageSettings,
|
||||||
|
ChangeSuperuser,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
||||||
|
return new[] {
|
||||||
|
new PermissionStereotype {
|
||||||
|
Name = "Administrators",
|
||||||
|
//Permissions = new[] {ChangeOwner}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -40,7 +40,7 @@ namespace Orchard.Core.Themes.Controllers {
|
|||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Activate(string themeName) {
|
public ActionResult Activate(string themeName) {
|
||||||
try {
|
try {
|
||||||
if (!_authorizer.Authorize(Permissions.SetSiteTheme, T("Couldn't set the current theme")))
|
if (!_authorizer.Authorize(Permissions.ApplyTheme, T("Couldn't set the current theme")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_themeService.SetSiteTheme(themeName);
|
_themeService.SetSiteTheme(themeName);
|
||||||
return RedirectToAction("Index");
|
return RedirectToAction("Index");
|
||||||
@@ -58,7 +58,7 @@ namespace Orchard.Core.Themes.Controllers {
|
|||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Install(FormCollection input) {
|
public ActionResult Install(FormCollection input) {
|
||||||
try {
|
try {
|
||||||
if (!_authorizer.Authorize(Permissions.InstallUninstallTheme, T("Couldn't install theme")))
|
if (!_authorizer.Authorize(Permissions.ManageThemes, T("Couldn't install theme")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
foreach (string fileName in Request.Files) {
|
foreach (string fileName in Request.Files) {
|
||||||
HttpPostedFileBase file = Request.Files[fileName];
|
HttpPostedFileBase file = Request.Files[fileName];
|
||||||
@@ -75,7 +75,7 @@ namespace Orchard.Core.Themes.Controllers {
|
|||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Uninstall(string themeName) {
|
public ActionResult Uninstall(string themeName) {
|
||||||
try {
|
try {
|
||||||
if (!_authorizer.Authorize(Permissions.InstallUninstallTheme, T("Couldn't uninstall theme")))
|
if (!_authorizer.Authorize(Permissions.ManageThemes, T("Couldn't uninstall theme")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_themeService.UninstallTheme(themeName);
|
_themeService.UninstallTheme(themeName);
|
||||||
return RedirectToAction("Index");
|
return RedirectToAction("Index");
|
||||||
|
|||||||
@@ -4,8 +4,8 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Core.Themes {
|
namespace Orchard.Core.Themes {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission InstallUninstallTheme = new Permission { Description = "Installing or Uninstalling Themes", Name = "InstallUninstallTheme" };
|
public static readonly Permission ManageThemes = new Permission { Description = "Manage Themes", Name = "ManageThemes" };
|
||||||
public static readonly Permission SetSiteTheme = new Permission { Description = "Setting the Current Theme", Name = "SetSiteTheme" };
|
public static readonly Permission ApplyTheme = new Permission { Description = "Apply a Theme", Name = "ApplyTheme" };
|
||||||
|
|
||||||
public string PackageName {
|
public string PackageName {
|
||||||
get {
|
get {
|
||||||
@@ -14,9 +14,9 @@ namespace Orchard.Core.Themes {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new List<Permission> {
|
return new Permission[] {
|
||||||
SetSiteTheme,
|
ManageThemes,
|
||||||
InstallUninstallTheme
|
ApplyTheme,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -34,7 +34,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
public ActionResult Create() {
|
public ActionResult Create() {
|
||||||
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
||||||
if (!_authorizer.Authorize(Permissions.CreateBlog, T("Not allowed to create blogs")))
|
if (!_authorizer.Authorize(Permissions.ManageBlogs, T("Not allowed to create blogs")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
Blog blog = _services.ContentManager.New<Blog>("blog");
|
Blog blog = _services.ContentManager.New<Blog>("blog");
|
||||||
@@ -52,7 +52,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Create(CreateBlogViewModel model) {
|
public ActionResult Create(CreateBlogViewModel model) {
|
||||||
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
||||||
if (!_authorizer.Authorize(Permissions.CreateBlog, T("Couldn't create blog")))
|
if (!_authorizer.Authorize(Permissions.ManageBlogs, T("Couldn't create blog")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
model.Blog = _services.ContentManager.UpdateEditorModel(_services.ContentManager.New<Blog>("blog"), this);
|
model.Blog = _services.ContentManager.UpdateEditorModel(_services.ContentManager.New<Blog>("blog"), this);
|
||||||
@@ -71,7 +71,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
public ActionResult Edit(string blogSlug) {
|
public ActionResult Edit(string blogSlug) {
|
||||||
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
||||||
if (!_authorizer.Authorize(Permissions.ModifyBlog, T("Not allowed to edit blog")))
|
if (!_authorizer.Authorize(Permissions.ManageBlogs, T("Not allowed to edit blog")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
@@ -89,7 +89,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Edit(string blogSlug, FormCollection input) {
|
public ActionResult Edit(string blogSlug, FormCollection input) {
|
||||||
if (!_authorizer.Authorize(Permissions.ModifyBlog, T("Couldn't edit blog")))
|
if (!_authorizer.Authorize(Permissions.ManageBlogs, T("Couldn't edit blog")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
@@ -112,7 +112,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Delete(string blogSlug) {
|
public ActionResult Delete(string blogSlug) {
|
||||||
if (!_authorizer.Authorize(Permissions.DeleteBlog, T("Couldn't delete blog")))
