yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'temp-U4-10389' into temp-U4-10275

Browse Source
This commit is contained in:
Shannon
2017-09-06 12:03:55 +10:00
parent 6cc4ab9348 8ad1d247fa
commit 8b17d69d32
11 changed files with 155 additions and 489 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/Umbraco.Core/ActionsResolver.cs
View File

@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
using System.Reflection;
using Umbraco.Core.Logging;
@@ -34,7 +35,31 @@ namespace Umbraco.Core
{
return Values;
}
}
}
/// <summary>
/// This method will return a list of IAction's based on a string (letter) list. Each character in the list may represent
/// an IAction. This will associate any found IActions based on the Letter property of the IAction with the character being referenced.
/// </summary>
/// <param name="actions"></param>
/// <returns>returns a list of actions that have an associated letter found in the action string list</returns>
public IEnumerable<IAction> FromActionSymbols(IEnumerable<string> actions)
{
var allActions = Actions.ToArray();
return actions
.Select(c => allActions.FirstOrDefault(a => a.Letter.ToString(CultureInfo.InvariantCulture) == c))
.WhereNotNull()
.ToArray();
}
/// <summary>
/// Returns the string (letter) representation of the actions that make up the actions collection
/// </summary>
/// <returns></returns>
public IEnumerable<string> ToActionSymbols(IEnumerable<IAction> actions)
{
return actions.Select(x => x.Letter.ToString(CultureInfo.InvariantCulture)).ToArray();
}
/// <summary>
/// Gets an Action if it exists.

2
src/Umbraco.Core/Models/UmbracoEntity.cs
View File

@@ -51,6 +51,8 @@ namespace Umbraco.Core.Models
private string _contentTypeIcon;
private string _contentTypeThumbnail;
public static readonly UmbracoEntity Root = new UmbracoEntity(false) {Path = "-1", Name = "root", HasChildren = true};
public UmbracoEntity()
{
AdditionalData = new Dictionary<string, object>();

7
src/Umbraco.Core/Models/UserExtensions.cs
View File

@@ -14,7 +14,12 @@ using Umbraco.Core.Services;
namespace Umbraco.Core.Models
{
public static class UserExtensions
{
{
public static IEnumerable<string> GetPermissions(this IUser user, string path, IUserService userService)
{
return userService.GetPermissionsForPath(user, path).GetAllPermissions();
}
public static bool HasSectionAccess(this IUser user, string app)
{
var apps = user.AllowedSections;

5
src/Umbraco.Web/Trees/ContentTreeControllerBase.cs
View File

@@ -337,8 +337,9 @@ namespace Umbraco.Web.Trees
internal IEnumerable<MenuItem> GetAllowedUserMenuItemsForNode(IUmbracoEntity dd)
{
var actions = global::umbraco.BusinessLogic.Actions.Action.FromString(UmbracoUser.GetPermissions(dd.Path));
var actions = ActionsResolver.Current.FromActionSymbols(Security.CurrentUser.GetPermissions(dd.Path, Services.UserService))
.ToList();
// A user is allowed to delete their own stuff
if (dd.CreatorId == Security.GetUserId() && actions.Contains(ActionDelete.Instance) == false)
actions.Add(ActionDelete.Instance);

36
src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs
View File

@@ -7,7 +7,9 @@ using Umbraco.Web.Security;
using umbraco;
using umbraco.BusinessLogic;
using umbraco.businesslogic.Exceptions;
using umbraco.interfaces;
using Umbraco.Core;
using Umbraco.Core.Models;
using Umbraco.Core.Security;
namespace Umbraco.Web.UI.Pages
@@ -32,6 +34,40 @@ namespace Umbraco.Web.UI.Pages
}
}
/// <summary>
/// Performs an authorization check for the user against the requested entity/path and permission set, this is only relevant to content and media
/// </summary>
/// <param name="entityId"></param>
/// <param name="objectType"></param>
/// <param name="actionToCheck"></param>
protected void CheckPathAndPermissions(int entityId, UmbracoObjectTypes objectType, IAction actionToCheck)
{
if (objectType == UmbracoObjectTypes.Document || objectType == UmbracoObjectTypes.Media)
{
//check path access
var entity = entityId == Constants.System.Root
? UmbracoEntity.Root
: Services.EntityService.Get(
entityId,
objectType);
var hasAccess = Security.CurrentUser.HasPathAccess(
entity,
Services.EntityService,
objectType == UmbracoObjectTypes.Document ? Constants.System.RecycleBinContent : Constants.System.RecycleBinMedia);
if (hasAccess == false)
throw new UserAuthorizationException(string.Format("The current user doesn't have access to the path '{0}'", entity.Path));
//only documents have action permissions
if (objectType == UmbracoObjectTypes.Document)
{
var allowedActions = ActionsResolver.Current.FromActionSymbols(Security.CurrentUser.GetPermissions(entity.Path, Services.UserService)).ToArray();
if (allowedActions.Contains(actionToCheck) == false)
throw new UserAuthorizationException(string.Format("The current user doesn't have permission to {0} on the path '{1}'", actionToCheck.Alias, entity.Path));
}
}
}
private bool _hasValidated = false;
/// <summary>

