yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge with 6.0.4

Browse Source
This commit is contained in:
Shannon Deminick
2013-04-09 08:00:10 +06:00
parent efbc461da9 eadb1bb194
commit dd990b5df4
33 changed files with 985 additions and 739 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/Umbraco.Web.UI/umbraco/js/umbracoUpgradeChecker.js
View File

@@ -1,14 +1,15 @@
function umbracoCheckUpgrade(result) {
if (result.UpgradeType.toLowerCase() != 'none') {
if (UmbSpeechBubble == null) {
InitUmbracoSpeechBubble();
if (result) {
if (result.UpgradeType.toLowerCase() != 'none') {
if (UmbSpeechBubble == null) {
InitUmbracoSpeechBubble();
}
var icon = 'info';
if (result.UpgradeType.toLowerCase() == 'critical') {
icon = 'error';
}
UmbSpeechBubble.ShowMessage(icon, 'Upgrade Available!', '<a style="text-decoration:none" target="_blank" href="' + result.UpgradeUrl + '">' + result.UpgradeComment + '</a>', true);
}
var icon = 'info';
if (result.UpgradeType.toLowerCase() == 'critical') {
icon = 'error';
}
UmbSpeechBubble.ShowMessage(icon, 'Upgrade Available!', '<a style="text-decoration:none" target="_blank" href="' + result.UpgradeUrl + '">' + result.UpgradeComment + '</a>', true);
}
}

21
src/Umbraco.Web/Umbraco.Web.csproj
View File

@@ -561,6 +561,9 @@
<Compile Include="umbraco.presentation\umbraco\settings\editTemplate.aspx.cs">
<SubType>ASPXCodeBehind</SubType>
</Compile>
<Compile Include="umbraco.presentation\umbraco\settings\modals\ShowUmbracoTags.aspx.cs">
<SubType>ASPXCodeBehind</SubType>
</Compile>
<Compile Include="umbraco.presentation\umbraco\templateControls\Image.cs" />
<Compile Include="umbraco.presentation\umbraco\uQuery\IGetProperty.cs" />
<Compile Include="umbraco.presentation\XsltExtensionAttribute.cs" />
@@ -1476,13 +1479,6 @@
<Compile Include="umbraco.presentation\umbraco\settings\EditNodeTypeNew.aspx.designer.cs">
<DependentUpon>EditNodeTypeNew.aspx</DependentUpon>
</Compile>
<Compile Include="umbraco.presentation\umbraco\settings\modals\ShowUmbracoTags.aspx.cs">
<DependentUpon>ShowUmbracoTags.aspx</DependentUpon>
<SubType>ASPXCodeBehind</SubType>
</Compile>
<Compile Include="umbraco.presentation\umbraco\settings\modals\ShowUmbracoTags.aspx.designer.cs">
<DependentUpon>ShowUmbracoTags.aspx</DependentUpon>
</Compile>
<Compile Include="umbraco.presentation\umbraco\settings\scripts\editScript.aspx.cs">
<DependentUpon>editScript.aspx</DependentUpon>
<SubType>ASPXCodeBehind</SubType>
@@ -1781,7 +1777,15 @@
<Compile Include="WebServices\DomainsApiController.cs" />
<Compile Include="WebServices\ExamineManagementApiController.cs" />
<Compile Include="WebServices\FolderBrowserService.cs" />
<Compile Include="WebServices\UmbracoAuthorizedHttpHandler.cs" />
<Compile Include="WebServices\SaveFileController.cs" />
<Compile Include="WebServices\UmbracoAuthorizedWebService.cs">
<SubType>Component</SubType>
</Compile>
<Compile Include="WebServices\UmbracoHttpHandler.cs" />
<Compile Include="WebServices\UmbracoWebService.cs">
<SubType>Component</SubType>
</Compile>
<Content Include="umbraco.presentation\umbracobase\readme.txt" />
<Content Include="umbraco.presentation\umbraco\controls\Tree\CustomTreeService.asmx" />
<Content Include="umbraco.presentation\umbraco\developer\RelationTypes\EditRelationType.aspx" />
@@ -1963,9 +1967,6 @@
<Content Include="umbraco.presentation\umbraco\settings\EditNodeTypeNew.aspx">
<SubType>ASPXCodeBehind</SubType>
</Content>
<Content Include="umbraco.presentation\umbraco\settings\modals\ShowUmbracoTags.aspx">
<SubType>ASPXCodeBehind</SubType>
</Content>
<Content Include="umbraco.presentation\umbraco\settings\stylesheet\editstylesheet.aspx">
<SubType>ASPXCodeBehind</SubType>
</Content>

153
src/Umbraco.Web/WebServices/UmbracoAuthorizedHttpHandler.cs Normal file
View File

@@ -0,0 +1,153 @@
using System;
using System.Linq;
using System.Web;
using System.Web.Security;
using Umbraco.Core;
using umbraco;
using umbraco.BasePages;
using umbraco.BusinessLogic;
using umbraco.businesslogic.Exceptions;
namespace Umbraco.Web.WebServices
{
public abstract class UmbracoAuthorizedHttpHandler : UmbracoHttpHandler
{
protected UmbracoAuthorizedHttpHandler()
: base()
{
}
protected UmbracoAuthorizedHttpHandler(UmbracoContext umbracoContext)
: base(umbracoContext)
{
}
//IMPORTANT NOTE: !! All of these security bits and pieces have been moved in to one centralized class
// in 6.1 called WebSecurity. All this logic is all here temporarily!
private User _user;
private readonly InnerPage _page = new InnerPage();
/// <summary>
/// Checks if the umbraco context id is valid
/// </summary>
/// <param name="currentUmbracoUserContextId"></param>
/// <returns></returns>
protected bool ValidateUserContextId(string currentUmbracoUserContextId)
{
return BasePage.ValidateUserContextID(currentUmbracoUserContextId);
}
/// <summary>
/// Checks if the username/password credentials are valid
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
protected bool ValidateCredentials(string username, string password)
{
return Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(username, password);
}
/// <summary>
/// Validates the user for access to a certain application
/// </summary>
/// <param name="app">The application alias.</param>
/// <param name="throwExceptions">true if an exception should be thrown if authorization fails</param>
/// <returns></returns>
protected bool AuthorizeRequest(string app, bool throwExceptions = false)
{
//ensure we have a valid user first!
if (!AuthorizeRequest(throwExceptions)) return false;
//if it is empty, don't validate
if (app.IsNullOrWhiteSpace())
{
return true;
}
var hasAccess = UserHasAppAccess(app, UmbracoUser);
if (!hasAccess && throwExceptions)
throw new UserAuthorizationException("The user does not have access to the required application");
return hasAccess;
}
/// <summary>
/// Checks if the specified user as access to the app
/// </summary>
/// <param name="app"></param>
/// <param name="user"></param>
/// <returns></returns>
protected bool UserHasAppAccess(string app, User user)
{
return user.Applications.Any(uApp => uApp.alias == app);
}
/// <summary>
/// Checks if the specified user by username as access to the app
/// </summary>
/// <param name="app"></param>
/// <param name="username"></param>
/// <returns></returns>
protected bool UserHasAppAccess(string app, string username)
{
var uid = global::umbraco.BusinessLogic.User.getUserId(username);
if (uid < 0) return false;
var usr = global::umbraco.BusinessLogic.User.GetUser(uid);
if (usr == null) return false;
return UserHasAppAccess(app, usr);
}
/// <summary>
/// Returns true if there is a valid logged in user and that ssl is enabled if required
/// </summary>
/// <param name="throwExceptions">true if an exception should be thrown if authorization fails</param>
/// <returns></returns>
protected bool AuthorizeRequest(bool throwExceptions = false)
{
// check for secure connection
if (GlobalSettings.UseSSL && !HttpContext.Current.Request.IsSecureConnection)
{
if (throwExceptions)
throw new UserAuthorizationException("This installation requires a secure connection (via SSL). Please update the URL to include https://");
return false;
}
try
{
return UmbracoUser != null;
}
catch (ArgumentException)
{
if (throwExceptions) throw;
//an exception will occur if the user is not valid inside of _page.getUser();
return false;
}
catch (InvalidOperationException)
{
if (throwExceptions) throw;
//an exception will occur if the user is not valid inside of _page.getUser();
return false;
}
}
/// <summary>
/// Returns the current user
/// </summary>
protected User UmbracoUser
{
get
{
return _user ?? (_user = _page.getUser());
}
}
/// <summary>
/// Used to validate, thie is temporary, in 6.1 we have the WebSecurity class which does all
/// authorization stuff for us.
/// </summary>
private class InnerPage : BasePage
{
}
}
}

159
src/Umbraco.Web/WebServices/UmbracoAuthorizedWebService.cs Normal file
View File

