lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-09-22 12:09:41 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Finished hooking up actions for blog post admin summary with antiforgery get urls

Browse Source 
--HG--
branch : dev
This commit is contained in:
Erik Porter
2010-03-02 16:04:01 -08:00
parent d703cfbc10
commit a8901c5411
13 changed files with 118 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Core/Navigation/Views/Admin/Index.ascx
View File

@@ -27,7 +27,7 @@ using (Html.BeginFormAntiForgeryPost()) { %>
<td><input type="text" class="text-box" name="<%=Html.NameOf(m => m.MenuItemEntries[i].MenuItem.Text) %>" value="<%=menuPartEntry.MenuItem.Text %>" /></td>
<td><input type="text" class="text-box" name="<%=Html.NameOf(m => m.MenuItemEntries[i].MenuItem.Position) %>" value="<%=menuPartEntry.MenuItem.Position %>" /></td>
<td><% if (!menuPartEntry.IsMenuItem) { %><input type="text" class="text-box disabled" disabled="disabled" value="<%=menuPartEntry.MenuItem.Url %>" /><% } else { %><input type="text" class="text-box" name="<%=Html.NameOf(m => m.MenuItemEntries[i].MenuItem.Url) %>" value="<%=menuPartEntry.MenuItem.Url %>" /><% } %></td>
<td><input type="hidden" name="<%=Html.NameOf(m => m.MenuItemEntries[i].MenuItemId) %>" value="<%=menuPartEntry.MenuItemId %>" /><a href="<%=Url.Action("Delete", new {id = menuPartEntry.MenuItemId, __RequestVerificationToken = Html.AntiForgeryTokenValueOrchard()}) %>" class="remove"><%=_Encoded(menuPartEntry.IsMenuItem ? "Delete" : "Remove") %></a></td>
<td><input type="hidden" name="<%=Html.NameOf(m => m.MenuItemEntries[i].MenuItemId) %>" value="<%=menuPartEntry.MenuItemId %>" /><a href="<%=Html.AntiForgeryTokenGetUrl(Url.Action("Delete", new {id = menuPartEntry.MenuItemId})) %>" class="remove"><%=_Encoded(menuPartEntry.IsMenuItem ? "Delete" : "Remove") %></a></td>
</tr><%
++menuPartEntryIndex;
} %>

38
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
View File

@@ -5,6 +5,7 @@ using Orchard.Blogs.Services;
using Orchard.Blogs.ViewModels;
using Orchard.ContentManagement;
using Orchard.Localization;
using Orchard.Mvc.AntiForgery;
using Orchard.Mvc.Results;
using Orchard.UI.Admin;
using Orchard.UI.Notify;
@@ -80,7 +81,7 @@ namespace Orchard.Blogs.Controllers {
break;
}
return Redirect(Url.BlogPostEdit(blogSlug, model.BlogPost.Item.Id));
return Redirect(Url.BlogPostEdit(model.BlogPost.Item));
}
public ActionResult Edit(string blogSlug, int postId) {
@@ -144,7 +145,7 @@ namespace Orchard.Blogs.Controllers {
break;
}
return Redirect(Url.BlogPostEdit(blogSlug, model.BlogPost.Item.Id));
return Redirect(Url.BlogPostEdit(model.BlogPost.Item));
}
public ActionResult DiscardDraft(int id) {
@@ -185,17 +186,17 @@ namespace Orchard.Blogs.Controllers {
return RedirectToAction("Edit", new { BlogSlug = item.As<BlogPost>().Blog.Slug, PostId = item.ContentItem.Id });
}
[HttpPost]
[ValidateAntiForgeryTokenOrchard]
public ActionResult Delete(string blogSlug, int postId) {
//refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published
if (!Services.Authorizer.Authorize(Permissions.DeleteBlogPost, T("Couldn't delete blog post")))
return new HttpUnauthorizedResult();
Blog blog = _blogService.Get(blogSlug);
var blog = _blogService.Get(blogSlug);
if (blog == null)
return new NotFoundResult();
BlogPost post = _blogPostService.Get(postId, VersionOptions.Latest);
var post = _blogPostService.Get(postId, VersionOptions.Latest);
if (post == null)
return new NotFoundResult();
@@ -205,21 +206,40 @@ namespace Orchard.Blogs.Controllers {
return Redirect(Url.BlogForAdmin(blogSlug));
}
[HttpPost]
[ValidateAntiForgeryTokenOrchard]
public ActionResult Publish(string blogSlug, int postId) {
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult();
Blog blog = _blogService.Get(blogSlug);
var blog = _blogService.Get(blogSlug);
if (blog == null)
return new NotFoundResult();
BlogPost post = _blogPostService.Get(postId, VersionOptions.Latest);
var post = _blogPostService.Get(postId, VersionOptions.Latest);
if (post == null)
return new NotFoundResult();
_blogPostService.Publish(post);
Services.Notifier.Information(T("Blog post information updated."));
Services.Notifier.Information(T("Blog post successfully published."));
return Redirect(Url.BlogForAdmin(blog.Slug));
}
[ValidateAntiForgeryTokenOrchard]
public ActionResult Unpublish(string blogSlug, int postId) {
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't unpublish blog post")))
return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogSlug);
if (blog == null)
return new NotFoundResult();
var post = _blogPostService.Get(postId, VersionOptions.Latest);
if (post == null)
return new NotFoundResult();
_blogPostService.Unpublish(post);
Services.Notifier.Information(T("Blog post successfully unpublished."));
return Redirect(Url.BlogForAdmin(blog.Slug));
}