|
if (!_authorizer.Authorize(Permissions.ManageBlogs, T("Couldn't delete blog")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
|
|||||||
@@ -32,7 +32,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
public ActionResult Create(string blogSlug) {
|
public ActionResult Create(string blogSlug) {
|
||||||
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
//TODO: (erikpo) Might think about moving this to an ActionFilter/Attribute
|
||||||
if (!_services.Authorizer.Authorize(Permissions.CreatePost, T("Not allowed to create blog post")))
|
if (!_services.Authorizer.Authorize(Permissions.EditBlogPost, T("Not allowed to create blog post")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
@@ -53,7 +53,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Create(string blogSlug, CreateBlogPostViewModel model) {
|
public ActionResult Create(string blogSlug, CreateBlogPostViewModel model) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.CreatePost, T("Couldn't create blog post")))
|
if (!_services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't create blog post")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
@@ -96,7 +96,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public ActionResult Edit(string blogSlug, string postSlug) {
|
public ActionResult Edit(string blogSlug, string postSlug) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.ModifyPost, T("Couldn't edit blog post")))
|
if (!_services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't edit blog post")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
@@ -119,7 +119,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
[HttpPost, ActionName("Edit")]
|
[HttpPost, ActionName("Edit")]
|
||||||
public ActionResult EditPOST(string blogSlug, string postSlug) {
|
public ActionResult EditPOST(string blogSlug, string postSlug) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.ModifyPost, T("Couldn't edit blog post")))
|
if (!_services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't edit blog post")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
bool isDraft = false;
|
bool isDraft = false;
|
||||||
@@ -179,7 +179,8 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Delete(string blogSlug, string postSlug) {
|
public ActionResult Delete(string blogSlug, string postSlug) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.DeletePost, T("Couldn't delete blog post")))
|
//refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published
|
||||||
|
if (!_services.Authorizer.Authorize(Permissions.DeleteBlogPost, T("Couldn't delete blog post")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ using Orchard.Core.Feeds;
|
|||||||
using Orchard.Localization;
|
using Orchard.Localization;
|
||||||
using Orchard.ContentManagement;
|
using Orchard.ContentManagement;
|
||||||
using Orchard.Mvc.Results;
|
using Orchard.Mvc.Results;
|
||||||
|
using Orchard.Security;
|
||||||
|
|
||||||
namespace Orchard.Blogs.Controllers {
|
namespace Orchard.Blogs.Controllers {
|
||||||
public class BlogPostController : Controller {
|
public class BlogPostController : Controller {
|
||||||
@@ -33,7 +34,7 @@ namespace Orchard.Blogs.Controllers {
|
|||||||
|
|
||||||
//TODO: (erikpo) Should think about moving the slug parameters and get calls and null checks up into a model binder or action filter
|
//TODO: (erikpo) Should think about moving the slug parameters and get calls and null checks up into a model binder or action filter
|
||||||
public ActionResult Item(string blogSlug, string postSlug) {
|
public ActionResult Item(string blogSlug, string postSlug) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.ViewPost, T("Couldn't view blog post")))
|
if (!_services.Authorizer.Authorize(StandardPermissions.AccessFrontEnd, T("Couldn't view blog post")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
//TODO: (erikpo) Move looking up the current blog up into a modelbinder
|
||||||
|
|||||||
@@ -4,17 +4,15 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Blogs {
|
namespace Orchard.Blogs {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission ViewPost = new Permission { Description = "Viewing Blog Posts", Name = "ViewPosts" };
|
public static readonly Permission ManageBlogs = new Permission { Description = "Edit blog properties", Name = "ManageBlogs" };//q: Should edit_blog be ManageBlogs?
|
||||||
public static readonly Permission CreatePost = new Permission { Description = "Creating Blog Posts", Name = "CreatePost" };
|
|
||||||
public static readonly Permission CreateDraft = new Permission { Description = "Creating a Draft of a Blog Post", Name = "CreateDraft" };
|
public static readonly Permission EditBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditBlogPost" };
|
||||||
public static readonly Permission ModifyPost = new Permission { Description = "Mofifying a Blog Post", Name = "ModifyPost" };
|
public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost" };
|
||||||
public static readonly Permission DeletePost = new Permission { Description = "Deleting a Blog Post", Name = "DeletePost" };
|
public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post", Name = "PublishBlogPost" };
|
||||||
public static readonly Permission PublishPost = new Permission { Description = "Publishing a Blog Post", Name = "PublishPost" };
|
public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost" };
|
||||||
public static readonly Permission UnpublishPost = new Permission { Description = "Unpublishing a Blog Post", Name = "UnpublishPost" };
|