@@ -0,0 +1,159 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Security;
using Umbraco.Core.Configuration;
using umbraco.BasePages;
using umbraco.BusinessLogic;
using Umbraco.Core;
using umbraco.businesslogic.Exceptions;
namespace Umbraco.Web.WebServices
{
/// <summary>
/// An abstract web service class that has the methods and properties to correct validate an Umbraco user
/// </summary>
public abstract class UmbracoAuthorizedWebService : UmbracoWebService
{
protected UmbracoAuthorizedWebService()
: base()
{
}
protected UmbracoAuthorizedWebService(UmbracoContext umbracoContext)
: base(umbracoContext)
{
}
//IMPORTANT NOTE: !! All of these security bits and pieces have been moved in to one centralized class
// in 6.1 called WebSecurity. All this logic is all here temporarily!
private User _user;
private readonly InnerPage _page = new InnerPage();
/// <summary>
/// Checks if the umbraco context id is valid
/// </summary>
/// <param name="currentUmbracoUserContextId"></param>
/// <returns></returns>
protected bool ValidateUserContextId(string currentUmbracoUserContextId)
{
return BasePage.ValidateUserContextID(currentUmbracoUserContextId);
}
/// <summary>
/// Checks if the username/password credentials are valid
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
protected bool ValidateCredentials(string username, string password)
{
return Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(username, password);
}
/// <summary>
/// Validates the user for access to a certain application
/// </summary>
/// <param name="app">The application alias.</param>
/// <param name="throwExceptions">true if an exception should be thrown if authorization fails</param>
/// <returns></returns>
protected bool AuthorizeRequest(string app, bool throwExceptions = false)
{
//ensure we have a valid user first!
if (!AuthorizeRequest(throwExceptions)) return false;
//if it is empty, don't validate
if (app.IsNullOrWhiteSpace())
{
return true;
}
var hasAccess = UserHasAppAccess(app, UmbracoUser);
if (!hasAccess && throwExceptions)
throw new UserAuthorizationException("The user does not have access to the required application");
return hasAccess;
}
/// <summary>
/// Checks if the specified user as access to the app
/// </summary>
/// <param name="app"></param>
/// <param name="user"></param>
/// <returns></returns>
protected bool UserHasAppAccess(string app, User user)
{
return user.Applications.Any(uApp => uApp.alias == app);
}
/// <summary>
/// Checks if the specified user by username as access to the app
/// </summary>
/// <param name="app"></param>
/// <param name="username"></param>
/// <returns></returns>
protected bool UserHasAppAccess(string app, string username)
{
var uid = global::umbraco.BusinessLogic.User.getUserId(username);
if (uid < 0) return false;
var usr = global::umbraco.BusinessLogic.User.GetUser(uid);
if (usr == null) return false;
return UserHasAppAccess(app, usr);
}
/// <summary>
/// Returns true if there is a valid logged in user and that ssl is enabled if required
/// </summary>
/// <param name="throwExceptions">true if an exception should be thrown if authorization fails</param>
/// <returns></returns>
protected bool AuthorizeRequest(bool throwExceptions = false)
{
// check for secure connection
if (GlobalSettings.UseSSL && !HttpContext.Current.Request.IsSecureConnection)
{
if (throwExceptions)
throw new UserAuthorizationException("This installation requires a secure connection (via SSL). Please update the URL to include https://");
return false;
}
try
{
return UmbracoUser != null;
}
catch (ArgumentException)
{
if (throwExceptions) throw;
//an exception will occur if the user is not valid inside of _page.getUser();
return false;
}
catch (InvalidOperationException)
{
if (throwExceptions) throw;
//an exception will occur if the user is not valid inside of _page.getUser();
return false;
}
}
/// <summary>
/// Returns the current user
/// </summary>
protected User UmbracoUser
{
get
{
return _user ?? (_user = _page.getUser());
}
}
/// <summary>
/// Used to validate, thie is temporary, in 6.1 we have the WebSecurity class which does all
/// authorization stuff for us.
/// </summary>
private class InnerPage : BasePage
{
}
}
}

74
src/Umbraco.Web/WebServices/UmbracoHttpHandler.cs Normal file
View File

@@ -0,0 +1,74 @@
using System;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;
using Umbraco.Core;
namespace Umbraco.Web.WebServices
{
public abstract class UmbracoHttpHandler : IHttpHandler
{
public abstract void ProcessRequest(HttpContext context);
public abstract bool IsReusable { get; }
protected UmbracoHttpHandler()
: this(UmbracoContext.Current)
{
}
protected UmbracoHttpHandler(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
UmbracoContext = umbracoContext;
Umbraco = new UmbracoHelper(umbracoContext);
}
/// <summary>
/// Returns the current ApplicationContext
/// </summary>
public ApplicationContext ApplicationContext
{
get { return UmbracoContext.Application; }
}
/// <summary>
/// Returns the current UmbracoContext
/// </summary>
public UmbracoContext UmbracoContext { get; private set; }
/// <summary>
/// Returns an UmbracoHelper object
/// </summary>
public UmbracoHelper Umbraco { get; private set; }
private UrlHelper _url;
/// <summary>
/// Returns a UrlHelper
/// </summary>
/// <remarks>
/// This URL helper is created without any route data and an empty request context
/// </remarks>
public UrlHelper Url
{
get { return _url ?? (_url = new UrlHelper(new RequestContext(new HttpContextWrapper(HttpContext.Current), new RouteData()))); }
}
///// <summary>
///// Returns a ServiceContext
///// </summary>
//public ServiceContext Services
//{
// get { return ApplicationContext.Services; }
//}
///// <summary>
///// Returns a DatabaseContext
///// </summary>
//public DatabaseContext DatabaseContext
//{
// get { return ApplicationContext.DatabaseContext; }
//}
}
}

75
src/Umbraco.Web/WebServices/UmbracoWebService.cs Normal file
View File

@@ -0,0 +1,75 @@
using System;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;
using System.Web.Services;
using Umbraco.Core;
namespace Umbraco.Web.WebServices
{
/// <summary>
/// An abstract web service class exposing common umbraco objects
/// </summary>
public abstract class UmbracoWebService : WebService
{
protected UmbracoWebService()
: this(UmbracoContext.Current)
{
}
protected UmbracoWebService(UmbracoContext umbracoContext)
{
if (umbracoContext == null) throw new ArgumentNullException("umbracoContext");
UmbracoContext = umbracoContext;
Umbraco = new UmbracoHelper(umbracoContext);
}
/// <summary>
/// Returns the current ApplicationContext
/// </summary>
public ApplicationContext ApplicationContext
{
get { return UmbracoContext.Application; }
}
/// <summary>
/// Returns the current UmbracoContext
/// </summary>
public UmbracoContext UmbracoContext { get; private set; }
/// <summary>
/// Returns an UmbracoHelper object
/// </summary>
public UmbracoHelper Umbraco { get; private set; }
private UrlHelper _url;
/// <summary>
/// Returns a UrlHelper
/// </summary>
/// <remarks>
/// This URL helper is created without any route data and an empty request context
/// </remarks>
public UrlHelper Url
{
get { return _url ?? (_url = new UrlHelper(new RequestContext(new HttpContextWrapper(Context), new RouteData()))); }
}
///// <summary>
///// Returns a ServiceContext
///// </summary>
//public ServiceContext Services
//{
// get { return ApplicationContext.Services; }
//}
///// <summary>
///// Returns a DatabaseContext
///// </summary>
//public DatabaseContext DatabaseContext
//{
// get { return ApplicationContext.DatabaseContext; }
//}
}
}

22
src/Umbraco.Web/umbraco.presentation/umbraco/developer/Packages/StarterKits.aspx.cs
View File

@@ -4,27 +4,33 @@ using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using Umbraco.Core.IO;
using umbraco.BasePages;
using umbraco.IO;
using umbraco.BusinessLogic;
namespace umbraco.presentation.umbraco.developer.Packages
{
[Obsolete("This class is no longer used and will be removed in future version. The page that supercedes this is Umbraco.Web.UI.Umbraco.Developer.Packages.StarterKits")]
public partial class StarterKits : UmbracoEnsuredPage
{
public StarterKits()
{
CurrentApp = DefaultApps.developer.ToString();
}
protected void Page_Load(object sender, EventArgs e)
{
if (!cms.businesslogic.skinning.Skinning.IsStarterKitInstalled())
showStarterKits();
ShowStarterKits();
else
showSkins((Guid)cms.businesslogic.skinning.Skinning.StarterKitGuid());
}
private void showStarterKits()
private void ShowStarterKits()
{
install.steps.Skinning.loadStarterKits starterkitsctrl =
(install.steps.Skinning.loadStarterKits)new UserControl().LoadControl(SystemDirectories.Install + "/steps/Skinning/loadStarterKits.ascx");
starterkitsctrl.StarterKitInstalled += new install.steps.Skinning.StarterKitInstalledEventHandler(starterkitsctrl_StarterKitInstalled);
var starterkitsctrl =
(install.steps.Skinning.loadStarterKits)LoadControl(SystemDirectories.Install + "/steps/Skinning/loadStarterKits.ascx");
starterkitsctrl.StarterKitInstalled += starterkitsctrl_StarterKitInstalled;
ph_starterkits.Controls.Add(starterkitsctrl);
@@ -40,11 +46,11 @@ namespace umbraco.presentation.umbraco.developer.Packages
public void showSkins(Guid starterKitGuid)
{
install.steps.Skinning.loadStarterKitDesigns ctrl = (install.steps.Skinning.loadStarterKitDesigns)new UserControl().LoadControl(SystemDirectories.Install + "/steps/Skinning/loadStarterKitDesigns.ascx");
var ctrl = (install.steps.Skinning.loadStarterKitDesigns)new UserControl().LoadControl(SystemDirectories.Install + "/steps/Skinning/loadStarterKitDesigns.ascx");
ctrl.ID = "StarterKitDesigns";
ctrl.StarterKitGuid = starterKitGuid;
ctrl.StarterKitDesignInstalled += new install.steps.Skinning.StarterKitDesignInstalledEventHandler(ctrl_StarterKitDesignInstalled);
ctrl.StarterKitDesignInstalled += ctrl_StarterKitDesignInstalled;
ph_skins.Controls.Add(ctrl);
StarterKitNotInstalled.Visible = false;

15
src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/emptyTrashcan.aspx.cs
View File

@@ -6,11 +6,24 @@ namespace umbraco.presentation.dialogs
{
public partial class emptyTrashcan : UmbracoEnsuredPage
{
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
var recycleBinType = helper.Request("type");
if (!ValidateUserApp(recycleBinType))
{
throw new InvalidOperationException("The user does not have access to the requested app");
}
}
protected void Page_Load(object sender, EventArgs e)
{
}
protected override void OnPreRender(EventArgs e) {
protected override void OnPreRender(EventArgs e)
{
base.OnPreRender(e);
ScriptManager.GetCurrent(Page).Services.Add(new ServiceReference("../webservices/trashcan.asmx"));

6
src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/uploadImage.aspx.cs
View File

@@ -10,6 +10,7 @@ using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Xml;
using umbraco.BusinessLogic;
using umbraco.IO;
namespace umbraco.dialogs
@@ -17,6 +18,9 @@ namespace umbraco.dialogs
[Obsolete("Use the UploadMediaImage control instead")]
public partial class uploadImage : BasePages.UmbracoEnsuredPage
{
public uploadImage()
{
CurrentApp = DefaultApps.media.ToString();
}
}
}

59
src/Umbraco.Web/umbraco.presentation/umbraco/settings/modals/ShowUmbracoTags.aspx
View File

