mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-09-24 05:23:33 +08:00
Fixing #16967: Merge media permissions into one manage media permission
--HG-- branch : dev
This commit is contained in:
Suha Can
@@ -14,7 +14,7 @@ namespace Orchard.Media {
|
|||||||
public void GetNavigation(NavigationBuilder builder) {
|
public void GetNavigation(NavigationBuilder builder) {
|
||||||
builder.Add(T("Media"), "6",
|
builder.Add(T("Media"), "6",
|
||||||
menu => menu.Add(T("Media"), "0", item => item.Action("Index", "Admin", new { area = "Orchard.Media" })
|
menu => menu.Add(T("Media"), "0", item => item.Action("Index", "Admin", new { area = "Orchard.Media" })
|
||||||
.Permission(Permissions.ManageMediaFiles)));
|
.Permission(Permissions.ManageMedia)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -55,7 +55,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Create() {
|
public ActionResult Create() {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't create media folder")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't create media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var viewModel = new MediaFolderCreateViewModel();
|
var viewModel = new MediaFolderCreateViewModel();
|
||||||
@@ -87,7 +87,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
if (key.StartsWith("Checkbox.File.") && input[key] == "true") {
|
if (key.StartsWith("Checkbox.File.") && input[key] == "true") {
|
||||||
string fileName = key.Substring("Checkbox.File.".Length);
|
string fileName = key.Substring("Checkbox.File.".Length);
|
||||||
string folderName = input[fileName];
|
string folderName = input[fileName];
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.DeleteFile(fileName, folderName);
|
_mediaService.DeleteFile(fileName, folderName);
|
||||||
|
|
||||||
@@ -96,7 +96,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
else if (key.StartsWith("Checkbox.Folder.") && input[key] == "true") {
|
else if (key.StartsWith("Checkbox.Folder.") && input[key] == "true") {
|
||||||
string folderName = key.Substring("Checkbox.Folder.".Length);
|
string folderName = key.Substring("Checkbox.Folder.".Length);
|
||||||
string folderPath = input[folderName];
|
string folderPath = input[folderName];
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
_mediaService.DeleteFolder(folderPath);
|
_mediaService.DeleteFolder(folderPath);
|
||||||
|
|
||||||
@@ -119,7 +119,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
[HttpPost, ActionName("EditProperties")]
|
[HttpPost, ActionName("EditProperties")]
|
||||||
[FormValueRequired("submit.Delete")]
|
[FormValueRequired("submit.Delete")]
|
||||||
public ActionResult EditPropertiesDeletePOST() {
|
public ActionResult EditPropertiesDeletePOST() {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var viewModel = new MediaFolderEditPropertiesViewModel();
|
var viewModel = new MediaFolderEditPropertiesViewModel();
|
||||||
@@ -140,7 +140,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
[HttpPost, ActionName("EditProperties")]
|
[HttpPost, ActionName("EditProperties")]
|
||||||
[FormValueRequired("submit.Save")]
|
[FormValueRequired("submit.Save")]
|
||||||
public ActionResult EditProperties() {
|
public ActionResult EditProperties() {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't rename media folder")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't rename media folder")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var viewModel = new MediaFolderEditPropertiesViewModel();
|
var viewModel = new MediaFolderEditPropertiesViewModel();
|
||||||
@@ -164,7 +164,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ActionResult Add() {
|
public ActionResult Add() {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles, T("Couldn't upload media file")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't upload media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var viewModel = new MediaItemAddViewModel();
|
var viewModel = new MediaItemAddViewModel();
|
||||||
@@ -203,7 +203,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
|
|
||||||
[HttpPost]
|
[HttpPost]
|
||||||
public ContentResult AddFromClient() {
|
public ContentResult AddFromClient() {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia))
|
||||||
return Content(string.Format("<script type=\"text/javascript\">var result = {{ error: \"{0}\" }};</script>", T("ERROR: You don't have permission to upload media files")));
|
return Content(string.Format("<script type=\"text/javascript\">var result = {{ error: \"{0}\" }};</script>", T("ERROR: You don't have permission to upload media files")));
|
||||||
|
|
||||||
var viewModel = new MediaItemAddViewModel();
|
var viewModel = new MediaItemAddViewModel();
|
||||||
@@ -247,7 +247,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
[HttpPost, ActionName("EditMedia")]
|
[HttpPost, ActionName("EditMedia")]
|
||||||
[FormValueRequired("submit.Delete")]
|
[FormValueRequired("submit.Delete")]
|
||||||
public ActionResult EditMediaDeletePOST(FormCollection input) {
|