public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post", Name = "DeleteBlogPost" };
|
||||||
public static readonly Permission SchedulePost = new Permission { Description = "Scheduling a Blog Post", Name = "SchedulePost" };
|
public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost" };
|
||||||
public static readonly Permission CreateBlog = new Permission { Description = "Creating a Blog", Name = "CreateBlog" };
|
|
||||||
public static readonly Permission ModifyBlog = new Permission { Description = "Mofifying a Blog", Name = "ModifyBlog" };
|
|
||||||
public static readonly Permission DeleteBlog = new Permission { Description = "Deleting a Blog", Name = "DeleteBlog" };
|
|
||||||
|
|
||||||
public string PackageName {
|
public string PackageName {
|
||||||
get {
|
get {
|
||||||
@@ -23,18 +21,14 @@ namespace Orchard.Blogs {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new List<Permission> {
|
return new Permission[] {
|
||||||
ViewPost,
|
ManageBlogs,
|
||||||
CreatePost,
|
EditBlogPost,
|
||||||
CreateDraft,
|
EditOthersBlogPost,
|
||||||
ModifyPost,
|
PublishBlogPost,
|
||||||
DeletePost,
|
PublishOthersBlogPost,
|
||||||
PublishPost,
|
DeleteBlogPost,
|
||||||
UnpublishPost,
|
DeleteOthersBlogPost,
|
||||||
SchedulePost,
|
|
||||||
CreateBlog,
|
|
||||||
ModifyBlog,
|
|
||||||
DeleteBlog
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -81,7 +81,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
case CommentIndexBulkAction.None:
|
case CommentIndexBulkAction.None:
|
||||||
break;
|
break;
|
||||||
case CommentIndexBulkAction.MarkAsSpam:
|
case CommentIndexBulkAction.MarkAsSpam:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't moderate comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't moderate comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
//TODO: Transaction
|
//TODO: Transaction
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -89,7 +89,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CommentIndexBulkAction.Pend:
|
case CommentIndexBulkAction.Pend:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't moderate comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't moderate comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
//TODO: Transaction
|
//TODO: Transaction
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -97,7 +97,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CommentIndexBulkAction.Approve:
|
case CommentIndexBulkAction.Approve:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't moderate comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't moderate comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
//TODO: Transaction
|
//TODO: Transaction
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -105,7 +105,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CommentIndexBulkAction.Delete:
|
case CommentIndexBulkAction.Delete:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't delete comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't delete comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -211,7 +211,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
case CommentDetailsBulkAction.None:
|
case CommentDetailsBulkAction.None:
|
||||||
break;
|
break;
|
||||||
case CommentDetailsBulkAction.MarkAsSpam:
|
case CommentDetailsBulkAction.MarkAsSpam:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't moderate comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't moderate comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
//TODO: Transaction
|
//TODO: Transaction
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -219,7 +219,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CommentDetailsBulkAction.Pend:
|
case CommentDetailsBulkAction.Pend:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't moderate comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't moderate comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -227,7 +227,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CommentDetailsBulkAction.Approve:
|
case CommentDetailsBulkAction.Approve:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't moderate comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't moderate comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -235,7 +235,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CommentDetailsBulkAction.Delete:
|
case CommentDetailsBulkAction.Delete:
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't delete comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't delete comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
foreach (CommentEntry entry in checkedEntries) {
|
foreach (CommentEntry entry in checkedEntries) {
|
||||||
@@ -318,7 +318,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
var viewModel = new CommentsEditViewModel();
|
var viewModel = new CommentsEditViewModel();
|
||||||
try {
|
try {
|
||||||
UpdateModel(viewModel);
|
UpdateModel(viewModel);
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't edit comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't edit comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
_commentService.UpdateComment(viewModel.Id, viewModel.Name, viewModel.Email, viewModel.SiteName, viewModel.CommentText, viewModel.Status);
|
_commentService.UpdateComment(viewModel.Id, viewModel.Name, viewModel.Email, viewModel.SiteName, viewModel.CommentText, viewModel.Status);
|
||||||
@@ -332,7 +332,7 @@ namespace Orchard.Comments.Controllers {
|
|||||||
|
|
||||||
public ActionResult Delete(int id, string returnUrl) {
|
public ActionResult Delete(int id, string returnUrl) {