@@ -1,59 +0,0 @@
<%@ Page Language="c#" MasterPageFile="../../masterpages/umbracoPage.Master" Title="ShowUmbracoTags"
Codebehind="ShowUmbracoTags.aspx.cs" AutoEventWireup="True"
Inherits="umbraco.cms.presentation.settings.modal.ShowUmbracoTags" %>
<%@ Register TagPrefix="cc1" Namespace="umbraco.uicontrols" Assembly="controls" %>
<asp:Content ID="Content1" ContentPlaceHolderID="head" runat="server">
<style type="text/css">
code{display: block; background: #999; color: #fff; padding: 5px; margin-bottom: 10px;white-space:normal;text-wrap:normal;}
small{color: #000 !Important; margin-bottom: 10px; display: block;}
</style>
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="body" runat="server">
<cc1:Pane ID="Pane7" Style="padding-right: 10px; padding-left: 10px; padding-bottom: 10px;
padding-top: 10px; text-align: left" runat="server">
<table id="Table1" width="100%">
<tr><th width="120">Insert field</th><td>
<code>
&lt;umbraco:Item field="bodyText" runat="server"/&gt;
</code>
<small>
Fetches a value from the current page.
</small>
</td></tr>
<tr><th width="120">Insert macro</th><td>
<code>
&lt;umbraco:Macro macroAlias="MacroAlias" Alias="MacroAlias" runat="server"/&gt;
</code>
<small>Inserts a macro into the template</small>
</td></tr>
<tr><th width="120">Load child template</th><td>
<code>
&lt;asp:ContentPlaceHolder runat="server" id="<%= alias %>ContentPlaceHolder" /&gt;
</code>
<small>
This is the default placeholder for content stored in a child template using this exact template as it's master template.
</small>
</td></tr>
<tr><th width="120">Disable Request Validation</th><td>
<code>
&lt;umbraco:DisableRequestValidation runat="server"/&gt;
</code>
<small>Disable ASP.NET request validation. It's the same as adding a enableEventValidation="false" to a page directive (but this is not possible in Umbraco as all pages use the same ASPX page for all pages)</small>
</td></tr>
<tr><th width="120">MetaBlogApi / Content Channels</th><td>
<code>
&lt;link rel="EditURI" type="application/rsd+xml" href="http://<%=Request.ServerVariables["SERVER_NAME"] %><%= umbraco.IO.IOHelper.ResolveUrl(umbraco.IO.SystemDirectories.Umbraco)%>/channels/rsd.aspx" /&gt;
<br /><br />
&lt;link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://<%=Request.ServerVariables["SERVER_NAME"] %><%= umbraco.IO.IOHelper.ResolveUrl(umbraco.IO.SystemDirectories.Umbraco)%>/channels/wlwmanifest.aspx" /&gt;
</code>
<small>
Insert the above two elements to the head element to gain optimal support for
using the MetaBlog Apis with 3rd party clients and to enable autodiscovery for Windows
Live Writer.
</small>
</td></tr>
</table>
</cc1:Pane>
</asp:Content>

49
src/Umbraco.Web/umbraco.presentation/umbraco/settings/modals/ShowUmbracoTags.aspx.cs
View File

@@ -1,4 +1,4 @@
using System;
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
@@ -11,37 +11,26 @@ using System.Web.UI.HtmlControls;
namespace umbraco.cms.presentation.settings.modal
{
/// <summary>
/// Summary description for ShowUmbracoTags.
/// </summary>
public partial class ShowUmbracoTags : umbraco.BasePages.UmbracoEnsuredPage
{
/// <summary>
/// Summary description for ShowUmbracoTags.
/// </summary>
public partial class ShowUmbracoTags : umbraco.BasePages.UmbracoEnsuredPage
{
public static string alias = "";
protected void Page_Load(object sender, System.EventArgs e)
{
protected void Page_Load(object sender, System.EventArgs e)
{
alias = Request.QueryString["alias"].Replace(" ", "").Trim();
// Put user code to initialize the page here
}
// Put user code to initialize the page here
}
#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form Designer.
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
}
#endregion
}
/// <summary>
/// Pane7 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.Pane Pane7;
}
}

25
src/Umbraco.Web/umbraco.presentation/umbraco/settings/modals/ShowUmbracoTags.aspx.designer.cs generated
View File

@@ -1,25 +0,0 @@
//------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by a tool.
// Runtime Version:2.0.50727.4927
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
// </auto-generated>
//------------------------------------------------------------------------------
namespace umbraco.cms.presentation.settings.modal {
public partial class ShowUmbracoTags {
/// <summary>
/// Pane7 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::umbraco.uicontrols.Pane Pane7;
}
}

17
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CMSNode.asmx.cs
View File

@@ -6,7 +6,7 @@ using System.Web.Script.Services;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.ComponentModel;
using Umbraco.Web.WebServices;
using umbraco.cms.businesslogic;
using umbraco.BusinessLogic;
@@ -17,22 +17,21 @@ namespace umbraco.presentation.webservices
/// </summary>
[WebService(Namespace = "http://umbraco.org/webservices/")]
[ScriptService]
public class CMSNode : System.Web.Services.WebService
public class CMSNode : UmbracoAuthorizedWebService
{
[WebMethod]
public string GetNodeName(string ContextID, int NodeId)
{
if (BasePages.BasePage.ValidateUserContextID(ContextID))
return getNodeName(NodeId);
return "";
return ValidateUserContextId(ContextID)
? GetNodeName(NodeId)
: string.Empty;
}
private string getNodeName(int NodeId)
private string GetNodeName(int nodeId)
{
legacyAjaxCalls.Authorize();
cms.businesslogic.CMSNode n = new cms.businesslogic.CMSNode(NodeId);
if (!AuthorizeRequest()) return string.Empty;
var n = new cms.businesslogic.CMSNode(nodeId);
return n.Text;
}
}

41
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CacheRefresher.asmx.cs
View File

@@ -17,41 +17,8 @@ namespace umbraco.presentation.webservices
/// Summary description for CacheRefresher.
/// </summary>
[WebService(Namespace="http://umbraco.org/webservices/")]
public class CacheRefresher : System.Web.Services.WebService
{
public CacheRefresher()
{
//CODEGEN: This call is required by the ASP.NET Web Services Designer
InitializeComponent();
}
#region Component Designer generated code
//Required by the Web Services Designer
private IContainer components = null;
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
}
/// <summary>
/// Clean up any resources being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if(disposing && components != null)
{
components.Dispose();
}
base.Dispose(disposing);
}
#endregion
public class CacheRefresher : WebService
{
[WebMethod]
public void RefreshAll(Guid uniqueIdentifier, string Login, string Password)
{
@@ -146,11 +113,11 @@ namespace umbraco.presentation.webservices
{
if (BusinessLogic.User.validateCredentials(Login, Password))
{
XmlDocument xd = new XmlDocument();
var xd = new XmlDocument();
xd.LoadXml("<cacheRefreshers/>");
foreach (var cr in CacheRefreshersResolver.Current.CacheResolvers)
{
XmlNode n = xmlHelper.addTextNode(xd, "cacheRefresher", cr.Name);
var n = xmlHelper.addTextNode(xd, "cacheRefresher", cr.Name);
n.Attributes.Append(xmlHelper.addAttribute(xd, "uniqueIdentifier", cr.UniqueIdentifier.ToString()));
xd.DocumentElement.AppendChild(n);
}

11
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/CheckForUpgrade.asmx.cs
View File

@@ -4,6 +4,7 @@ using System.Web;
using System.Web.Services;
using System.Web.Script.Services;
using Umbraco.Core;
using Umbraco.Web.WebServices;
using Umbraco.Core.Configuration;
@@ -16,16 +17,16 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
[ScriptService]
public class CheckForUpgrade : System.Web.Services.WebService
public class CheckForUpgrade : UmbracoAuthorizedWebService
{
[WebMethod]
[ScriptMethod]
public UpgradeResult CallUpgradeService()
{
legacyAjaxCalls.Authorize();
if (!AuthorizeRequest()) return null;
org.umbraco.update.CheckForUpgrade check = new global::umbraco.presentation.org.umbraco.update.CheckForUpgrade();
var check = new global::umbraco.presentation.org.umbraco.update.CheckForUpgrade();
org.umbraco.update.UpgradeResult result = check.CheckUpgrade(UmbracoVersion.Current.Major,
UmbracoVersion.Current.Minor,
UmbracoVersion.Current.Build,
@@ -39,7 +40,7 @@ namespace umbraco.presentation.webservices
{
bool isUpgrade = false;
// if it's an upgrade, you'll need to be logged in before we allow this call
if (!String.IsNullOrEmpty(Umbraco.Core.Configuration.GlobalSettings.ConfigurationStatus))
if (!String.IsNullOrEmpty(global::Umbraco.Core.Configuration.GlobalSettings.ConfigurationStatus))
{
isUpgrade = true;
legacyAjaxCalls.Authorize();
@@ -62,7 +63,7 @@ namespace umbraco.presentation.webservices
installCookie.SetValue(installId.ToString());
string dbProvider = String.Empty;
if (!String.IsNullOrEmpty(Umbraco.Core.Configuration.GlobalSettings.ConfigurationStatus))
if (!String.IsNullOrEmpty(global::Umbraco.Core.Configuration.GlobalSettings.ConfigurationStatus))
dbProvider = ApplicationContext.Current.DatabaseContext.DatabaseProvider.ToString();
org.umbraco.update.CheckForUpgrade check = new global::umbraco.presentation.org.umbraco.update.CheckForUpgrade();

135
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Developer.asmx.cs
View File