3
src/Umbraco.Web/Umbraco.Web.csproj
View File

@@ -1137,9 +1137,6 @@
</Compile>
<Compile Include="umbraco.presentation\MacroCacheContent.cs" />
<Compile Include="umbraco.presentation\ScriptingMacroResult.cs" />
<Compile Include="umbraco.presentation\umbraco\dialogs\moveOrCopy.aspx.cs">
<SubType>ASPXCodeBehind</SubType>
</Compile>
<Compile Include="umbraco.presentation\umbraco\dialogs\sort.aspx.cs">
<SubType>ASPXCodeBehind</SubType>
</Compile>

19
src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/AssignDomain2.aspx.cs
View File

@@ -15,6 +15,14 @@ namespace umbraco.dialogs
{
public partial class AssignDomain2 : UmbracoEnsuredPage
{
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
var nodeId = GetNodeId();
CheckPathAndPermissions(nodeId, UmbracoObjectTypes.Document, ActionAssignDomain.Instance);
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
@@ -29,16 +37,7 @@ namespace umbraco.dialogs
pane_domains.Visible = false;
p_buttons.Visible = false;
return;
}
if (UmbracoUser.GetPermissions(node.Path).Contains(ActionAssignDomain.Instance.Letter) == false)
{
feedback.Text = ui.Text("assignDomain", "permissionDenied");
pane_language.Visible = false;
pane_domains.Visible = false;
p_buttons.Visible = false;
return;
}
}
pane_language.Title = ui.Text("assignDomain", "setLanguage");
pane_domains.Title = ui.Text("assignDomain", "setDomains");

442
src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/moveOrCopy.aspx.cs
View File