29
src/Orchard.Web/Modules/Orchard.Blogs/Extensions/UrlHelperExtensions.cs
View File

@@ -1,4 +1,5 @@
using System.Web.Mvc;
using Orchard.Blogs.Models;
using Orchard.Mvc.Extensions;
namespace Orchard.Blogs.Extensions {
@@ -51,24 +52,52 @@ namespace Orchard.Blogs.Extensions {
return urlHelper.Action("Delete", "BlogAdmin", new {blogSlug, area = "Orchard.Blogs"});
}
public static string BlogPost(this UrlHelper urlHelper, BlogPost blogPost) {
return urlHelper.BlogPost(blogPost.Blog.Slug, blogPost.Slug);
}
public static string BlogPost(this UrlHelper urlHelper, string blogSlug, string postSlug) {
return urlHelper.Action("Item", "BlogPost", new {blogSlug, postSlug, area = "Orchard.Blogs"});
}
public static string BlogPostCreate(this UrlHelper urlHelper, Blog blog) {
return urlHelper.BlogPostCreate(blog.Slug);
}
public static string BlogPostCreate(this UrlHelper urlHelper, string blogSlug) {
return urlHelper.Action("Create", "BlogPostAdmin", new {blogSlug, area = "Orchard.Blogs"});
}
public static string BlogPostEdit(this UrlHelper urlHelper, BlogPost blogPost) {
return urlHelper.BlogPostEdit(blogPost.Blog.Slug, blogPost.Id);
}
public static string BlogPostEdit(this UrlHelper urlHelper, string blogSlug, int postId) {
return urlHelper.Action("Edit", "BlogPostAdmin", new {blogSlug, postId, area = "Orchard.Blogs"});
}
public static string BlogPostDelete(this UrlHelper urlHelper, BlogPost blogPost) {
return urlHelper.BlogPostDelete(blogPost.Blog.Slug, blogPost.Id);
}
public static string BlogPostDelete(this UrlHelper urlHelper, string blogSlug, int postId) {
return urlHelper.Action("Delete", "BlogPostAdmin", new {blogSlug, postId, area = "Orchard.Blogs"});
}
public static string BlogPostPublish(this UrlHelper urlHelper, BlogPost blogPost) {
return urlHelper.BlogPostPublish(blogPost.Blog.Slug, blogPost.Id);
}
public static string BlogPostPublish(this UrlHelper urlHelper, string blogSlug, int postId) {
return urlHelper.Action("Publish", "BlogPostAdmin", new { blogSlug, postId, area = "Orchard.Blogs" });
}
public static string BlogPostUnpublish(this UrlHelper urlHelper, BlogPost blogPost) {
return urlHelper.BlogPostUnpublish(blogPost.Blog.Slug, blogPost.Id);
}
public static string BlogPostUnpublish(this UrlHelper urlHelper, string blogSlug, int postId) {
return urlHelper.Action("Unpublish", "BlogPostAdmin", new { blogSlug, postId, area = "Orchard.Blogs" });
}
}
}

16
src/Orchard.Web/Modules/Orchard.Blogs/Routes.cs
View File

@@ -147,6 +147,22 @@ namespace Orchard.Blogs {
},
new MvcRouteHandler())
},
new RouteDescriptor {
Route = new Route(
"Admin/Blogs/{blogSlug}/Posts/{postId}/Unpublish",
new RouteValueDictionary {
{"area", "Orchard.Blogs"},
{"controller", "BlogPostAdmin"},
{"action", "Unpublish"}
},
new RouteValueDictionary {
{"blogSlug", new IsBlogConstraint(_containerProvider)}
},
new RouteValueDictionary {
{"area", "Orchard.Blogs"}
},
new MvcRouteHandler())
},
new RouteDescriptor {
Route = new Route(
"Admin/Blogs",

