From 6f81b7fe2474fd6a2e40ea83b7e257eed1259f21 Mon Sep 17 00:00:00 2001 From: Robert Date: Thu, 25 Jan 2018 12:10:34 +0100 Subject: [PATCH 1/3] 'getting-started' tour only available to admins --- src/Umbraco.Web/Editors/TourController.cs | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/Umbraco.Web/Editors/TourController.cs b/src/Umbraco.Web/Editors/TourController.cs index 152879bf5a..0833d26cb2 100644 --- a/src/Umbraco.Web/Editors/TourController.cs +++ b/src/Umbraco.Web/Editors/TourController.cs @@ -17,13 +17,16 @@ namespace Umbraco.Web.Editors { public IEnumerable GetTours() { + //Check if it has admin group + var isAdmin = UmbracoContext.Current.Security.CurrentUser.Groups.Any(x => x.Alias == "admin"); + var result = new List(); if (UmbracoConfig.For.UmbracoSettings().BackOffice.Tours.EnableTours == false) return result; var filters = TourFilterResolver.Current.Filters.ToList(); - + //get all filters that will be applied to all tour aliases var aliasOnlyFilters = filters.Where(x => x.PluginName == null && x.TourFileName == null).ToList(); @@ -36,6 +39,10 @@ namespace Umbraco.Web.Editors { foreach (var tourFile in Directory.EnumerateFiles(coreToursPath, "*.json")) { + var tourFileName = Path.GetFileName(tourFile.TrimEnd('\\')); + //We brake if isAdmin is false as we don't want to show getting-started tour to non-admins + if (tourFileName.Equals("getting-started.json") && isAdmin == false) break; + TryParseTourFile(tourFile, result, nonPluginFilters, aliasOnlyFilters); } } @@ -79,7 +86,7 @@ namespace Umbraco.Web.Editors //get the filters specific to this file var fileFilters = filters.Where(x => x.TourFileName != null && x.TourFileName.IsMatch(fileName)).ToList(); - + //If there is any filter applied to match the file only (no tour alias) then ignore the file entirely var isFileFiltered = fileFilters.Any(x => x.TourAlias == null); if (isFileFiltered) return; @@ -117,4 +124,4 @@ namespace Umbraco.Web.Editors } } } -} \ No newline at end of file +} From 67ff827d677012463aa697db0ec34d777cfa0219 Mon Sep 17 00:00:00 2001 From: Robert Date: Mon, 29 Jan 2018 13:13:43 +0100 Subject: [PATCH 2/3] Tours will only load if the current user has access to the same sections the tours has access to --- .../src/common/services/tour.service.js | 5 +- .../BackOfficeTours/getting-started.json | 55 ++++++++++++++++++- src/Umbraco.Web/Editors/TourController.cs | 30 +++++++--- src/Umbraco.Web/Models/BackOfficeTour.cs | 6 +- 4 files changed, 85 insertions(+), 11 deletions(-) diff --git a/src/Umbraco.Web.UI.Client/src/common/services/tour.service.js b/src/Umbraco.Web.UI.Client/src/common/services/tour.service.js index a1cb579433..28ac7f6485 100644 --- a/src/Umbraco.Web.UI.Client/src/common/services/tour.service.js +++ b/src/Umbraco.Web.UI.Client/src/common/services/tour.service.js @@ -212,6 +212,9 @@ throw "Tour " + tour.alias + " is missing tour steps"; } + if (tour.requiredSections.length === 0) { + throw "Tour " + tour.alias + " is missing the required sections"; + } } /** @@ -275,4 +278,4 @@ angular.module("umbraco.services").factory("tourService", tourService); -})(); \ No newline at end of file +})(); diff --git a/src/Umbraco.Web.UI/config/BackOfficeTours/getting-started.json b/src/Umbraco.Web.UI/config/BackOfficeTours/getting-started.json index 36350b5d18..f2bf531ab4 100644 --- a/src/Umbraco.Web.UI/config/BackOfficeTours/getting-started.json +++ b/src/Umbraco.Web.UI/config/BackOfficeTours/getting-started.json @@ -5,6 +5,15 @@ "group": "Getting Started", "groupOrder": 100, "allowDisable": true, + "requiredSections": [ + "content", + "media", + "settings", + "developer", + "users", + "member", + "forms" + ], "steps": [ { "title": "Welcome to Umbraco - The Friendly CMS", @@ -25,7 +34,6 @@ "content": "Each area in Umbraco is called a Section. Right now you are in the Content section, when you want to go to another section simply click on the appropriate icon in the main menu and you'll be there in no time.", "backdropOpacity": 0.6 }, - { "element": "#tree", "elementPreventClick": true, @@ -88,6 +96,15 @@ "alias": "umbIntroCreateDocType", "group": "Getting Started", "groupOrder": 100, + "requiredSections": [ + "content", + "media", + "settings", + "developer", + "users", + "member", + "forms" + ], "steps": [ { "title": "Create your first Document Type", @@ -203,6 +220,15 @@ "alias": "umbIntroCreateContent", "group": "Getting Started", "groupOrder": 100, + "requiredSections": [ + "content", + "media", + "settings", + "developer", + "users", + "member", + "forms" + ], "steps": [ { "title": "Creating your first content node", @@ -253,6 +279,15 @@ "alias": "umbIntroRenderInTemplate", "group": "Getting Started", "groupOrder": 100, + "requiredSections": [ + "content", + "media", + "settings", + "developer", + "users", + "member", + "forms" + ], "steps": [ { "title": "Render your content in a template", @@ -299,6 +334,15 @@ "alias": "umbIntroViewHomePage", "group": "Getting Started", "groupOrder": 100, + "requiredSections": [ + "content", + "media", + "settings", + "developer", + "users", + "member", + "forms" + ], "steps": [ { "title": "View your Umbraco site", @@ -339,6 +383,15 @@ "alias": "umbIntroMediaSection", "group": "Getting Started", "groupOrder": 100, + "requiredSections": [ + "content", + "media", + "settings", + "developer", + "users", + "member", + "forms" + ], "steps": [ { "title": "How to use the media library", diff --git a/src/Umbraco.Web/Editors/TourController.cs b/src/Umbraco.Web/Editors/TourController.cs index 0833d26cb2..06d30e29fa 100644 --- a/src/Umbraco.Web/Editors/TourController.cs +++ b/src/Umbraco.Web/Editors/TourController.cs @@ -1,4 +1,5 @@ using System; +using System.CodeDom.Compiler; using System.Collections.Generic; using System.IO; using System.Linq; @@ -17,9 +18,6 @@ namespace Umbraco.Web.Editors { public IEnumerable GetTours() { - //Check if it has admin group - var isAdmin = UmbracoContext.Current.Security.CurrentUser.Groups.Any(x => x.Alias == "admin"); - var result = new List(); if (UmbracoConfig.For.UmbracoSettings().BackOffice.Tours.EnableTours == false) @@ -39,10 +37,6 @@ namespace Umbraco.Web.Editors { foreach (var tourFile in Directory.EnumerateFiles(coreToursPath, "*.json")) { - var tourFileName = Path.GetFileName(tourFile.TrimEnd('\\')); - //We brake if isAdmin is false as we don't want to show getting-started tour to non-admins - if (tourFileName.Equals("getting-started.json") && isAdmin == false) break; - TryParseTourFile(tourFile, result, nonPluginFilters, aliasOnlyFilters); } } @@ -71,8 +65,28 @@ namespace Umbraco.Web.Editors } } } + //Get all allowed sections for the current user + var allowedSections = UmbracoContext.Current.Security.CurrentUser.AllowedSections.ToList(); - return result.OrderBy(x => x.FileName, StringComparer.InvariantCultureIgnoreCase); + var toursToBeRemoved = new List(); + + //Checking to see if the user has access to the required tour sections, else we remove the tour + foreach (var backOfficeTourFile in result) + { + foreach (var tour in backOfficeTourFile.Tours) + { + foreach (var toursRequiredSection in tour.RequiredSections) + { + if (allowedSections.Contains(toursRequiredSection) == false) + { + toursToBeRemoved.Add(backOfficeTourFile); + break; + } + } + } + } + + return result.Except(toursToBeRemoved).OrderBy(x => x.FileName, StringComparer.InvariantCultureIgnoreCase); } private void TryParseTourFile(string tourFile, diff --git a/src/Umbraco.Web/Models/BackOfficeTour.cs b/src/Umbraco.Web/Models/BackOfficeTour.cs index a973a92429..22e578502d 100644 --- a/src/Umbraco.Web/Models/BackOfficeTour.cs +++ b/src/Umbraco.Web/Models/BackOfficeTour.cs @@ -1,4 +1,6 @@ -using System.Runtime.Serialization; +using System.Collections.Generic; +using System.Runtime.Serialization; +using umbraco.presentation.webservices; namespace Umbraco.Web.Models { @@ -18,6 +20,8 @@ namespace Umbraco.Web.Models public int GroupOrder { get; set; } [DataMember(Name = "allowDisable")] public bool AllowDisable { get; set; } + [DataMember(Name = "requiredSections")] + public List RequiredSections { get; set; } [DataMember(Name = "steps")] public BackOfficeTourStep[] Steps { get; set; } } From e07c5e6ff88fa1ae281ae739d320740bbdc2418a Mon Sep 17 00:00:00 2001 From: Robert Date: Mon, 29 Jan 2018 13:18:11 +0100 Subject: [PATCH 3/3] Removed unused using directives --- src/Umbraco.Web/Editors/TourController.cs | 3 --- src/Umbraco.Web/Models/BackOfficeTour.cs | 1 - 2 files changed, 4 deletions(-) diff --git a/src/Umbraco.Web/Editors/TourController.cs b/src/Umbraco.Web/Editors/TourController.cs index 06d30e29fa..da16659cfe 100644 --- a/src/Umbraco.Web/Editors/TourController.cs +++ b/src/Umbraco.Web/Editors/TourController.cs @@ -1,5 +1,4 @@ using System; -using System.CodeDom.Compiler; using System.Collections.Generic; using System.IO; using System.Linq; @@ -8,8 +7,6 @@ using Umbraco.Core.Configuration; using Umbraco.Core.IO; using Umbraco.Web.Models; using Umbraco.Web.Mvc; -using Umbraco.Web.WebApi.Filters; -using Constants = Umbraco.Core.Constants; namespace Umbraco.Web.Editors { diff --git a/src/Umbraco.Web/Models/BackOfficeTour.cs b/src/Umbraco.Web/Models/BackOfficeTour.cs index 22e578502d..78a4cd1897 100644 --- a/src/Umbraco.Web/Models/BackOfficeTour.cs +++ b/src/Umbraco.Web/Models/BackOfficeTour.cs @@ -1,6 +1,5 @@ using System.Collections.Generic; using System.Runtime.Serialization; -using umbraco.presentation.webservices; namespace Umbraco.Web.Models {