@@ -1,442 +0,0 @@
using System;
using System.Collections;
using System.Globalization;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Xml;
using Umbraco.Core;
using Umbraco.Core.IO;
using Umbraco.Core.Models;
using umbraco.BasePages;
using System.Linq;
using umbraco.interfaces;
using Umbraco.Web;
using Umbraco.Core;
namespace umbraco.dialogs
{
/// <summary>
/// Summary description for moveOrCopy.
/// </summary>
public partial class moveOrCopy : UmbracoEnsuredPage
{
protected override void OnInit(EventArgs e)
{
CurrentApp = Request["app"];
base.OnInit(e);
}
protected void Page_Load(object sender, EventArgs e)
{
JTree.DataBind();
// Put user code to initialize the page here
if (IsPostBack == false)
{
pp_relate.Text = ui.Text("moveOrCopy", "relateToOriginal");
//Document Type copy Hack...
if (CurrentApp == Constants.Applications.Settings)
{
pane_form.Visible = false;
pane_form_notice.Visible = false;
pane_settings.Visible = true;
ok.Text = ui.Text("general", "ok", UmbracoUser);
ok.Attributes.Add("style", "width: 60px");
var documentType = Services.ContentTypeService.GetContentType(int.Parse(Request.GetItemAsString("id")));
//Load master types...
masterType.Attributes.Add("style", "width: 350px;");
masterType.Items.Add(new ListItem(ui.Text("none") + "...", "0"));
foreach (var docT in Services.ContentTypeService.GetAllContentTypes().OrderBy(x => x.Name))
{
masterType.Items.Add(new ListItem(docT.Name, docT.Id.ToString(CultureInfo.InvariantCulture)));
}
masterType.SelectedValue = (documentType.ParentId > 0 ? documentType.ParentId : 0).ToString(CultureInfo.InvariantCulture);
rename.Text = documentType.Name + " (copy)";
pane_settings.Text = "Make a copy of the document type '" + documentType.Name + "' and save it under a new name";
}
else
{
pane_form.Visible = true;
pane_form_notice.Visible = true;
pane_settings.Visible = false;
// Caption and properies on BUTTON
ok.Text = ui.Text("general", "ok", UmbracoUser);
ok.Attributes.Add("style", "width: 60px");
ok.Attributes.Add("disabled", "true");
IContentBase currContent;
if (CurrentApp == "content")
{
currContent = Services.ContentService.GetById(Request.GetItemAs<int>("id"));
}
else
{
currContent = Services.MediaService.GetById(Request.GetItemAs<int>("id"));
}
// Preselect the parent of the seslected item.
if (currContent.ParentId > 0)
JTree.SelectedNodePath = currContent.Path.Substring(0, currContent.Path.LastIndexOf(','));
var validAction = true;
if (CurrentApp == Constants.Applications.Content && Umbraco.Core.Models.ContentExtensions.HasChildren(currContent, Services))
{
validAction = ValidAction(currContent, Request.GetItemAsString("mode") == "cut" ? 'M' : 'O');
}
if (Request.GetItemAsString("mode") == "cut")
{
pane_form.Text = ui.Text("moveOrCopy", "moveTo", currContent.Name, UmbracoUser);
pp_relate.Visible = false;
}
else
{
pane_form.Text = ui.Text("moveOrCopy", "copyTo", currContent.Name, UmbracoUser);
pp_relate.Visible = true;
}
if (validAction == false)
{
panel_buttons.Visible = false;
ScriptManager.RegisterStartupScript(this, GetType(), "notvalid", "notValid();", true);
}
}
}
}
private bool ValidAction(IContentBase cmsNode, char actionLetter)
{
var currentAction = BusinessLogic.Actions.Action.GetPermissionAssignable().First(a => a.Letter == actionLetter);
return CheckPermissions(cmsNode, currentAction);
}
/// <summary>
/// Checks if the current user has permissions to execute this action against this node
/// </summary>
/// <param name="node"></param>
/// <param name="currentAction"></param>
/// <returns></returns>
/// <remarks>
/// This used to do a recursive check for all descendent nodes but this is not required and is a massive CPU hog.
/// See: http://issues.umbraco.org/issue/U4-2632, https://groups.google.com/forum/?fromgroups=#!topic/umbraco-dev/L1D4LwVSP2Y
/// </remarks>
private bool CheckPermissions(IContentBase node, IAction currentAction)
{
var userService = ApplicationContext.Current.Services.UserService;
var currUserPermissions = userService.GetPermissions(UmbracoContext.Current.Security.CurrentUser, node.Id).GetAllPermissions();
return currUserPermissions != null && currUserPermissions.Contains(currentAction.Letter.ToString(CultureInfo.InvariantCulture));
}
private void HandleDocumentTypeCopy()
{
var contentTypeService = ApplicationContext.Current.Services.ContentTypeService;
var contentType = contentTypeService.GetContentType(
int.Parse(Request.GetItemAsString("id")));
//set the master
//http://issues.umbraco.org/issue/U4-2843
//http://issues.umbraco.org/issue/U4-3552
var parentId = int.Parse(masterType.SelectedValue);
var alias = rename.Text.Trim().Replace("'", "''");
var clone = contentTypeService.Copy(contentType, alias, rename.Text.Trim(), parentId);
var returnUrl = string.Format("{0}/settings/editNodeTypeNew.aspx?id={1}", SystemDirectories.Umbraco, clone.Id);
pane_settings.Visible = false;
panel_buttons.Visible = false;
feedback.Text = "Document type copied";
feedback.type = uicontrols.Feedback.feedbacktype.success;
ClientTools.ChangeContentFrameUrl(returnUrl);
}
public void HandleMoveOrCopy(object sender, EventArgs e)
{
if (CurrentApp == Constants.Applications.Settings)
HandleDocumentTypeCopy();
else
HandleDocumentMoveOrCopy();
}
protected override void OnPreRender(EventArgs e)
{
base.OnPreRender(e);
ScriptManager.GetCurrent(Page).Services.Add(new ServiceReference("../webservices/cmsnode.asmx"));