2
src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
View File

@@ -234,7 +234,7 @@ namespace Orchard.Blogs.Services {
}
private static XRpcStruct CreateBlogStruct(BlogPost blogPost, UrlHelper urlHelper) {
var url = urlHelper.AbsoluteAction(() => urlHelper.BlogPost(blogPost.Blog.Slug, blogPost.Slug));
var url = urlHelper.AbsoluteAction(() => urlHelper.BlogPost(blogPost));
return new XRpcStruct()
.Set("postid", blogPost.Id)
.Set("dateCreated", blogPost.CreatedUtc)

2
src/Orchard.Web/Modules/Orchard.Blogs/Views/DisplayTemplates/Items/Blogs.Blog.DetailAdmin.ascx
View File

@@ -20,6 +20,6 @@
</form>--%>
<div class="actions"><a href="<%=Url.BlogPostCreate(Model.Item.Slug) %>" class="add button primaryAction"><%=_Encoded("New Post")%></a></div>
<div class="actions"><a href="<%=Url.BlogPostCreate(Model.Item) %>" class="add button primaryAction"><%=_Encoded("New Post")%></a></div>
<% Html.Zone("primary");
Html.ZonesAny(); %>

30
src/Orchard.Web/Modules/Orchard.Blogs/Views/DisplayTemplates/Items/Blogs.Blog.SummaryAdmin.ascx
View File

@@ -2,32 +2,22 @@
<%@ Import Namespace="Orchard.Mvc.ViewModels"%>
<%@ Import Namespace="Orchard.Blogs.Extensions"%>
<%@ Import Namespace="Orchard.Blogs.Models"%>
<div class="summary">
<div class="properties">
<h3><%=Html.Link(Html.Encode(Model.Item.Name), Url.BlogForAdmin(Model.Item.Slug)) %></h3>
<p><%Html.Zone("meta");%></p>
<%--<p>[list of authors] [modify blog access]</p>--%>
<p><%=Html.Encode(Model.Item.Description) %></p>
<div class="properties">
<h3><%=Html.Link(Html.Encode(Model.Item.Name), Url.BlogForAdmin(Model.Item.Slug)) %></h3>
<p><% Html.Zone("meta");%></p>
<%--<p>[list of authors] [modify blog access]</p>--%>
<p><%=Html.Encode(Model.Item.Description) %></p>
</div>
<div class="related">
<a href="<%=Url.Blog(Model.Item.Slug) %>" title="<%=_Encoded("View") %>"><%=_Encoded("View") %></a><%=_Encoded(" | ")%>
<a href="<%=Url.BlogForAdmin(Model.Item.Slug) %>" title="<%=_Encoded("Edit Posts") %>"><%=_Encoded("Edit Posts")%></a><%=_Encoded(" | ")%>
<a href="<%=Url.BlogPostCreate(Model.Item.Slug) %>" title="<%=_Encoded("New Post") %>"><%=_Encoded("New Post") %></a><%=_Encoded(" | ")%>
<a href="<%=Url.BlogEdit(Model.Item.Slug) %>" title="<%=_Encoded("Settings") %>"><%=_Encoded("Settings") %></a><%=_Encoded(" | ")%>
<a href="<%=Url.Blog(Model.Item.Slug) %>" title="<%=_Encoded("View") %>"><%=_Encoded("View") %></a><%=_Encoded(" | ")%>
<a href="<%=Url.BlogForAdmin(Model.Item.Slug) %>" title="<%=_Encoded("Edit Posts") %>"><%=_Encoded("Edit Posts")%></a><%=_Encoded(" | ")%>
<a href="<%=Url.BlogPostCreate(Model.Item) %>" title="<%=_Encoded("New Post") %>"><%=_Encoded("New Post") %></a><%=_Encoded(" | ")%>
<a href="<%=Url.BlogEdit(Model.Item.Slug) %>" title="<%=_Encoded("Settings") %>"><%=_Encoded("Settings") %></a><%=_Encoded(" | ")%>
<%-- todo: (heskew) this is waaaaa too verbose. need template helpers for all ibuttons --%>
<% using (Html.BeginFormAntiForgeryPost(Url.BlogDelete(Model.Item.Slug), FormMethod.Post, new { @class = "inline" })) { %>
<button type="submit" class="linkButton" title="<%=_Encoded("Delete") %>"><%=_Encoded("Delete") %></button>
<%
<button type="submit" class="linkButton" title="<%=_Encoded("Delete") %>"><%=_Encoded("Delete") %></button><%
} %>
</div>
<div style="clear:both;"></div>
</div>

