lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-14 19:04:51 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Adding ManageTemplates permission.

Browse Source 
Fixes #4951
This commit is contained in:
armanforghani
2015-09-24 23:15:35 +03:30
parent 0ad1ef3098
commit 985bb27708
4 changed files with 59 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Modules/Orchard.Templates/AdminMenu.cs
View File

@@ -7,7 +7,7 @@ namespace Orchard.Templates {
public void GetNavigation(NavigationBuilder builder) {
builder
.AddImageSet("templates")
.Add(T("Templates"), "5.0", item => item.Action("List", "Admin", new { area = "Orchard.Templates", id = "" }));
.Add(T("Templates"), "5.0", item => item.Action("List", "Admin", new { area = "Orchard.Templates", id = "" }).Permission(Permissions.ManageTemplates));
}
}
}

22
src/Orchard.Web/Modules/Orchard.Templates/Controllers/AdminController.cs
View File

@@ -44,6 +44,10 @@ namespace Orchard.Templates.Controllers {
public Localizer T { get; set; }
public ActionResult List(ListContentsViewModel model, PagerParameters pagerParameters) {
if (!Services.Authorizer.Authorize(Permissions.ManageTemplates, T("Not authorized to manage templates"))) {
return new HttpUnauthorizedResult();
}
var pager = new Pager(_siteService.GetSiteSettings(), pagerParameters);
var query = _contentManager.Query(VersionOptions.Latest, GetShapeTypes().Select(ctd => ctd.Name).ToArray());
@@ -93,6 +97,10 @@ namespace Orchard.Templates.Controllers {
[HttpPost, ActionName("List")]
[Mvc.FormValueRequired("submit.Filter")]
public ActionResult ListFilterPOST(ContentOptions options) {
if (!Services.Authorizer.Authorize(Permissions.ManageTemplates, T("Not authorized to manage templates"))) {
return new HttpUnauthorizedResult();
}
var routeValues = ControllerContext.RouteData.Values;
if (options != null) {
routeValues["Options.OrderBy"] = options.OrderBy;
@@ -110,6 +118,10 @@ namespace Orchard.Templates.Controllers {
[HttpPost, ActionName("List")]
[Mvc.FormValueRequired("submit.BulkEdit")]
public ActionResult ListPOST(ContentOptions options, IEnumerable<int> itemIds, string returnUrl) {
if (!Services.Authorizer.Authorize(Permissions.ManageTemplates, T("Not authorized to manage templates"))) {
return new HttpUnauthorizedResult();
}
if (itemIds != null) {
var checkedContentItems = _contentManager.GetMany<ContentItem>(itemIds, VersionOptions.Latest, QueryHints.Empty);
switch (options.BulkAction) {
@@ -117,7 +129,7 @@ namespace Orchard.Templates.Controllers {
break;
case ContentsBulkAction.PublishNow:
foreach (var item in checkedContentItems) {
if (!Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't publish selected content."))) {
if (!Services.Authorizer.Authorize(Orchard.Core.Contents.Permissions.PublishContent, item, T("Couldn't publish selected content."))) {
_transactionManager.Cancel();
return new HttpUnauthorizedResult();
}
@@ -128,7 +140,7 @@ namespace Orchard.Templates.Controllers {
break;
case ContentsBulkAction.Unpublish:
foreach (var item in checkedContentItems) {
if (!Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't unpublish selected content."))) {
if (!Services.Authorizer.Authorize(Orchard.Core.Contents.Permissions.PublishContent, item, T("Couldn't unpublish selected content."))) {
_transactionManager.Cancel();
return new HttpUnauthorizedResult();
}
@@ -139,7 +151,7 @@ namespace Orchard.Templates.Controllers {
break;
case ContentsBulkAction.Remove:
foreach (var item in checkedContentItems) {
if (!Services.Authorizer.Authorize(Permissions.DeleteContent, item, T("Couldn't remove selected content."))) {
if (!Services.Authorizer.Authorize(Orchard.Core.Contents.Permissions.DeleteContent, item, T("Couldn't remove selected content."))) {
_transactionManager.Cancel();
return new HttpUnauthorizedResult();
}
@@ -157,6 +169,10 @@ namespace Orchard.Templates.Controllers {
}
public ActionResult Create(string id) {
if (!Services.Authorizer.Authorize(Permissions.ManageTemplates, T("Not authorized to manage templates"))) {
return new HttpUnauthorizedResult();
}
var types = GetShapeTypes();
var typeName = String.IsNullOrWhiteSpace(id) ? types.Count() == 1 ? types.First().Name : null : id;
return String.IsNullOrEmpty(typeName) ? CreatableTypeList() : RedirectToAction("Create", "Admin", new { area = "Contents", id = typeName });

1
src/Orchard.Web/Modules/Orchard.Templates/Orchard.Templates.csproj
View File

@@ -170,6 +170,7 @@
<Compile Include="Models\ShapePart.cs" />
<Compile Include="Migrations\Migrations.cs" />
<Compile Include="Migrations\RazorMigrations.cs" />
<Compile Include="Permissions.cs" />
<Compile Include="Services\ITemplateProcessor.cs" />
<Compile Include="Services\ITemplateService.cs" />
<Compile Include="Services\NoTemplateProcessorBanner.cs" />

38
src/Orchard.Web/Modules/Orchard.Templates/Permissions.cs Normal file
View File

@@ -0,0 +1,38 @@
using System.Collections.Generic;
using Orchard.Environment.Extensions.Models;
using Orchard.Security.Permissions;
namespace Orchard.Templates {
public class Permissions : IPermissionProvider {
public static readonly Permission ManageTemplates = new Permission { Description = "Managing Templates", Name = "ManageTemplates" };
public virtual Feature Feature { get; set; }
public IEnumerable<Permission> GetPermissions() {
return new[] {
ManageTemplates,
};
}
public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
return new[] {
new PermissionStereotype {
Name = "Administrator",
Permissions = new[] { ManageTemplates }
},
new PermissionStereotype {
Name = "Editor",
},
new PermissionStereotype {
Name = "Moderator",
},
new PermissionStereotype {
Name = "Author"
},
new PermissionStereotype {
Name = "Contributor",
},
};
}
}
}