lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

#18861: Fixing navigation permissions

Browse Source 
Work Item: 18861

--HG--
branch : 1.x
This commit is contained in:
sebros@SEBROS3.redmond.corp.microsoft.com
2012-09-18 18:00:28 -07:00
parent c2e2c3cfec
commit 7482cdba07
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/Orchard/UI/Navigation/NavigationManager.cs
View File

@@ -93,10 +93,19 @@ namespace Orchard.UI.Navigation {
/// </summary>
private IEnumerable<MenuItem> Reduce(IEnumerable<MenuItem> items) {
var hasDebugShowAllMenuItems = _authorizationService.TryCheckAccess(Permission.Named("DebugShowAllMenuItems"), _orchardServices.WorkContext.CurrentUser, null);
var isAdminMenu = AdminFilter.IsApplied(_urlHelper.RequestContext);
foreach (var item in items) {
if (hasDebugShowAllMenuItems ||
AdminFilter.IsApplied(_urlHelper.RequestContext) ||
item.Permissions.Concat(new [] { Permission.Named("ViewContent") }).Any(x => _authorizationService.TryCheckAccess(x, _orchardServices.WorkContext.CurrentUser, item.Content))) {
if (
// debug flag is on
hasDebugShowAllMenuItems ||
// a content item is linked and the user can view it
item.Content != null && item.Permissions.Concat(new [] { Permission.Named("ViewContent") }).Any(x => _authorizationService.TryCheckAccess(x, _orchardServices.WorkContext.CurrentUser, item.Content)) ||
// it's the admin menu and permissions are effective
isAdminMenu && (!item.Permissions.Any() || item.Permissions.Any(x => _authorizationService.TryCheckAccess(x, _orchardServices.WorkContext.CurrentUser, null))) ) {
yield return new MenuItem {
Items = Reduce(item.Items),
Permissions = item.Permissions,