2
src/Orchard.Web/Modules/Orchard.Blogs/Views/DisplayTemplates/Items/Blogs.BlogPost.Summary.ascx
View File

@@ -4,6 +4,6 @@
<%@ Import Namespace="Orchard.Mvc.ViewModels"%>
<%@ Import Namespace="Orchard.Blogs.Extensions"%>
<%@ Import Namespace="Orchard.Blogs.Models"%>
<h2><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPost(Model.Item.Blog.Slug, Model.Item.Slug)) %></h2>
<h2><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPost(Model.Item)) %></h2>
<div class="meta"><%=Html.PublishedState(Model.Item) %> | <%Html.Zone("meta");%></div>
<div class="content"><% Html.Zone("primary", ":manage :metadata");%></div>

21
src/Orchard.Web/Modules/Orchard.Blogs/Views/DisplayTemplates/Items/Blogs.BlogPost.SummaryAdmin.ascx
View File

@@ -6,7 +6,7 @@
<%@ Import Namespace="Orchard.Blogs.Models"%>
<div class="summary">
<div class="properties">
<h3><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPostEdit(Model.Item.Blog.Slug, Model.Item.Id))%></h3>
<h3><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPostEdit(Model.Item))%></h3>
<ul>
<li><%
if (Model.Item.HasPublished) { %>
@@ -41,24 +41,17 @@
</div>
<div class="related"><%
if (Model.Item.HasPublished){ %>
<a href="<%=Url.BlogPost(Model.Item.Blog.Slug, Model.Item.Slug) %>" title="<%=_Encoded("View Post")%>"><%=_Encoded("View")%></a><%=_Encoded(" | ")%><%
<a href="<%=Url.BlogPost(Model.Item) %>" title="<%=_Encoded("View Post")%>"><%=_Encoded("View")%></a><%=_Encoded(" | ")%><%
if (Model.Item.HasDraft) { %>
<a href="#" title="<%=_Encoded("Publish Draft")%>"><%=_Encoded("Publish Draft")%></a><%=_Encoded(" | ")%><%
<a href="<%=Html.AntiForgeryTokenGetUrl(Url.BlogPostPublish(Model.Item)) %>" title="<%=_Encoded("Publish Draft")%>"><%=_Encoded("Publish Draft")%></a><%=_Encoded(" | ")%><%
} %>
<a href="#" title="<%=_Encoded("Unpublish Post")%>"><%=_Encoded("Unpublish")%></a><%=_Encoded(" | ")%><%
<a href="<%=Html.AntiForgeryTokenGetUrl(Url.BlogPostUnpublish(Model.Item)) %>" title="<%=_Encoded("Unpublish Post")%>"><%=_Encoded("Unpublish")%></a><%=_Encoded(" | ")%><%
}
else { %>
<a href="#" title="<%=_Encoded("Publish Post")%>"><%=_Encoded("Publish")%></a><%=_Encoded(" | ")%><%
} %>
<a href="<%=Url.BlogPostEdit(Model.Item.Blog.Slug, Model.Item.Id) %>" title="<%=_Encoded("Edit Post")%>"><%=_Encoded("Edit")%></a><%=_Encoded(" | ")%><%--
if (Model.Item.ContentItem.VersionRecord.Published == false) { // todo: (heskew) be smart about this and maybe have other contextual actions - including view/preview for view up there ^^
using (Html.BeginFormAntiForgeryPost(Url.BlogPostPublish(Model.Item.Blog.Slug, Model.Item.Id), FormMethod.Post, new { @class = "inline" })) { %>
<button type="submit" class="linkButton" title="<%=_Encoded("Publish") %>"><%=_Encoded("Publish")%></button><%=_Encoded(" | ")%><%
}
}--%><%
using (Html.BeginFormAntiForgeryPost(Url.BlogPostDelete(Model.Item.Blog.Slug, Model.Item.Id), FormMethod.Post, new { @class = "inline" })) { %>
<button type="submit" class="linkButton" title="<%=_Encoded("Delete") %>"><%=_Encoded("Delete") %></button><%
<a href="<%=Html.AntiForgeryTokenGetUrl(Url.BlogPostPublish(Model.Item)) %>" title="<%=_Encoded("Publish Post")%>"><%=_Encoded("Publish")%></a><%=_Encoded(" | ")%><%
} %>
<a href="<%=Url.BlogPostEdit(Model.Item) %>" title="<%=_Encoded("Edit Post")%>"><%=_Encoded("Edit")%></a><%=_Encoded(" | ")%>
<a href="<%=Html.AntiForgeryTokenGetUrl(Url.BlogPostDelete(Model.Item)) %>" title="<%=_Encoded("Delete")%>"><%=_Encoded("Delete")%></a>
<br /><%Html.Zone("meta");%>
</div>
<div style="clear:both;"></div>