@@ -1,12 +1,8 @@
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Diagnostics;
using System.Web;
using System.Web.Services;
using System.Xml;
using Umbraco.Core;
using Umbraco.Web.WebServices;
using umbraco.BusinessLogic;
using umbraco.presentation.webservices;
namespace umbraco.webservices
@@ -15,99 +11,70 @@ namespace umbraco.webservices
/// Summary description for Developer.
/// </summary>
[WebService(Namespace="http://umbraco.org/webservices/")]
public class Developer : System.Web.Services.WebService
public class Developer : UmbracoAuthorizedWebService
{
public Developer()
{
//CODEGEN: This call is required by the ASP.NET Web Services Designer
InitializeComponent();
}
[WebMethod]
public string BootStrapTidy(string html, string ContextID)
public string BootStrapTidy(string html, string ContextID)
{
legacyAjaxCalls.Authorize();
//pretty sure this is legacy and it used to throw an exception so we'll continue to do the same
//true = throw if invalid
AuthorizeRequest(true);
return cms.helpers.xhtml.BootstrapTidy(html);
}
[WebMethod]
public XmlNode GetMacros(string Login, string Password)
public XmlNode GetMacros(string Login, string Password)
{
if (BusinessLogic.User.validateCredentials(Login, Password))
if (ValidateCredentials(Login, Password)
&& UserHasAppAccess(DefaultApps.developer.ToString(), Login))
{
XmlDocument xmlDoc = new XmlDocument();
XmlElement macros = xmlDoc.CreateElement("macros");
foreach (cms.businesslogic.macro.Macro m in cms.businesslogic.macro.Macro.GetAll())
var xmlDoc = new XmlDocument();
var macros = xmlDoc.CreateElement("macros");
foreach (var m in cms.businesslogic.macro.Macro.GetAll())
{
XmlElement mXml = xmlDoc.CreateElement("macro");
mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", m.Id.ToString()));
mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "alias", m.Alias));
mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", m.Name));
var mXml = xmlDoc.CreateElement("macro");
mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", m.Id.ToString()));
mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "alias", m.Alias));
mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", m.Name));
macros.AppendChild(mXml);
}
return macros;
} else
return null;
}
[WebMethod]
public XmlNode GetMacro(int Id, string Login, string Password)
{
if (BusinessLogic.User.validateCredentials(Login, Password))
{
XmlDocument xmlDoc = new XmlDocument();
XmlElement macro = xmlDoc.CreateElement("macro");
cms.businesslogic.macro.Macro m = new cms.businesslogic.macro.Macro(Id);
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", m.Id.ToString()));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "refreshRate", m.RefreshRate.ToString()));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "useInEditor", m.UseInEditor.ToString()));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "alias", m.Alias));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", m.Name));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "assembly", m.Assembly));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "type", m.Type));
macro.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "xslt", m.Xslt));
XmlElement Properties = xmlDoc.CreateElement("properties");
foreach (cms.businesslogic.macro.MacroProperty mp in m.Properties)
{
XmlElement pXml = xmlDoc.CreateElement("property");
pXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "alias", mp.Alias));
pXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", mp.Name));
pXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "public", mp.Public.ToString()));
Properties.AppendChild(pXml);
}
macro.AppendChild(Properties);
return macro;
} else
return null;
}
#region Component Designer generated code
//Required by the Web Services Designer
private IContainer components = null;
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
}
/// <summary>
/// Clean up any resources being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if(disposing && components != null)
{
components.Dispose();
}
base.Dispose(disposing);
return null;
}
#endregion
[WebMethod]
public XmlNode GetMacro(int Id, string Login, string Password)
{
if (ValidateCredentials(Login, Password)
&& UserHasAppAccess(DefaultApps.developer.ToString(), Login))
{
var xmlDoc = new XmlDocument();
var macro = xmlDoc.CreateElement("macro");
var m = new cms.businesslogic.macro.Macro(Id);
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", m.Id.ToString()));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "refreshRate", m.RefreshRate.ToString()));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "useInEditor", m.UseInEditor.ToString()));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "alias", m.Alias));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", m.Name));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "assembly", m.Assembly));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "type", m.Type));
macro.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "xslt", m.Xslt));
var properties = xmlDoc.CreateElement("properties");
foreach (var mp in m.Properties)
{
var pXml = xmlDoc.CreateElement("property");
pXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "alias", mp.Alias));
pXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", mp.Name));
pXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "public", mp.Public.ToString()));
properties.AppendChild(pXml);
}
macro.AppendChild(properties);
return macro;
}
return null;
}
}
}

9
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MacroContainerService.asmx.cs
View File

@@ -4,6 +4,7 @@ using System.Linq;
using System.Web;
using System.Web.Services;
using System.Web.Script.Services;
using Umbraco.Web.WebServices;
namespace umbraco.presentation.webservices
{
@@ -14,15 +15,17 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
[ScriptService]
public class MacroContainerService : System.Web.Services.WebService
public class MacroContainerService : UmbracoAuthorizedWebService
{
[WebMethod(EnableSession = true)]
[ScriptMethod]
public void SetSortOrder(string id, string sortorder)
{
HttpContext.Current.Session[id + "sortorder"] = sortorder;
if (AuthorizeRequest())
{
HttpContext.Current.Session[id + "sortorder"] = sortorder;
}
}
}
}

12
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
View File

@@ -24,7 +24,7 @@ namespace umbraco.presentation.umbraco.webservices
public bool IsReusable
{
get { return true; }
get { return false; }
}
public void ProcessRequest(HttpContext context)
@@ -240,10 +240,14 @@ namespace umbraco.presentation.umbraco.webservices
if (isValid)
AuthenticatedUser = user;
}
else if (User.GetCurrent() != null)
else
{
isValid = true;
AuthenticatedUser = User.GetCurrent();
var usr = User.GetCurrent();
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID) && usr != null)
{
isValid = true;
AuthenticatedUser = usr;
}
}
return isValid;

66
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/Settings.asmx.cs
View File

@@ -7,68 +7,34 @@ using System.Web;
using System.Web.Services;
using System.Linq;
using System.Xml;
using Umbraco.Core;
using Umbraco.Web.WebServices;
using umbraco.BusinessLogic;
namespace umbraco.webservices
{
/// <summary>
/// Summary description for Settings.
/// </summary>
public class Settings : System.Web.Services.WebService
{
public Settings()
{
//CODEGEN: This call is required by the ASP.NET Web Services Designer
InitializeComponent();
}
public class Settings : UmbracoAuthorizedWebService
{
[WebMethod]
public XmlNode GetTabs(string ContextID, int ContentTypeId)
public XmlNode GetTabs(string ContextID, int ContentTypeId)
{
if (BasePages.BasePage.ValidateUserContextID(ContextID))
if (!AuthorizeRequest(DefaultApps.settings.ToString()))
{
XmlDocument xmlDoc = new XmlDocument();
XmlElement tabs = xmlDoc.CreateElement("tabs");
foreach (cms.businesslogic.ContentType.TabI t in new cms.businesslogic.ContentType(ContentTypeId).getVirtualTabs.ToList())
var xmlDoc = new XmlDocument();
var tabs = xmlDoc.CreateElement("tabs");
foreach (var t in new cms.businesslogic.ContentType(ContentTypeId).getVirtualTabs.ToList())
{
XmlElement mXml = xmlDoc.CreateElement("tab");
mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", t.Id.ToString()));
mXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "caption", t.Caption));
var mXml = xmlDoc.CreateElement("tab");
mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", t.Id.ToString()));
mXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "caption", t.Caption));
tabs.AppendChild(mXml);
}
return tabs;
}
else
return null;
}
#region Component Designer generated code
//Required by the Web Services Designer
private IContainer components = null;
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
}
/// <summary>
/// Clean up any resources being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if(disposing && components != null)
{
components.Dispose();
}
base.Dispose(disposing);
}
#endregion
return null;
}
}
}

4
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TagsAutoCompleteHandler.ashx.cs
View File

@@ -11,9 +11,7 @@ using umbraco.presentation.webservices;
namespace umbraco.presentation.umbraco.webservices
{
/// <summary>
/// Summary description for $codebehindclassname$
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class TagsAutoCompleteHandler : IHttpHandler

15
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeClientService.asmx.cs
View File

@@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.Web;
using System.Web.Services;
using Umbraco.Web.WebServices;
using umbraco.presentation.umbraco.controls;
using umbraco.cms.presentation.Trees;
using System.Web.Script.Services;
@@ -18,7 +19,7 @@ namespace umbraco.presentation.webservices
/// </summary>
[ScriptService]
[WebService]
public class TreeClientService : WebService
public class TreeClientService : UmbracoAuthorizedWebService
{
/// <summary>
@@ -29,9 +30,9 @@ namespace umbraco.presentation.webservices
[ScriptMethod(ResponseFormat = ResponseFormat.Json)]
public Dictionary<string, string> GetInitAppTreeData(string app, string treeType, bool showContextMenu, bool isDialog, TreeDialogModes dialogMode, string functionToCall, string nodeKey)
{
Authorize();
AuthorizeRequest(app, true);
TreeControl treeCtl = new TreeControl()
var treeCtl = new TreeControl()
{
ShowContextMenu = showContextMenu,
IsDialog = isDialog,
@@ -43,7 +44,7 @@ namespace umbraco.presentation.webservices
FunctionToCall = string.IsNullOrEmpty(functionToCall) ? "" : functionToCall
};
Dictionary<string, string> returnVal = new Dictionary<string, string>();
var returnVal = new Dictionary<string, string>();
if (string.IsNullOrEmpty(treeType))
{
@@ -65,7 +66,7 @@ namespace umbraco.presentation.webservices
//tree.StartNodeID =
//now render it's start node
XmlTree xTree = new XmlTree();
var xTree = new XmlTree();
xTree.Add(tree.RootNode);
returnVal.Add("json", xTree.ToString());
}
@@ -74,13 +75,13 @@ namespace umbraco.presentation.webservices
returnVal.Add("js", treeCtl.JSCurrApp);
return returnVal;
}
}
[Obsolete("Use the AuthorizeRequest methods on the base class UmbracoAuthorizedWebService instead")]
public static void Authorize()
{
if (!BasePages.BasePage.ValidateUserContextID(BasePages.BasePage.umbracoUserContextID))
throw new Exception("Client authorization failed. User is not logged in");
}
}

31
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/TreeDataService.ashx.cs
View File

@@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.Web;
using System.Web.Services;
using Umbraco.Web.WebServices;
using umbraco.cms.presentation.Trees;
using System.Threading;
@@ -13,19 +14,18 @@ namespace umbraco.presentation.webservices
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
public class TreeDataService : IHttpHandler
public class TreeDataService : UmbracoAuthorizedHttpHandler
{
public void ProcessRequest(HttpContext context)
public override void ProcessRequest(HttpContext context)
{
Authorize();
//Thread.Sleep(100000);
AuthorizeRequest(true);
context.Response.ContentType = "application/json";
context.Response.Write(GetXmlTree().ToString());
}
public bool IsReusable
public override bool IsReusable
{
get
{
@@ -33,6 +33,7 @@ namespace umbraco.presentation.webservices
}
}
[Obsolete("Use the base class AuthorizeRequest methods in UmbracoAuthorizedHttpHandler")]
public static void Authorize()
{
if (!BasePages.BasePage.ValidateUserContextID(BasePages.BasePage.umbracoUserContextID))
@@ -46,7 +47,10 @@ namespace umbraco.presentation.webservices
/// <returns></returns>
public XmlTree GetXmlTree()
{
TreeRequestParams treeParams = TreeRequestParams.FromQueryStrings();
var treeParams = TreeRequestParams.FromQueryStrings();
//validate the current user for the request app!
AuthorizeRequest(treeParams.Application, true);
if (string.IsNullOrEmpty(treeParams.TreeType))
if (!string.IsNullOrEmpty(treeParams.Application))
@@ -56,16 +60,16 @@ namespace umbraco.presentation.webservices
else
LoadTree(treeParams);
return xTree;
return _xTree;
}
private XmlTree xTree = new XmlTree();
private XmlTree _xTree = new XmlTree();
/// <summary>
/// If the application supports multiple trees, then this function iterates over all of the trees assigned to it
/// and creates their top level nodes and context menus.
/// </summary>
/// <param name="appAlias"></param>
/// <param name="treeParams"></param>
private void LoadAppTrees(TreeRequestParams treeParams)
{
//find all tree definitions that have the current application alias
@@ -75,15 +79,14 @@ namespace umbraco.presentation.webservices
{
BaseTree bTree = treeDef.CreateInstance();
bTree.SetTreeParameters(treeParams);
xTree.Add(bTree.RootNode);
_xTree.Add(bTree.RootNode);
}
}
/// <summary>
/// This will load the particular ITree object and call it's render method to get the nodes that need to be rendered.
/// </summary>
/// <param name="appAlias"></param>
/// <param name="treeAlias"></param>
/// <param name="treeParams"></param>
private void LoadTree(TreeRequestParams treeParams)
{
@@ -93,7 +96,7 @@ namespace umbraco.presentation.webservices
{
BaseTree bTree = treeDef.CreateInstance();
bTree.SetTreeParameters(treeParams);
bTree.Render(ref xTree);
bTree.Render(ref _xTree);
}
else
LoadNullTree(treeParams);
@@ -106,7 +109,7 @@ namespace umbraco.presentation.webservices
{
BaseTree nullTree = new NullTree(treeParams.Application);
nullTree.SetTreeParameters(treeParams);
nullTree.Render(ref xTree);
nullTree.Render(ref _xTree);
}
}
}

