diff --git a/src/Umbraco.Web.UI/umbraco/js/umbracoUpgradeChecker.js b/src/Umbraco.Web.UI/umbraco/js/umbracoUpgradeChecker.js
index 8d962b457a..687cdd20c1 100644
--- a/src/Umbraco.Web.UI/umbraco/js/umbracoUpgradeChecker.js
+++ b/src/Umbraco.Web.UI/umbraco/js/umbracoUpgradeChecker.js
@@ -1,14 +1,15 @@
function umbracoCheckUpgrade(result) {
- if (result.UpgradeType.toLowerCase() != 'none') {
- if (UmbSpeechBubble == null) {
- InitUmbracoSpeechBubble();
+ if (result) {
+ if (result.UpgradeType.toLowerCase() != 'none') {
+ if (UmbSpeechBubble == null) {
+ InitUmbracoSpeechBubble();
+ }
+ var icon = 'info';
+ if (result.UpgradeType.toLowerCase() == 'critical') {
+ icon = 'error';
+ }
+
+ UmbSpeechBubble.ShowMessage(icon, 'Upgrade Available!', '' + result.UpgradeComment + '', true);
}
- var icon = 'info';
- if (result.UpgradeType.toLowerCase() == 'critical') {
- icon = 'error';
- }
-
- UmbSpeechBubble.ShowMessage(icon, 'Upgrade Available!', '' + result.UpgradeComment + '', true);
}
-
}
\ No newline at end of file
diff --git a/src/Umbraco.Web/WebServices/UmbracoAuthorizedWebService.cs b/src/Umbraco.Web/WebServices/UmbracoAuthorizedWebService.cs
index 34b2141540..6740782d50 100644
--- a/src/Umbraco.Web/WebServices/UmbracoAuthorizedWebService.cs
+++ b/src/Umbraco.Web/WebServices/UmbracoAuthorizedWebService.cs
@@ -3,10 +3,14 @@ using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
+using System.Web.Security;
using Umbraco.Core.Configuration;
using umbraco.BasePages;
using umbraco.BusinessLogic;
using Umbraco.Core;
+using umbraco.businesslogic.Exceptions;
+using GlobalSettings = umbraco.GlobalSettings;
+using UmbracoSettings = umbraco.UmbracoSettings;
namespace Umbraco.Web.WebServices
{
@@ -25,45 +29,80 @@ namespace Umbraco.Web.WebServices
{
}
+ private User _user;
+ private readonly InnerPage _page = new InnerPage();
+
+ ///
+ /// Checks if the umbraco context id is valid
+ ///
+ ///
+ ///
+ protected bool ValidateUserContextId(string currentUmbracoUserContextId)
+ {
+ return BasePage.ValidateUserContextID(currentUmbracoUserContextId);
+ }
+
+ ///
+ /// Checks if the username/password credentials are valid
+ ///
+ ///
+ ///
+ ///
+ protected bool ValidateCredentials(string username, string password)
+ {
+ return Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(username, password);
+ }
+
///
/// Validates the user for access to a certain application
///
/// The application alias.
+ /// true if an exception should be thrown if authorization fails
///
- protected bool ValidateUserApp(string app)
+ protected bool AuthorizeRequest(string app, bool throwExceptions = false)
{
//ensure we have a valid user first!
- if (!ValidateUser()) return false;
+ if (!AuthorizeRequest(throwExceptions)) return false;
//if it is empty, don't validate
if (app.IsNullOrWhiteSpace())
{
return true;
}
- return UmbracoUser.Applications.Any(uApp => uApp.alias == app);
+ var hasAccess = UmbracoUser.Applications.Any(uApp => uApp.alias == app);
+ if (!hasAccess && throwExceptions)
+ throw new UserAuthorizationException("The user does not have access to the required application");
+ return hasAccess;
}
-
- private User _user;
- private readonly InnerPage _page = new InnerPage();
-
///
- /// Returns true if there is a valid logged in user
+ /// Returns true if there is a valid logged in user and that ssl is enabled if required
///
+ /// true if an exception should be thrown if authorization fails
///
- protected bool ValidateUser()
+ protected bool AuthorizeRequest(bool throwExceptions = false)
{
+ // check for secure connection
+ if (GlobalSettings.UseSSL && !HttpContext.Current.Request.IsSecureConnection)
+ {
+ if (throwExceptions)
+ throw new UserAuthorizationException("This installation requires a secure connection (via SSL). Please update the URL to include https://");
+ return false;
+ }
+
try
{
return UmbracoUser != null;
}
catch (ArgumentException)
{
+ if (throwExceptions) throw;
//an exception will occur if the user is not valid inside of _page.getUser();
return false;
}
catch (InvalidOperationException)
{
+ if (throwExceptions) throw;
//an exception will occur if the user is not valid inside of _page.getUser();
return false;
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CMSNode.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CMSNode.asmx.cs
index 89e3256ccb..e71d405d62 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CMSNode.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CMSNode.asmx.cs
@@ -6,7 +6,7 @@ using System.Web.Script.Services;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.ComponentModel;
-
+using Umbraco.Web.WebServices;
using umbraco.cms.businesslogic;
using umbraco.BusinessLogic;
@@ -17,22 +17,21 @@ namespace umbraco.presentation.webservices
///
[WebService(Namespace = "http://umbraco.org/webservices/")]
