Adds permission checks to contentResource

2013-10-30 22:12:13 +01:00
parent db1ae58f96
commit 00f8472cfc
2 changed files with 46 additions and 0 deletions
--- a/src/Umbraco.Web.UI.Client/src/common/resources/content.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/content.resource.js
@@ -468,6 +468,38 @@ function contentResource($q, $http, umbDataFormatter, umbRequestHelper) {
               'Failed to retreive children for content item ' + parentId);
        },

+        /**
+         * @ngdoc method
+         * @name umbraco.resources.contentResource#hasPermission
+         * @methodOf umbraco.resources.contentResource
+         *
+         * @description
+         * Returns true/false given a permission char to check against a nodeID
+         * for the current user
+         *
+         * ##usage
+         * <pre>
+         * contentResource.hasPermission('p',1234)
+         *    .then(function() {
+         *        alert('You are allowed to publish this item');
+         *    });
+         * </pre> 
+         *
+         * @param {String} permission char representing the permission to check
+         * @param {Int} id id of content item to delete        
+         * @returns {Promise} resourcePromise object.
+         *
+         */
+        checkPermission: function(permission, id) {
+            return umbRequestHelper.resourcePromise(
+                $http.get(
+                    umbRequestHelper.getApiUrl(
+                        "contentApiBaseUrl",
+                        "GetHasPermission",
+                        [{ permissionToCheck: permission },{ nodeId: id }])),
+                'Failed to check permission for item ' + id);
+        },
+
        /**
         * @ngdoc method
         * @name umbraco.resources.contentResource#save
--- a/src/Umbraco.Web/Editors/ContentController.cs
+++ b/src/Umbraco.Web/Editors/ContentController.cs
@@ -171,6 +171,18 @@ namespace Umbraco.Web.Editors

            return pagedResult;
        }
+
+        [HttpGet]
+        public bool GetHasPermission(string permissionToCheck, int nodeId)
+        {
+            var p = Services.UserService.GetPermissions(Security.CurrentUser, nodeId).FirstOrDefault();
+            if (p != null && p.AssignedPermissions.Contains(permissionToCheck.ToString(CultureInfo.InvariantCulture)))
+            {
+                return true;
+            }
+
+            return false;
+        }
        
        /// <summary>
        /// Saves content
@@ -576,6 +588,8 @@ namespace Umbraco.Web.Editors
            }
        }

+        
+
        /// <summary>
        /// Performs a permissions check for the user to check if it has access to the node based on 
        /// start node and/or permissions for the node