11
src/Orchard.Web/Modules/Orchard.Comments/Extensions/HtmlHelperExtensions.cs
View File

@@ -6,14 +6,13 @@ using Orchard.Localization;
namespace Orchard.Comments.Extensions {
public static class HtmlHelperExtensions {
public static MvcHtmlString CommentSummaryLinks(this HtmlHelper html, Localizer T, ContentItem item, int commentCount, int pendingCount) {
string commentText = "";
var commentText = "";
if (item.Id != 0) {
//
int totalCommentCount = commentCount + pendingCount;
var totalCommentCount = commentCount + pendingCount;
if (totalCommentCount == 0) {
commentText += html.Encode(T("no comments"));
commentText += html.Encode(T("0 comments"));
}
else {
commentText +=
@@ -29,8 +28,7 @@ namespace Orchard.Comments.Extensions {
}
if (pendingCount > 0) {
commentText += " (";
commentText += html.ActionLink(T("{0} pending", pendingCount).ToString(),
commentText += " " + html.ActionLink(T("({0} pending)", pendingCount).ToString(),
"Details",
new {
Area = "Orchard.Comments",
@@ -38,7 +36,6 @@ namespace Orchard.Comments.Extensions {
id = item.Id,
returnUrl = html.ViewContext.HttpContext.Request.Url
});
commentText += ") ";
}
}

2
src/Orchard.Web/Themes/Classic/Views/DisplayTemplates/Items/Blogs.BlogPost.Summary.ascx
View File

@@ -4,7 +4,7 @@
<%@ Import Namespace="Orchard.Mvc.ViewModels"%>
<%@ Import Namespace="Orchard.Blogs.Extensions"%>
<%@ Import Namespace="Orchard.Blogs.Models"%>
<h2><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPost(Model.Item.Blog.Slug, Model.Item.Slug)) %></h2>
<h2><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPost(Model.Item)) %></h2>
<div class="meta"><%=Html.PublishedState(Model.Item) %> | <%Html.Zone("meta");%></div>
<div class="postsummary">
<% Html.Zone("primary", ":manage :metadata"); %>

2
src/Orchard.Web/Themes/Green/Views/DisplayTemplates/Items/Blogs.BlogPost.Summary.ascx
View File

@@ -5,7 +5,7 @@
<%@ Import Namespace="Orchard.Blogs.Extensions"%>
<%@ Import Namespace="Orchard.Blogs.Models"%>
<h3><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPost(Model.Item.Blog.Slug, Model.Item.Slug)) %></h3>
<h3><%=Html.Link(Html.Encode(Model.Item.Title), Url.BlogPost(Model.Item)) %></h3>
<div class="meta"><%=Html.PublishedState(Model.Item) %> | <%Html.Zone("meta");%></div>

18
src/Orchard/Mvc/Html/HtmlHelperExtensions.cs
View File

@@ -256,6 +256,22 @@ namespace Orchard.Mvc.Html {
#endregion
#region AntiForgeryTokenValueOrchardLink
public static string AntiForgeryTokenValueOrchardLink(this HtmlHelper htmlHelper, string linkContents, string href) {
return htmlHelper.Link(linkContents, htmlHelper.AntiForgeryTokenGetUrl(href));
}
#endregion
#region AntiForgeryTokenGetUrl
public static string AntiForgeryTokenGetUrl(this HtmlHelper htmlHelper, string baseUrl) {
return string.Format("{0}{1}__RequestVerificationToken={2}", baseUrl, baseUrl.IndexOf('?') > -1 ? "&" : "?", htmlHelper.ViewContext.HttpContext.Server.UrlEncode(htmlHelper.AntiForgeryTokenValueOrchard()));
}
#endregion
#region AntiForgeryTokenValueOrchard
public static string AntiForgeryTokenValueOrchard(this HtmlHelper htmlHelper) {
@@ -269,4 +285,4 @@ namespace Orchard.Mvc.Html {
#endregion
}
}
}