[ScriptService]
- public class CMSNode : System.Web.Services.WebService
+ public class CMSNode : UmbracoAuthorizedWebService
{
[WebMethod]
public string GetNodeName(string ContextID, int NodeId)
{
- if (BasePages.BasePage.ValidateUserContextID(ContextID))
- return getNodeName(NodeId);
-
- return "";
+ return ValidateUserContextId(ContextID)
+ ? GetNodeName(NodeId)
+ : string.Empty;
}
- private string getNodeName(int NodeId)
+ private string GetNodeName(int nodeId)
{
- legacyAjaxCalls.Authorize();
- cms.businesslogic.CMSNode n = new cms.businesslogic.CMSNode(NodeId);
+ if (!AuthorizeRequest()) return string.Empty;
+ var n = new cms.businesslogic.CMSNode(nodeId);
return n.Text;
}
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CacheRefresher.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CacheRefresher.asmx.cs
index d2ecd05a33..f29072588e 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CacheRefresher.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CacheRefresher.asmx.cs
@@ -14,41 +14,8 @@ namespace umbraco.presentation.webservices
/// Summary description for CacheRefresher.
///
[WebService(Namespace="http://umbraco.org/webservices/")]
- public class CacheRefresher : System.Web.Services.WebService
- {
- public CacheRefresher()
- {
- //CODEGEN: This call is required by the ASP.NET Web Services Designer
- InitializeComponent();
- }
-
- #region Component Designer generated code
-
- //Required by the Web Services Designer
- private IContainer components = null;
-
- ///
- /// Required method for Designer support - do not modify
- /// the contents of this method with the code editor.
- ///
- private void InitializeComponent()
- {
- }
-
- ///
- /// Clean up any resources being used.
- ///
- protected override void Dispose( bool disposing )
- {
- if(disposing && components != null)
- {
- components.Dispose();
- }
- base.Dispose(disposing);
- }
-
- #endregion
-
+ public class CacheRefresher : WebService
+ {
[WebMethod]
public void RefreshAll(Guid uniqueIdentifier, string Login, string Password)
{
@@ -96,11 +63,11 @@ namespace umbraco.presentation.webservices
{
if (BusinessLogic.User.validateCredentials(Login, Password))
{
- XmlDocument xd = new XmlDocument();
+ var xd = new XmlDocument();
xd.LoadXml("");
foreach (var cr in CacheRefreshersResolver.Current.CacheResolvers)
{
- XmlNode n = xmlHelper.addTextNode(xd, "cacheRefresher", cr.Name);
+ var n = xmlHelper.addTextNode(xd, "cacheRefresher", cr.Name);
n.Attributes.Append(xmlHelper.addAttribute(xd, "uniqueIdentifier", cr.UniqueIdentifier.ToString()));
xd.DocumentElement.AppendChild(n);
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CheckForUpgrade.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CheckForUpgrade.asmx.cs
index 732be59d19..2885e784d5 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CheckForUpgrade.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CheckForUpgrade.asmx.cs
@@ -3,6 +3,7 @@ using System.Collections.Generic;
using System.Web;
using System.Web.Services;
using System.Web.Script.Services;
+using Umbraco.Web.WebServices;
namespace umbraco.presentation.webservices
@@ -14,17 +15,16 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
[ScriptService]
- public class CheckForUpgrade : System.Web.Services.WebService
+ public class CheckForUpgrade : UmbracoAuthorizedWebService
{
[WebMethod]
[ScriptMethod]
public UpgradeResult CallUpgradeService()
{
- legacyAjaxCalls.Authorize();
-
- org.umbraco.update.CheckForUpgrade check = new global::umbraco.presentation.org.umbraco.update.CheckForUpgrade();
- org.umbraco.update.UpgradeResult result = check.CheckUpgrade(GlobalSettings.VersionMajor, GlobalSettings.VersionMinor, GlobalSettings.VersionPatch, GlobalSettings.VersionComment);
+ if (!AuthorizeRequest()) return null;
+ var check = new org.umbraco.update.CheckForUpgrade();
+ var result = check.CheckUpgrade(GlobalSettings.VersionMajor, GlobalSettings.VersionMinor, GlobalSettings.VersionPatch, GlobalSettings.VersionComment);
return new UpgradeResult(result.UpgradeType.ToString(), result.Comment, result.UpgradeUrl);
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Developer.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Developer.asmx.cs
index 2ecd9b52f9..aaa6ece5e4 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Developer.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Developer.asmx.cs
@@ -1,12 +1,7 @@
-using System;
-using System.Collections;
-using System.ComponentModel;
-using System.Data;
-using System.Diagnostics;
-using System.Web;
using System.Web.Services;
-
using System.Xml;
+using Umbraco.Core;
+using Umbraco.Web.WebServices;
using umbraco.presentation.webservices;
namespace umbraco.webservices
@@ -15,99 +10,68 @@ namespace umbraco.webservices
/// Summary description for Developer.