|
||||||
try {
|
try {
|
||||||
if (!_authorizer.Authorize(Permissions.ModerateComment, T("Couldn't delete comment")))
|
if (!_authorizer.Authorize(Permissions.ManageComments, T("Couldn't delete comment")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
int commentedOn = _commentService.GetComment(id).CommentedOn;
|
int commentedOn = _commentService.GetComment(id).CommentedOn;
|
||||||
_commentService.DeleteComment(id);
|
_commentService.DeleteComment(id);
|
||||||
|
|||||||
@@ -4,13 +4,12 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Comments {
|
namespace Orchard.Comments {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission AddComment = new Permission { Description = "Adding a Comment", Name = "AddComment" };
|
public static readonly Permission AddComment = new Permission { Description = "Add comment", Name = "AddComment" };
|
||||||
public static readonly Permission AddCommentWithoutValidation = new Permission { Description = "Adding a Comment without validation", Name = "AddCommentWithoutValidation" };
|
public static readonly Permission EnableComment = new Permission { Description = "Enabling Comments on content items", Name = "EnableComment" };//refactoring
|
||||||
public static readonly Permission EnableComment = new Permission { Description = "Enabling Comments on content items", Name = "EnableComment" };
|
public static readonly Permission CloseComment = new Permission { Description = "Closing Comments", Name = "CloseComment" };//refactoring
|
||||||
public static readonly Permission CloseComment = new Permission { Description = "Closing Comments", Name = "CloseComment" };
|
public static readonly Permission CloseCommentOnOwnItems = new Permission { Description = "Closing Comments on own items", Name = "CloseCommentOnOwnItems" };//refactoring
|
||||||
public static readonly Permission CloseCommentOnOwnItems = new Permission { Description = "Closing Comments on own items", Name = "CloseCommentOnOwnItems" };
|
public static readonly Permission ManageComments = new Permission { Description = "Manage comments", Name = "ManageComments" };
|
||||||
public static readonly Permission ModerateComment = new Permission { Description = "Moderating Comments", Name = "ModerateComment" };
|
public static readonly Permission ManageOthersComments = new Permission { Description = "Manage comments for others", Name = "ManageOthersComments" };
|
||||||
public static readonly Permission ModerateCommentOnOwnItems = new Permission { Description = "Moderating Comments On Own Items", Name = "ModerateCommentOnOwnItems" };
|
|
||||||
|
|
||||||
public string PackageName {
|
public string PackageName {
|
||||||
get {
|
get {
|
||||||
@@ -19,14 +18,13 @@ namespace Orchard.Comments {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new[] {
|
return new Permission[] {
|
||||||
AddComment,
|
AddComment,
|
||||||
AddCommentWithoutValidation,
|
|
||||||
EnableComment,
|
EnableComment,
|
||||||
CloseComment,
|
CloseComment,
|
||||||
CloseCommentOnOwnItems,
|
CloseCommentOnOwnItems,
|
||||||
ModerateComment,
|
ManageComments,
|
||||||
ModerateCommentOnOwnItems
|
ManageOthersComments
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -34,7 +32,7 @@ namespace Orchard.Comments {
|
|||||||
return new[] {
|
return new[] {
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Administrators",
|
Name = "Administrators",
|
||||||
Permissions = new[] {ModerateComment}
|
Permissions = new[] {ManageComments}
|
||||||
},
|
},
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Anonymous",
|
Name = "Anonymous",
|
||||||
|
|||||||
@@ -58,7 +58,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
var viewModel = new MediaFolderCreateViewModel();
|
var viewModel = new MediaFolderCreateViewModel();
|
||||||
try {
|
try {
|
||||||
UpdateModel(viewModel);
|
UpdateModel(viewModel);
|
||||||
if (!_authorizer.Authorize(Permissions.CreateMediaFolder, T("Couldn't create media folder")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't create media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.CreateFolder(viewModel.MediaPath, viewModel.Name);
|
_mediaService.CreateFolder(viewModel.MediaPath, viewModel.Name);
|
||||||
return RedirectToAction("Index");
|
return RedirectToAction("Index");
|
||||||
@@ -83,14 +83,14 @@ namespace Orchard.Media.Controllers {
|
|||||||
if (key.StartsWith("Checkbox.File.") && input[key] == "true") {
|
if (key.StartsWith("Checkbox.File.") && input[key] == "true") {
|
||||||
string fileName = key.Substring("Checkbox.File.".Length);
|
string fileName = key.Substring("Checkbox.File.".Length);
|
||||||
string folderName = input[fileName];
|
string folderName = input[fileName];
|
||||||
if (!_authorizer.Authorize(Permissions.DeleteMedia, T("Couldn't delete media file")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.DeleteFile(fileName, folderName);
|
_mediaService.DeleteFile(fileName, folderName);
|
||||||
}
|
}
|
||||||
else if (key.StartsWith("Checkbox.Folder.") && input[key] == "true") {
|
else if (key.StartsWith("Checkbox.Folder.") && input[key] == "true") {
|
||||||
string folderName = key.Substring("Checkbox.Folder.".Length);
|
string folderName = key.Substring("Checkbox.Folder.".Length);
|
||||||
string folderPath = input[folderName];
|
string folderPath = input[folderName];
|
||||||
if (!_authorizer.Authorize(Permissions.DeleteMediaFolder, T("Couldn't delete media folder")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.DeleteFolder(folderPath);
|
_mediaService.DeleteFolder(folderPath);
|
||||||
}
|
}
|
||||||
