diff --git a/src/Umbraco.Core/Constants-Applications.cs b/src/Umbraco.Core/Constants-Applications.cs index f52bd3b083..04eb8dad0d 100644 --- a/src/Umbraco.Core/Constants-Applications.cs +++ b/src/Umbraco.Core/Constants-Applications.cs @@ -80,6 +80,12 @@ /// public const string Templates = "template"; + public const string RelationTypes = "relationTypes"; + + public const string Xslt = "xslt"; + + public const string Languages = "languages"; + } } diff --git a/src/Umbraco.Core/Dictionary/ICultureDictionaryFactory.cs b/src/Umbraco.Core/Dictionary/ICultureDictionaryFactory.cs index d42df33f91..798c3c47c6 100644 --- a/src/Umbraco.Core/Dictionary/ICultureDictionaryFactory.cs +++ b/src/Umbraco.Core/Dictionary/ICultureDictionaryFactory.cs @@ -1,6 +1,6 @@ namespace Umbraco.Core.Dictionary { - internal interface ICultureDictionaryFactory + public interface ICultureDictionaryFactory { ICultureDictionary CreateDictionary(); } diff --git a/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs b/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs index b07ddac5f2..6adcb6cf2b 100644 --- a/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs +++ b/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs @@ -16,6 +16,21 @@ namespace Umbraco.Web.UI.Pages /// public class UmbracoEnsuredPage : BasePage { + public UmbracoEnsuredPage() + { + //Assign security automatically if the attribute is found + var treeAuth = this.GetType().GetCustomAttribute(true); + if (treeAuth != null) + { + var treeByAlias = ApplicationContext.Current.Services.ApplicationTreeService + .GetByAlias(treeAuth.TreeAlias); + if (treeByAlias != null) + { + CurrentApp = treeByAlias.ApplicationAlias; + } + } + } + private bool _hasValidated = false; /// @@ -81,5 +96,19 @@ namespace Umbraco.Web.UI.Pages } } + /// + /// Used to assign a webforms page's security to a specific tree which will in turn check to see + /// if the current user has access to the specified tree's registered section + /// + [AttributeUsage(AttributeTargets.Class)] + public sealed class WebformsPageTreeAuthorizeAttribute : Attribute + { + public string TreeAlias { get; private set; } + + public WebformsPageTreeAuthorizeAttribute(string treeAlias) + { + TreeAlias = treeAlias; + } + } } } \ No newline at end of file diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/EditRelationType.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/EditRelationType.aspx.cs index 1393a5ddc7..da2d0446b8 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/EditRelationType.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/EditRelationType.aspx.cs @@ -4,6 +4,7 @@ using System.Web.UI; using System.Web.UI.WebControls; using umbraco.BasePages; using umbraco.BusinessLogic; +using Umbraco.Core; using Umbraco.Core.Models; using RelationType = umbraco.cms.businesslogic.relation.RelationType; @@ -12,12 +13,9 @@ namespace umbraco.cms.presentation.developer.RelationTypes /// /// Edit an existing RelationType /// + [WebformsPageTreeAuthorize(Constants.Trees.RelationTypes)] public partial class EditRelationType : UmbracoEnsuredPage { - public EditRelationType() - { - CurrentApp = DefaultApps.developer.ToString(); - } /// /// Class scope reference to the current RelationType being edited diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/NewRelationType.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/NewRelationType.aspx.cs index d7aeeea41e..38e4064cd4 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/NewRelationType.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/RelationTypes/NewRelationType.aspx.cs @@ -1,5 +1,6 @@ using System; using System.Web.UI.WebControls; +using Umbraco.Core; using Umbraco.Web.UI.Pages; using umbraco.BusinessLogic; using Umbraco.Core.Models; @@ -9,13 +10,9 @@ namespace umbraco.cms.presentation.developer.RelationTypes /// /// Add a new Relation Type /// + [WebformsPageTreeAuthorize(Constants.Trees.RelationTypes)] public partial class NewRelationType : UmbracoEnsuredPage { - public NewRelationType() - { - CurrentApp = DefaultApps.developer.ToString(); - } - /// /// On Load event /// diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/editXslt.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/editXslt.aspx.cs index 0984d038af..b88b0f1d4f 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/editXslt.