lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Correcting user management conflicts

Browse Source 
Work Items: 16453, 16543

--HG--
branch : dev
This commit is contained in:
Sébastien Ros
2010-11-20 12:10:47 -08:00
parent 5393c5c825
commit e208860ea2
6 changed files with 80 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/Orchard.Web/Core/Settings/Drivers/SiteSettingsPartDriver.cs
View File

@@ -5,18 +5,30 @@ using Orchard.Core.Settings.Models;
using Orchard.Core.Settings.ViewModels; using Orchard.Core.Settings.ViewModels;
using Orchard.Localization.Services; using Orchard.Localization.Services;
using Orchard.Settings; using Orchard.Settings;
using System;
using Orchard.Security;
using Orchard.UI.Notify;
using Orchard.Localization;
namespace Orchard.Core.Settings.Drivers { namespace Orchard.Core.Settings.Drivers {
[UsedImplicitly] [UsedImplicitly]
public class SiteSettingsPartDriver : ContentPartDriver<SiteSettingsPart> { public class SiteSettingsPartDriver : ContentPartDriver<SiteSettingsPart> {
private readonly ISiteService _siteService; private readonly ISiteService _siteService;
private readonly ICultureManager _cultureManager; private readonly ICultureManager _cultureManager;
private readonly IMembershipService _membershipService;
private readonly INotifier _notifier;
public SiteSettingsPartDriver(ISiteService siteService, ICultureManager cultureManager) { public SiteSettingsPartDriver(ISiteService siteService, ICultureManager cultureManager, IMembershipService membershipService, INotifier notifier) {
_siteService = siteService; _siteService = siteService;
_cultureManager = cultureManager; _cultureManager = cultureManager;
_membershipService = membershipService;
_notifier = notifier;
T = NullLocalizer.Instance;
} }
public Localizer T { get; set; }
protected override string Prefix { get { return "SiteSettings"; } } protected override string Prefix { get { return "SiteSettings"; } }
protected override DriverResult Editor(SiteSettingsPart part, dynamic shapeHelper) { protected override DriverResult Editor(SiteSettingsPart part, dynamic shapeHelper) {
@@ -33,10 +45,25 @@ namespace Orchard.Core.Settings.Drivers {
protected override DriverResult Editor(SiteSettingsPart part, IUpdateModel updater, dynamic shapeHelper) { protected override DriverResult Editor(SiteSettingsPart part, IUpdateModel updater, dynamic shapeHelper) {
var site = _siteService.GetSiteSettings().As<SiteSettingsPart>(); var site = _siteService.GetSiteSettings().As<SiteSettingsPart>();
var model = new SiteSettingsPartViewModel { Site = site }; var model = new SiteSettingsPartViewModel {
Site = site,
SiteCultures = _cultureManager.ListCultures()
};
updater.TryUpdateModel(model, Prefix, null, null); updater.TryUpdateModel(model, Prefix, null, null);
// ensures the super user is fully empty
if (String.IsNullOrEmpty(model.SuperUser)) {
model.SuperUser = String.Empty;
}
// otherwise the super user must be a valid user, to prevent an external account to impersonate as this name
//the user management module ensures the super user can't be deleted, but it can be disabled
else {
if (_membershipService.GetUser(model.SuperUser) == null) {
updater.AddModelError("SuperUser", T("The user {0} was not found", model.SuperUser));
}
}
return ContentShape("Parts_Settings_SiteSettingsPart", return ContentShape("Parts_Settings_SiteSettingsPart",
() => shapeHelper.EditorTemplate(TemplateName: "Parts/Settings.SiteSettingsPart", Model: model, Prefix: Prefix)); () => shapeHelper.EditorTemplate(TemplateName: "Parts/Settings.SiteSettingsPart", Model: model, Prefix: Prefix));
} }

12
src/Orchard.Web/Core/Settings/ViewModels/SiteSettingsPartViewModel.cs
View File

