lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-22 03:37:25 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge

Browse Source 
--HG--
branch : dev
This commit is contained in:
Renaud Paquay
2010-12-10 12:03:27 -08:00
parent 9337e12134 66b9ae5d4f
commit e9380fb02f
56 changed files with 507 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
View File

@@ -25,7 +25,7 @@ namespace Orchard.Blogs {
var singleBlog = blogCount == 1 ? blogs.ElementAt(0) : null;
if (blogCount > 0 && singleBlog == null) {
menu.Add(T("List"), "3",
menu.Add(T("Manage Blogs"), "3",
item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListOwnBlogs));
}
else if (singleBlog != null)

8
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogAdminController.cs
View File

@@ -15,6 +15,8 @@ using Orchard.UI.Navigation;
using Orchard.UI.Notify;
namespace Orchard.Blogs.Controllers {
using Orchard.Settings;
[ValidateInput(false), Admin]
public class BlogAdminController : Controller, IUpdateModel {
private readonly IBlogService _blogService;
@@ -22,6 +24,7 @@ namespace Orchard.Blogs.Controllers {
private readonly IContentManager _contentManager;
private readonly ITransactionManager _transactionManager;
private readonly IBlogSlugConstraint _blogSlugConstraint;
private readonly ISiteService _siteService;
public BlogAdminController(
IOrchardServices services,
@@ -30,6 +33,7 @@ namespace Orchard.Blogs.Controllers {
IContentManager contentManager,
ITransactionManager transactionManager,
IBlogSlugConstraint blogSlugConstraint,
ISiteService siteService,
IShapeFactory shapeFactory) {
Services = services;
_blogService = blogService;
@@ -37,6 +41,7 @@ namespace Orchard.Blogs.Controllers {
_contentManager = contentManager;
_transactionManager = transactionManager;
_blogSlugConstraint = blogSlugConstraint;
_siteService = siteService;
T = NullLocalizer.Instance;
Shape = shapeFactory;
}
@@ -147,7 +152,8 @@ namespace Orchard.Blogs.Controllers {
return View((object)viewModel);
}
public ActionResult Item(int blogId, Pager pager) {
public ActionResult Item(int blogId, PagerParameters pagerParameters) {
Pager pager = new Pager(_siteService.GetSiteSettings(), pagerParameters);
BlogPart blogPart = _blogService.Get(blogId, VersionOptions.Latest).As<BlogPart>();
if (blogPart == null)

10
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogController.cs
View File

@@ -13,6 +13,8 @@ using Orchard.Themes;
using Orchard.UI.Navigation;
namespace Orchard.Blogs.Controllers {
using Orchard.Settings;
[Themed]
public class BlogController : Controller {
private readonly IOrchardServices _services;
@@ -22,6 +24,7 @@ namespace Orchard.Blogs.Controllers {
private readonly IFeedManager _feedManager;
private readonly IWorkContextAccessor _workContextAccessor;
private readonly IHomePageProvider _routableHomePageProvider;
private readonly ISiteService _siteService;
public BlogController(
IOrchardServices services,
@@ -31,13 +34,15 @@ namespace Orchard.Blogs.Controllers {
IFeedManager feedManager,
IShapeFactory shapeFactory,
IWorkContextAccessor workContextAccessor,
IEnumerable<IHomePageProvider> homePageProviders) {
IEnumerable<IHomePageProvider> homePageProviders,
ISiteService siteService) {
_services = services;
_blogService = blogService;
_blogPostService = blogPostService;
_blogSlugConstraint = blogSlugConstraint;
_feedManager = feedManager;
_workContextAccessor = workContextAccessor;
_siteService = siteService;
_routableHomePageProvider = homePageProviders.SingleOrDefault(p => p.GetProviderName() == RoutableHomePageProvider.Name);
Logger = NullLogger.Instance;
Shape = shapeFactory;
@@ -59,7 +64,8 @@ namespace Orchard.Blogs.Controllers {
return View((object)viewModel);
}
public ActionResult Item(string blogSlug, Pager pager) {
public ActionResult Item(string blogSlug, PagerParameters pagerParameters) {
Pager pager = new Pager(_siteService.GetSiteSettings(), pagerParameters);
var correctedSlug = _blogSlugConstraint.FindSlug(blogSlug);
if (correctedSlug == null)
return HttpNotFound();