///
[WebService(Namespace="http://umbraco.org/webservices/")]
- public class Developer : System.Web.Services.WebService
+ public class Developer : UmbracoAuthorizedWebService
{
- public Developer()
- {
- //CODEGEN: This call is required by the ASP.NET Web Services Designer
- InitializeComponent();
- }
-
+
[WebMethod]
- public string BootStrapTidy(string html, string ContextID)
+ public string BootStrapTidy(string html, string ContextID)
{
- legacyAjaxCalls.Authorize();
+ //pretty sure this is legacy and it used to throw an exception so we'll continue to do the same
+ //true = throw if invalid
+ AuthorizeRequest(true);
return cms.helpers.xhtml.BootstrapTidy(html);
}
[WebMethod]
- public XmlNode GetMacros(string Login, string Password)
+ public XmlNode GetMacros(string Login, string Password)
{
- if (BusinessLogic.User.validateCredentials(Login, Password))
+ if (ValidateCredentials(Login, Password))
{
- XmlDocument xmlDoc = new XmlDocument();
- XmlElement macros = xmlDoc.CreateElement("macros");
- foreach (cms.businesslogic.macro.Macro m in cms.businesslogic.macro.Macro.GetAll())
+ var xmlDoc = new XmlDocument();
+ var macros = xmlDoc.CreateElement("macros");
+ foreach (var m in cms.businesslogic.macro.Macro.GetAll())
{
- XmlElement mXml = xmlDoc.CreateElement("macro");
- mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", m.Id.ToString()));
- mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "alias", m.Alias));
- mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", m.Name));
+ var mXml = xmlDoc.CreateElement("macro");
+ mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", m.Id.ToString()));
+ mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "alias", m.Alias));
+ mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", m.Name));
macros.AppendChild(mXml);
}
return macros;
- } else
- return null;
- }
-
- [WebMethod]
- public XmlNode GetMacro(int Id, string Login, string Password)
- {
- if (BusinessLogic.User.validateCredentials(Login, Password))
- {
- XmlDocument xmlDoc = new XmlDocument();
- XmlElement macro = xmlDoc.CreateElement("macro");
- cms.businesslogic.macro.Macro m = new cms.businesslogic.macro.Macro(Id);
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", m.Id.ToString()));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "refreshRate", m.RefreshRate.ToString()));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "useInEditor", m.UseInEditor.ToString()));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "alias", m.Alias));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", m.Name));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "assembly", m.Assembly));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "type", m.Type));
- macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "xslt", m.Xslt));
- XmlElement Properties = xmlDoc.CreateElement("properties");
- foreach (cms.businesslogic.macro.MacroProperty mp in m.Properties)
- {
- XmlElement pXml = xmlDoc.CreateElement("property");
- pXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "alias", mp.Alias));
- pXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", mp.Name));
- pXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "public", mp.Public.ToString()));
- Properties.AppendChild(pXml);
- }
- macro.AppendChild(Properties);
- return macro;
- } else
- return null;
- }
-
- #region Component Designer generated code
-
- //Required by the Web Services Designer
- private IContainer components = null;
-
- ///
- /// Required method for Designer support - do not modify
- /// the contents of this method with the code editor.
- ///
- private void InitializeComponent()
- {
- }
-
- ///
- /// Clean up any resources being used.