@@ -116,13 +116,13 @@ namespace Orchard.Media.Controllers {
|
|||||||
//TODO: There may be better ways to do this.
|
//TODO: There may be better ways to do this.
|
||||||
// Delete
|
// Delete
|
||||||
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
|
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
|
||||||
if (!_authorizer.Authorize(Permissions.DeleteMediaFolder, T("Couldn't delete media folder")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.DeleteFolder(viewModel.MediaPath);
|
_mediaService.DeleteFolder(viewModel.MediaPath);
|
||||||
}
|
}
|
||||||
// Save
|
// Save
|
||||||
else {
|
else {
|
||||||
if (!_authorizer.Authorize(Permissions.RenameMediaFolder, T("Couldn't rename media folder")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't rename media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.RenameFolder(viewModel.MediaPath, viewModel.Name);
|
_mediaService.RenameFolder(viewModel.MediaPath, viewModel.Name);
|
||||||
}
|
}
|
||||||
@@ -145,7 +145,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
var viewModel = new MediaItemAddViewModel();
|
var viewModel = new MediaItemAddViewModel();
|
||||||
try {
|
try {
|
||||||
UpdateModel(viewModel);
|
UpdateModel(viewModel);
|
||||||
if (!_authorizer.Authorize(Permissions.UploadMedia, T("Couldn't upload media file")))
|
if (!_authorizer.Authorize(Permissions.UploadMediaFiles, T("Couldn't upload media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
foreach (string fileName in Request.Files) {
|
foreach (string fileName in Request.Files) {
|
||||||
@@ -177,11 +177,11 @@ namespace Orchard.Media.Controllers {
|
|||||||
var viewModel = new MediaItemEditViewModel();
|
var viewModel = new MediaItemEditViewModel();
|
||||||
try {
|
try {
|
||||||
UpdateModel(viewModel);
|
UpdateModel(viewModel);
|
||||||
if (!_authorizer.Authorize(Permissions.ModifyMedia, T("Couldn't modify media file")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't modify media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
// Delete
|
// Delete
|
||||||
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
|
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
|
||||||
if (!_authorizer.Authorize(Permissions.DeleteMedia, T("Couldn't delete media file")))
|
if (!_authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.DeleteFile(viewModel.Name, viewModel.MediaPath);
|
_mediaService.DeleteFile(viewModel.Name, viewModel.MediaPath);
|
||||||
return RedirectToAction("Edit", new { name = viewModel.FolderName, mediaPath = viewModel.MediaPath });
|
return RedirectToAction("Edit", new { name = viewModel.FolderName, mediaPath = viewModel.MediaPath });
|
||||||
|
|||||||
@@ -4,12 +4,8 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Media {
|
namespace Orchard.Media {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission UploadMedia = new Permission { Description = "Uploading Media Files", Name = "UploadMedia" };
|
public static readonly Permission ManageMediaFiles = new Permission { Description = "Modifying Media Files", Name = "ManageMediaFiles" };
|
||||||
public static readonly Permission ModifyMedia = new Permission { Description = "Modifying Media Files", Name = "ModifyMedia" };
|
public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles" };
|
||||||
public static readonly Permission DeleteMedia = new Permission { Description = "Deleting Media Files", Name = "DeleteMedia" };
|
|
||||||
public static readonly Permission CreateMediaFolder = new Permission { Description = "Creating Media Folders", Name = "CreateMediaFolder" };
|
|
||||||
public static readonly Permission DeleteMediaFolder = new Permission { Description = "Deleting Media Folders", Name = "DeleteMediaFolder" };
|
|
||||||
public static readonly Permission RenameMediaFolder = new Permission { Description = "Renaming Media Folders", Name = "RenameMediaFolder" };
|
|
||||||
|
|
||||||
public string PackageName {
|
public string PackageName {
|
||||||
get {
|
get {
|
||||||
@@ -18,13 +14,9 @@ namespace Orchard.Media {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new List<Permission> {
|
return new Permission[] {
|
||||||
UploadMedia,
|
ManageMediaFiles,
|
||||||
ModifyMedia,
|
UploadMediaFiles,
|
||||||
DeleteMedia,
|
|
||||||
CreateMediaFolder,
|
|
||||||
DeleteMediaFolder,
|
|
||||||
RenameMediaFolder
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -46,7 +46,7 @@ namespace Orchard.Media.Services {
|
|||||||
XRpcStruct file) {
|
XRpcStruct file) {
|
||||||
|
|
||||||
var user = _membershipService.ValidateUser(userName, password);
|
var user = _membershipService.ValidateUser(userName, password);
|
||||||
if (!_authorizationService.CheckAccess(user, Permissions.UploadMedia)) {
|
if (!_authorizationService.CheckAccess(user, Permissions.UploadMediaFiles)) {
|
||||||
//TEMP: return appropriate access-denied response for user
|
//TEMP: return appropriate access-denied response for user
|
||||||
throw new ApplicationException("Access denied");
|
throw new ApplicationException("Access denied");
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -67,7 +67,7 @@ namespace Orchard.Pages.Controllers {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case PagesBulkAction.Unpublish:
|
case PagesBulkAction.Unpublish:
|
||||||
if (!_services.Authorizer.Authorize(Permissions.UnpublishPages, T("Couldn't unpublish page")))
|
if (!_services.Authorizer.Authorize(Permissions.PublishPages, T("Couldn't unpublish page")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
foreach (PageEntry entry in checkedEntries) {
|
foreach (PageEntry entry in checkedEntries) {
|
||||||