8
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
View File

@@ -9,6 +9,8 @@ using Orchard.ContentManagement.Aspects;
using Orchard.Core.Contents.Settings;
using Orchard.Localization;
using Orchard.Mvc.AntiForgery;
using Orchard.Security;
using Orchard.Security.Permissions;
using Orchard.UI.Admin;
using Orchard.UI.Notify;
@@ -84,9 +86,6 @@ namespace Orchard.Blogs.Controllers {
//todo: the content shape template has extra bits that the core contents module does not (remove draft functionality)
//todo: - move this extra functionality there or somewhere else that's appropriate?
public ActionResult Edit(int blogId, int postId) {
if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult();
var blog = _blogService.Get(blogId, VersionOptions.Latest);
if (blog == null)
return HttpNotFound();
@@ -95,6 +94,9 @@ namespace Orchard.Blogs.Controllers {
if (post == null)
return HttpNotFound();
if (!Services.Authorizer.Authorize(Permissions.EditOthersBlogPost, post.ContentItem, T("Couldn't edit blog post")))
return new HttpUnauthorizedResult();
dynamic model = Services.ContentManager.BuildEditor(post);
// Casting to avoid invalid (under medium trust) reflection over the protected View method and force a static invocation.
return View((object)model);

8
src/Orchard.Web/Modules/Orchard.Blogs/Migrations.cs
View File

@@ -5,7 +5,7 @@ namespace Orchard.Blogs {
public class Migrations : DataMigrationImpl {
public int Create() {
SchemaBuilder.CreateTable("BlogPartArchiveRecord",
SchemaBuilder.CreateTable("BlogPartArchiveRecord",
table => table
.Column<int>("Id", column => column.PrimaryKey().Identity())
.Column<int>("Year")
@@ -14,21 +14,21 @@ namespace Orchard.Blogs {
.Column<int>("BlogPart_id")
);
SchemaBuilder.CreateTable("BlogPartRecord",
SchemaBuilder.CreateTable("BlogPartRecord",
table => table
.ContentPartRecord()
.Column<string>("Description", c => c.Unlimited())
.Column<int>("PostCount")
);
SchemaBuilder.CreateTable("RecentBlogPostsPartRecord",
SchemaBuilder.CreateTable("RecentBlogPostsPartRecord",
table => table
.ContentPartRecord()
.Column<string>("BlogSlug")
.Column<int>("Count")
);
SchemaBuilder.CreateTable("BlogArchivesPartRecord",
SchemaBuilder.CreateTable("BlogArchivesPartRecord",
table => table
.ContentPartRecord()
.Column<string>("BlogSlug", c => c.WithLength(255))

1
src/Orchard.Web/Modules/Orchard.Blogs/Orchard.Blogs.csproj
View File

@@ -82,6 +82,7 @@
<Compile Include="Routing\IsArchiveConstraint.cs" />
<Compile Include="Routing\BlogSlugConstraint.cs" />
<Compile Include="Routing\BlogSlugConstraintUpdator.cs" />
<Compile Include="Security\BlogAuthorizationEventHandler.cs" />
<Compile Include="Services\BlogService.cs" />
<Compile Include="Controllers\BlogController.cs" />
<Compile Include="Models\BlogPart.cs" />

49
src/Orchard.Web/Modules/Orchard.Blogs/Security/BlogAuthorizationEventHandler.cs Normal file
View File

