mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-10-15 19:54:57 +08:00
Correcting user management conflicts
Work Items: 16453, 16543 --HG-- branch : dev
This commit is contained in:
Sébastien Ros
@@ -5,18 +5,30 @@ using Orchard.Core.Settings.Models;
|
||||
using Orchard.Core.Settings.ViewModels;
|
||||
using Orchard.Localization.Services;
|
||||
using Orchard.Settings;
|
||||
using System;
|
||||
using Orchard.Security;
|
||||
using Orchard.UI.Notify;
|
||||
using Orchard.Localization;
|
||||
|
||||
namespace Orchard.Core.Settings.Drivers {
|
||||
[UsedImplicitly]
|
||||
public class SiteSettingsPartDriver : ContentPartDriver<SiteSettingsPart> {
|
||||
private readonly ISiteService _siteService;
|
||||
private readonly ICultureManager _cultureManager;
|
||||
private readonly IMembershipService _membershipService;
|
||||
private readonly INotifier _notifier;
|
||||
|
||||
public SiteSettingsPartDriver(ISiteService siteService, ICultureManager cultureManager) {
|
||||
public SiteSettingsPartDriver(ISiteService siteService, ICultureManager cultureManager, IMembershipService membershipService, INotifier notifier) {
|
||||
_siteService = siteService;
|
||||
_cultureManager = cultureManager;
|
||||
_membershipService = membershipService;
|
||||
_notifier = notifier;
|
||||
|
||||
T = NullLocalizer.Instance;
|
||||
}
|
||||
|
||||
public Localizer T { get; set; }
|
||||
|
||||
protected override string Prefix { get { return "SiteSettings"; } }
|
||||
|
||||
protected override DriverResult Editor(SiteSettingsPart part, dynamic shapeHelper) {
|
||||
@@ -33,10 +45,25 @@ namespace Orchard.Core.Settings.Drivers {
|
||||
|
||||
protected override DriverResult Editor(SiteSettingsPart part, IUpdateModel updater, dynamic shapeHelper) {
|
||||
var site = _siteService.GetSiteSettings().As<SiteSettingsPart>();
|
||||
var model = new SiteSettingsPartViewModel { Site = site };
|
||||
var model = new SiteSettingsPartViewModel {
|
||||
Site = site,
|
||||
SiteCultures = _cultureManager.ListCultures()
|
||||
};
|
||||
|
||||
updater.TryUpdateModel(model, Prefix, null, null);
|
||||
|
||||
// ensures the super user is fully empty
|
||||
if (String.IsNullOrEmpty(model.SuperUser)) {
|
||||
model.SuperUser = String.Empty;
|
||||
}
|
||||
// otherwise the super user must be a valid user, to prevent an external account to impersonate as this name
|
||||
//the user management module ensures the super user can't be deleted, but it can be disabled
|
||||
else {
|
||||
if (_membershipService.GetUser(model.SuperUser) == null) {
|
||||
updater.AddModelError("SuperUser", T("The user {0} was not found", model.SuperUser));
|
||||
}
|
||||
}
|
||||
|
||||
return ContentShape("Parts_Settings_SiteSettingsPart",
|
||||
() => shapeHelper.EditorTemplate(TemplateName: "Parts/Settings.SiteSettingsPart", Model: model, Prefix: Prefix));
|
||||
}
|
||||
|
||||
@@ -17,18 +17,18 @@ namespace Orchard.Core.Settings.ViewModels {
|
||||
|
||||
public string PageTitleSeparator
|
||||
{
|
||||
get { return Site.As<SiteSettingsPart>().Record.PageTitleSeparator; }
|
||||
set { Site.As<SiteSettingsPart>().Record.PageTitleSeparator = value; }
|
||||
get { return Site.Record.PageTitleSeparator; }
|
||||
set { Site.Record.PageTitleSeparator = value; }
|
||||
}
|
||||
|
||||
public string SiteName {
|
||||
get { return Site.As<SiteSettingsPart>().Record.SiteName; }
|
||||
set { Site.As<SiteSettingsPart>().Record.SiteName = value; }
|
||||
get { return Site.Record.SiteName; }
|
||||
set { Site.Record.SiteName = value; }
|
||||
}
|
||||
|
||||
public string SiteCulture {
|
||||
get { return Site.As<SiteSettingsPart>().Record.SiteCulture; }
|
||||
set { Site.As<SiteSettingsPart>().Record.SiteCulture = value; }
|
||||
get { return Site.Record.SiteCulture; }
|
||||
set { Site.Record.SiteCulture = value; }
|
||||
}
|
||||
|
||||
public string SuperUser {
|
||||
|
||||
@@ -29,6 +29,7 @@
|
||||
<label for="SuperUser">@T("Super user")</label>
|
||||
@Html.EditorFor(x=>x.SuperUser)
|
||||
@Html.ValidationMessage("SuperUser", "*")
|
||||
<span class="hint">@T("Enter an existing account name, or nothing if you don't want a Super user account")</span>
|
||||
</div>
|
||||
<div>
|
||||
<label for="SiteDebugMode">@T("Resource Debug Mode")</label>
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using System.Linq;
|
||||
using System.Web.Mvc;
|
||||
using Orchard.ContentManagement;
|
||||
using Orchard.Core.Settings.Models;
|
||||
using Orchard.DisplayManagement;
|
||||
using Orchard.Localization;
|
||||
using Orchard.Security;
|
||||
@@ -9,21 +10,27 @@ using Orchard.Users.Models;
|
||||
using Orchard.Users.Services;
|
||||
using Orchard.Users.ViewModels;
|
||||
using Orchard.Mvc.Extensions;