79
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/UltimatePickerAutoCompleteHandler.ashx.cs
View File

@@ -3,6 +3,8 @@ using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Services;
using Umbraco.Web.WebServices;
using umbraco.BusinessLogic;
using umbraco.cms.businesslogic.web;
using umbraco.cms.businesslogic;
@@ -13,19 +15,24 @@ namespace umbraco.presentation.umbraco.webservices
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class UltimatePickerAutoCompleteHandler : IHttpHandler
public class UltimatePickerAutoCompleteHandler : UmbracoAuthorizedHttpHandler
{
private int nodeCount;
private int Counter;
private string[] output;
private string prefix;
private int _nodeCount;
private int _counter;
private string[] _output;
private string _prefix;
public void ProcessRequest(HttpContext context)
public override void ProcessRequest(HttpContext context)
{
//user must be allowed to see content or media
if (!AuthorizeRequest(DefaultApps.content.ToString()) && !AuthorizeRequest(DefaultApps.media.ToString()))
return;
context.Response.ContentType = "text/plain";
prefix = context.Request.QueryString["q"];
_prefix = context.Request.QueryString["q"];
int parentNodeId = Convert.ToInt32(context.Request.QueryString["id"]);
bool showGrandChildren = Convert.ToBoolean(context.Request.QueryString["showchildren"]);
@@ -37,7 +44,7 @@ namespace umbraco.presentation.umbraco.webservices
CMSNode parent = new CMSNode(parentNodeId);
if (!showGrandChildren)
{
nodeCount = 0;
_nodeCount = 0;
//store children array here because iterating over an Array property object is very inneficient.
var children = parent.Children;
@@ -45,42 +52,42 @@ namespace umbraco.presentation.umbraco.webservices
{
nodeChildrenCount(child, false, documentAliasFilters);
NodeChildrenCount(child, false, documentAliasFilters);
}
output = new string[nodeCount];
_output = new string[_nodeCount];
Counter = 0;
_counter = 0;
int level = 1;
//why is there a 2nd iteration of the same thing here?
foreach (CMSNode child in children)
{
addNode(child, level, showGrandChildren, documentAliasFilters);
AddNode(child, level, showGrandChildren, documentAliasFilters);
}
}
else
{
nodeCount = 0;
_nodeCount = 0;
//store children array here because iterating over an Array property object is very inneficient.
var children = parent.Children;
foreach (CMSNode child in children)
{
nodeChildrenCount(child, true, documentAliasFilters);
NodeChildrenCount(child, true, documentAliasFilters);
}
output = new string[nodeCount];
Counter = 0;
_output = new string[_nodeCount];
_counter = 0;
int level = 1;
foreach (CMSNode child in children)
{
addNode(child, level, showGrandChildren, documentAliasFilters);
AddNode(child, level, showGrandChildren, documentAliasFilters);
}
@@ -88,21 +95,21 @@ namespace umbraco.presentation.umbraco.webservices
}
foreach (string item in output)
foreach (string item in _output)
{
context.Response.Write(item + Environment.NewLine);
}
}
private bool validNode(string nodeText)
private bool ValidNode(string nodeText)
{
if (nodeText.Length >= prefix.Length)
if (nodeText.Length >= _prefix.Length)
{
if (nodeText.Substring(0, prefix.Length).ToLower() == prefix.ToLower())
if (nodeText.Substring(0, _prefix.Length).ToLower() == _prefix.ToLower())
{
return true;
}
@@ -111,7 +118,7 @@ namespace umbraco.presentation.umbraco.webservices
return false;
}
private void nodeChildrenCount(CMSNode node, bool countChildren, string[] documentAliasFilters)
private void NodeChildrenCount(CMSNode node, bool countChildren, string[] documentAliasFilters)
{
if (documentAliasFilters.Length > 0)
{
@@ -123,9 +130,9 @@ namespace umbraco.presentation.umbraco.webservices
if (new Document(node.Id).ContentType.Alias == trimmedFilter || trimmedFilter == string.Empty)
{
if (validNode(node.Text))
if (ValidNode(node.Text))
{
nodeCount += 1;
_nodeCount += 1;
}
}
@@ -133,9 +140,9 @@ namespace umbraco.presentation.umbraco.webservices
}
else
{
if (validNode(node.Text))
if (ValidNode(node.Text))
{
nodeCount += 1;
_nodeCount += 1;
}
}
@@ -145,13 +152,13 @@ namespace umbraco.presentation.umbraco.webservices
var children = node.Children;
foreach (CMSNode child in children)
{
nodeChildrenCount(child, countChildren, documentAliasFilters);
NodeChildrenCount(child, countChildren, documentAliasFilters);
}
}
}
private void addNode(CMSNode node, int level, bool showGrandChildren, string[] documentAliasFilters)
private void AddNode(CMSNode node, int level, bool showGrandChildren, string[] documentAliasFilters)
{
string preText = string.Empty;
@@ -170,10 +177,10 @@ namespace umbraco.presentation.umbraco.webservices
if (new Document(node.Id).ContentType.Alias == trimmedFilter || trimmedFilter == string.Empty)
{
if (validNode(node.Text))
if (ValidNode(node.Text))
{
output[Counter] = preText + node.Text + " [" + node.Id + "]";
Counter++;
_output[_counter] = preText + node.Text + " [" + node.Id + "]";
_counter++;
}
}
@@ -181,10 +188,10 @@ namespace umbraco.presentation.umbraco.webservices
}
else
{
if (validNode(node.Text))
if (ValidNode(node.Text))
{
output[Counter] = preText + node.Text + " [" + node.Id + "]";
Counter++;
_output[_counter] = preText + node.Text + " [" + node.Id + "]";
_counter++;
}
}
@@ -196,13 +203,13 @@ namespace umbraco.presentation.umbraco.webservices
var children = node.Children;
foreach (CMSNode child in children)
{
addNode(child, level + 1, showGrandChildren, documentAliasFilters);
AddNode(child, level + 1, showGrandChildren, documentAliasFilters);
}
}
}
}
public bool IsReusable
public override bool IsReusable
{
get
{

15
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/ajaxHelpers.cs
View File

@@ -7,13 +7,16 @@ using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using umbraco.IO;
using Umbraco.Core.IO;
namespace umbraco.presentation.webservices {
public class ajaxHelpers {
public static void EnsureLegacyCalls(System.Web.UI.Page page) {
ScriptManager sm = ScriptManager.GetCurrent(page);
ServiceReference legacyPath = new ServiceReference(SystemDirectories.Webservices + "/legacyAjaxCalls.asmx");
namespace umbraco.presentation.webservices
{
public class ajaxHelpers
{
public static void EnsureLegacyCalls(Page page)
{
var sm = ScriptManager.GetCurrent(page);
var legacyPath = new ServiceReference(SystemDirectories.WebServices + "/legacyAjaxCalls.asmx");
if (!sm.Services.Contains(legacyPath))
sm.Services.Add(legacyPath);

173
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/codeEditorSave.asmx.cs
View File