var page = _pageService.GetLatest(entry.PageId);
|
var page = _pageService.GetLatest(entry.PageId);
|
||||||
@@ -99,7 +99,7 @@ namespace Orchard.Pages.Controllers {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public ActionResult Create() {
|
public ActionResult Create() {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.CreatePages, T("Not allowed to create a page")))
|
if (!_services.Authorizer.Authorize(Permissions.EditPages, T("Not allowed to create a page")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var page = _services.ContentManager.BuildEditorModel(_services.ContentManager.New<Page>("page"));
|
var page = _services.ContentManager.BuildEditorModel(_services.ContentManager.New<Page>("page"));
|
||||||
@@ -113,7 +113,7 @@ namespace Orchard.Pages.Controllers {
|
|||||||
|
|
||||||
[HttpPost, ActionName("Create")]
|
[HttpPost, ActionName("Create")]
|
||||||
public ActionResult CreatePOST(PageCreateViewModel model) {
|
public ActionResult CreatePOST(PageCreateViewModel model) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.CreatePages, T("Couldn't create page")))
|
if (!_services.Authorizer.Authorize(Permissions.EditPages, T("Couldn't create page")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
//TODO: (erikpo) Move this duplicate code somewhere else
|
//TODO: (erikpo) Move this duplicate code somewhere else
|
||||||
@@ -143,7 +143,7 @@ namespace Orchard.Pages.Controllers {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public ActionResult Edit(int id) {
|
public ActionResult Edit(int id) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.ModifyPages, T("Couldn't edit page")))
|
if (!_services.Authorizer.Authorize(Permissions.EditPages, T("Couldn't edit page")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
Page page = _pageService.GetLatest(id);
|
Page page = _pageService.GetLatest(id);
|
||||||
@@ -160,7 +160,7 @@ namespace Orchard.Pages.Controllers {
|
|||||||
|
|
||||||
[HttpPost, ActionName("Edit")]
|
[HttpPost, ActionName("Edit")]
|
||||||
public ActionResult EditPOST(int id) {
|
public ActionResult EditPOST(int id) {
|
||||||
if (!_services.Authorizer.Authorize(Permissions.ModifyPages, T("Couldn't edit page")))
|
if (!_services.Authorizer.Authorize(Permissions.EditPages, T("Couldn't edit page")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
Page page = _pageService.GetPageOrDraft(id);
|
Page page = _pageService.GetPageOrDraft(id);
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ using Orchard.Localization;
|
|||||||
using Orchard.ContentManagement;
|
using Orchard.ContentManagement;
|
||||||
using Orchard.Pages.Services;
|
using Orchard.Pages.Services;
|
||||||
using Orchard.Pages.ViewModels;
|
using Orchard.Pages.ViewModels;
|
||||||
|
using Orchard.Security;
|
||||||
|
|
||||||
namespace Orchard.Pages.Controllers {
|
namespace Orchard.Pages.Controllers {
|
||||||
[ValidateInput(false)]
|
[ValidateInput(false)]
|
||||||
@@ -25,7 +26,7 @@ namespace Orchard.Pages.Controllers {
|
|||||||
private Localizer T { get; set; }
|
private Localizer T { get; set; }
|
||||||
|
|
||||||
public ActionResult Item(string slug) {
|
public ActionResult Item(string slug) {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ViewPages, T("Couldn't view page")))
|
if (!Services.Authorizer.Authorize(StandardPermissions.AccessFrontEnd, T("Couldn't view page")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
if (slug == null) {
|
if (slug == null) {
|
||||||
|
|||||||
@@ -4,15 +4,12 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Pages {
|
namespace Orchard.Pages {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission ViewPages = new Permission { Description = "Viewing Pages", Name = "ViewPages" };
|
public static readonly Permission EditPages = new Permission { Description = "Edit page", Name = "EditPages" };
|
||||||
public static readonly Permission CreatePages = new Permission { Description = "Creating Pages", Name = "CreatePages" };
|
public static readonly Permission EditOthersPages = new Permission { Description = "Edit page for others", Name = "EditOthersPages" };
|
||||||
public static readonly Permission CreateDraftPages = new Permission { Description = "Creating Page Drafts", Name = "CreateDraftPages" };
|
public static readonly Permission PublishPages = new Permission { Description = "Publish or unpublish page", Name = "PublishPages" };
|
||||||
public static readonly Permission DeleteDraftPages = new Permission { Description = "Deleting Page Drafts", Name = "DeleteDraftPages" };
|
public static readonly Permission PublishOthersPages = new Permission { Description = "Publish or unpublish page for others", Name = "PublishOthersPages" };
|
||||||
public static readonly Permission ModifyPages = new Permission { Description = "Modifying Pages", Name = "ModifyPages" };
|
public static readonly Permission DeletePages = new Permission { Description = "Delete page", Name = "DeletePages" };
|
||||||
public static readonly Permission DeletePages = new Permission { Description = "Deleting Pages", Name = "DeletePages" };
|
public static readonly Permission DeleteOthersPages = new Permission { Description = "Delete page for others", Name = "DeleteOthersPages" };
|
||||||
public static readonly Permission PublishPages = new Permission { Description = "Publishing Pages", Name = "PublishPages" };
|
|
||||||
public static readonly Permission UnpublishPages = new Permission { Description = "Unpublishing Pages", Name = "UnpublishPages" };
|
|
||||||
public static readonly Permission SchedulePages = new Permission { Description = "Scheduling Pages", Name = "SchedulePages" };
