From c61e9f4ae7c8452e0e08068ed2168a244b721b58 Mon Sep 17 00:00:00 2001 From: suhacan Date: Fri, 11 Dec 2009 20:02:51 +0000 Subject: [PATCH] - Themes: permissions for administrative operations on the themes package. --HG-- extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4043817 --- src/Orchard.Web/Core/Orchard.Core.csproj | 1 + .../Themes/Controllers/AdminController.cs | 10 ++++++++- src/Orchard.Web/Core/Themes/Permissions.cs | 22 +++++++++++++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 src/Orchard.Web/Core/Themes/Permissions.cs diff --git a/src/Orchard.Web/Core/Orchard.Core.csproj b/src/Orchard.Web/Core/Orchard.Core.csproj index acfc5ebd3..13ce3aa62 100644 --- a/src/Orchard.Web/Core/Orchard.Core.csproj +++ b/src/Orchard.Web/Core/Orchard.Core.csproj @@ -88,6 +88,7 @@ + diff --git a/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs b/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs index 170c0b58a..a3ad751ca 100644 --- a/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs +++ b/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs @@ -3,6 +3,7 @@ using System.Web; using System.Web.Mvc; using Orchard.Core.Themes.ViewModels; using Orchard.Localization; +using Orchard.Security; using Orchard.Themes; using Orchard.UI.Notify; using Orchard.Mvc.ViewModels; @@ -11,15 +12,18 @@ namespace Orchard.Core.Themes.Controllers { [ValidateInput(false)] public class AdminController : Controller { private readonly IThemeService _themeService; + private readonly IAuthorizer _authorizer; private readonly INotifier _notifier; - public AdminController(IThemeService themeService, INotifier notifier) { + public AdminController(IThemeService themeService, IAuthorizer authorizer, INotifier notifier) { _themeService = themeService; + _authorizer = authorizer; _notifier = notifier; T = NullLocalizer.Instance; } public Localizer T { get; set; } + public IUser CurrentUser { get; set; } public ActionResult Index() { try { @@ -36,6 +40,8 @@ namespace Orchard.Core.Themes.Controllers { public ActionResult Activate(string themeName) { try { + if (!_authorizer.Authorize(Permissions.SetCurrentTheme, T("Couldn't set the current theme"))) + return new HttpUnauthorizedResult(); _themeService.SetCurrentTheme(themeName); return RedirectToAction("Index"); } @@ -52,6 +58,8 @@ namespace Orchard.Core.Themes.Controllers { [AcceptVerbs(HttpVerbs.Post)] public ActionResult Install(FormCollection input) { try { + if (!_authorizer.Authorize(Permissions.InstallUninstallTheme, T("Couldn't install theme"))) + return new HttpUnauthorizedResult(); foreach (string fileName in Request.Files) { HttpPostedFileBase file = Request.Files[fileName]; _themeService.InstallTheme(file); diff --git a/src/Orchard.Web/Core/Themes/Permissions.cs b/src/Orchard.Web/Core/Themes/Permissions.cs new file mode 100644 index 000000000..beb39281b --- /dev/null +++ b/src/Orchard.Web/Core/Themes/Permissions.cs @@ -0,0 +1,22 @@ +using System.Collections.Generic; +using Orchard.Security.Permissions; + +namespace Orchard.Core.Themes { + public class Permissions : IPermissionProvider { + public static readonly Permission InstallUninstallTheme = new Permission { Description = "Installing or Uninstalling Themes", Name = "InstallUninstallTheme" }; + public static readonly Permission SetCurrentTheme = new Permission { Description = "Setting the Current Theme", Name = "SetCurrentTheme" }; + + public string PackageName { + get { + return "Themes"; + } + } + + public IEnumerable GetPermissions() { + return new List { + SetCurrentTheme, + InstallUninstallTheme + }; + } + } +} \ No newline at end of file