@@ -17,18 +17,18 @@ namespace Orchard.Core.Settings.ViewModels {
public string PageTitleSeparator public string PageTitleSeparator
{ {
get { return Site.As<SiteSettingsPart>().Record.PageTitleSeparator; } get { return Site.Record.PageTitleSeparator; }
set { Site.As<SiteSettingsPart>().Record.PageTitleSeparator = value; } set { Site.Record.PageTitleSeparator = value; }
} }
public string SiteName { public string SiteName {
get { return Site.As<SiteSettingsPart>().Record.SiteName; } get { return Site.Record.SiteName; }
set { Site.As<SiteSettingsPart>().Record.SiteName = value; } set { Site.Record.SiteName = value; }
} }
public string SiteCulture { public string SiteCulture {
get { return Site.As<SiteSettingsPart>().Record.SiteCulture; } get { return Site.Record.SiteCulture; }
set { Site.As<SiteSettingsPart>().Record.SiteCulture = value; } set { Site.Record.SiteCulture = value; }
} }
public string SuperUser { public string SuperUser {

1
src/Orchard.Web/Core/Settings/Views/EditorTemplates/Parts/Settings.SiteSettingsPart.cshtml
View File

@@ -29,6 +29,7 @@
<label for="SuperUser">@T("Super user")</label> <label for="SuperUser">@T("Super user")</label>
@Html.EditorFor(x=>x.SuperUser) @Html.EditorFor(x=>x.SuperUser)
@Html.ValidationMessage("SuperUser", "*") @Html.ValidationMessage("SuperUser", "*")
<span class="hint">@T("Enter an existing account name, or nothing if you don't want a Super user account")</span>
</div> </div>
<div> <div>
<label for="SiteDebugMode">@T("Resource Debug Mode")</label> <label for="SiteDebugMode">@T("Resource Debug Mode")</label>

