lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-14 10:54:50 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Checking site ownership for all gallery actions

Browse Source 
Work Item: 16978

--HG--
branch : dev
This commit is contained in:
Sebastien Ros
2010-12-09 15:47:25 -08:00
parent c88c13c2e1
commit ef5eea48fa
3 changed files with 58 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Orchard.Web/Modules/Orchard.Packaging/AdminMenu.cs
View File

@@ -1,6 +1,7 @@
using Orchard.Environment.Extensions;
using Orchard.Localization;
using Orchard.UI.Navigation;
using Orchard.Security;
namespace Orchard.Packaging {
[OrchardFeature("Gallery")]
@@ -12,11 +13,14 @@ namespace Orchard.Packaging {
public void GetNavigation(NavigationBuilder builder) {
builder.Add(T("Gallery"), "30", menu => menu
.Add(T("Modules"), "1.0", item => item
.Action("Modules", "Gallery", new { area = "Orchard.Packaging" }))
.Action("Modules", "Gallery", new { area = "Orchard.Packaging" })
.Permission(StandardPermissions.SiteOwner))
.Add(T("Themes"), "2.0", item => item
.Action("Themes", "Gallery", new { area = "Orchard.Packaging" }))
.Action("Themes", "Gallery", new { area = "Orchard.Packaging" })
.Permission(StandardPermissions.SiteOwner))
.Add(T("Feeds"), "3.0", item => item
.Action("Sources", "Gallery", new { area = "Orchard.Packaging" })));
.Action("Sources", "Gallery", new { area = "Orchard.Packaging" })
.Permission(StandardPermissions.SiteOwner)));
}
}
}

27
src/Orchard.Web/Modules/Orchard.Packaging/Controllers/GalleryController.cs
View File

@@ -9,6 +9,7 @@ using Orchard.Localization;
using Orchard.Logging;
using Orchard.Packaging.Services;
using Orchard.Packaging.ViewModels;
using Orchard.Security;
using Orchard.Themes;
using Orchard.UI.Admin;
using Orchard.UI.Notify;
@@ -26,36 +27,51 @@ namespace Orchard.Packaging.Controllers {
public GalleryController(
IPackageManager packageManager,
IPackagingSourceManager packagingSourceManager,
INotifier notifier) {
INotifier notifier,
IOrchardServices services) {
_packageManager = packageManager;
_packagingSourceManager = packagingSourceManager;
_notifier = notifier;
Services = services;
T = NullLocalizer.Instance;
Logger = NullLogger.Instance;
}
public IOrchardServices Services { get; set; }
public Localizer T { get; set; }
public ILogger Logger { get; set; }
public ActionResult Sources() {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to list sources")))
return new HttpUnauthorizedResult();
return View(new PackagingSourcesViewModel {
Sources = _packagingSourceManager.GetSources(),
});
}
public ActionResult Remove(int id) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to remove sources")))
return new HttpUnauthorizedResult();
_packagingSourceManager.RemoveSource(id);
_notifier.Information(T("The feed has been removed successfully."));
return RedirectToAction("Sources");
}
public ActionResult AddSource() {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to add sources")))
return new HttpUnauthorizedResult();
return View(new PackagingAddSourceViewModel());
}
[HttpPost]
public ActionResult AddSource(string url) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to add sources")))
return new HttpUnauthorizedResult();
try {
if (!String.IsNullOrEmpty(url)) {
if (!url.StartsWith("http")) {
@@ -96,6 +112,9 @@ namespace Orchard.Packaging.Controllers {
}
public ActionResult Modules(int? sourceId) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to list modules")))
return new HttpUnauthorizedResult();
var selectedSource = _packagingSourceManager.GetSources().Where(s => s.Id == sourceId).FirstOrDefault();
var sources = selectedSource != null
@@ -123,6 +142,9 @@ namespace Orchard.Packaging.Controllers {
}
public ActionResult Themes(int? sourceId) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to list themes")))
return new HttpUnauthorizedResult();
var selectedSource = _packagingSourceManager.GetSources().Where(s => s.Id == sourceId).FirstOrDefault();
var sources = selectedSource != null
@@ -138,6 +160,9 @@ namespace Orchard.Packaging.Controllers {
}
public ActionResult Install(string packageId, string version, int sourceId, string redirectTo) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to install packages")))
return new HttpUnauthorizedResult();
var source = _packagingSourceManager.GetSources().Where(s => s.Id == sourceId).FirstOrDefault();
if (source == null) {

26
src/Orchard.Web/Modules/Orchard.Packaging/Controllers/PackagingServicesController.cs
View File

@@ -8,6 +8,7 @@ using Orchard.Environment.Extensions;
using Orchard.FileSystems.AppData;
using Orchard.Localization;
using Orchard.Packaging.Services;
using Orchard.Security;
using Orchard.Themes;
using Orchard.UI.Admin;
using Orchard.UI.Notify;
@@ -25,7 +26,8 @@ namespace Orchard.Packaging.Controllers {
public PackagingServicesController(
IPackageManager packageManager,
INotifier notifier,
IAppDataFolderRoot appDataFolderRoot) {
IAppDataFolderRoot appDataFolderRoot,
IOrchardServices services) {
_packageManager = packageManager;
_notifier = notifier;
_appDataFolderRoot = appDataFolderRoot;
@@ -34,31 +36,50 @@ namespace Orchard.Packaging.Controllers {
}
public Localizer T { get; set; }
public IOrchardServices Services { get; set; }
public ActionResult AddTheme(string returnUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to add themes")))
return new HttpUnauthorizedResult();
return View();
}
[HttpPost, ActionName("AddTheme")]
public ActionResult AddThemePOST(string returnUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to add themes")))
return new HttpUnauthorizedResult();
return InstallPackage(returnUrl, Request.RawUrl);
}
[HttpPost, ActionName("RemoveTheme")]
public ActionResult RemoveThemePOST(string themeId, string returnUrl, string retryUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to remove themes")))
return new HttpUnauthorizedResult();
return UninstallPackage(PackagingSourceManager.ThemesPrefix + themeId, returnUrl, retryUrl);
}
public ActionResult AddModule(string returnUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to add modules")))
return new HttpUnauthorizedResult();
return View();
}
[HttpPost, ActionName("AddModule")]
public ActionResult AddModulePOST(string returnUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to add modules")))
return new HttpUnauthorizedResult();
return InstallPackage(returnUrl, Request.RawUrl);
}
public ActionResult InstallPackage(string returnUrl, string retryUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to install packages")))
return new HttpUnauthorizedResult();
try {
if (Request.Files != null &&
Request.Files.Count > 0 &&
@@ -90,6 +111,9 @@ namespace Orchard.Packaging.Controllers {
}
public ActionResult UninstallPackage(string id, string returnUrl, string retryUrl) {
if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to uninstall packages")))
return new HttpUnauthorizedResult();
try {
_packageManager.Uninstall(id, HostingEnvironment.MapPath("~/"));