|
||||
using System;
|
||||
using Orchard.Settings;
|
||||
|
||||
namespace Orchard.Users.Controllers {
|
||||
[ValidateInput(false)]
|
||||
public class AdminController : Controller, IUpdateModel {
|
||||
private readonly IMembershipService _membershipService;
|
||||
private readonly IUserService _userService;
|
||||
private readonly ISiteService _siteService;
|
||||
|
||||
public AdminController(
|
||||
IOrchardServices services,
|
||||
IMembershipService membershipService,
|
||||
IUserService userService,
|
||||
IShapeFactory shapeFactory) {
|
||||
IShapeFactory shapeFactory,
|
||||
ISiteService siteService) {
|
||||
Services = services;
|
||||
_membershipService = membershipService;
|
||||
_userService = userService;
|
||||
_siteService = siteService;
|
||||
|
||||
T = NullLocalizer.Instance;
|
||||
Shape = shapeFactory;
|
||||
}
|
||||
@@ -125,19 +132,25 @@ namespace Orchard.Users.Controllers {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var user = Services.ContentManager.Get(id);
|
||||
var user = Services.ContentManager.Get<UserPart>(id);
|
||||
string previousName = user.UserName;
|
||||
|
||||
dynamic model = Services.ContentManager.UpdateEditor(user, this);
|
||||
|
||||
var editModel = new UserEditViewModel {User = user};
|
||||
TryUpdateModel(editModel);
|
||||
|
||||
if (ModelState.IsValid) {
|
||||
((IContent)model.ContentItem).As<UserPart>().NormalizedUserName = editModel.UserName.ToLower();
|
||||
|
||||
if (TryUpdateModel(editModel)) {
|
||||
string userExistsMessage = _userService.VerifyUserUnicity(id, editModel.UserName, editModel.Email);
|
||||
if (userExistsMessage != null) {
|
||||
AddModelError("NotUniqueUserName", T(userExistsMessage));
|
||||
}
|
||||
else {
|
||||
// also update the Super user if this is the renamed account
|
||||
if (String.Equals(Services.WorkContext.CurrentSite.SuperUser, previousName, StringComparison.OrdinalIgnoreCase)) {
|
||||
_siteService.GetSiteSettings().As<SiteSettingsPart>().SuperUser = editModel.UserName;
|
||||
}
|
||||
|
||||
user.NormalizedUserName = editModel.UserName.ToLower();
|
||||
}
|
||||
}
|
||||
|
||||
if (!ModelState.IsValid) {
|
||||
@@ -159,9 +172,21 @@ namespace Orchard.Users.Controllers {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
Services.ContentManager.Remove(Services.ContentManager.Get(id));
|
||||
var user = Services.ContentManager.Get<IUser>(id);
|
||||
|
||||
if (user != null) {
|
||||
if (String.Equals(Services.WorkContext.CurrentSite.SuperUser, user.UserName, StringComparison.OrdinalIgnoreCase)) {
|
||||
Services.Notifier.Error(T("The Super user can't be removed. Please disable this account or specify another Super user account"));
|
||||
}
|
||||
else if (String.Equals(Services.WorkContext.CurrentUser.UserName, user.UserName, StringComparison.OrdinalIgnoreCase)) {
|
||||
Services.Notifier.Error(T("You can't remove your own account. Please log in with another account"));
|
||||
}
|
||||
else{
|
||||
Services.ContentManager.Remove(user.ContentItem);
|
||||
Services.Notifier.Information(T("User deleted"));
|
||||
}
|
||||
}
|
||||
|
||||
return RedirectToAction("Index");
|
||||
}
|
||||
|
||||
@@ -199,15 +224,15 @@ namespace Orchard.Users.Controllers {
|
||||
if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var user = Services.ContentManager.Get(id);
|
||||
var user = Services.ContentManager.Get<IUser>(id);
|
||||
|
||||
if (user != null) {
|
||||
if (Services.WorkContext.CurrentSite.SuperUser.Equals(user.As<UserPart>().UserName) ) {
|
||||
Services.Notifier.Error(T("Super user can't be moderated"));
|
||||
if (String.Equals(Services.WorkContext.CurrentUser.UserName, user.UserName, StringComparison.OrdinalIgnoreCase)) {
|
||||
Services.Notifier.Error(T("You can't disable your own account. Please log in with another account"));
|
||||
}
|
||||
else {
|
||||
user.As<UserPart>().RegistrationStatus = UserStatus.Pending;
|
||||
Services.Notifier.Information(T("User moderated"));
|
||||
Services.Notifier.Information(T("User {0} disabled", user.UserName));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -9,3 +9,4 @@ Features:
|
||||
Orchard.Users:
|
||||
Description: Standard users.
|
||||
Category: Core
|
||||
Dependencies: Settings
|
||||
|
||||
@@ -116,6 +116,10 @@
|
||||
<Project>{2D1D92BB-4555-4CBE-8D0E-63563D6CE4C6}</Project>
|
||||
<Name>Orchard.Framework</Name>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\Core\Orchard.Core.csproj">
|
||||
<Project>{9916839C-39FC-4CEB-A5AF-89CA7E87119F}</Project>
|
||||
<Name>Orchard.Core</Name>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Content Include="Views\Items\Content-User.Edit.cshtml">
|
||||
|
||||
Reference in New Issue
Block a user