@@ -13,9 +13,11 @@ using System.Xml;
using System.Xml.Xsl;
using Umbraco.Core;
using Umbraco.Core.IO;
using Umbraco.Web.WebServices;
using Umbraco.Web;
using Umbraco.Web.Cache;
using umbraco.BasePages;
using umbraco.BusinessLogic;
using umbraco.cms.businesslogic.macro;
using umbraco.cms.businesslogic.template;
using umbraco.cms.businesslogic.web;
@@ -23,7 +25,6 @@ using umbraco.presentation.cache;
using System.Net;
using System.Collections;
using umbraco.NodeFactory;
using umbraco.scripting;
namespace umbraco.presentation.webservices
{
@@ -34,49 +35,41 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
[ScriptService]
public class codeEditorSave : WebService
public class codeEditorSave : UmbracoAuthorizedWebService
{
[WebMethod]
public string Save(string fileName, string fileAlias, string fileContents, string fileType, int fileID, int masterID, bool ignoreDebug)
{
return "Not implemented";
}
[WebMethod]
public string SaveCss(string fileName, string oldName, string fileContents, int fileID)
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
if (AuthorizeRequest(DefaultApps.settings.ToString()))
{
string returnValue = "false";
StyleSheet stylesheet = new StyleSheet(fileID);
string returnValue;
var stylesheet = new StyleSheet(fileID)
{
Content = fileContents, Text = fileName
};
if (stylesheet != null)
try
{
stylesheet.Content = fileContents;
stylesheet.Text = fileName;
try
stylesheet.saveCssToFile();
stylesheet.Save();
returnValue = "true";
//deletes the old css file if the name was changed...
if (fileName.ToLowerInvariant() != oldName.ToLowerInvariant())
{
stylesheet.saveCssToFile();
stylesheet.Save();
returnValue = "true";
//deletes the old css file if the name was changed...
if (fileName.ToLowerInvariant() != oldName.ToLowerInvariant())
{
string p = IOHelper.MapPath(SystemDirectories.Css + "/" + oldName + ".css");
if (System.IO.File.Exists(p))
System.IO.File.Delete(p);
}
}
catch (Exception ex)
{
return ex.ToString();
var p = IOHelper.MapPath(SystemDirectories.Css + "/" + oldName + ".css");
if (File.Exists(p))
File.Delete(p);
}
//this.speechBubble(speechBubbleIcon.save, ui.Text("speechBubbles", "editStylesheetSaved", base.getUser()), "");
}
catch (Exception ex)
{
return ex.ToString();
}
return returnValue;
}
return "false";
@@ -85,7 +78,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveXslt(string fileName, string oldName, string fileContents, bool ignoreDebugging)
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
if (AuthorizeRequest(DefaultApps.developer.ToString()))
{
// validate file
@@ -113,15 +106,14 @@ namespace umbraco.presentation.webservices
string xpath = UmbracoSettings.UseLegacyXmlSchema ? "/root/node" : "/root/*";
if (content.Instance.XmlContent.SelectNodes(xpath).Count > 0)
{
XmlDocument macroXML = new XmlDocument();
var macroXML = new XmlDocument();
macroXML.LoadXml("<macro/>");
XslCompiledTransform macroXSLT = new XslCompiledTransform();
page umbPage = new page(content.Instance.XmlContent.SelectSingleNode("//* [@parentID = -1]"));
var macroXSLT = new XslCompiledTransform();
var umbPage = new page(content.Instance.XmlContent.SelectSingleNode("//* [@parentID = -1]"));
XsltArgumentList xslArgs;
xslArgs = macro.AddMacroXsltExtensions();
library lib = new library(umbPage);
var xslArgs = macro.AddMacroXsltExtensions();
var lib = new library(umbPage);
xslArgs.AddExtensionObject("urn:umbraco.library", lib);
HttpContext.Current.Trace.Write("umbracoMacro", "After adding extensions");
@@ -132,16 +124,16 @@ namespace umbraco.presentation.webservices
// Create reader and load XSL file
// We need to allow custom DTD's, useful for defining an ENTITY
XmlReaderSettings readerSettings = new XmlReaderSettings();
var readerSettings = new XmlReaderSettings();
readerSettings.ProhibitDtd = false;
using (XmlReader xmlReader = XmlReader.Create(tempFileName, readerSettings))
using (var xmlReader = XmlReader.Create(tempFileName, readerSettings))
{
XmlUrlResolver xslResolver = new XmlUrlResolver();
var xslResolver = new XmlUrlResolver();
xslResolver.Credentials = CredentialCache.DefaultCredentials;
macroXSLT.Load(xmlReader, XsltSettings.TrustedXslt, xslResolver);
xmlReader.Close();
// Try to execute the transformation
HtmlTextWriter macroResult = new HtmlTextWriter(new StringWriter());
var macroResult = new HtmlTextWriter(new StringWriter());
macroXSLT.Transform(macroXML, xslArgs, macroResult);
macroResult.Close();
@@ -165,24 +157,23 @@ namespace umbraco.presentation.webservices
errorMessage = errorMessage.Replace("\n", "<br/>\n");
//closeErrorMessage.Visible = true;
string[] errorLine;
// Find error
MatchCollection m = Regex.Matches(errorMessage, @"\d*[^,],\d[^\)]", RegexOptions.IgnoreCase | RegexOptions.IgnorePatternWhitespace);
var m = Regex.Matches(errorMessage, @"\d*[^,],\d[^\)]", RegexOptions.IgnoreCase | RegexOptions.IgnorePatternWhitespace);
foreach (Match mm in m)
{
errorLine = mm.Value.Split(',');
string[] errorLine = mm.Value.Split(',');
if (errorLine.Length > 0)
{
int theErrorLine = int.Parse(errorLine[0]);
int theErrorChar = int.Parse(errorLine[1]);
var theErrorLine = int.Parse(errorLine[0]);
var theErrorChar = int.Parse(errorLine[1]);
errorMessage = "Error in XSLT at line " + errorLine[0] + ", char " + errorLine[1] +
"<br/>";
errorMessage += "<span style=\"font-family: courier; font-size: 11px;\">";
string[] xsltText = fileContents.Split("\n".ToCharArray());
for (int i = 0; i < xsltText.Length; i++)
var xsltText = fileContents.Split("\n".ToCharArray());
for (var i = 0; i < xsltText.Length; i++)
{
if (i >= theErrorLine - 3 && i <= theErrorLine + 1)
if (i + 1 == theErrorLine)
@@ -204,15 +195,13 @@ namespace umbraco.presentation.webservices
errorMessage += "</span>";
}
}
}
}
if (errorMessage == "" && fileName.ToLower().EndsWith(".xslt"))
{
//Hardcoded security-check... only allow saving files in xslt directory...
string savePath = IOHelper.MapPath(SystemDirectories.Xslt + "/" + fileName);
var savePath = IOHelper.MapPath(SystemDirectories.Xslt + "/" + fileName);
if (savePath.StartsWith(IOHelper.MapPath(SystemDirectories.Xslt + "/")))
{
@@ -220,9 +209,9 @@ namespace umbraco.presentation.webservices
if (fileName != oldName)
{
string p = IOHelper.MapPath(SystemDirectories.Xslt + "/" + oldName);
if (System.IO.File.Exists(p))
System.IO.File.Delete(p);
var p = IOHelper.MapPath(SystemDirectories.Xslt + "/" + oldName);
if (File.Exists(p))
File.Delete(p);
}
SW = File.CreateText(savePath);
@@ -248,14 +237,13 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveDLRScript(string fileName, string oldName, string fileContents, bool ignoreDebugging)
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
if (AuthorizeRequest(DefaultApps.developer.ToString()))
{
if (string.IsNullOrEmpty(fileName))
throw new ArgumentNullException("fileName");
List<string> allowedExtensions = new List<string>();
foreach (MacroEngineLanguage lang in MacroEngineFactory.GetSupportedUILanguages())
var allowedExtensions = new List<string>();
foreach (var lang in MacroEngineFactory.GetSupportedUILanguages())
{
if (!allowedExtensions.Contains(lang.Extension))
allowedExtensions.Add(lang.Extension);
@@ -270,8 +258,6 @@ namespace umbraco.presentation.webservices
allowedExtensions);
StreamWriter SW;
//As Files Can Be Stored In Sub Directories, So We Need To Get The Exeuction Directory Correct
var lastOccurance = fileName.LastIndexOf('/') + 1;
var directory = fileName.Substring(0, lastOccurance);
@@ -280,10 +266,11 @@ namespace umbraco.presentation.webservices
IOHelper.MapPath(SystemDirectories.MacroScripts + "/" + directory + DateTime.Now.Ticks + "_" +
fileNameWithExt);
//SW = File.CreateText(tempFileName);
SW = new StreamWriter(tempFileName, false, Encoding.UTF8);
SW.Write(fileContents);
SW.Close();
using (var sw = new StreamWriter(tempFileName, false, Encoding.UTF8))
{
sw.Write(fileContents);
sw.Close();
}
var errorMessage = "";
if (!ignoreDebugging)
@@ -324,9 +311,11 @@ namespace umbraco.presentation.webservices
File.Delete(p);
}
SW = new StreamWriter(savePath, false, Encoding.UTF8);
SW.Write(fileContents);
SW.Close();
using (var sw = new StreamWriter(savePath, false, Encoding.UTF8))
{
sw.Write(fileContents);
sw.Close();
}
errorMessage = "true";
@@ -387,7 +376,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveScript(string filename, string oldName, string contents)
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
if (AuthorizeRequest(DefaultApps.settings.ToString()))
{
// validate file
@@ -398,38 +387,36 @@ namespace umbraco.presentation.webservices
UmbracoSettings.ScriptFileTypes.Split(',').ToList());
string val = contents;
string returnValue = "false";
var val = contents;
string returnValue;
try
{
string saveOldPath = "";
if (oldName.StartsWith("~/"))
saveOldPath = IOHelper.MapPath(oldName);
else
saveOldPath = IOHelper.MapPath(SystemDirectories.Scripts + "/" + oldName);
string savePath = "";
if (filename.StartsWith("~/"))
savePath = IOHelper.MapPath(filename);
else
savePath = IOHelper.MapPath(SystemDirectories.Scripts + "/" + filename);
var saveOldPath = "";
saveOldPath = oldName.StartsWith("~/")
? IOHelper.MapPath(oldName)
: IOHelper.MapPath(SystemDirectories.Scripts + "/" + oldName);
var savePath = "";
savePath = filename.StartsWith("~/")
? IOHelper.MapPath(filename)
: IOHelper.MapPath(SystemDirectories.Scripts + "/" + filename);
//Directory check.. only allow files in script dir and below to be edited
if (savePath.StartsWith(IOHelper.MapPath(SystemDirectories.Scripts + "/")) || savePath.StartsWith(IOHelper.MapPath(SystemDirectories.Masterpages + "/")))
{
//deletes the old file
if (savePath != saveOldPath)
{
if (System.IO.File.Exists(saveOldPath))
System.IO.File.Delete(saveOldPath);
if (File.Exists(saveOldPath))
File.Delete(saveOldPath);
}
StreamWriter SW;
SW = File.CreateText(savePath);
SW.Write(val);
SW.Close();
using (var sw = File.CreateText(savePath))
{
sw.Write(val);
sw.Close();
}
returnValue = "true";
}
else
@@ -452,7 +439,7 @@ namespace umbraco.presentation.webservices
[WebMethod]
public string SaveTemplate(string templateName, string templateAlias, string templateContents, int templateID, int masterTemplateID)
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
if (AuthorizeRequest(DefaultApps.settings.ToString()))
{
var _template = new Template(templateID);
string retVal = "false";

53
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/legacyAjaxCalls.asmx.cs
View File