- ///
- protected override void Dispose( bool disposing )
- {
- if(disposing && components != null)
- {
- components.Dispose();
}
- base.Dispose(disposing);
+ return null;
}
-
- #endregion
+ [WebMethod]
+ public XmlNode GetMacro(int Id, string Login, string Password)
+ {
+ if (ValidateCredentials(Login, Password))
+ {
+ var xmlDoc = new XmlDocument();
+ var macro = xmlDoc.CreateElement("macro");
+ var m = new cms.businesslogic.macro.Macro(Id);
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", m.Id.ToString()));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "refreshRate", m.RefreshRate.ToString()));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "useInEditor", m.UseInEditor.ToString()));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "alias", m.Alias));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", m.Name));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "assembly", m.Assembly));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "type", m.Type));
+ macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "xslt", m.Xslt));
+ var properties = xmlDoc.CreateElement("properties");
+ foreach (var mp in m.Properties)
+ {
+ var pXml = xmlDoc.CreateElement("property");
+ pXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "alias", mp.Alias));
+ pXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", mp.Name));
+ pXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "public", mp.Public.ToString()));
+ properties.AppendChild(pXml);
+ }
+ macro.AppendChild(properties);
+ return macro;
+ }
+ return null;
+ }
}
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
index 80036576ea..252577884c 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
@@ -23,7 +23,7 @@ namespace umbraco.presentation.umbraco.webservices
public bool IsReusable
{
- get { return true; }
+ get { return false; }
}
public void ProcessRequest(HttpContext context)
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Settings.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Settings.asmx.cs
index 9cdeb41d7b..79b1a57920 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Settings.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Settings.asmx.cs
@@ -7,68 +7,32 @@ using System.Web;
using System.Web.Services;
using System.Linq;
using System.Xml;
+using Umbraco.Core;
namespace umbraco.webservices
{
- ///
- /// Summary description for Settings.
- ///
- public class Settings : System.Web.Services.WebService
+
+ public class Settings : WebService
{
- public Settings()
- {
- //CODEGEN: This call is required by the ASP.NET Web Services Designer
- InitializeComponent();
- }
-
+
[WebMethod]
- public XmlNode GetTabs(string ContextID, int ContentTypeId)
+ public XmlNode GetTabs(string ContextID, int ContentTypeId)
{
- if (BasePages.BasePage.ValidateUserContextID(ContextID))
+ if (BasePages.BasePage.ValidateUserContextID(ContextID))
{
- XmlDocument xmlDoc = new XmlDocument();
- XmlElement tabs = xmlDoc.CreateElement("tabs");
- foreach (cms.businesslogic.ContentType.TabI t in new cms.businesslogic.ContentType(ContentTypeId).getVirtualTabs.ToList())
+ var xmlDoc = new XmlDocument();
+ var tabs = xmlDoc.CreateElement("tabs");
+ foreach (var t in new cms.businesslogic.ContentType(ContentTypeId).getVirtualTabs.ToList())
{
- XmlElement mXml = xmlDoc.CreateElement("tab");
- mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", t.Id.ToString()));
- mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "caption", t.Caption));
+ var mXml = xmlDoc.CreateElement("tab");
+ mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", t.Id.ToString()));
+ mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "caption", t.Caption));
tabs.AppendChild(mXml);
}
return tabs;
- }
- else
- return null;
- }
-
-
-
- #region Component Designer generated code
-
- //Required by the Web Services Designer
- private IContainer components = null;
-
- ///
- /// Required method for Designer support - do not modify
- /// the contents of this method with the code editor.
- ///
- private void InitializeComponent()
- {
- }
-
- ///
- /// Clean up any resources being used.
- ///
- protected override void Dispose( bool disposing )
- {
- if(disposing && components != null)
- {
- components.Dispose();
}
- base.Dispose(disposing);
- }
-
- #endregion
+ return null;
+ }
}
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TagsAutoCompleteHandler.ashx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TagsAutoCompleteHandler.ashx.cs
index 161dd1f898..b69f0acaa3 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TagsAutoCompleteHandler.ashx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TagsAutoCompleteHandler.ashx.cs
@@ -10,9 +10,7 @@ using umbraco.presentation.webservices;
namespace umbraco.presentation.umbraco.webservices
{
- ///
- /// Summary description for $codebehindclassname$
- ///
+
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class TagsAutoCompleteHandler : IHttpHandler
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs
index 354a9d5bab..879c277a8d 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs
@@ -31,7 +31,7 @@ namespace umbraco.presentation.webservices
{
Authorize();
- TreeControl treeCtl = new TreeControl()
+ var treeCtl = new TreeControl()
{
ShowContextMenu = showContextMenu,
IsDialog = isDialog,
@@ -43,7 +43,7 @@ namespace umbraco.presentation.webservices
FunctionToCall = string.IsNullOrEmpty(functionToCall) ? "" : functionToCall
};
- Dictionary returnVal = new Dictionary();
+ var returnVal = new Dictionary();
if (string.IsNullOrEmpty(treeType))
{
@@ -65,7 +65,7 @@ namespace umbraco.presentation.webservices
//tree.StartNodeID =
//now render it's start node
- XmlTree xTree = new XmlTree();
+ var xTree = new XmlTree();
xTree.Add(tree.RootNode);
returnVal.Add("json", xTree.ToString());
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeDataService.ashx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeDataService.ashx.cs
index 9809fe682f..89609703aa 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeDataService.ashx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeDataService.ashx.cs
@@ -65,7 +65,7 @@ namespace umbraco.presentation.webservices
/// If the application supports multiple trees, then this function iterates over all of the trees assigned to it
/// and creates their top level nodes and context menus.
