From b928170103d94179ebd96bd74d85ebde522fc4b7 Mon Sep 17 00:00:00 2001 From: Shannon Deminick Date: Tue, 9 Apr 2013 06:40:02 +0600 Subject: [PATCH] Works on #U4-2078 --- .../webservices/TreeClientService.asmx.cs | 9 ++++--- .../umbraco/webservices/trashcan.asmx.cs | 26 ++++++++++++++----- 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs index 879c277a8d..7b17c2303e 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs @@ -2,6 +2,7 @@ using System.Collections.Generic; using System.Web; using System.Web.Services; +using Umbraco.Web.WebServices; using umbraco.presentation.umbraco.controls; using umbraco.cms.presentation.Trees; using System.Web.Script.Services; @@ -18,7 +19,7 @@ namespace umbraco.presentation.webservices /// [ScriptService] [WebService] - public class TreeClientService : WebService + public class TreeClientService : UmbracoAuthorizedWebService { /// @@ -29,7 +30,7 @@ namespace umbraco.presentation.webservices [ScriptMethod(ResponseFormat = ResponseFormat.Json)] public Dictionary GetInitAppTreeData(string app, string treeType, bool showContextMenu, bool isDialog, TreeDialogModes dialogMode, string functionToCall, string nodeKey) { - Authorize(); + AuthorizeRequest(app, true); var treeCtl = new TreeControl() { @@ -74,13 +75,13 @@ namespace umbraco.presentation.webservices returnVal.Add("js", treeCtl.JSCurrApp); return returnVal; - } + } + [Obsolete("Use the AuthorizeRequest methods on the base class UmbracoAuthorizedWebService instead")] public static void Authorize() { if (!BasePages.BasePage.ValidateUserContextID(BasePages.BasePage.umbracoUserContextID)) throw new Exception("Client authorization failed. User is not logged in"); - } } diff --git a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs index 884b3c6ef7..6bb42078b0 100644 --- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs +++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs @@ -7,7 +7,9 @@ using System.Web.Script.Services; using System.Web.Services; using System.Web.Services.Protocols; using System.ComponentModel; +using Umbraco.Web.WebServices; using umbraco.BasePages; +using umbraco.BusinessLogic; using umbraco.BusinessLogic.console; using umbraco.cms.businesslogic; using umbraco.cms.businesslogic.web; @@ -22,23 +24,35 @@ namespace umbraco.presentation.webservices [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] [ToolboxItem(false)] [ScriptService] - public class trashcan : System.Web.Services.WebService + public class trashcan : UmbracoAuthorizedWebService { [WebMethod] - public void EmptyTrashcan(cms.businesslogic.RecycleBin.RecycleBinType type) + public void EmptyTrashcan(RecycleBin.RecycleBinType type) { - if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID)) + //validate against the app type! + switch (type) { - Application["trashcanEmptyLeft"] = RecycleBin.Count(type).ToString(); - emptyTrashCanDo(type); + case RecycleBin.RecycleBinType.Content: + if (!AuthorizeRequest(DefaultApps.content.ToString())) return; + break; + case RecycleBin.RecycleBinType.Media: + if (!AuthorizeRequest(DefaultApps.media.ToString())) return; + break; + default: + throw new ArgumentOutOfRangeException("type"); } + //TODO: This will never work in LB scenarios + Application["trashcanEmptyLeft"] = RecycleBin.Count(type).ToString(); + emptyTrashCanDo(type); } [WebMethod] public string GetTrashStatus() { - if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID)) + //TODO: This will never work in LB scenarios + + if (AuthorizeRequest()) { return Application["trashcanEmptyLeft"] != null ? Application["trashcanEmptyLeft"].ToString()