ScriptManager.GetCurrent(Page).Services.Add(new ServiceReference("../webservices/legacyAjaxCalls.asmx"));
}
private void HandleDocumentMoveOrCopy()
{
if (Request.GetItemAsString("copyTo") != "" && Request.GetItemAsString("id") != "")
{
// Check if the current node is allowed at new position
var nodeAllowed = false;
IContentBase currContent;
IContentBase parentContent = null;
IContentTypeBase parentContentType = null;
if (CurrentApp == "content")
{
currContent = Services.ContentService.GetById(Request.GetItemAs<int>("id"));
if (Request.GetItemAs<int>("copyTo") != -1)
{
parentContent = Services.ContentService.GetById(Request.GetItemAs<int>("copyTo"));
if (parentContent != null)
{
parentContentType = Services.ContentTypeService.GetContentType(parentContent.ContentTypeId);
}
}
}
else
{
currContent = Services.MediaService.GetById(Request.GetItemAs<int>("id"));
if (Request.GetItemAs<int>("copyTo") != -1)
{
parentContent = Services.MediaService.GetById(Request.GetItemAs<int>("copyTo"));
if (parentContent != null)
{
parentContentType = Services.ContentTypeService.GetMediaType(parentContent.ContentTypeId);
}
}
}
// Check on contenttypes
if (parentContentType == null)
{
//check if this is allowed at root
IContentTypeBase currContentType;
if (CurrentApp == "content")
{
currContentType = Services.ContentTypeService.GetContentType(currContent.ContentTypeId);
}
else
{
currContentType = Services.ContentTypeService.GetMediaType(currContent.ContentTypeId);
}
nodeAllowed = currContentType.AllowedAsRoot;
if (!nodeAllowed)
{
feedback.Text = ui.Text("moveOrCopy", "notAllowedAtRoot", UmbracoUser);
feedback.type = uicontrols.Feedback.feedbacktype.error;
}
}
else
{
var allowedChildContentTypeIds = parentContentType.AllowedContentTypes.Select(x => x.Id).ToArray();
if (allowedChildContentTypeIds.Any(x => x.Value == currContent.ContentTypeId))
{
nodeAllowed = true;
}
if (nodeAllowed == false)
{
feedback.Text = ui.Text("moveOrCopy", "notAllowedByContentType", UmbracoUser);
feedback.type = uicontrols.Feedback.feedbacktype.error;
}
else
{
// Check on paths
if ((string.Format(",{0},", parentContent.Path)).IndexOf(string.Format(",{0},", currContent.Id)) > -1)
{
nodeAllowed = false;
feedback.Text = ui.Text("moveOrCopy", "notAllowedByPath", UmbracoUser);
feedback.type = uicontrols.Feedback.feedbacktype.error;
}
}
}
if (nodeAllowed)
{
pane_form.Visible = false;
pane_form_notice.Visible = false;
panel_buttons.Visible = false;
var newNodeCaption = parentContent == null
? ui.Text(CurrentApp)
: parentContent.Name;
string[] nodes = { currContent.Name, newNodeCaption };
if (Request["mode"] == "cut")
{
if (CurrentApp == Constants.Applications.Content)
{
var doc = (IContent)currContent;
var copyToId = Request.GetItemAs<int>("copyTo");
Services.ContentService.Move(doc, copyToId, UmbracoUser.Id);
}
else
{
var media = (IMedia)currContent;
var copyToId = Request.GetItemAs<int>("copyTo");
Services.MediaService.Move(media, copyToId, UmbracoUser.Id);
}
feedback.Text = ui.Text("moveOrCopy", "moveDone", nodes, UmbracoUser) + "</p><p><a href='#' onclick='" + ClientTools.Scripts.CloseModalWindow() + "'>" + ui.Text("closeThisWindow") + "</a>";
feedback.type = uicontrols.Feedback.feedbacktype.success;
// refresh tree
ClientTools.MoveNode(currContent.Id.ToString(), currContent.Path);
}
else
{
//NOTE: We ONLY support Copy on content not media for some reason.
var newContent = (IContent)currContent;
Services.ContentService.Copy(newContent, Request.GetItemAs<int>("copyTo"), RelateDocuments.Checked, UmbracoUser.Id);
feedback.Text = ui.Text("moveOrCopy", "copyDone", nodes, UmbracoUser) + "</p><p><a href='#' onclick='" + ClientTools.Scripts.CloseModalWindow() + "'>" + ui.Text("closeThisWindow") + "</a>";
feedback.type = uicontrols.Feedback.feedbacktype.success;
// refresh tree
ClientTools.CopyNode(currContent.Id.ToString(), newContent.Path);
}
}
}
}
/// <summary>
/// JsInclude1 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::ClientDependency.Core.Controls.JsInclude JsInclude1;
/// <summary>
/// feedback control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.Feedback feedback;
/// <summary>
/// pane_form control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.Pane pane_form;
/// <summary>
/// JTree control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.controls.Tree.TreeControl JTree;
/// <summary>
/// pp_relate control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.PropertyPanel pp_relate;
/// <summary>
/// RelateDocuments control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.CheckBox RelateDocuments;
/// <summary>
/// pane_form_notice control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.PlaceHolder pane_form_notice;
/// <summary>
/// pane_settings control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.Pane pane_settings;
/// <summary>
/// PropertyPanel1 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.PropertyPanel PropertyPanel1;
/// <summary>
/// masterType control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.ListBox masterType;
/// <summary>
/// rename control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.TextBox rename;
/// <summary>
/// RequiredFieldValidator1 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
/// <summary>
/// panel_buttons control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.Panel panel_buttons;
/// <summary>
/// ok control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.WebControls.Button ok;
}
}