///
- ///
+ ///
private void LoadAppTrees(TreeRequestParams treeParams)
{
//find all tree definitions that have the current application alias
@@ -82,8 +82,7 @@ namespace umbraco.presentation.webservices
///
/// This will load the particular ITree object and call it's render method to get the nodes that need to be rendered.
///
- ///
- ///
+ ///
private void LoadTree(TreeRequestParams treeParams)
{
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/ajaxHelpers.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/ajaxHelpers.cs
index 74c37891c1..68c140945b 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/ajaxHelpers.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/ajaxHelpers.cs
@@ -7,13 +7,16 @@ using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
-using umbraco.IO;
+using Umbraco.Core.IO;
-namespace umbraco.presentation.webservices {
- public class ajaxHelpers {
- public static void EnsureLegacyCalls(System.Web.UI.Page page) {
- ScriptManager sm = ScriptManager.GetCurrent(page);
- ServiceReference legacyPath = new ServiceReference(SystemDirectories.Webservices + "/legacyAjaxCalls.asmx");
+namespace umbraco.presentation.webservices
+{
+ public class ajaxHelpers
+ {
+ public static void EnsureLegacyCalls(Page page)
+ {
+ var sm = ScriptManager.GetCurrent(page);
+ var legacyPath = new ServiceReference(SystemDirectories.WebServices + "/legacyAjaxCalls.asmx");
if (!sm.Services.Contains(legacyPath))
sm.Services.Add(legacyPath);
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/codeEditorSave.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/codeEditorSave.asmx.cs
index 49ec839d0e..2cf993329c 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/codeEditorSave.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/codeEditorSave.asmx.cs
@@ -38,7 +38,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveCss(string fileName, string oldName, string fileContents, int fileID)
{
- if (ValidateUserApp(DefaultApps.settings.ToString()))
+ if (AuthorizeRequest(DefaultApps.settings.ToString()))
{
string returnValue;
var stylesheet = new StyleSheet(fileID)
@@ -75,7 +75,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveXslt(string fileName, string oldName, string fileContents, bool ignoreDebugging)
{
- if (ValidateUserApp(DefaultApps.developer.ToString()))
+ if (AuthorizeRequest(DefaultApps.developer.ToString()))
{
// validate file
@@ -234,7 +234,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveDLRScript(string fileName, string oldName, string fileContents, bool ignoreDebugging)
{
- if (ValidateUserApp(DefaultApps.developer.ToString()))
+ if (AuthorizeRequest(DefaultApps.developer.ToString()))
{
if (string.IsNullOrEmpty(fileName))
throw new ArgumentNullException("fileName");
@@ -330,7 +330,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveScript(string filename, string oldName, string contents)
{
- if (ValidateUserApp(DefaultApps.settings.ToString()))
+ if (AuthorizeRequest(DefaultApps.settings.ToString()))
{
// validate file
@@ -392,7 +392,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveTemplate(string templateName, string templateAlias, string templateContents, int templateID, int masterTemplateID)
{
- if (ValidateUserApp(DefaultApps.settings.ToString()))
+ if (AuthorizeRequest(DefaultApps.settings.ToString()))
{
var _template = new Template(templateID);
string retVal = "false";
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/legacyAjaxCalls.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/legacyAjaxCalls.asmx.cs
index f9e9127325..6a4f73d4b2 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/legacyAjaxCalls.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/legacyAjaxCalls.asmx.cs
@@ -2,6 +2,7 @@ using System;
using System.Data;
using System.Web;
using System.Collections;
+using System.Web.Security;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.ComponentModel;
@@ -16,6 +17,8 @@ using System.Text.RegularExpressions;
using System.Diagnostics;
using System.Net;
using System.Web.UI;
+using Umbraco.Web.WebServices;
+using umbraco.BusinessLogic;
using umbraco.businesslogic.Exceptions;
using umbraco.IO;
using umbraco.cms.businesslogic.web;
@@ -32,18 +35,16 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
[ScriptService]
- public class legacyAjaxCalls : System.Web.Services.WebService
+ public class legacyAjaxCalls : UmbracoAuthorizedWebService
{
[WebMethod]
public bool ValidateUser(string username, string password)
{
- if (System.Web.Security.Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(
- username, password))
+ if (ValidateCredentials(username, password))
{
- BusinessLogic.User u = new BusinessLogic.User(username);
+ var u = new BusinessLogic.User(username);
BasePage.doLogin(u);
-
return true;
}
else
@@ -64,7 +65,7 @@ namespace umbraco.presentation.webservices