|
|
||||||
|
|
||||||
public string PackageName {
|
public string PackageName {
|
||||||
get {
|
get {
|
||||||
@@ -21,16 +18,13 @@ namespace Orchard.Pages {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new List<Permission> {
|
return new Permission[] {
|
||||||
ViewPages,
|
EditPages,
|
||||||
CreatePages,
|
EditOthersPages,
|
||||||
CreateDraftPages,
|
|
||||||
DeleteDraftPages,
|
|
||||||
ModifyPages,
|
|
||||||
DeletePages,
|
|
||||||
PublishPages,
|
PublishPages,
|
||||||
UnpublishPages,
|
PublishOthersPages,
|
||||||
SchedulePages
|
DeletePages,
|
||||||
|
DeleteOthersPages,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -65,6 +65,7 @@
|
|||||||
<Compile Include="Controllers\AdminController.cs" />
|
<Compile Include="Controllers\AdminController.cs" />
|
||||||
<Compile Include="Controllers\UserRolesDriver.cs" />
|
<Compile Include="Controllers\UserRolesDriver.cs" />
|
||||||
<Compile Include="Extension.cs" />
|
<Compile Include="Extension.cs" />
|
||||||
|
<Compile Include="Permissions.cs" />
|
||||||
<Compile Include="Records\PermissionRecord.cs" />
|
<Compile Include="Records\PermissionRecord.cs" />
|
||||||
<Compile Include="Records\RoleRecord.cs" />
|
<Compile Include="Records\RoleRecord.cs" />
|
||||||
<Compile Include="Models\UserRoles.cs" />
|
<Compile Include="Models\UserRoles.cs" />
|
||||||
|
|||||||
31
src/Orchard.Web/Packages/Orchard.Roles/Permissions.cs
Normal file
31
src/Orchard.Web/Packages/Orchard.Roles/Permissions.cs
Normal file
@@ -0,0 +1,31 @@
|
|||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
using JetBrains.Annotations;
|
||||||
|
using Orchard.Security.Permissions;
|
||||||
|
|
||||||
|
namespace Orchard.Roles {
|
||||||
|
[UsedImplicitly]
|
||||||
|
public class Permissions : IPermissionProvider {
|
||||||
|
public static readonly Permission ManageRoles = new Permission { Description = "Create and manage roles", Name = "ManageRoles" };
|
||||||
|
public static readonly Permission AssignUsersToRoles = new Permission { Description = "Assign users to roles", Name = "AssignUsersToRoles" };
|
||||||
|
|
||||||
|
public string PackageName {
|
||||||
|
get {
|
||||||
|
return "Roles";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
|
return new Permission[] {
|
||||||
|
ManageRoles,
|
||||||
|
AssignUsersToRoles,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
||||||
|
return Enumerable.Empty<PermissionStereotype>();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
@@ -60,7 +60,7 @@ namespace Orchard.Tags.Controllers {
|
|||||||
case TagAdminIndexBulkAction.None:
|
case TagAdminIndexBulkAction.None:
|
||||||
break;
|
break;
|
||||||
case TagAdminIndexBulkAction.Delete:
|
case TagAdminIndexBulkAction.Delete:
|
||||||
if (!_authorizer.Authorize(Permissions.DeleteTag, T("Couldn't delete tag")))
|
if (!_authorizer.Authorize(Permissions.ManageTags, T("Couldn't delete tag")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
foreach (TagEntry entry in checkedEntries) {
|
foreach (TagEntry entry in checkedEntries) {
|
||||||
@@ -121,7 +121,7 @@ namespace Orchard.Tags.Controllers {
|
|||||||
var viewModel = new TagsAdminEditViewModel();
|
var viewModel = new TagsAdminEditViewModel();
|
||||||
try {
|
try {
|
||||||
UpdateModel(viewModel);
|
UpdateModel(viewModel);
|
||||||
if (!_authorizer.Authorize(Permissions.RenameTag, T("Couldn't edit tag")))
|
if (!_authorizer.Authorize(Permissions.ManageTags, T("Couldn't edit tag")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
_tagService.UpdateTag(viewModel.Id, viewModel.TagName);
|
_tagService.UpdateTag(viewModel.Id, viewModel.TagName);
|
||||||
|
|||||||
@@ -4,10 +4,9 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Tags {
|
namespace Orchard.Tags {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission CreateTag = new Permission { Description = "Creating a Tag", Name = "CreateTag" };
|
public static readonly Permission ManageTags = new Permission { Description = "Manage tags", Name = "ManageTags" };
|
||||||
|
public static readonly Permission CreateTag = new Permission { Description = "Create tag", Name = "CreateTag" };
|
||||||
public static readonly Permission ApplyTag = new Permission { Description = "Applying a Tag", Name = "ApplyTag" };
|
public static readonly Permission ApplyTag = new Permission { Description = "Applying a Tag", Name = "ApplyTag" };
|
||||||
public static readonly Permission DeleteTag = new Permission { Description = "Deleting a Tag", Name = "DeleteTag" };
|
|
||||||
public static readonly Permission RenameTag = new Permission { Description = "Renaming a Tag", Name = "RenameTag" };
|
|
||||||
|
|
||||||
public string PackageName {
|
public string PackageName {
|
||||||
get {
|
get {
|
||||||
@@ -16,11 +15,10 @@ namespace Orchard.Tags {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new List<Permission> {
|
return new Permission[] {
|
||||||
|
ManageTags,
|
||||||
CreateTag,
|
CreateTag,
|
||||||
ApplyTag,
|
ApplyTag,
|
||||||
DeleteTag,
|
|
||||||
RenameTag,
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -67,6 +67,7 @@
|
|||||||
<Compile Include="Models\User.cs" />
|
<Compile Include="Models\User.cs" />
|
||||||
<Compile Include="Models\UserHandler.cs" />
|
<Compile Include="Models\UserHandler.cs" />
|
||||||
<Compile Include="Models\UserRecord.cs" />
|
<Compile Include="Models\UserRecord.cs" />
|
||||||
|
<Compile Include="Permissions.cs" />
|
||||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||||
<Compile Include="Services\MembershipService.cs" />
|
<Compile Include="Services\MembershipService.cs" />