53
src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
View File

@@ -1,6 +1,7 @@
using System.Linq; using System.Linq;
using System.Web.Mvc; using System.Web.Mvc;
using Orchard.ContentManagement; using Orchard.ContentManagement;
using Orchard.Core.Settings.Models;
using Orchard.DisplayManagement; using Orchard.DisplayManagement;
using Orchard.Localization; using Orchard.Localization;
using Orchard.Security; using Orchard.Security;
@@ -9,21 +10,27 @@ using Orchard.Users.Models;
using Orchard.Users.Services; using Orchard.Users.Services;
using Orchard.Users.ViewModels; using Orchard.Users.ViewModels;
using Orchard.Mvc.Extensions; using Orchard.Mvc.Extensions;
using System;
using Orchard.Settings;
namespace Orchard.Users.Controllers { namespace Orchard.Users.Controllers {
[ValidateInput(false)] [ValidateInput(false)]
public class AdminController : Controller, IUpdateModel { public class AdminController : Controller, IUpdateModel {
private readonly IMembershipService _membershipService; private readonly IMembershipService _membershipService;
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly ISiteService _siteService;
public AdminController( public AdminController(
IOrchardServices services, IOrchardServices services,
IMembershipService membershipService, IMembershipService membershipService,
IUserService userService, IUserService userService,
IShapeFactory shapeFactory) { IShapeFactory shapeFactory,
ISiteService siteService) {
Services = services; Services = services;
_membershipService = membershipService; _membershipService = membershipService;
_userService = userService; _userService = userService;
_siteService = siteService;
T = NullLocalizer.Instance; T = NullLocalizer.Instance;
Shape = shapeFactory; Shape = shapeFactory;
} }
@@ -125,19 +132,25 @@ namespace Orchard.Users.Controllers {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users"))) if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var user = Services.ContentManager.Get(id); var user = Services.ContentManager.Get<UserPart>(id);
string previousName = user.UserName;
dynamic model = Services.ContentManager.UpdateEditor(user, this); dynamic model = Services.ContentManager.UpdateEditor(user, this);
var editModel = new UserEditViewModel {User = user}; var editModel = new UserEditViewModel {User = user};
TryUpdateModel(editModel); if (TryUpdateModel(editModel)) {
if (ModelState.IsValid) {
((IContent)model.ContentItem).As<UserPart>().NormalizedUserName = editModel.UserName.ToLower();
string userExistsMessage = _userService.VerifyUserUnicity(id, editModel.UserName, editModel.Email); string userExistsMessage = _userService.VerifyUserUnicity(id, editModel.UserName, editModel.Email);
if (userExistsMessage != null) { if (userExistsMessage != null) {
AddModelError("NotUniqueUserName", T(userExistsMessage)); AddModelError("NotUniqueUserName", T(userExistsMessage));
} }
else {
// also update the Super user if this is the renamed account
if (String.Equals(Services.WorkContext.CurrentSite.SuperUser, previousName, StringComparison.OrdinalIgnoreCase)) {
_siteService.GetSiteSettings().As<SiteSettingsPart>().SuperUser = editModel.UserName;
}
user.NormalizedUserName = editModel.UserName.ToLower();
}
} }
if (!ModelState.IsValid) { if (!ModelState.IsValid) {
@@ -159,9 +172,21 @@ namespace Orchard.Users.Controllers {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users"))) if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
Services.ContentManager.Remove(Services.ContentManager.Get(id)); var user = Services.ContentManager.Get<IUser>(id);
if (user != null) {
if (String.Equals(Services.WorkContext.CurrentSite.SuperUser, user.UserName, StringComparison.OrdinalIgnoreCase)) {
Services.Notifier.Error(T("The Super user can't be removed. Please disable this account or specify another Super user account"));
}
else if (String.Equals(Services.WorkContext.CurrentUser.UserName, user.UserName, StringComparison.OrdinalIgnoreCase)) {
Services.Notifier.Error(T("You can't remove your own account. Please log in with another account"));
}
else{
Services.ContentManager.Remove(user.ContentItem);
Services.Notifier.Information(T("User deleted"));
}
}
Services.Notifier.Information(T("User deleted"));
return RedirectToAction("Index"); return RedirectToAction("Index");
} }
@@ -199,15 +224,15 @@ namespace Orchard.Users.Controllers {
if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) ) if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var user = Services.ContentManager.Get(id); var user = Services.ContentManager.Get<IUser>(id);
if ( user != null ) { if (user != null) {
if (Services.WorkContext.CurrentSite.SuperUser.Equals(user.As<UserPart>().UserName) ) { if (String.Equals(Services.WorkContext.CurrentUser.UserName, user.UserName, StringComparison.OrdinalIgnoreCase)) {
Services.Notifier.Error(T("Super user can't be moderated")); Services.Notifier.Error(T("You can't disable your own account. Please log in with another account"));
} }
else { else {
user.As<UserPart>().RegistrationStatus = UserStatus.Pending; user.As<UserPart>().RegistrationStatus = UserStatus.Pending;
Services.Notifier.Information(T("User moderated")); Services.Notifier.Information(T("User {0} disabled", user.UserName));
} }
} }

1
src/Orchard.Web/Modules/Orchard.Users/Module.txt
View File

@@ -9,3 +9,4 @@ Features:
Orchard.Users: Orchard.Users:
Description: Standard users. Description: Standard users.
Category: Core Category: Core
Dependencies: Settings

4
src/Orchard.Web/Modules/Orchard.Users/Orchard.Users.csproj
View File

@@ -116,6 +116,10 @@
<Project>{2D1D92BB-4555-4CBE-8D0E-63563D6CE4C6}</Project> <Project>{2D1D92BB-4555-4CBE-8D0E-63563D6CE4C6}</Project>
<Name>Orchard.Framework</Name> <Name>Orchard.Framework</Name>
</ProjectReference> </ProjectReference>
<ProjectReference Include="..\..\Core\Orchard.Core.csproj">
<Project>{9916839C-39FC-4CEB-A5AF-89CA7E87119F}</Project>
<Name>Orchard.Core</Name>
</ProjectReference>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Content Include="Views\Items\Content-User.Edit.cshtml"> <Content Include="Views\Items\Content-User.Edit.cshtml">