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/editXslt.aspx.cs @@ -7,6 +7,7 @@ using System.Web.UI; using System.Web.UI.WebControls; using System.Xml; using System.Xml.Xsl; +using Umbraco.Core; using Umbraco.Core.IO; using umbraco.BasePages; using umbraco.uicontrols; @@ -19,12 +20,9 @@ namespace umbraco.cms.presentation.developer /// /// Summary description for editXslt. /// + [WebformsPageTreeAuthorize(Constants.Trees.Xslt)] public partial class editXslt : UmbracoEnsuredPage { - public editXslt() - { - CurrentApp = BusinessLogic.DefaultApps.developer.ToString(); - } protected PlaceHolder buttons; diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltChooseExtension.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltChooseExtension.aspx.cs index 28802236af..7ee4ca4733 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltChooseExtension.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltChooseExtension.aspx.cs @@ -5,19 +5,16 @@ using System.Reflection; using System.Text; using System.Web.UI; using System.Web.UI.WebControls; +using Umbraco.Core; namespace umbraco.developer { /// /// Summary description for xsltChooseExtension. /// + [WebformsPageTreeAuthorize(Constants.Trees.Xslt)] public partial class xsltChooseExtension : BasePages.UmbracoEnsuredPage { - public xsltChooseExtension() - { - CurrentApp = BusinessLogic.DefaultApps.developer.ToString(); - - } protected void Page_Load(object sender, System.EventArgs e) { diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltInsertValueOf.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltInsertValueOf.aspx.cs index f2298089a2..a7f4c158d8 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltInsertValueOf.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltInsertValueOf.aspx.cs @@ -18,14 +18,9 @@ namespace umbraco.developer /// /// Summary description for xsltInsertValueOf. /// + [WebformsPageTreeAuthorize(Constants.Trees.Xslt)] public partial class xsltInsertValueOf : BasePages.UmbracoEnsuredPage { - - public xsltInsertValueOf() - { - CurrentApp = BusinessLogic.DefaultApps.developer.ToString(); - - } protected void Page_Load(object sender, System.EventArgs e) { ArrayList preValuesSource = new ArrayList(); diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltVisualize.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltVisualize.aspx.cs index f76bff3d2c..cf904f0f74 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltVisualize.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltVisualize.aspx.cs @@ -7,17 +7,15 @@ using System.Web.UI.WebControls; using System.Text; using System.Xml; using System.IO; +using Umbraco.Core; using Umbraco.Core.IO; namespace umbraco.presentation.umbraco.developer.Xslt { + [WebformsPageTreeAuthorize(Constants.Trees.Xslt)] public partial class xsltVisualize : BasePages.UmbracoEnsuredPage { - public xsltVisualize() - { - CurrentApp = BusinessLogic.DefaultApps.developer.ToString(); - - } + // zb-00004 #29956 : refactor cookies names & handling static global::umbraco.BusinessLogic.StateHelper.Cookies.Cookie cookie = new global::umbraco.BusinessLogic.StateHelper.Cookies.Cookie("UMB_XSLTVISPG", TimeSpan.FromMinutes(20)); // was "XSLTVisualizerPage" diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/settings/DictionaryItemList.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/settings/DictionaryItemList.aspx.cs index 57bd15e7ec..55fb6c417f 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/settings/DictionaryItemList.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/settings/DictionaryItemList.aspx.cs @@ -1,31 +1,22 @@ using System; -using System.Data; -using System.Configuration; -using System.Collections; -using System.Web; -using System.Web.Security; -using System.Web.UI; -using System.Web.UI.WebControls; -using System.Web.UI.WebControls.WebParts; -using System.Web.UI.HtmlControls; +using System.Collections.Generic; +using umbraco.cms.businesslogic; using Umbraco.Core; namespace umbraco.presentation.settings { - public partial class DictionaryItemList : BasePages.UmbracoEnsuredPage { - public DictionaryItemList() - { - CurrentApp = ApplicationContext.Current.Services.ApplicationTreeService - .GetByAlias(Constants.Trees.Dictionary).ApplicationAlias; - } - private cms.businesslogic.language.Language[] languages = cms.businesslogic.language.Language.getAll; - private cms.businesslogic.Dictionary.DictionaryItem[] topItems = cms.businesslogic.Dictionary.getTopMostItems; + [WebformsPageTreeAuthorize(Constants.Trees.Dictionary)] + public partial class DictionaryItemList : BasePages.UmbracoEnsuredPage { + + + private readonly cms.businesslogic.language.Language[] _languages = cms.businesslogic.language.Language.getAll; + private readonly cms.businesslogic.Dictionary.DictionaryItem[] _topItems = Dictionary.getTopMostItems; protected void Page_Load(object sender, EventArgs e) { string header = "Key"; - foreach (cms.businesslogic.language.Language lang in languages) { + foreach (cms.businesslogic.language.Language lang in _languages) { header += "" + lang.FriendlyName + ""; } header += ""; @@ -34,19 +25,19 @@ namespace umbraco.presentation.settings { lt_table.Text += ""; - processKeys(topItems, 0); + ProcessKeys(_topItems, 0); lt_table.Text += ""; } - private void processKeys(cms.businesslogic.Dictionary.DictionaryItem[] items, int level) { + private void ProcessKeys(IEnumerable items, int level) { string style = "style='padding-left: " + level * 10 + "px;'"; - foreach (cms.businesslogic.Dictionary.DictionaryItem di in items) { + foreach (Dictionary.DictionaryItem di in items) { lt_table.Text += "" + di.key + ""; - foreach (cms.businesslogic.language.Language lang in languages) { + foreach (cms.businesslogic.language.Language lang in _languages) { lt_table.Text += ""; if (string.IsNullOrEmpty(di.Value(lang.id))) @@ -59,7 +50,7 @@ namespace umbraco.presentation.settings { lt_table.Text += ""; if (di.hasChildren) - processKeys(di.Children, (level+1)); + ProcessKeys(di.Children, (level+1)); } } diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/settings/EditDictionaryItem.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/settings/EditDictionaryItem.aspx.cs index ad17d002b5..deb77f4bad 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/settings/EditDictionaryItem.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/settings/EditDictionaryItem.aspx.cs @@ -17,14 +17,10 @@ namespace umbraco.settings /// /// Summary description for EditDictionaryItem. /// + [WebformsPageTreeAuthorize(Constants.Trees.Dictionary)] public partial class EditDictionaryItem : BasePages.UmbracoEnsuredPage { - public EditDictionaryItem() - { - CurrentApp = ApplicationContext.Current.Services.ApplicationTreeService - .GetByAlias(Constants.Trees.Dictionary).ApplicationAlias; - - } + protected LiteralControl keyTxt = new LiteralControl(); protected uicontrols.TabView tbv = new uicontrols.TabView(); private System.Collections.ArrayList languageFields = new System.Collections.ArrayList(); diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/settings/editLanguage.aspx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/settings/editLanguage.aspx.cs index bfc8438388..9bc4beefe7 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/settings/editLanguage.aspx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/settings/editLanguage.aspx.cs @@ -10,12 +10,14 @@ using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.HtmlControls; using umbraco.cms.presentation.Trees; +using Umbraco.Core; namespace umbraco.settings { /// /// Summary description for editLanguage. /// + [WebformsPageTreeAuthorize(Constants.Trees.Languages)] public partial class editLanguage : BasePages.UmbracoEnsuredPage { public editLanguage() diff --git a/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs b/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs index f3eb4b5f40..af2d9bf5aa 100644 --- a/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs +++ b/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs @@ -29,11 +29,21 @@ namespace umbraco.BasePages /// public UmbracoEnsuredPage() { - + //Assign security automatically if the attribute is found + var treeAuth = this.GetType().GetCustomAttribute(true); + if (treeAuth != null) + { + var treeByAlias = ApplicationContext.Current.Services.ApplicationTreeService + .GetByAlias(treeAuth.TreeAlias); + if (treeByAlias != null) + { + CurrentApp = treeByAlias.ApplicationAlias; + } + } } [Obsolete("This constructor is not used and will be removed from the codebase in the future")] - public UmbracoEnsuredPage(string hest) + public UmbracoEnsuredPage(string hest) : this() { } @@ -116,5 +126,20 @@ namespace umbraco.BasePages Response.Redirect(SystemDirectories.Umbraco + "/logout.aspx?redir=" + Server.UrlEncode(Request.RawUrl) + "&t=" + umbracoUserContextID, true); } } + + /// + /// Used to assign a webforms page's security to a specific tree which will in turn check to see + /// if the current user has access to the specified tree's registered section + /// + [AttributeUsage(AttributeTargets.Class)] + public sealed class WebformsPageTreeAuthorizeAttribute : Attribute + { + public string TreeAlias { get; private set; } + + public WebformsPageTreeAuthorizeAttribute(string treeAlias) + { + TreeAlias = treeAlias; + } + } } } \ No newline at end of file