@@ -0,0 +1,49 @@
using JetBrains.Annotations;
using Orchard.ContentManagement;
using Orchard.ContentManagement.Aspects;
using Orchard.Security;
using Orchard.Security.Permissions;
namespace Orchard.Blogs.Security {
[UsedImplicitly]
public class BlogAuthorizationEventHandler : IAuthorizationServiceEventHandler {
public void Checking(CheckAccessContext context) { }
public void Complete(CheckAccessContext context) { }
public void Adjust(CheckAccessContext context) {
if (!context.Granted &&
context.Content.Is<ICommonPart>()) {
if (OwnerVariationExists(context.Permission) &&
HasOwnership(context.User, context.Content)) {
context.Adjusted = true;
context.Permission = GetOwnerVariation(context.Permission);
}
}
}
private static bool HasOwnership(IUser user, IContent content) {
if (user == null || content == null)
return false;
var common = content.As<ICommonPart>();
if (common == null || common.Owner == null)
return false;
return user.Id == common.Owner.Id;
}
private static bool OwnerVariationExists(Permission permission) {
return GetOwnerVariation(permission) != null;
}
private static Permission GetOwnerVariation(Permission permission) {
if (permission.Name == Permissions.PublishOthersBlogPost.Name)
return Permissions.PublishOwnBlogPost;
if (permission.Name == Permissions.EditOthersBlogPost.Name)
return Permissions.EditOwnBlogPost;
if (permission.Name == Permissions.DeleteOthersBlogPost.Name)
return Permissions.DeleteOwnBlogPost;
return null;
}
}
}

14
src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
View File

@@ -123,7 +123,7 @@ namespace Orchard.Blogs.Services {
string password) {
var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(StandardPermissions.AccessFrontEnd, user, null);
_authorizationService.CheckAccess(Permissions.EditOthersBlogPost, user, null);
var array = new XRpcArray();
foreach (var blog in _blogService.Get()) {
@@ -144,7 +144,7 @@ namespace Orchard.Blogs.Services {
int numberOfPosts) {
var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(StandardPermissions.AccessFrontEnd, user, null);
_authorizationService.CheckAccess(Permissions.EditOthersBlogPost, user, null);
var blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null)
@@ -166,7 +166,7 @@ namespace Orchard.Blogs.Services {
IEnumerable<IXmlRpcDriver> drivers) {
var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(Permissions.EditOwnBlogPost, user, null);
_authorizationService.CheckAccess(publish ? Permissions.PublishOthersBlogPost : Permissions.EditOthersBlogPost, user, null);
var blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
if (blog == null)
@@ -216,7 +216,7 @@ namespace Orchard.Blogs.Services {
IEnumerable<IXmlRpcDriver> drivers) {
var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(StandardPermissions.AccessFrontEnd, user, null);
_authorizationService.CheckAccess(Permissions.EditOthersBlogPost, user, null);
var blogPost = _blogPostService.Get(postId, VersionOptions.Latest);
if (blogPost == null)
@@ -231,15 +231,13 @@ namespace Orchard.Blogs.Services {
}
private bool MetaWeblogEditPost(int postId, string userName, string password, XRpcStruct content, bool publish, IEnumerable<IXmlRpcDriver> drivers) {
var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(StandardPermissions.AccessFrontEnd, user, null);
_authorizationService.CheckAccess(publish ? Permissions.PublishOthersBlogPost : Permissions.EditOthersBlogPost, user, null);
var blogPost = _blogPostService.Get(postId, VersionOptions.DraftRequired);
if (blogPost == null)
throw new ArgumentException();
var title = content.Optional<string>("title");
var description = content.Optional<string>("description");
var slug = content.Optional<string>("wp_slug");
@@ -259,7 +257,7 @@ namespace Orchard.Blogs.Services {
private bool MetaWeblogDeletePost(string appkey, string postId, string userName, string password, bool publish, IEnumerable<IXmlRpcDriver> drivers) {
var user = _membershipService.ValidateUser(userName, password);
_authorizationService.CheckAccess(StandardPermissions.AccessFrontEnd, user, null);
_authorizationService.CheckAccess(Permissions.DeleteOthersBlogPost, user, null);
var blogPost = _blogPostService.Get(Convert.ToInt32(postId), VersionOptions.Latest);
if (blogPost == null)