Fixes issue with permissions on child nodes not being checked when doing a move or copy
Work Items: 30128, 30129
This commit is contained in:
starfighter83
@@ -499,6 +499,7 @@
|
||||
</key>
|
||||
</area>
|
||||
<area alias="moveOrCopy">
|
||||
<key alias="notValid">The action isn't allowed since you have insufficient permissions on 1 or more child documents.</key>
|
||||
<key alias="moveTo">Select where the document %0% should be moved to below</key>
|
||||
<key alias="copyTo">Select where the document %0% should be copied to below</key>
|
||||
<key alias="noNodeSelected">No node selected yet, please select a node in the list above before clicking 'ok'</key>
|
||||
|
||||
@@ -26,6 +26,12 @@
|
||||
jQuery("#pageNameContent").html("'<strong>" + result + "</strong>' <%= umbraco.ui.Text("moveOrCopy","nodeSelected") %>");
|
||||
jQuery("#pageNameHolder").attr("class","success");
|
||||
}
|
||||
|
||||
function notValid()
|
||||
{
|
||||
jQuery("#pageNameHolder").attr("class", "error");
|
||||
jQuery("#pageNameContent").html("<%= umbraco.ui.Text("moveOrCopy","notValid") %>");
|
||||
}
|
||||
|
||||
</script>
|
||||
|
||||
|
||||
@@ -15,6 +15,9 @@ using umbraco.cms.businesslogic.media;
|
||||
using umbraco.IO;
|
||||
using System.Linq;
|
||||
using umbraco.cms.businesslogic;
|
||||
using umbraco.cms.presentation.user;
|
||||
using umbraco.interfaces;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace umbraco.dialogs
|
||||
{
|
||||
@@ -84,6 +87,15 @@ namespace umbraco.dialogs
|
||||
currentPath += "/" + new CMSNode(int.Parse(s)).Text;
|
||||
}
|
||||
|
||||
//
|
||||
|
||||
bool validAction = true;
|
||||
if (d.HasChildren)
|
||||
{
|
||||
validAction = ValidAction(helper.Request("mode") == "cut" ? 'M' : 'O');
|
||||
}
|
||||
|
||||
|
||||
if (helper.Request("mode") == "cut") {
|
||||
pane_form.Text = ui.Text("moveOrCopy", "moveTo", d.Text, base.getUser());
|
||||
pp_relate.Visible = false;
|
||||
@@ -91,10 +103,41 @@ namespace umbraco.dialogs
|
||||
pane_form.Text = ui.Text("moveOrCopy", "copyTo", d.Text, base.getUser());
|
||||
pp_relate.Visible = true;
|
||||
}
|
||||
|
||||
if (!validAction)
|
||||
{
|
||||
ScriptManager.RegisterStartupScript(this, this.GetType(), "notvalid", "notValid();", true);
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private bool ValidAction(char actionLetter)
|
||||
{
|
||||
CMSNode d = new CMSNode(int.Parse(helper.Request("id")));
|
||||
IAction currentAction = umbraco.BusinessLogic.Actions.Action.GetPermissionAssignable().Where(a => a.Letter == actionLetter).First();
|
||||
return CheckPermissions(d, currentAction,actionLetter);
|
||||
|
||||
}
|
||||
|
||||
private bool CheckPermissions(CMSNode node, IAction currentAction, char actionLetter)
|
||||
{
|
||||
|
||||
UserPermissions currUserPermissions = new UserPermissions(UmbracoEnsuredPage.CurrentUser);
|
||||
List<IAction> lstCurrUserActions = currUserPermissions.GetExistingNodePermission(node.Id);
|
||||
|
||||
if (!lstCurrUserActions.Contains(currentAction))
|
||||
return false;
|
||||
if (node.HasChildren)
|
||||
{
|
||||
foreach (CMSNode c in node.Children)
|
||||
if (!CheckPermissions(c,currentAction,actionLetter))
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
//PPH moving multiple nodes and publishing them aswell.
|
||||
private void handleChildNodes(cms.businesslogic.web.Document d) {
|
||||
//store children array here because iterating over an Array object is very inneficient.
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
//------------------------------------------------------------------------------
|
||||
// <auto-generated>
|
||||
// This code was generated by a tool.
|
||||
// Runtime Version:2.0.50727.4200
|
||||
//
|
||||
// Changes to this file may cause incorrect behavior and will be lost if
|
||||
// the code is regenerated.
|
||||
// the code is regenerated.
|
||||
// </auto-generated>
|
||||
//------------------------------------------------------------------------------
|
||||
|
||||
|
||||
Reference in New Issue
Block a user