using System; using System.Collections.Generic; using System.Linq; using System.Reflection; using System.Web.Mvc; using System.Web.Routing; using Orchard.ContentManagement; using Orchard.ContentManagement.Aspects; using Orchard.ContentManagement.MetaData; using Orchard.ContentManagement.MetaData.Models; using Orchard.ContentManagement.Records; using Orchard.Core.Common.Models; using Orchard.Core.Contents.Settings; using Orchard.Core.Contents.ViewModels; using Orchard.Data; using Orchard.DisplayManagement; using Orchard.Localization; using Orchard.Logging; using Orchard.UI.Navigation; using Orchard.UI.Notify; namespace Orchard.Core.Contents.Controllers { [ValidateInput(false)] public class AdminController : Controller, IUpdateModel { private readonly IContentManager _contentManager; private readonly IContentDefinitionManager _contentDefinitionManager; private readonly ITransactionManager _transactionManager; public AdminController( IOrchardServices orchardServices, IContentManager contentManager, IContentDefinitionManager contentDefinitionManager, ITransactionManager transactionManager, IShapeFactory shapeFactory) { Services = orchardServices; _contentManager = contentManager; _contentDefinitionManager = contentDefinitionManager; _transactionManager = transactionManager; T = NullLocalizer.Instance; Logger = NullLogger.Instance; Shape = shapeFactory; } dynamic Shape { get; set; } public IOrchardServices Services { get; private set; } public Localizer T { get; set; } public ILogger Logger { get; set; } public ActionResult List(ListContentsViewModel model, Pager pager) { if (model.ContainerId != null && _contentManager.GetLatest((int)model.ContainerId) == null) return HttpNotFound(); var query = _contentManager.Query(VersionOptions.Latest, GetCreatableTypes().Select(ctd => ctd.Name).ToArray()); if (!string.IsNullOrEmpty(model.TypeName)) { var contentTypeDefinition = _contentDefinitionManager.GetTypeDefinition(model.TypeName); if (contentTypeDefinition == null) return HttpNotFound(); model.TypeDisplayName = !string.IsNullOrWhiteSpace(contentTypeDefinition.DisplayName) ? contentTypeDefinition.DisplayName : contentTypeDefinition.Name; query = query.ForType(model.TypeName); } if (model.ContainerId != null) query = query.Join().Where(cr => cr.Container.Id == model.ContainerId); switch (model.Options.OrderBy) { case ContentsOrder.Modified: //query = query.OrderByDescending(ci => ci.ContentItemRecord.Versions.Single(civr => civr.Latest).Id); query = query.OrderByDescending(cr => cr.ModifiedUtc); break; case ContentsOrder.Published: query = query.OrderByDescending(cr => cr.PublishedUtc); break; case ContentsOrder.Created: //query = query.OrderByDescending(ci => ci.Id); query = query.OrderByDescending(cr => cr.CreatedUtc); break; } model.Options.SelectedFilter = model.TypeName; model.Options.FilterOptions = GetCreatableTypes() .Select(ctd => new KeyValuePair(ctd.Name, ctd.DisplayName)) .ToList().OrderBy(kvp => kvp.Key); var pagerShape = Shape.Pager(pager).TotalItemCount(query.Count()); var pageOfContentItems = query.Slice(pager.GetStartIndex(), pager.PageSize).ToList(); var list = Shape.List(); list.AddRange(pageOfContentItems.Select(ci => _contentManager.BuildDisplay(ci, "SummaryAdmin"))); var viewModel = Shape.ViewModel() .ContentItems(list) .Pager(pagerShape) .Options(model.Options) .TypeDisplayName(model.TypeDisplayName ?? ""); return View(viewModel); } private IEnumerable GetCreatableTypes() { return _contentDefinitionManager.ListTypeDefinitions().Where(ctd => ctd.Settings.GetModel().Creatable); } [HttpPost, ActionName("List")] [FormValueRequired("submit.Filter")] public ActionResult ListFilterPOST(ContentOptions options) { var routeValues = ControllerContext.RouteData.Values; if (options != null) { routeValues["Options.OrderBy"] = options.OrderBy; //todo: don't hard-code the key if (GetCreatableTypes().Any(ctd => string.Equals(ctd.Name, options.SelectedFilter, StringComparison.OrdinalIgnoreCase))) { routeValues["id"] = options.SelectedFilter; } else { routeValues.Remove("id"); } } return RedirectToAction("List", routeValues); } [HttpPost, ActionName("List")] [FormValueRequired("submit.BulkEdit")] public ActionResult ListPOST(ContentOptions options, IEnumerable itemIds, string returnUrl) { if (itemIds != null) { var accessChecked = false; switch (options.BulkAction) { case ContentsBulkAction.None: break; case ContentsBulkAction.PublishNow: foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't publish selected content."))) return new HttpUnauthorizedResult(); accessChecked = true; _contentManager.Publish(item); Services.ContentManager.Flush(); } Services.Notifier.Information(T("Content successfully published.")); break; case ContentsBulkAction.Unpublish: foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't unpublish selected content."))) return new HttpUnauthorizedResult(); accessChecked = true; _contentManager.Unpublish(item); Services.ContentManager.Flush(); } Services.Notifier.Information(T("Content successfully unpublished.")); break; case ContentsBulkAction.Remove: foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) { if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteContent, item, T("Couldn't remove selected content."))) return new HttpUnauthorizedResult(); accessChecked = true; _contentManager.Remove(item); Services.ContentManager.Flush(); } Services.Notifier.Information(T("Content successfully removed.")); break; default: throw new ArgumentOutOfRangeException(); } } if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl); return RedirectToAction("List"); } ActionResult CreatableTypeList() { var viewModel = Shape.ViewModel(ContentTypes: GetCreatableTypes()); return View("CreatableTypeList", viewModel); } public ActionResult Create(string id) { if (string.IsNullOrEmpty(id)) return CreatableTypeList(); var contentItem = _contentManager.New(id); if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Cannot create content"))) return new HttpUnauthorizedResult(); var model = _contentManager.BuildEditor(contentItem); return View(model); } [HttpPost, ActionName("Create")] [FormValueRequired("submit.Save")] public ActionResult CreatePOST(string id) { return CreatePOST(id, contentItem => { if (!contentItem.Has() && !contentItem.TypeDefinition.Settings.GetModel().Draftable) _contentManager.Publish(contentItem); }); } [HttpPost, ActionName("Create")] [FormValueRequired("submit.Publish")] public ActionResult CreateAndPublishPOST(string id) { return CreatePOST(id, contentItem => _contentManager.Publish(contentItem)); } private ActionResult CreatePOST(string id, Action conditionallyPublish) { var contentItem = _contentManager.New(id); if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't create content"))) return new HttpUnauthorizedResult(); var isDraftable = contentItem.TypeDefinition.Settings.GetModel().Draftable; _contentManager.Create( contentItem, isDraftable ? VersionOptions.Draft : VersionOptions.Published); var model = _contentManager.UpdateEditor(contentItem, this); if (!ModelState.IsValid) { _transactionManager.Cancel(); return View(model); } conditionallyPublish(contentItem); Services.Notifier.Information(string.IsNullOrWhiteSpace(contentItem.TypeDefinition.DisplayName) ? T("Your content has been created.") : T("Your {0} has been created.", contentItem.TypeDefinition.DisplayName)); return RedirectToAction("Edit", new RouteValueDictionary { { "Id", contentItem.Id } }); } public ActionResult Edit(int id) { var contentItem = _contentManager.Get(id, VersionOptions.Latest); if (contentItem == null) return HttpNotFound(); if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content"))) return new HttpUnauthorizedResult(); var model = _contentManager.BuildEditor(contentItem); return View(model); } [HttpPost, ActionName("Edit")] [FormValueRequired("submit.Save")] public ActionResult EditPOST(int id, string returnUrl) { return EditPOST(id, returnUrl, contentItem => { if (!contentItem.Has() && !contentItem.TypeDefinition.Settings.GetModel().Draftable) _contentManager.Publish(contentItem); }); } [HttpPost, ActionName("Edit")] [FormValueRequired("submit.Publish")] public ActionResult EditAndPublishPOST(int id, string returnUrl) { return EditPOST(id, returnUrl, contentItem => _contentManager.Publish(contentItem)); } private ActionResult EditPOST(int id, string returnUrl, Action conditionallyPublish) { var contentItem = _contentManager.Get(id, VersionOptions.DraftRequired); if (contentItem == null) return HttpNotFound(); if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Couldn't edit content"))) return new HttpUnauthorizedResult(); var model = _contentManager.UpdateEditor(contentItem, this); if (!ModelState.IsValid) { _transactionManager.Cancel(); return View("Edit", model); } conditionallyPublish(contentItem); Services.Notifier.Information(string.IsNullOrWhiteSpace(contentItem.TypeDefinition.DisplayName) ? T("Your content has been saved.") : T("Your {0} has been saved.", contentItem.TypeDefinition.DisplayName)); if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl); return RedirectToAction("Edit", new RouteValueDictionary { { "Id", contentItem.Id } }); } public ActionResult Remove(int id, string returnUrl) { var contentItem = _contentManager.Get(id, VersionOptions.Latest); if (!Services.Authorizer.Authorize(Permissions.DeleteContent, contentItem, T("Couldn't remove content"))) return new HttpUnauthorizedResult(); if (contentItem != null) { _contentManager.Remove(contentItem); Services.Notifier.Information(string.IsNullOrWhiteSpace(contentItem.TypeDefinition.DisplayName) ? T("That content has been removed.") : T("That {0} has been removed.", contentItem.TypeDefinition.DisplayName)); } if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl); return RedirectToAction("List"); } [HttpPost] public ActionResult Publish(int id, string returnUrl) { var contentItem = _contentManager.GetLatest(id); if (contentItem == null) return HttpNotFound(); if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish content"))) return new HttpUnauthorizedResult(); _contentManager.Publish(contentItem); Services.ContentManager.Flush(); Services.Notifier.Information(string.IsNullOrWhiteSpace(contentItem.TypeDefinition.DisplayName) ? T("That content has been published.") : T("That {0} has been published.", contentItem.TypeDefinition.DisplayName)); if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl); return RedirectToAction("List"); } [HttpPost] public ActionResult Unpublish(int id, string returnUrl) { var contentItem = _contentManager.GetLatest(id); if (contentItem == null) return HttpNotFound(); if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't unpublish content"))) return new HttpUnauthorizedResult(); _contentManager.Unpublish(contentItem); Services.ContentManager.Flush(); Services.Notifier.Information(string.IsNullOrWhiteSpace(contentItem.TypeDefinition.DisplayName) ? T("That content has been unpublished.") : T("That {0} has been unpublished.", contentItem.TypeDefinition.DisplayName)); if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl); return RedirectToAction("List"); } bool IUpdateModel.TryUpdateModel(TModel model, string prefix, string[] includeProperties, string[] excludeProperties) { return TryUpdateModel(model, prefix, includeProperties, excludeProperties); } void IUpdateModel.AddModelError(string key, LocalizedString errorMessage) { ModelState.AddModelError(key, errorMessage.ToString()); } } public class FormValueRequiredAttribute : ActionMethodSelectorAttribute { private readonly string _submitButtonName; public FormValueRequiredAttribute(string submitButtonName) { _submitButtonName = submitButtonName; } public override bool IsValidForRequest(ControllerContext controllerContext, MethodInfo methodInfo) { var value = controllerContext.HttpContext.Request.Form[_submitButtonName]; return !string.IsNullOrEmpty(value); } } }