public void Delete(string nodeId, string alias, string nodeType)
{
- Authorize();
+ AuthorizeRequest(true);
//check which parameters to pass depending on the types passed in
int intNodeID;
@@ -83,7 +84,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public void DeleteContentPermanently(string nodeId, string nodeType)
{
- Authorize();
+ AuthorizeRequest( true);
int intNodeID;
if (int.TryParse(nodeId, out intNodeID))
@@ -113,8 +114,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public void DisableUser(int userId)
{
-
- Authorize();
+ AuthorizeRequest(DefaultApps.users.ToString(), true);
BusinessLogic.User.GetUser(userId).disable();
}
@@ -124,7 +124,7 @@ namespace umbraco.presentation.webservices
public string GetNodeName(int nodeId)
{
- Authorize();
+ AuthorizeRequest(true);
return new cms.businesslogic.CMSNode(nodeId).Text;
}
@@ -134,7 +134,7 @@ namespace umbraco.presentation.webservices
public string[] GetNodeBreadcrumbs(int nodeId)
{
- Authorize();
+ AuthorizeRequest(true);
var node = new cms.businesslogic.CMSNode(nodeId);
var crumbs = new System.Collections.Generic.List() { node.Text };
@@ -152,7 +152,7 @@ namespace umbraco.presentation.webservices
public string NiceUrl(int nodeId)
{
- Authorize();
+ AuthorizeRequest(true);
return library.NiceUrl(nodeId);
}
@@ -168,7 +168,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public void RenewUmbracoSession()
{
- Authorize();
+ AuthorizeRequest(true);
BasePage.RenewLoginTimeout();
@@ -178,7 +178,9 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public int GetSecondsBeforeUserLogout()
{
- Authorize();
+ //TODO: Change this to not throw an exception otherwise we end up with JS errors all the time when recompiling!!
+
+ AuthorizeRequest(true);
long timeout = BasePage.GetTimeout(true);
DateTime timeoutDate = new DateTime(timeout);
DateTime currentDate = DateTime.Now;
@@ -191,7 +193,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public string TemplateMasterPageContentContainer(int templateId, int masterTemplateId)
{
- Authorize();
+ AuthorizeRequest(DefaultApps.settings.ToString(), true);
return new cms.businesslogic.template.Template(templateId).GetMasterContentElement(masterTemplateId);
}
@@ -199,20 +201,22 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public string SaveFile(string fileName, string fileAlias, string fileContents, string fileType, int fileID, int masterID, bool ignoreDebug)
{
-
- Authorize();
-
switch (fileType)
{
case "xslt":
+ AuthorizeRequest(DefaultApps.developer.ToString(), true);
return saveXslt(fileName, fileContents, ignoreDebug);
case "python":
+ AuthorizeRequest(DefaultApps.developer.ToString(), true);
return "true";
case "css":
+ AuthorizeRequest(DefaultApps.settings.ToString(), true);
return saveCss(fileName, fileContents, fileID);
case "script":
+ AuthorizeRequest(DefaultApps.settings.ToString(), true);
return saveScript(fileName, fileContents);
case "template":
+ AuthorizeRequest(DefaultApps.settings.ToString(), true);
return saveTemplate(fileName, fileAlias, fileContents, fileID, masterID);
default:
throw new ArgumentException(String.Format("Invalid fileType passed: '{0}'", fileType));
@@ -223,7 +227,7 @@ namespace umbraco.presentation.webservices
public string Tidy(string textToTidy)
{
- Authorize();
+ AuthorizeRequest(true);
return library.Tidy(helper.Request("StringToTidy"), true);
}
@@ -452,10 +456,9 @@ namespace umbraco.presentation.webservices
return retVal;
}
-
+ [Obsolete("You should use the AuthorizeRequest methods on the base class of UmbracoAuthorizedWebService and ensure you inherit from that class for umbraco asmx web services")]
public static void Authorize()
{
-
// check for secure connection
if (GlobalSettings.UseSSL && !HttpContext.Current.Request.IsSecureConnection)
throw new UserAuthorizationException("This installation requires a secure connection (via SSL). Please update the URL to include https://");
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/progressStatus.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/progressStatus.asmx.cs
index 124b7fe3c5..31d5e247e5 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/progressStatus.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/progressStatus.asmx.cs
@@ -14,39 +14,7 @@ namespace presentation.umbraco.webservices
[WebService(Namespace="http://umbraco.org/webservices/")]
public class progressStatus : System.Web.Services.WebService
{
- public progressStatus()
- {
- //CODEGEN: This call is required by the ASP.NET Web Services Designer
- InitializeComponent();
- }
-
- #region Component Designer generated code
- //Required by the Web Services Designer
- private IContainer components = null;
-
- ///
- /// Required method for Designer support - do not modify
- /// the contents of this method with the code editor.
