Fixes PostAddFolder
(cherry picked from commit c5d874464a)
# Conflicts:
# src/Umbraco.Web/Editors/MediaController.cs
This commit is contained in:
Shannon
committed by
Sebastiaan Janssen
Sebastiaan Janssen
parent
315690e758
commit
cefd9e7323
@@ -413,7 +413,69 @@ namespace Umbraco.Web.Editors
|
||||
}
|
||||
|
||||
return Request.CreateResponse(HttpStatusCode.OK);
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Given a parent id which could be a GUID, UDI or an INT, this will resolve the INT
|
||||
/// </summary>
|
||||
/// <param name="parentId"></param>
|
||||
/// <param name="validatePermissions">
|
||||
/// If true, this will check if the current user has access to the resolved integer parent id
|
||||
/// and if that check fails an unauthorized exception will occur
|
||||
/// </param>
|
||||
/// <returns></returns>
|
||||
private int GetParentIdAsInt(string parentId, bool validatePermissions)
|
||||
{
|
||||
int intParentId;
|
||||
GuidUdi parentUdi;
|
||||
|
||||
// test for udi
|
||||
if (GuidUdi.TryParse(parentId, out parentUdi))
|
||||
{
|
||||
parentId = parentUdi.Guid.ToString();
|
||||
}
|
||||
|
||||
//if it's not an INT then we'll check for GUID
|
||||
if (int.TryParse(parentId, out intParentId) == false)
|
||||
{
|
||||
// if a guid then try to look up the entity
|
||||
Guid idGuid;
|
||||
if (Guid.TryParse(parentId, out idGuid))
|
||||
{
|
||||
var entity = Services.EntityService.GetByKey(idGuid);
|
||||
if (entity != null)
|
||||
{
|
||||
intParentId = entity.Id;
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new EntityNotFoundException(parentId, "The passed id doesn't exist");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new HttpResponseException(
|
||||
Request.CreateValidationErrorResponse("The request was not formatted correctly, the parentId is not an integer, Guid or UDI"));
|
||||
}
|
||||
}
|
||||
|
||||
//ensure the user has access to this folder by parent id!
|
||||
if (CheckPermissions(
|
||||
new Dictionary<string, object>(),
|
||||
Security.CurrentUser,
|
||||
Services.MediaService,
|
||||
intParentId) == false)
|
||||
{
|
||||
throw new HttpResponseException(Request.CreateResponse(
|
||||
HttpStatusCode.Forbidden,
|
||||
new SimpleNotificationModel(new Notification(
|
||||
Services.TextService.Localize("speechBubbles/operationFailedHeader"),
|
||||
Services.TextService.Localize("speechBubbles/invalidUserPermissionsText"),
|
||||
SpeechBubbleIcon.Warning))));
|
||||
}
|
||||
|
||||
return intParentId;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Change the sort order for media
|
||||
@@ -574,11 +636,13 @@ namespace Umbraco.Web.Editors
|
||||
}
|
||||
}
|
||||
|
||||
[EnsureUserPermissionForMedia("folder.ParentId")]
|
||||
public MediaItemDisplay PostAddFolder(EntityBasic folder)
|
||||
public MediaItemDisplay PostAddFolder(PostedFolder folder)
|
||||
{
|
||||
var mediaService = ApplicationContext.Services.MediaService;
|
||||
var f = mediaService.CreateMedia(folder.Name, folder.ParentId, Constants.Conventions.MediaTypes.Folder);
|
||||
var intParentId = GetParentIdAsInt(folder.ParentId, validatePermissions: true);
|
||||
|
||||
var mediaService = ApplicationContext.Services.MediaService;
|
||||
|
||||
var f = mediaService.CreateMedia(folder.Name, intParentId, Constants.Conventions.MediaTypes.Folder);
|
||||
mediaService.Save(f, Security.CurrentUser.Id);
|
||||
|
||||
return Mapper.Map<IMedia, MediaItemDisplay>(f);
|
||||
@@ -649,21 +713,6 @@ namespace Umbraco.Web.Editors
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
//ensure the user has access to this folder by parent id!
|
||||
if (CheckPermissions(
|
||||
new Dictionary<string, object>(),
|
||||
Security.CurrentUser,
|
||||
Services.MediaService, parentId) == false)
|
||||
{
|
||||
return Request.CreateResponse(
|
||||
HttpStatusCode.Forbidden,
|
||||
new SimpleNotificationModel(new Notification(
|
||||
Services.TextService.Localize("speechBubbles/operationFailedHeader"),
|
||||
Services.TextService.Localize("speechBubbles/invalidUserPermissionsText"),
|
||||
SpeechBubbleIcon.Warning)));
|
||||
}
|
||||
|
||||
var tempFiles = new PostedFiles();
|
||||
var mediaService = ApplicationContext.Services.MediaService;
|
||||
|
||||
@@ -793,8 +842,8 @@ namespace Umbraco.Web.Editors
|
||||
if (origin.Value == "blueimp")
|
||||
{
|
||||
return Request.CreateResponse(HttpStatusCode.OK,
|
||||
tempFiles,
|
||||
//Don't output the angular xsrf stuff, blue imp doesn't like that
|
||||
tempFiles,
|
||||
//Don't output the angular xsrf stuff, blue imp doesn't like that
|
||||
new JsonMediaTypeFormatter());
|
||||
}
|
||||
}
|
||||
|
||||
17
src/Umbraco.Web/Models/ContentEditing/PostedFolder.cs
Normal file
17
src/Umbraco.Web/Models/ContentEditing/PostedFolder.cs
Normal file
@@ -0,0 +1,17 @@
|
||||
using System.Runtime.Serialization;
|
||||
|
||||
namespace Umbraco.Web.Models.ContentEditing
|
||||
{
|
||||
/// <summary>
|
||||
/// Used to create a folder with the MediaController
|
||||
/// </summary>
|
||||
[DataContract]
|
||||
public class PostedFolder
|
||||
{
|
||||
[DataMember(Name = "parentId")]
|
||||
public string ParentId { get; set; }
|
||||
|
||||
[DataMember(Name = "name")]
|
||||
public string Name { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -361,6 +361,7 @@
|
||||
<Compile Include="Models\ContentEditing\MemberTypeDisplay.cs" />
|
||||
<Compile Include="Models\ContentEditing\MemberTypeSave.cs" />
|
||||
<Compile Include="Models\ContentEditing\PostedFiles.cs" />
|
||||
<Compile Include="Models\ContentEditing\PostedFolder.cs" />
|
||||
<Compile Include="Models\ContentEditing\PropertyGroupBasic.cs" />
|
||||
<Compile Include="Models\ContentEditing\PropertyTypeBasic.cs" />
|
||||
<Compile Include="Models\ContentEditing\SimpleNotificationModel.cs" />
|
||||
|
||||
Reference in New Issue
Block a user