public ActionResult EditMediaDeletePOST(FormCollection input) {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var viewModel = new MediaItemEditViewModel();
|
var viewModel = new MediaItemEditViewModel();
|
||||||
@@ -267,7 +267,7 @@ namespace Orchard.Media.Controllers {
|
|||||||
[HttpPost, ActionName("EditMedia")]
|
[HttpPost, ActionName("EditMedia")]
|
||||||
[FormValueRequired("submit.Save")]
|
[FormValueRequired("submit.Save")]
|
||||||
public ActionResult EditMedia(FormCollection input) {
|
public ActionResult EditMedia(FormCollection input) {
|
||||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't modify media file")))
|
if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't modify media file")))
|
||||||
return new HttpUnauthorizedResult();
|
return new HttpUnauthorizedResult();
|
||||||
|
|
||||||
var viewModel = new MediaItemEditViewModel();
|
var viewModel = new MediaItemEditViewModel();
|
||||||
|
|||||||
@@ -4,15 +4,13 @@ using Orchard.Security.Permissions;
|
|||||||
|
|
||||||
namespace Orchard.Media {
|
namespace Orchard.Media {
|
||||||
public class Permissions : IPermissionProvider {
|
public class Permissions : IPermissionProvider {
|
||||||
public static readonly Permission ManageMediaFiles = new Permission { Description = "Modifying Media Files", Name = "ManageMediaFiles" };
|
public static readonly Permission ManageMedia = new Permission { Description = "Managing Media Files", Name = "ManageMedia" };
|
||||||
public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles", ImpliedBy = new[] { ManageMediaFiles } };
|
|
||||||
|
|
||||||
public virtual Feature Feature { get; set; }
|
public virtual Feature Feature { get; set; }
|
||||||
|
|
||||||
public IEnumerable<Permission> GetPermissions() {
|
public IEnumerable<Permission> GetPermissions() {
|
||||||
return new[] {
|
return new[] {
|
||||||
ManageMediaFiles,
|
ManageMedia,
|
||||||
UploadMediaFiles,
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -20,23 +18,21 @@ namespace Orchard.Media {
|
|||||||
return new[] {
|
return new[] {
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Administrator",
|
Name = "Administrator",
|
||||||
Permissions = new[] {ManageMediaFiles}
|
Permissions = new[] {ManageMedia}
|
||||||
},
|
},
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Editor",
|
Name = "Editor",
|
||||||
Permissions = new[] {ManageMediaFiles}
|
Permissions = new[] {ManageMedia}
|
||||||
},
|
},
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Moderator",
|
Name = "Moderator",
|
||||||
//Permissions = new[] {}
|
|
||||||
},
|
},
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Author",
|
Name = "Author",
|
||||||
Permissions = new[] {ManageMediaFiles}
|
Permissions = new[] {ManageMedia}
|
||||||
},
|
},
|
||||||
new PermissionStereotype {
|
new PermissionStereotype {
|
||||||
Name = "Contributor",
|
Name = "Contributor",
|
||||||
Permissions = new[] {UploadMediaFiles}
|
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -49,7 +49,7 @@ namespace Orchard.Media.Services {
|
|||||||
XRpcStruct file) {
|
XRpcStruct file) {
|
||||||
|
|
||||||
var user = _membershipService.ValidateUser(userName, password);
|
var user = _membershipService.ValidateUser(userName, password);
|
||||||
if (!_authorizationService.TryCheckAccess(Permissions.UploadMediaFiles, user, null)) {
|
if (!_authorizationService.TryCheckAccess(Permissions.ManageMedia, user, null)) {
|
||||||
//TEMP: return appropriate access-denied response for user
|
//TEMP: return appropriate access-denied response for user
|
||||||
throw new ApplicationException("Access denied");
|
throw new ApplicationException("Access denied");
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -56,13 +56,13 @@
|
|||||||
<Compile Include="DefaultRoleUpdater.cs" />
|
<Compile Include="DefaultRoleUpdater.cs" />
|
||||||
<Compile Include="Models\IUserRoles.cs" />
|
<Compile Include="Models\IUserRoles.cs" />
|
||||||
<Compile Include="Models\UserSimulation.cs" />
|
<Compile Include="Models\UserSimulation.cs" />
|
||||||
<Compile Include="Permissions.cs" />
|
|
||||||
<Compile Include="Models\PermissionRecord.cs" />
|
<Compile Include="Models\PermissionRecord.cs" />
|
||||||
<Compile Include="Models\RoleRecord.cs" />
|
<Compile Include="Models\RoleRecord.cs" />
|
||||||
<Compile Include="Models\UserRolesPart.cs" />
|
<Compile Include="Models\UserRolesPart.cs" />
|
||||||
<Compile Include="Handlers\UserRolesPartHandler.cs" />
|
<Compile Include="Handlers\UserRolesPartHandler.cs" />
|
||||||
<Compile Include="Models\RolesPermissionsRecord.cs" />
|
<Compile Include="Models\RolesPermissionsRecord.cs" />
|
||||||
<Compile Include="Models\UserRolesPartRecord.cs" />
|
<Compile Include="Models\UserRolesPartRecord.cs" />
|
||||||
|
<Compile Include="Permissions.cs" />
|
||||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||||
<Compile Include="Services\IRoleService.cs" />
|
<Compile Include="Services\IRoleService.cs" />
|
||||||
<Compile Include="Services\RolesBasedAuthorizationService.cs" />
|
<Compile Include="Services\RolesBasedAuthorizationService.cs" />
|
||||||
|
|||||||
Reference in New Issue
Block a user