40
src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/sort.aspx.cs
View File

@@ -13,6 +13,8 @@ using umbraco.cms.businesslogic.media;
using umbraco.cms.businesslogic.web;
using System.Web.UI;
using System.Collections.Generic;
using umbraco.businesslogic.Exceptions;
using Umbraco.Core.Models;
namespace umbraco.cms.presentation
{
@@ -20,7 +22,13 @@ namespace umbraco.cms.presentation
/// Summary description for sort.
/// </summary>
public partial class sort : UmbracoEnsuredPage
{
{
/// <summary>
/// The Parent Id being sorted
/// </summary>
protected int? ParentIdAsInt { get; private set; }
protected string ParentIdAsString { get; private set; }
private readonly List<SortableNode> _nodes = new List<SortableNode>();
protected bool HideDateColumn
@@ -33,6 +41,21 @@ namespace umbraco.cms.presentation
{
CurrentApp = helper.Request("app");
ParentIdAsString = Request.GetItemAsString("ID");
int parentId;
if (int.TryParse(ParentIdAsString, out parentId))
{
ParentIdAsInt = parentId;
if (CurrentApp == Constants.Applications.Content || CurrentApp == Constants.Applications.Media)
{
CheckPathAndPermissions(
ParentIdAsInt.Value,
CurrentApp == Constants.Applications.Content ? UmbracoObjectTypes.Document : UmbracoObjectTypes.Media,
ActionSort.Instance);
}
}
base.OnInit(e);
}
@@ -50,23 +73,22 @@ namespace umbraco.cms.presentation
var app = Request.GetItemAsString("app");
var icon = "../images/umbraco/doc.gif";
int parentId;
if (int.TryParse(Request.GetItemAsString("ID"), out parentId))
if (ParentIdAsInt.HasValue)
{
if (app == Constants.Applications.Media)
{
icon = "../images/umbraco/mediaPhoto.gif";
var mediaService = ApplicationContext.Current.Services.MediaService;
if (parentId == -1)
if (ParentIdAsInt.Value == -1)
{
foreach (var child in mediaService.GetRootMedia().ToList().OrderBy(x => x.SortOrder))
_nodes.Add(CreateNode(child.Id.ToInvariantString(), child.SortOrder, child.Name, child.CreateDate, icon));
}
else
{
var children = mediaService.GetChildren(parentId);
var children = mediaService.GetChildren(ParentIdAsInt.Value);
foreach (var child in children.OrderBy(x => x.SortOrder))
_nodes.Add(CreateNode(child.Id.ToInvariantString(), child.SortOrder, child.Name, child.CreateDate, icon));
}
@@ -76,14 +98,14 @@ namespace umbraco.cms.presentation
{
var contentService = ApplicationContext.Current.Services.ContentService;
if (parentId == -1)
if (ParentIdAsInt.Value == -1)
{
foreach (var child in contentService.GetRootContent().ToList().OrderBy(x => x.SortOrder))
_nodes.Add(CreateNode(child.Id.ToInvariantString(), child.SortOrder, child.Name, child.CreateDate, icon));
}
else
{
var children = contentService.GetChildren(parentId);
var children = contentService.GetChildren(ParentIdAsInt.Value);
foreach (var child in children)
_nodes.Add(CreateNode(child.Id.ToInvariantString(), child.SortOrder, child.Name, child.CreateDate, icon));
}
@@ -100,7 +122,7 @@ namespace umbraco.cms.presentation
HideDateColumn = true;
var stylesheetName = Request.GetItemAsString("ID");
var stylesheetName = ParentIdAsString;
if (stylesheetName.IsNullOrWhiteSpace())throw new NullReferenceException("No Id passed in to editor");
var stylesheet = Services.FileService.GetStylesheetByName(stylesheetName.EnsureEndsWith(".css"));
if (stylesheet == null) throw new InvalidOperationException("No stylesheet found by name " + stylesheetName);

