lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-09-23 04:43:35 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Moving permissions to initial validations. Removing if/else for form post and using annotation instead.

Browse Source 
--HG--
branch : dev
This commit is contained in:
Andre Rodrigues
2010-11-24 13:45:49 -08:00
parent 9143df72fd
commit b77e52244b
1 changed files with 68 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

114
src/Orchard.Web/Modules/Orchard.Media/Controllers/AdminController.cs
View File

@@ -3,15 +3,12 @@ using System.Collections.Generic;
using System.IO;
using System.Web;
using System.Web.Mvc;
using JetBrains.Annotations;
using Orchard.ContentManagement;
using Orchard.Core.Contents.Controllers;
using Orchard.Localization;
using Orchard.Media.Models;
using Orchard.Media.Services;
using Orchard.Media.ViewModels;
using Orchard.Settings;
using Orchard.UI.Notify;
using Orchard.Utility.Extensions;
namespace Orchard.Media.Controllers {
[ValidateInput(false)]
@@ -56,11 +53,13 @@ namespace Orchard.Media.Controllers {
[HttpPost]
public ActionResult Create() {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't create media folder")))
return new HttpUnauthorizedResult();
var viewModel = new MediaFolderCreateViewModel();
try {
UpdateModel(viewModel);
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't create media folder")))
return new HttpUnauthorizedResult();
_mediaService.CreateFolder(viewModel.MediaPath, viewModel.Name);
return RedirectToAction("Index");
}
@@ -109,24 +108,16 @@ namespace Orchard.Media.Controllers {
return View(model);
}
[HttpPost]
public ActionResult EditProperties() {
[HttpPost, ActionName("EditProperties")]
[FormValueRequired("submit.Delete")]
public ActionResult EditPropertiesDeletePOST() {
var viewModel = new MediaFolderEditPropertiesViewModel();
try {
UpdateModel(viewModel);
//TODO: There may be better ways to do this.
// Delete
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFolder(viewModel.MediaPath);
}
// Save
else {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't rename media folder")))
return new HttpUnauthorizedResult();
_mediaService.RenameFolder(viewModel.MediaPath, viewModel.Name);
}
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFolder(viewModel.MediaPath);
return RedirectToAction("Index");
}
@@ -136,6 +127,25 @@ namespace Orchard.Media.Controllers {
}
}
[HttpPost, ActionName("EditProperties")]
[FormValueRequired("submit.Save")]
public ActionResult EditProperties() {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't rename media folder")))
return new HttpUnauthorizedResult();
var viewModel = new MediaFolderEditPropertiesViewModel();
try {
UpdateModel(viewModel);
_mediaService.RenameFolder(viewModel.MediaPath, viewModel.Name);
return RedirectToAction("Index");
} catch (Exception exception) {
Services.Notifier.Error(T("Modifying Folder Properties failed: {0}", exception.Message));
return View(viewModel);
}
}
public ActionResult Add(string folderName, string mediaPath) {
var model = new MediaItemAddViewModel { FolderName = folderName, MediaPath = mediaPath };
return View(model);
@@ -143,11 +153,12 @@ namespace Orchard.Media.Controllers {
[HttpPost]
public ActionResult Add() {
if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles, T("Couldn't upload media file")))
return new HttpUnauthorizedResult();
var viewModel = new MediaItemAddViewModel();
try {
UpdateModel(viewModel);
if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles, T("Couldn't upload media file")))
return new HttpUnauthorizedResult();
if(String.IsNullOrWhiteSpace(Request.Files[0].FileName)) {
ModelState.AddModelError("File", T("Select a file to upload").ToString());
@@ -180,11 +191,12 @@ namespace Orchard.Media.Controllers {
[HttpPost]
public ContentResult AddFromClient() {
if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles))
return Content(string.Format("<script type=\"text/javascript\">var result = {{ error: \"{0}\" }};</script>", T("ERROR: You don't have permission to upload media files")));
var viewModel = new MediaItemAddViewModel();
try {
UpdateModel(viewModel);
if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles))
return Content(string.Format("<script type=\"text/javascript\">var result = {{ error: \"{0}\" }};</script>", T("ERROR: You don't have permission to upload media files")));
if (Request.Files.Count < 1 || Request.Files[0].ContentLength == 0)
return Content(string.Format("<script type=\"text/javascript\">var result = {{ error: \"{0}\" }};</script>", T("HEY: You didn't give me a file to upload")));
@@ -220,32 +232,42 @@ namespace Orchard.Media.Controllers {
return View(model);
}
[HttpPost]
public ActionResult EditMedia(FormCollection input) {
[HttpPost, ActionName("EditMedia")]
[FormValueRequired("submit.Delete")]
public ActionResult EditMediaDeletePOST(FormCollection input) {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
return new HttpUnauthorizedResult();
var viewModel = new MediaItemEditViewModel();
try {
UpdateModel(viewModel);
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't modify media file")))
return new HttpUnauthorizedResult();
// Delete
if (!String.IsNullOrEmpty(HttpContext.Request.Form["submit.Delete"])) {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
return new HttpUnauthorizedResult();
_mediaService.DeleteFile(viewModel.Name, viewModel.MediaPath);
return RedirectToAction("Edit", new { name = viewModel.FolderName, mediaPath = viewModel.MediaPath });
}
// Save and Rename
_mediaService.DeleteFile(viewModel.Name, viewModel.MediaPath);
return RedirectToAction("Edit", new { name = viewModel.FolderName, mediaPath = viewModel.MediaPath });
} catch (Exception exception) {
Services.Notifier.Error(T("Removing media file failed: {0}", exception.Message));
return View(viewModel);
}
}
[HttpPost, ActionName("EditMedia")]
[FormValueRequired("submit.Save")]
public ActionResult EditMedia(FormCollection input) {
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't modify media file")))
return new HttpUnauthorizedResult();
var viewModel = new MediaItemEditViewModel();
try {
UpdateModel(viewModel);
string viewModelName = viewModel.Name;
// Rename
if (!String.Equals(viewModel.Name, input["NewName"], StringComparison.OrdinalIgnoreCase)) {
_mediaService.RenameFile(viewModel.Name, input["NewName"], viewModel.MediaPath);
return RedirectToAction("EditMedia", new { name = input["NewName"],
caption = viewModel.Caption,
lastUpdated = viewModel.LastUpdated,
size = viewModel.Size,
folderName = viewModel.FolderName,
mediaPath = viewModel.MediaPath });
viewModelName = input["NewName"];
}
// Save
return RedirectToAction("EditMedia", new { name = viewModel.Name,
return RedirectToAction("EditMedia", new { name = viewModelName,
caption = viewModel.Caption,
lastUpdated = viewModel.LastUpdated,
size = viewModel.Size,
@@ -258,4 +280,4 @@ namespace Orchard.Media.Controllers {
}
}
}
}
}