|
||||||
<Compile Include="AdminMenu.cs" />
|
<Compile Include="AdminMenu.cs" />
|
||||||
|
|||||||
30
src/Orchard.Web/Packages/Orchard.Users/Permissions.cs
Normal file
30
src/Orchard.Web/Packages/Orchard.Users/Permissions.cs
Normal file
@@ -0,0 +1,30 @@
|
|||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
using JetBrains.Annotations;
|
||||||
|
using Orchard.Security.Permissions;
|
||||||
|
|
||||||
|
namespace Orchard.Users {
|
||||||
|
[UsedImplicitly]
|
||||||
|
public class Permissions : IPermissionProvider {
|
||||||
|
public static readonly Permission ManageUsers = new Permission { Description = "Manage users", Name = "ManageUsers" };
|
||||||
|
public static readonly Permission AddUsers = new Permission { Description = "Add users", Name = "AddUsers" };
|
||||||
|
|
||||||
|
public string PackageName {
|
||||||
|
get {
|
||||||
|
return "Users";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
|
return new Permission[] {
|
||||||
|
ManageUsers,
|
||||||
|
AddUsers,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
||||||
|
return Enumerable.Empty<PermissionStereotype>();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -21,7 +21,7 @@ namespace Orchard.Mvc.Filters {
|
|||||||
var siteUrl = _siteService.GetSiteSettings().SiteUrl;
|
var siteUrl = _siteService.GetSiteSettings().SiteUrl;
|
||||||
//todo: (heskew) get at the admin path in a less hacky way
|
//todo: (heskew) get at the admin path in a less hacky way
|
||||||
if (filterContext.HttpContext.Request.RawUrl.StartsWith(Path.Combine(siteUrl, "admin").Replace("\\", "/"), true, CultureInfo.InvariantCulture)
|
if (filterContext.HttpContext.Request.RawUrl.StartsWith(Path.Combine(siteUrl, "admin").Replace("\\", "/"), true, CultureInfo.InvariantCulture)
|
||||||
&& !_authorizer.Authorize(Permissions.AccessAdmin, "Can't access the admin")) {
|
&& !_authorizer.Authorize(StandardPermissions.AccessAdminPanel, "Can't access the admin")) {
|
||||||
filterContext.Result = new HttpUnauthorizedResult();
|
filterContext.Result = new HttpUnauthorizedResult();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -135,6 +135,7 @@
|
|||||||
<Compile Include="Extensions\ExtensionFolders.cs" />
|
<Compile Include="Extensions\ExtensionFolders.cs" />
|
||||||
<Compile Include="Extensions\Loaders\AreaExtensionLoader.cs" />
|
<Compile Include="Extensions\Loaders\AreaExtensionLoader.cs" />
|
||||||
<Compile Include="Extensions\UriExtensions.cs" />
|
<Compile Include="Extensions\UriExtensions.cs" />
|
||||||
|
<Compile Include="Security\StandardPermissions.cs" />
|
||||||
<Compile Include="Tasks\Scheduling\IScheduledTask.cs" />
|
<Compile Include="Tasks\Scheduling\IScheduledTask.cs" />
|
||||||
<Compile Include="ContentManagement\ContentExtensions.cs" />
|
<Compile Include="ContentManagement\ContentExtensions.cs" />
|
||||||
<Compile Include="ContentManagement\ContentItem.cs" />
|
<Compile Include="ContentManagement\ContentItem.cs" />
|
||||||
@@ -206,7 +207,6 @@
|
|||||||
<Compile Include="Mvc\Html\FileRegistrationContext.cs" />
|
<Compile Include="Mvc\Html\FileRegistrationContext.cs" />
|
||||||
<Compile Include="Mvc\Html\MvcFormAntiForgeryPost.cs" />
|
<Compile Include="Mvc\Html\MvcFormAntiForgeryPost.cs" />
|
||||||
<Compile Include="Mvc\Html\SiteServiceExtensions.cs" />
|
<Compile Include="Mvc\Html\SiteServiceExtensions.cs" />
|
||||||
<Compile Include="Permissions.cs" />
|
|
||||||
<Compile Include="Tasks\FiniteContainerProvider.cs" />
|
<Compile Include="Tasks\FiniteContainerProvider.cs" />
|
||||||
<Compile Include="Tasks\Scheduling\IScheduledTaskHandler.cs" />
|
<Compile Include="Tasks\Scheduling\IScheduledTaskHandler.cs" />
|
||||||
<Compile Include="Tasks\Scheduling\IScheduledTaskManager.cs" />
|
<Compile Include="Tasks\Scheduling\IScheduledTaskManager.cs" />
|
||||||
|
|||||||
@@ -1,22 +0,0 @@
|
|||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
using Orchard.Security.Permissions;
|
|
||||||
|
|
||||||
namespace Orchard {
|
|
||||||
public class Permissions : IPermissionProvider {
|
|
||||||
public static readonly Permission AccessAdmin = new Permission { Name = "AccessAdmin", Description = "Access the application admin area" };
|
|
||||||
|
|
||||||
public string PackageName {
|
|
||||||
get { return "Orchard"; }
|
|
||||||
}
|
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
|
||||||
return new[] { AccessAdmin };
|
|
||||||
}
|
|
||||||
|
|
||||||
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
|
||||||
return Enumerable.Empty<PermissionStereotype>();
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
26
src/Orchard/Security/StandardPermissions.cs
Normal file
26
src/Orchard/Security/StandardPermissions.cs
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
using Orchard.Security.Permissions;
|
||||||
|
|
||||||
|
namespace Orchard.Security {
|
||||||
|
public class StandardPermissions : IPermissionProvider {
|
||||||
|
public static readonly Permission AccessAdminPanel = new Permission { Name = "AccessAdminPanel", Description = "Access admin panel" };
|
||||||
|
public static readonly Permission AccessFrontEnd = new Permission { Name = "AccessFrontEnd", Description = "Access site front-end" };
|
||||||
|
|
||||||
|
public string PackageName {
|
||||||
|
get { return "Orchard"; }
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
|
return new Permission[] {
|
||||||
|
AccessAdminPanel,
|
||||||
|
AccessFrontEnd,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
|
||||||
|
return Enumerable.Empty<PermissionStereotype>();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user