yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes problem where the sensitive value placeholder was being posted back to the server for saving, instead we don't post this value at all which means it will not be overwritten when it posts back.

Browse Source
This commit is contained in:
Shannon
2018-01-29 11:38:08 -06:00
parent 995f644501
commit a48568d1ba
5 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Umbraco.Web.UI.Client/src/common/services/umbdataformatter.service.js
View File

@@ -304,14 +304,14 @@
_.each(tab.properties, function (prop) {
//don't include the custom generic tab properties
if (!prop.alias.startsWith("_umb_")) {
//don't include a property that is marked readonly
if (!prop.alias.startsWith("_umb_") && !prop.readonly) {
saveModel.properties.push({
id: prop.id,
alias: prop.alias,
value: prop.value
});
}
});
});

4
src/Umbraco.Web.UI.Client/src/views/propertyeditors/sensitivevalue/sensitivevalue.html
View File

@@ -1,3 +1,5 @@
<div class="umb-editor umb-readonlyvalue">
<em class="muted">{{model.value}}</em>
<em class="muted">
<localize key="content_isSensitiveValue">Hide this property value from content editors that don't have access to view sensitive information</localize>
</em>
</div>

4
src/Umbraco.Web/Models/ContentEditing/ContentPropertyDisplay.cs
View File

@@ -36,7 +36,7 @@ namespace Umbraco.Web.Models.ContentEditing
[DataMember(Name = "validation")]
public PropertyTypeValidation Validation { get; set; }
[DataMember(Name = "isSensitiveData")]
public bool IsSensitive { get; set; }
[DataMember(Name = "readonly")]
public bool Readonly { get; set; }
}
}

11
src/Umbraco.Web/Models/Mapping/MemberModelMapper.cs
View File

@@ -390,14 +390,17 @@ namespace Umbraco.Web.Models.Mapping
//now update the IsSensitive value
foreach (var prop in result)
{
prop.IsSensitive = memberType.IsSensitiveProperty(prop.Alias);
//check if this property is flagged as sensitive
var isSensitiveProperty = memberType.IsSensitiveProperty(prop.Alias);
//check permissions for viewing sensitive data
if (prop.IsSensitive && umbracoContext.Security.CurrentUser.HasAccessToSensitiveData() == false)
if (isSensitiveProperty && umbracoContext.Security.CurrentUser.HasAccessToSensitiveData() == false)
{
//mark this property as readonly so that it does not post any data
prop.Readonly = true;
//replace this editor with a sensitivevalue
prop.View = "sensitivevalue";
//replace the value
prop.Value = _localizedTextService.Localize("content/isSensitiveValue");
//clear the value
prop.Value = null;
}
}
return result;

10
src/Umbraco.Web/WebApi/Filters/ContentItemValidationHelper.cs
View File

@@ -125,8 +125,12 @@ namespace Umbraco.Web.WebApi.Filters
continue;
}
//get the posted value for this property
var postedValue = postedItem.Properties.Single(x => x.Alias == p.Alias).Value;
//get the posted value for this property, this may be null in cases where the property was marked as readonly which means
//the angular app will not post that value.
var postedProp = postedItem.Properties.FirstOrDefault(x => x.Alias == p.Alias);
if (postedProp == null) continue;
var postedValue = postedProp.Value;
//get the pre-values for this property
var preValues = p.PreValues;
@@ -180,4 +184,4 @@ namespace Umbraco.Web.WebApi.Filters
}
}
}