38
src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs
View File

@@ -7,6 +7,8 @@ using Umbraco.Core.IO;
using Umbraco.Core.Logging;
using umbraco.BusinessLogic;
using umbraco.businesslogic.Exceptions;
using umbraco.interfaces;
using Umbraco.Core.Models;
using Umbraco.Core.Security;
namespace umbraco.BasePages
@@ -16,7 +18,41 @@ namespace umbraco.BasePages
/// </summary>
[Obsolete("This class has been superceded by Umbraco.Web.UI.Pages.UmbracoEnsuredPage")]
public class UmbracoEnsuredPage : BasePage
{
{
/// <summary>
/// Performs an authorization check for the user against the requested entity/path and permission set, this is only relevant to content and media
/// </summary>
/// <param name="entityId"></param>
/// <param name="objectType"></param>
/// <param name="actionToCheck"></param>
protected void CheckPathAndPermissions(int entityId, UmbracoObjectTypes objectType, IAction actionToCheck)
{
if (objectType == UmbracoObjectTypes.Document || objectType == UmbracoObjectTypes.Media)
{
//check path access
var entity = entityId == Constants.System.Root
? UmbracoEntity.Root
: Services.EntityService.Get(
entityId,
objectType);
var hasAccess = CurrentUser.UserEntity.HasPathAccess(
entity,
Services.EntityService,
objectType == UmbracoObjectTypes.Document ? Constants.System.RecycleBinContent : Constants.System.RecycleBinMedia);
if (hasAccess == false)
throw new UserAuthorizationException(string.Format("The current user doesn't have access to the path '{0}'", entity.Path));
//only documents have action permissions
if (objectType == UmbracoObjectTypes.Document)
{
var allowedActions = ActionsResolver.Current.FromActionSymbols(CurrentUser.UserEntity.GetPermissions(entity.Path, Services.UserService)).ToArray();
if (allowedActions.Contains(actionToCheck) == false)
throw new UserAuthorizationException(string.Format("The current user doesn't have permission to {0} on the path '{1}'", actionToCheck.Alias, entity.Path));
}
}
}
/// <summary>
/// Checks if the page exists outside of the /umbraco route, in which case the request will not have been authenticated for the back office
/// so we'll force authentication.

25
src/umbraco.cms/Actions/Action.cs
View File

@@ -128,30 +128,20 @@ namespace umbraco.BusinessLogic.Actions
/// </summary>
/// <param name="actions"></param>
/// <returns>returns a list of actions that have an associated letter found in the action string list</returns>
[Obsolete("Use ActionsResolver.Current.FromActionSymbols instead")]
public static List<IAction> FromString(string actions)
{
List<IAction> list = new List<IAction>();
foreach (char c in actions.ToCharArray())
{
IAction action = ActionsResolver.Current.Actions.ToList().Find(
delegate(IAction a)
{
return a.Letter == c;
}
);
if (action != null)
list.Add(action);
}
return list;
return ActionsResolver.Current.FromActionSymbols(actions.ToCharArray().Select(x => x.ToString())).ToList();
}
/// <summary>
/// Returns the string representation of the actions that make up the actions collection
/// </summary>
/// <returns></returns>
[Obsolete("Use ActionsResolver.Current.ToActionSymbols instead")]
public static string ToString(List<IAction> actions)
{
string[] strMenu = Array.ConvertAll<IAction, string>(actions.ToArray(), delegate(IAction a) { return (a.Letter.ToString(CultureInfo.InvariantCulture)); });
string[] strMenu = Array.ConvertAll(actions.ToArray(), a => (a.Letter.ToString(CultureInfo.InvariantCulture)));
return string.Join("", strMenu);
}
@@ -161,12 +151,7 @@ namespace umbraco.BusinessLogic.Actions
/// <returns></returns>
public static List<IAction> GetPermissionAssignable()
{
return ActionsResolver.Current.Actions.ToList().FindAll(
delegate(IAction a)
{
return (a.CanBePermissionAssigned);
}
);
return ActionsResolver.Current.Actions.ToList().FindAll(a => (a.CanBePermissionAssigned));
}
/// <summary>