@@ -2,6 +2,7 @@ using System;
using System.Data;
using System.Web;
using System.Collections;
using System.Web.Security;
using System.Web.Services;
using System.Web.Services.Protocols;
using System.ComponentModel;
@@ -20,6 +21,8 @@ using Umbraco.Core;
using Umbraco.Core.IO;
using Umbraco.Web;
using Umbraco.Web.Cache;
using Umbraco.Web.WebServices;
using umbraco.BusinessLogic;
using umbraco.businesslogic.Exceptions;
using umbraco.cms.businesslogic.web;
using umbraco.cms.businesslogic.media;
@@ -35,18 +38,16 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
[ScriptService]
public class legacyAjaxCalls : System.Web.Services.WebService
public class legacyAjaxCalls : UmbracoAuthorizedWebService
{
[WebMethod]
public bool ValidateUser(string username, string password)
{
if (System.Web.Security.Membership.Providers[UmbracoSettings.DefaultBackofficeProvider].ValidateUser(
username, password))
if (ValidateCredentials(username, password))
{
BusinessLogic.User u = new BusinessLogic.User(username);
var u = new BusinessLogic.User(username);
BasePage.doLogin(u);
return true;
}
else
@@ -67,7 +68,7 @@ namespace umbraco.presentation.webservices
public void Delete(string nodeId, string alias, string nodeType)
{
Authorize();
AuthorizeRequest(true);
//check which parameters to pass depending on the types passed in
int intNodeID;
@@ -86,8 +87,6 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public void DeleteContentPermanently(string nodeId, string nodeType)
{
Authorize();
int intNodeID;
if (int.TryParse(nodeId, out intNodeID))
{
@@ -95,13 +94,17 @@ namespace umbraco.presentation.webservices
{
case "media":
case "mediaRecycleBin":
//ensure user has access to media
AuthorizeRequest(DefaultApps.media.ToString(), true);
new Media(intNodeID).delete(true);
break;
case "content":
case "contentRecycleBin":
new Document(intNodeID).delete(true);
break;
default:
//ensure user has access to content
AuthorizeRequest(DefaultApps.content.ToString(), true);
new Document(intNodeID).delete(true);
break;
}
@@ -116,8 +119,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public void DisableUser(int userId)
{
Authorize();
AuthorizeRequest(DefaultApps.users.ToString(), true);
BusinessLogic.User.GetUser(userId).disable();
}
@@ -127,7 +129,7 @@ namespace umbraco.presentation.webservices
public string GetNodeName(int nodeId)
{
Authorize();
AuthorizeRequest(true);
return new cms.businesslogic.CMSNode(nodeId).Text;
}
@@ -137,7 +139,7 @@ namespace umbraco.presentation.webservices
public string[] GetNodeBreadcrumbs(int nodeId)
{
Authorize();
AuthorizeRequest(true);
var node = new cms.businesslogic.CMSNode(nodeId);
var crumbs = new System.Collections.Generic.List<string>() { node.Text };
@@ -155,7 +157,7 @@ namespace umbraco.presentation.webservices
public string NiceUrl(int nodeId)
{
Authorize();
AuthorizeRequest(true);
return library.NiceUrl(nodeId);
}
@@ -171,7 +173,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public void RenewUmbracoSession()
{
Authorize();
AuthorizeRequest(true);
BasePage.RenewLoginTimeout();
@@ -181,7 +183,9 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public int GetSecondsBeforeUserLogout()
{
Authorize();
//TODO: Change this to not throw an exception otherwise we end up with JS errors all the time when recompiling!!
AuthorizeRequest(true);
long timeout = BasePage.GetTimeout(true);
DateTime timeoutDate = new DateTime(timeout);
DateTime currentDate = DateTime.Now;
@@ -194,7 +198,7 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public string TemplateMasterPageContentContainer(int templateId, int masterTemplateId)
{
Authorize();
AuthorizeRequest(DefaultApps.settings.ToString(), true);
return new cms.businesslogic.template.Template(templateId).GetMasterContentElement(masterTemplateId);
}
@@ -202,20 +206,22 @@ namespace umbraco.presentation.webservices
[ScriptMethod]
public string SaveFile(string fileName, string fileAlias, string fileContents, string fileType, int fileID, int masterID, bool ignoreDebug)
{
Authorize();
switch (fileType)
{
case "xslt":
AuthorizeRequest(DefaultApps.developer.ToString(), true);
return SaveXslt(fileName, fileContents, ignoreDebug);
case "python":
AuthorizeRequest(DefaultApps.developer.ToString(), true);
return "true";
case "css":
AuthorizeRequest(DefaultApps.settings.ToString(), true);
return SaveCss(fileName, fileContents, fileID);
case "script":
AuthorizeRequest(DefaultApps.settings.ToString(), true);
return SaveScript(fileName, fileContents);
case "template":
AuthorizeRequest(DefaultApps.settings.ToString(), true);
return SaveTemplate(fileName, fileAlias, fileContents, fileID, masterID);
default:
throw new ArgumentException(String.Format("Invalid fileType passed: '{0}'", fileType));
@@ -226,7 +232,7 @@ namespace umbraco.presentation.webservices
public string Tidy(string textToTidy)
{
Authorize();
AuthorizeRequest(true);
return library.Tidy(helper.Request("StringToTidy"), true);
}
@@ -433,10 +439,9 @@ namespace umbraco.presentation.webservices
return retVal;
}
[Obsolete("You should use the AuthorizeRequest methods on the base class of UmbracoAuthorizedWebService and ensure you inherit from that class for umbraco asmx web services")]
public static void Authorize()
{
// check for secure connection
if (GlobalSettings.UseSSL && !HttpContext.Current.Request.IsSecureConnection)
throw new UserAuthorizationException("This installation requires a secure connection (via SSL). Please update the URL to include https://");

112
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/nodeSorter.asmx.cs
View File

@@ -7,8 +7,10 @@ using System.Xml;
using Umbraco.Core.Logging;
using Umbraco.Core.Persistence.Caching;
using Umbraco.Web;
using Umbraco.Web.WebServices;
using Umbraco.Web.Security;
using umbraco.BasePages;
using umbraco.BusinessLogic;
using umbraco.BusinessLogic.Actions;
using umbraco.cms.businesslogic.web;
using Umbraco.Core;
@@ -22,7 +24,7 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
[ScriptService]
public class nodeSorter : WebService
public class nodeSorter : UmbracoAuthorizedWebService
{
[WebMethod]
public SortNode GetNodes(int ParentId, string App)
@@ -78,74 +80,72 @@ namespace umbraco.presentation.webservices
{
try
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
{
if (SortOrder.Trim().Length > 0)
{
var tmp = SortOrder.Split(',');
if (!AuthorizeRequest()) return;
if (SortOrder.Trim().Length <= 0) return;
var tmp = SortOrder.Split(',');
var isContent = Context.Request.GetItemAsString("app") == Constants.Applications.Content | helper.Request("app") == "";
var isMedia = Context.Request.GetItemAsString("app") == Constants.Applications.Media;
//ensure user is authorized for the app requested
if (isContent && !AuthorizeRequest(DefaultApps.content.ToString())) return;
if (isMedia && !AuthorizeRequest(DefaultApps.media.ToString())) return;
for (var i = 0; i < tmp.Length; i++)
for (var i = 0; i < tmp.Length; i++)
{
if (tmp[i] == "" || tmp[i].Trim() == "") continue;
if (isContent)
{
var document = new Document(int.Parse(tmp[i]));
var published = document.Published;
document.sortOrder = i;
document.Save();
// refresh the xml for the sorting to work
if (published)
{
if (tmp[i] != "" && tmp[i].Trim() != "")
{
if (isContent)
{
var document = new Document(int.Parse(tmp[i]));
var published = document.Published;
document.sortOrder = i;
document.Save();
// refresh the xml for the sorting to work
if (published)
{
document.SaveAndPublish(Umbraco.Web.UmbracoContext.Current.UmbracoUser);
document.refreshXmlSortOrder();
}
}
// to update the sortorder of the media node in the XML, re-save the node....
else if (isMedia)
{
var media = new cms.businesslogic.media.Media(int.Parse(tmp[i]));
media.sortOrder = i;
media.Save();
}
else
{
new cms.businesslogic.CMSNode(int.Parse(tmp[i])).sortOrder = i;
}
}
document.refreshXmlSortOrder();
}
// Refresh sort order on cached xml
if (isContent)
{
XmlNode parentNode = ParentId == -1 ? content.Instance.XmlContent.DocumentElement : content.Instance.XmlContent.GetElementById(ParentId.ToString());
//only try to do the content sort if the the parent node is available...
if (parentNode != null)
content.SortNodes(ref parentNode);
// Load balancing - then refresh entire cache
// NOTE: SD: This seems a bit excessive to do simply for sorting! I'm going to leave this here for now but
// the sort order should be updated in distributed calls when an item is Published (and it most likely is)
// but I guess this was put here for a reason at some point.
if (UmbracoSettings.UseDistributedCalls)
library.RefreshContent();
}
// fire actionhandler, check for content
if ((helper.Request("app") == Constants.Applications.Content | helper.Request("app") == "") && ParentId > 0)
global::umbraco.BusinessLogic.Actions.Action.RunActionHandlers(new Document(ParentId), ActionSort.Instance);
}
// to update the sortorder of the media node in the XML, re-save the node....
else if (isMedia)
{
var media = new cms.businesslogic.media.Media(int.Parse(tmp[i]));
media.sortOrder = i;
media.Save();
}
else
{
new cms.businesslogic.CMSNode(int.Parse(tmp[i])).sortOrder = i;
}
}
// Refresh sort order on cached xml
if (isContent)
{
XmlNode parentNode = ParentId == -1
? content.Instance.XmlContent.DocumentElement
: content.Instance.XmlContent.GetElementById(ParentId.ToString());
//only try to do the content sort if the the parent node is available...
if (parentNode != null)
content.SortNodes(ref parentNode);
// Load balancing - then refresh entire cache
// NOTE: SD: This seems a bit excessive to do simply for sorting! I'm going to leave this here for now but
// the sort order should be updated in distributed calls when an item is Published (and it most likely is)
// but I guess this was put here for a reason at some point.
if (UmbracoSettings.UseDistributedCalls)
library.RefreshContent();
}
// fire actionhandler, check for content
if ((helper.Request("app") == Constants.Applications.Content | helper.Request("app") == "") && ParentId > 0)
BusinessLogic.Actions.Action.RunActionHandlers(new Document(ParentId), ActionSort.Instance);
}
catch (Exception ex)
{
LogHelper.Error<nodeSorter>("An error occurred", ex);
LogHelper.Error<nodeSorter>("Could not update sort order", ex);
}
}

39
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/progressStatus.asmx.cs
View File

@@ -5,6 +5,7 @@ using System.Data;
using System.Diagnostics;
using System.Web;
using System.Web.Services;
using Umbraco.Web.WebServices;
namespace presentation.umbraco.webservices
{
@@ -12,44 +13,14 @@ namespace presentation.umbraco.webservices
/// Summary description for progressStatus.
/// </summary>
[WebService(Namespace="http://umbraco.org/webservices/")]
public class progressStatus : System.Web.Services.WebService
public class progressStatus : UmbracoAuthorizedWebService
{
public progressStatus()
{
//CODEGEN: This call is required by the ASP.NET Web Services Designer
InitializeComponent();
}
#region Component Designer generated code
//Required by the Web Services Designer
private IContainer components = null;
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
}
/// <summary>
/// Clean up any resources being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if(disposing && components != null)
{
components.Dispose();
}
base.Dispose(disposing);
}
#endregion
[WebMethod]
public int GetStatus(string key)
public int GetStatus(string key)
{
if (!AuthorizeRequest()) return 0;
try
{
return int.Parse(Application[key].ToString());

38
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/publication.asmx.cs
View File

