Check content permissions before performing action (#15043)

* Setting actionContext.Result when authz wasn't successful * Taking into account permissions when it is a new node * Cleanup * Passing nodeId as path when new item
2023-11-01 11:30:32 +01:00
parent bde88caf14
commit 92af8ac881
4 changed files with 36 additions and 48 deletions
--- a/src/Umbraco.Web.BackOffice/Controllers/ContentController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/ContentController.cs
@@ -759,6 +759,7 @@ public class ContentController : ContentControllerBase

        return pagedResult;
    }
+
    /// <summary>
    ///     Creates a blueprint from a content item
    /// </summary>
@@ -1057,7 +1058,7 @@ public class ContentController : ContentControllerBase
                AddDomainWarnings(publishStatus.Content, successfulCultures, globalNotifications);
                AddPublishStatusNotifications(new[] { publishStatus }, globalNotifications, notifications, successfulCultures);
            }
-            break;
+                break;
            case ContentSaveAction.PublishWithDescendants:
            case ContentSaveAction.PublishWithDescendantsNew:
            {
@@ -1074,7 +1075,7 @@ public class ContentController : ContentControllerBase
                AddDomainWarnings(publishStatus, successfulCultures, globalNotifications);
                AddPublishStatusNotifications(publishStatus, globalNotifications, notifications, successfulCultures);
            }
-            break;
+                break;
            case ContentSaveAction.PublishWithDescendantsForce:
            case ContentSaveAction.PublishWithDescendantsForceNew:
            {
@@ -1090,7 +1091,7 @@ public class ContentController : ContentControllerBase
                var publishStatus = PublishBranchInternal(contentItem, true, cultureForInvariantErrors, out wasCancelled, out var successfulCultures).ToList();
                AddPublishStatusNotifications(publishStatus, globalNotifications, notifications, successfulCultures);
            }
-            break;
+                break;
            default:
                throw new ArgumentOutOfRangeException();
        }
@@ -2745,7 +2746,7 @@ public class ContentController : ContentControllerBase
                        }
                    }
                }
-                break;
+                    break;
                case PublishResultType.SuccessPublish:
                {
                    // TODO: Here we should have messaging for when there are release dates specified like https://github.com/umbraco/Umbraco-CMS/pull/3507
@@ -2773,7 +2774,7 @@ public class ContentController : ContentControllerBase
                        }
                    }
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishPathNotPublished:
                {
                    //TODO: This doesn't take into account variations with the successfulCultures param
@@ -2782,14 +2783,14 @@ public class ContentController : ContentControllerBase
                        _localizedTextService.Localize(null, "publish"),
                        _localizedTextService.Localize("publish", "contentPublishedFailedByParent", new[] { names }).Trim());
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishCancelledByEvent:
                {
                    //TODO: This doesn't take into account variations with the successfulCultures param
                    var names = string.Join(", ", status.Select(x => $"'{x.Content?.Name}'"));
                    AddCancelMessage(display, "publish", "contentPublishedFailedByEvent", new[] { names });
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishAwaitingRelease:
                {
                    //TODO: This doesn't take into account variations with the successfulCultures param
@@ -2798,7 +2799,7 @@ public class ContentController : ContentControllerBase
                        _localizedTextService.Localize(null, "publish"),
                        _localizedTextService.Localize("publish", "contentPublishedFailedAwaitingRelease", new[] { names }).Trim());
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishHasExpired:
                {
                    //TODO: This doesn't take into account variations with the successfulCultures param
@@ -2807,7 +2808,7 @@ public class ContentController : ContentControllerBase
                        _localizedTextService.Localize(null, "publish"),
                        _localizedTextService.Localize("publish", "contentPublishedFailedExpired", new[] { names }).Trim());
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishIsTrashed:
                {
                    //TODO: This doesn't take into account variations with the successfulCultures param
@@ -2816,7 +2817,7 @@ public class ContentController : ContentControllerBase
                        _localizedTextService.Localize(null, "publish"),
                        _localizedTextService.Localize("publish", "contentPublishedFailedIsTrashed", new[] { names }).Trim());
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishContentInvalid:
                {
                    if (successfulCultures == null)
@@ -2840,7 +2841,7 @@ public class ContentController : ContentControllerBase
                        }
                    }
                }
-                break;
+                    break;
                case PublishResultType.FailedPublishMandatoryCultureMissing:
                    display.AddWarningNotification(
                        _localizedTextService.Localize(null, "publish"),