- ///
- private void InitializeComponent()
- {
- }
-
- ///
- /// Clean up any resources being used.
- ///
- protected override void Dispose( bool disposing )
- {
- if(disposing && components != null)
- {
- components.Dispose();
- }
- base.Dispose(disposing);
- }
-
- #endregion
-
[WebMethod]
public int GetStatus(string key)
{
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/publication.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/publication.asmx.cs
index 56fbdf7ae0..143a2dcb4c 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/publication.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/publication.asmx.cs
@@ -13,12 +13,7 @@ namespace umbraco.webservices
[ScriptService]
public class publication : WebService
{
- public publication()
- {
- //CODEGEN: This call is required by the ASP.NET Web Services Designer
- InitializeComponent();
- }
-
+
[WebMethod]
[ScriptMethod]
public int GetPublicationStatus(string key)
@@ -78,32 +73,5 @@ namespace umbraco.webservices
content.Instance.PersistXmlToFile();
}
- #region Component Designer generated code
-
- //Required by the Web Services Designer
- private IContainer components = null;
-
- ///
- /// Required method for Designer support - do not modify
- /// the contents of this method with the code editor.
- ///
- private void InitializeComponent()
- {
- }
-
- ///
- /// Clean up any resources being used.
- ///
- protected override void Dispose( bool disposing )
- {
- if(disposing && components != null)
- {
- components.Dispose();
- }
- base.Dispose(disposing);
- }
-
- #endregion
-
}
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs
index 691e4ad7e7..8417fdcb38 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs
@@ -7,6 +7,8 @@ using System.Web;
using System.Web.Services;
using System.Xml;
using System.Web.Script.Services;
+using Umbraco.Core;
+using Umbraco.Core.IO;
using umbraco.presentation.webservices;
namespace umbraco.webservices
@@ -16,111 +18,82 @@ namespace umbraco.webservices
///
[WebService(Namespace="http://umbraco.org/webservices/")]
[ScriptService]
- public class templates : System.Web.Services.WebService
+ public class templates : WebService
{
- public templates()
- {
- //CODEGEN: This call is required by the ASP.NET Web Services Designer
- InitializeComponent();
- }
-
+
[WebMethod]
- public XmlNode GetTemplates(string Login, string Password)
+ public XmlNode GetTemplates(string Login, string Password)
{
- if (BusinessLogic.User.validateCredentials(Login, Password))
+ if (BusinessLogic.User.validateCredentials(Login, Password))
{
- XmlDocument xmlDoc = new XmlDocument();
+ var xmlDoc = new XmlDocument();
xmlDoc.LoadXml("");
foreach (cms.businesslogic.template.Template t in cms.businesslogic.template.Template.GetAllAsList())
{
- XmlElement tt = xmlDoc.CreateElement("template");
- tt.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", t.Id.ToString()));
- tt.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", t.Text));
+ var tt = xmlDoc.CreateElement("template");
+ tt.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", t.Id.ToString()));
+ tt.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", t.Text));
xmlDoc.DocumentElement.AppendChild(tt);
}
return xmlDoc.DocumentElement;
- } else
- return null;
+ }
+ return null;
}
- [WebMethod]
- public XmlNode GetTemplate(int Id, string Login, string Password)
+ [WebMethod]
+ public XmlNode GetTemplate(int Id, string Login, string Password)
{
- if (BusinessLogic.User.validateCredentials(Login, Password))
+ if (BusinessLogic.User.validateCredentials(Login, Password))
{
- cms.businesslogic.template.Template t = new cms.businesslogic.template.Template(Id);
- XmlDocument xmlDoc = new XmlDocument();
- XmlElement tXml = xmlDoc.CreateElement("template");
- tXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", t.Id.ToString()));
- tXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "master", t.MasterTemplate.ToString()));
- tXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", t.Text));
- tXml.AppendChild(xmlHelper.addCDataNode(xmlDoc, "design", t.Design));
+ var t = new cms.businesslogic.template.Template(Id);
+ var xmlDoc = new XmlDocument();
+ var tXml = xmlDoc.CreateElement("template");
+ tXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", t.Id.ToString()));
+ tXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "master", t.MasterTemplate.ToString()));
+ tXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", t.Text));
+ tXml.AppendChild(XmlHelper.AddCDataNode(xmlDoc, "design", t.Design));
return tXml;
- } else
- return null;
-
+ }
+ return null;
}
- [WebMethod]
- public bool UpdateTemplate(int Id, int Master, string Design, string Login, string Password)
+ [WebMethod]
+ public bool UpdateTemplate(int Id, int Master, string Design, string Login, string Password)
{
- if (BusinessLogic.User.validateCredentials(Login, Password))
+ if (BusinessLogic.User.validateCredentials(Login, Password))
{
- cms.businesslogic.template.Template t = new cms.businesslogic.template.Template(Id);
- if (t != null)
- {
- t.MasterTemplate = Master;
- t.Design = Design;
- return true;
- }
- else
- return false;
- } else
- return false;
+ try
+ {
+ var t = new cms.businesslogic.template.Template(Id)
+ {
+ MasterTemplate = Master,
+ Design = Design
+ };
+ //ensure events are raised
+ t.Save();
+ return true;
+ }
+ catch (ArgumentException)
+ {
+ return false;
+ }
+ }
+ return false;
}
- [WebMethod]
+ [WebMethod]
[ScriptMethod]
public string GetCodeSnippet(object templateId)
{
legacyAjaxCalls.Authorize();
-
-
- string content = string.Empty;
-
- System.IO.StreamReader templateFile =
- System.IO.File.OpenText(umbraco.IO.IOHelper.MapPath(IO.SystemDirectories.Umbraco + "/scripting/templates/cshtml/" + templateId.ToString()));
- content = templateFile.ReadToEnd();
+
+ var templateFile =
+ System.IO.File.OpenText(IOHelper.MapPath(SystemDirectories.Umbraco + "/scripting/templates/cshtml/" + templateId));
+ var content = templateFile.ReadToEnd();
templateFile.Close();
return content;
}
- #region Component Designer generated code
- //Required by the Web Services Designer
- private IContainer components = null;
-
- ///
- /// Required method for Designer support - do not modify
- /// the contents of this method with the code editor.
- ///
- private void InitializeComponent()
- {
- }
-
- ///
- /// Clean up any resources being used.
- ///
- protected override void Dispose( bool disposing )
- {
- if(disposing && components != null)
- {
- components.Dispose();
- }
- base.Dispose(disposing);
- }
-
- #endregion
-
}
}
diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs
index e7a39a9ead..884b3c6ef7 100644
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs
@@ -40,19 +40,18 @@ namespace umbraco.presentation.webservices
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
{
- if (Application["trashcanEmptyLeft"] != null)
- return Application["trashcanEmptyLeft"].ToString();
- else
- return "";
+ return Application["trashcanEmptyLeft"] != null
+ ? Application["trashcanEmptyLeft"].ToString()
+ : "";
}
return "-";
}
- private void emptyTrashCanDo(cms.businesslogic.RecycleBin.RecycleBinType type)
+ private void emptyTrashCanDo(RecycleBin.RecycleBinType type)
{
- RecycleBin trashCan = new RecycleBin(type);
+ var trashCan = new RecycleBin(type);
var callback = new Action(x =>
{
diff --git a/src/umbraco.businesslogic/BasePages/BasePage.cs b/src/umbraco.businesslogic/BasePages/BasePage.cs
index 2118dd4cc6..5ff368e264 100644
--- a/src/umbraco.businesslogic/BasePages/BasePage.cs
+++ b/src/umbraco.businesslogic/BasePages/BasePage.cs
@@ -7,7 +7,7 @@ using Umbraco.Core.IO;
using Umbraco.Core.Logging;
using umbraco.BusinessLogic;
using umbraco.DataLayer;
-using System.Web.UI;
+using Umbraco.Core;
namespace umbraco.BasePages
{
@@ -176,17 +176,18 @@ namespace umbraco.BasePages
///
public static bool ValidateUserContextID(string currentUmbracoUserContextID)
{
- if ((currentUmbracoUserContextID != ""))
+ if (!currentUmbracoUserContextID.IsNullOrWhiteSpace())
{
- int uid = GetUserId(currentUmbracoUserContextID);
- long timeout = GetTimeout(currentUmbracoUserContextID);
+ var uid = GetUserId(currentUmbracoUserContextID);
+ var timeout = GetTimeout(currentUmbracoUserContextID);
if (timeout > DateTime.Now.Ticks)
{
return true;
}
- BusinessLogic.Log.Add(BusinessLogic.LogTypes.Logout, BusinessLogic.User.GetUser(uid), -1, "");
+ //TODO: We don't actually log anyone out here, not sure why we're logging ??
+ Log.Add(LogTypes.Logout, BusinessLogic.User.GetUser(uid), -1, "");
}
return false;
}