#19145: Fixing how menu item permissions are checked

Work Item: 19145 --HG-- branch : 1.x
2025-10-15 11:44:58 +08:00 · 2012-10-16 15:54:18 -07:00
parent 590814b38c
commit d9ca0d0a45
5 changed files with 44 additions and 4 deletions
--- a/src/Orchard.Tests/UI/Navigation/NavigationManagerTests.cs
+++ b/src/Orchard.Tests/UI/Navigation/NavigationManagerTests.cs
@@ -5,6 +5,7 @@ using System.Web.Routing;
 using Autofac;
 using NUnit.Framework;
 using Orchard.ContentManagement;
+using Orchard.Core.Navigation.Services;
 using Orchard.Data;
 using Orchard.Localization;
 using Orchard.Security;
--- a/src/Orchard.Web/Core/Navigation/Security/ContentMenuItemAuthorizationEventHandler.cs
+++ b/src/Orchard.Web/Core/Navigation/Security/ContentMenuItemAuthorizationEventHandler.cs
@@ -0,0 +1,37 @@
+        using System;
+using System.Collections.Generic;
+using System.Linq;
+using Orchard.ContentManagement;
+using Orchard.ContentManagement.Aspects;
+using Orchard.Core.Common.Models;
+        using Orchard.Core.Navigation.Models;
+        using Orchard.Security;
+
+namespace Orchard.Core.Navigation.Security {
+    public class ContentMenuItemAuthorizationEventHandler : IAuthorizationServiceEventHandler{
+        private readonly IAuthorizationService _authorizationService;
+
+        public ContentMenuItemAuthorizationEventHandler(IAuthorizationService authorizationService) {
+            _authorizationService = authorizationService;
+        }
+
+        public void Checking(CheckAccessContext context) { }
+        public void Adjust(CheckAccessContext context) { }
+
+        public void Complete(CheckAccessContext context) {
+            if (context.Content == null) {
+                return;
+            }
+
+            var part = context.Content.As<ContentMenuItemPart>();
+
+            // if the content item has no right attached, check on the container
+            if (part == null) {
+                return;
+            }
+
+            context.Granted = _authorizationService.TryCheckAccess(context.Permission, context.User, part.Content);
+            context.Adjusted = true;
+        }
+    }
+}
--- a/src/Orchard.Web/Core/Navigation/Services/NavigationManager.cs
+++ b/src/Orchard.Web/Core/Navigation/Services/NavigationManager.cs
@@ -7,10 +7,11 @@ using Orchard.ContentManagement;
 using Orchard.Logging;
 using Orchard.Security;
 using Orchard.Security.Permissions;
-using Orchard.UI.Admin;
+using Orchard.UI;
+using Orchard.UI.Navigation;
 using Orchard.Utility;

-namespace Orchard.UI.Navigation {
+namespace Orchard.Core.Navigation.Services {
    public class NavigationManager : INavigationManager {
        private readonly IEnumerable<INavigationProvider> _navigationProviders;
        private readonly IEnumerable<IMenuProvider> _menuProviders;
@@ -106,7 +107,7 @@ namespace Orchard.UI.Navigation {
                    hasDebugShowAllMenuItems ||

                    // a content item is linked and the user can view it
-                    item.Content != null && item.Permissions.Concat(new [] { Permission.Named("ViewContent") }).Any(x => _authorizationService.TryCheckAccess(x, _orchardServices.WorkContext.CurrentUser, item.Content)) ||
+                    item.Content != null && item.Permissions.Concat(new[] { Contents.Permissions.ViewContent }).Any(x => _authorizationService.TryCheckAccess(x, _orchardServices.WorkContext.CurrentUser, item.Content)) ||

                    // it's the admin menu and permissions are effective
                    isAdminMenu && (!item.Permissions.Any() || item.Permissions.Any(x => _authorizationService.TryCheckAccess(x, _orchardServices.WorkContext.CurrentUser, null))) ) {
--- a/src/Orchard.Web/Core/Orchard.Core.csproj
+++ b/src/Orchard.Web/Core/Orchard.Core.csproj
@@ -152,10 +152,12 @@
    <Compile Include="Navigation\Models\NavigationPart.cs" />
    <Compile Include="Navigation\Models\MenuWidgetPartRecord.cs" />
    <Compile Include="Navigation\Models\MenuWidgetPart.cs" />
+    <Compile Include="Navigation\Security\ContentMenuItemAuthorizationEventHandler.cs" />
    <Compile Include="Navigation\Services\AdminMenuNavigationProvider.cs" />
    <Compile Include="Navigation\Services\DefaultMenuManager.cs" />
    <Compile Include="Navigation\Services\IMenuManager.cs" />
    <Compile Include="Navigation\Services\DefaultMenuProvider.cs" />
+    <Compile Include="Navigation\Services\NavigationManager.cs" />
    <Compile Include="Navigation\Settings\AdminMenuPartTypeSettings.cs" />
    <Compile Include="Contents\ViewModels\ListContentsViewModel.cs" />
    <Compile Include="Contents\ViewModels\ListContentTypesViewModel.cs" />
--- a/src/Orchard/Orchard.Framework.csproj
+++ b/src/Orchard/Orchard.Framework.csproj
@@ -880,7 +880,6 @@
    <Compile Include="UI\Navigation\INavigationProvider.cs" />
    <Compile Include="UI\Navigation\MenuItem.cs" />
    <Compile Include="UI\Navigation\MenuItemComparer.cs" />
-    <Compile Include="UI\Navigation\NavigationManager.cs" />
    <Compile Include="UI\Notify\Notifier.cs" />
    <Compile Include="UI\Notify\NotifierExtensions.cs" />
    <Compile Include="UI\Notify\NotifyEntry.cs" />