lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-09-24 05:23:33 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Further work updating security model

Browse Source 
--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4045825
This commit is contained in:
loudej
2010-01-22 05:25:54 +00:00
parent 95d5398f50
commit 6d95217b6a
33 changed files with 290 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/Orchard.Web/Packages/Orchard.Users/Controllers/AdminController.cs
View File

@@ -26,6 +26,9 @@ namespace Orchard.Users.Controllers {
public ActionResult Index() {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage settings")))
return new HttpUnauthorizedResult();
var users = Services.ContentManager
.Query<User, UserRecord>()
.Where(x => x.UserName != null)
@@ -41,6 +44,9 @@ namespace Orchard.Users.Controllers {
}
public ActionResult Create() {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage settings")))
return new HttpUnauthorizedResult();
var user = Services.ContentManager.New<IUser>(UserDriver.ContentType.Name);
var model = new UserCreateViewModel {
User = Services.ContentManager.BuildEditorModel(user)
@@ -49,7 +55,9 @@ namespace Orchard.Users.Controllers {
}
[HttpPost, ActionName("Create")]
public ActionResult _Create() {
public ActionResult CreatePOST() {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage settings")))
return new HttpUnauthorizedResult();
var model = new UserCreateViewModel();
UpdateModel(model);
@@ -75,13 +83,19 @@ namespace Orchard.Users.Controllers {
}
public ActionResult Edit(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage settings")))
return new HttpUnauthorizedResult();
return View(new UserEditViewModel {
User = Services.ContentManager.BuildEditorModel<User>(id)
});
}
[HttpPost, ActionName("Edit")]
public ActionResult _Edit(int id) {
public ActionResult EditPOST(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage settings")))
return new HttpUnauthorizedResult();
var model = new UserEditViewModel {
User = Services.ContentManager.UpdateEditorModel<User>(id, this)
};