lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-09-24 21:43:37 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Extending security model for owned/other content permission support

Browse Source 
Added an IContent parameter to IAuthorizationService and IAuthorizer
Added an IAuthorizationServiceEvents interface for modules to participate in the process
Updated the role-based authorization service to fire events and recheck access based on adjustments
Added hook in Orchard.Pages/Security/Authorization.cs with "pages" specific auth adjustments

--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4045861
This commit is contained in:
loudej
2010-01-22 22:11:10 +00:00
parent 09c88f124c
commit e9b32d59ca
18 changed files with 260 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Orchard.Web/Core/Common/Providers/CommonAspectHandler.cs
View File

@@ -134,7 +134,7 @@ namespace Orchard.Core.Common.Providers {
private void GetEditor(BuildEditorModelContext context, CommonAspect instance) {
var currentUser = _authenticationService.GetAuthenticatedUser();
if (!_authorizationService.TryCheckAccess(currentUser, Permissions.ChangeOwner)) {
if (!_authorizationService.TryCheckAccess(Permissions.ChangeOwner, currentUser, instance)) {
return;
}
var viewModel = new OwnerEditorViewModel();
@@ -152,7 +152,7 @@ namespace Orchard.Core.Common.Providers {
instance.VersionModifiedUtc = _clock.UtcNow;
var currentUser = _authenticationService.GetAuthenticatedUser();
if (!_authorizationService.TryCheckAccess(currentUser, Permissions.ChangeOwner)) {
if (!_authorizationService.TryCheckAccess(Permissions.ChangeOwner, currentUser, instance)) {
return;
}