@@ -2,6 +2,8 @@ using System;
using System.ComponentModel;
using System.Web.Services;
using System.Web.Script.Services;
using Umbraco.Web.WebServices;
using umbraco.BusinessLogic;
using umbraco.presentation.webservices;
namespace umbraco.webservices
@@ -11,14 +13,15 @@ namespace umbraco.webservices
/// </summary>
[WebService(Namespace="http://umbraco.org/webservices/")]
[ScriptService]
public class publication : WebService
public class publication : UmbracoAuthorizedWebService
{
[WebMethod]
[ScriptMethod]
public int GetPublicationStatus(string key)
public int GetPublicationStatus(string key)
{
legacyAjaxCalls.Authorize();
if (!AuthorizeRequest(DefaultApps.content.ToString()))
return 0;
try
{
@@ -34,7 +37,8 @@ namespace umbraco.webservices
[ScriptMethod]
public int GetPublicationStatusMax(string key)
{
legacyAjaxCalls.Authorize();
if (!AuthorizeRequest(DefaultApps.content.ToString()))
return 0;
try
{
@@ -50,6 +54,9 @@ namespace umbraco.webservices
[ScriptMethod]
public int GetPublicationStatusMaxAll(string key)
{
if (!AuthorizeRequest(DefaultApps.content.ToString()))
return 0;
try
{
return int.Parse(Application["publishTotalAll" + key].ToString());
@@ -60,6 +67,7 @@ namespace umbraco.webservices
}
}
[Obsolete("This doesn't do anything and will be removed in future versions")]
[WebMethod]
public void HandleReleaseAndExpireDates(Guid PublishingServiceKey)
{
@@ -68,30 +76,12 @@ namespace umbraco.webservices
[WebMethod]
public void SaveXmlCacheToDisk()
{
legacyAjaxCalls.Authorize();
if (!AuthorizeRequest(DefaultApps.content.ToString()))
return;
content.Instance.PersistXmlToFile();
}
#region Component Designer generated code
//Required by the Web Services Designer
private IContainer components = null;
/// <summary>
/// Clean up any resources being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if(disposing && components != null)
{
components.Dispose();
}
base.Dispose(disposing);
}
#endregion
}
}

132
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs
View File

@@ -7,6 +7,10 @@ using System.Web;
using System.Web.Services;
using System.Xml;
using System.Web.Script.Services;
using Umbraco.Core;
using Umbraco.Core.IO;
using Umbraco.Web.WebServices;
using umbraco.BusinessLogic;
using umbraco.presentation.webservices;
namespace umbraco.webservices
@@ -16,111 +20,83 @@ namespace umbraco.webservices
/// </summary>
[WebService(Namespace="http://umbraco.org/webservices/")]
[ScriptService]
public class templates : System.Web.Services.WebService
public class templates : UmbracoAuthorizedWebService
{
public templates()
{
//CODEGEN: This call is required by the ASP.NET Web Services Designer
InitializeComponent();
}
[WebMethod]
public XmlNode GetTemplates(string Login, string Password)
public XmlNode GetTemplates(string Login, string Password)
{
if (BusinessLogic.User.validateCredentials(Login, Password))
if (ValidateCredentials(Login, Password) && UserHasAppAccess(DefaultApps.settings.ToString(), Login))
{
XmlDocument xmlDoc = new XmlDocument();
var xmlDoc = new XmlDocument();
xmlDoc.LoadXml("<templates/>");
foreach (cms.businesslogic.template.Template t in cms.businesslogic.template.Template.GetAllAsList())
{
XmlElement tt = xmlDoc.CreateElement("template");
tt.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", t.Id.ToString()));
tt.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", t.Text));
var tt = xmlDoc.CreateElement("template");
tt.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", t.Id.ToString()));
tt.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", t.Text));
xmlDoc.DocumentElement.AppendChild(tt);
}
return xmlDoc.DocumentElement;
} else
return null;
}
return null;
}
[WebMethod]
public XmlNode GetTemplate(int Id, string Login, string Password)
[WebMethod]
public XmlNode GetTemplate(int Id, string Login, string Password)
{
if (BusinessLogic.User.validateCredentials(Login, Password))
if (ValidateCredentials(Login, Password) && UserHasAppAccess(DefaultApps.settings.ToString(), Login))
{
cms.businesslogic.template.Template t = new cms.businesslogic.template.Template(Id);
XmlDocument xmlDoc = new XmlDocument();
XmlElement tXml = xmlDoc.CreateElement("template");
tXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "id", t.Id.ToString()));
tXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "master", t.MasterTemplate.ToString()));
tXml.Attributes.Append(xmlHelper.addAttribute(xmlDoc, "name", t.Text));
tXml.AppendChild(xmlHelper.addCDataNode(xmlDoc, "design", t.Design));
var t = new cms.businesslogic.template.Template(Id);
var xmlDoc = new XmlDocument();
var tXml = xmlDoc.CreateElement("template");
tXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "id", t.Id.ToString()));
tXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "master", t.MasterTemplate.ToString()));
tXml.Attributes.Append(XmlHelper.AddAttribute(xmlDoc, "name", t.Text));
tXml.AppendChild(XmlHelper.AddCDataNode(xmlDoc, "design", t.Design));
return tXml;
} else
return null;
}
return null;
}
[WebMethod]
public bool UpdateTemplate(int Id, int Master, string Design, string Login, string Password)
[WebMethod]
public bool UpdateTemplate(int Id, int Master, string Design, string Login, string Password)
{
if (BusinessLogic.User.validateCredentials(Login, Password))
if (ValidateCredentials(Login, Password) && UserHasAppAccess(DefaultApps.settings.ToString(), Login))
{
cms.businesslogic.template.Template t = new cms.businesslogic.template.Template(Id);
if (t != null)
{
t.MasterTemplate = Master;
t.Design = Design;
return true;
}
else
return false;
} else
return false;
try
{
var t = new cms.businesslogic.template.Template(Id)
{
MasterTemplate = Master,
Design = Design
};
//ensure events are raised
t.Save();
return true;
}
catch (ArgumentException)
{
return false;
}
}
return false;
}
[WebMethod]
[WebMethod]
[ScriptMethod]
public string GetCodeSnippet(object templateId)
{
legacyAjaxCalls.Authorize();
string content = string.Empty;
System.IO.StreamReader templateFile =
System.IO.File.OpenText(umbraco.IO.IOHelper.MapPath(IO.SystemDirectories.Umbraco + "/scripting/templates/cshtml/" + templateId.ToString()));
content = templateFile.ReadToEnd();
{
//NOTE: The legacy code threw an exception so will continue to do that.
AuthorizeRequest(DefaultApps.settings.ToString(), true);
var templateFile =
System.IO.File.OpenText(IOHelper.MapPath(SystemDirectories.Umbraco + "/scripting/templates/cshtml/" + templateId));
var content = templateFile.ReadToEnd();
templateFile.Close();
return content;
}
#region Component Designer generated code
//Required by the Web Services Designer
private IContainer components = null;
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
}
/// <summary>
/// Clean up any resources being used.
/// </summary>
protected override void Dispose( bool disposing )
{
if(disposing && components != null)
{
components.Dispose();
}
base.Dispose(disposing);
}
#endregion
}
}

37
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/trashcan.asmx.cs
View File

@@ -2,7 +2,9 @@ using System;
using System.Web.Script.Services;
using System.Web.Services;
using System.ComponentModel;
using Umbraco.Web.WebServices;
using umbraco.BasePages;
using umbraco.BusinessLogic;
using umbraco.cms.businesslogic;
namespace umbraco.presentation.webservices
@@ -14,37 +16,48 @@ namespace umbraco.presentation.webservices
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[ToolboxItem(false)]
[ScriptService]
public class trashcan : System.Web.Services.WebService
public class trashcan : UmbracoAuthorizedWebService
{
[WebMethod]
public void EmptyTrashcan(cms.businesslogic.RecycleBin.RecycleBinType type)
public void EmptyTrashcan(RecycleBin.RecycleBinType type)
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
//validate against the app type!
switch (type)
{
Application["trashcanEmptyLeft"] = RecycleBin.Count(type).ToString();
emptyTrashCanDo(type);
case RecycleBin.RecycleBinType.Content:
if (!AuthorizeRequest(DefaultApps.content.ToString())) return;
break;
case RecycleBin.RecycleBinType.Media:
if (!AuthorizeRequest(DefaultApps.media.ToString())) return;
break;
default:
throw new ArgumentOutOfRangeException("type");
}
//TODO: This will never work in LB scenarios
Application["trashcanEmptyLeft"] = RecycleBin.Count(type).ToString();
emptyTrashCanDo(type);
}
[WebMethod]
public string GetTrashStatus()
{
if (BasePage.ValidateUserContextID(BasePage.umbracoUserContextID))
//TODO: This will never work in LB scenarios
if (AuthorizeRequest())
{
if (Application["trashcanEmptyLeft"] != null)
return Application["trashcanEmptyLeft"].ToString();
else
return "";
return Application["trashcanEmptyLeft"] != null
? Application["trashcanEmptyLeft"].ToString()
: "";
}
return "-";
}
private void emptyTrashCanDo(cms.businesslogic.RecycleBin.RecycleBinType type)
private void emptyTrashCanDo(RecycleBin.RecycleBinType type)
{
RecycleBin trashCan = new RecycleBin(type);
var trashCan = new RecycleBin(type);
var callback = new Action<int>(x =>
{

9
src/umbraco.businesslogic/BasePages/BasePage.cs
View File

@@ -12,7 +12,7 @@ using Umbraco.Core.Logging;
using Umbraco.Core.Services;
using umbraco.BusinessLogic;
using umbraco.DataLayer;
using System.Web.UI;
using Umbraco.Core;
namespace umbraco.BasePages
{
@@ -196,16 +196,17 @@ namespace umbraco.BasePages
//[Obsolete("Use Umbraco.Web.Security.WebSecurity.ValidateUserContextId instead")]
public static bool ValidateUserContextID(string currentUmbracoUserContextID)
{
if ((currentUmbracoUserContextID != ""))
if (!currentUmbracoUserContextID.IsNullOrWhiteSpace())
{
int uid = GetUserId(currentUmbracoUserContextID);
long timeout = GetTimeout(currentUmbracoUserContextID);
var uid = GetUserId(currentUmbracoUserContextID);
var timeout = GetTimeout(currentUmbracoUserContextID);
if (timeout > DateTime.Now.Ticks)
{
return true;
}
var user = BusinessLogic.User.GetUser(uid);
//TODO: We don't actually log anyone out here, not sure why we're logging ??
LogHelper.Info<BasePage>("User {0} (Id:{1}) logged out", () => user.Name, () => user.Id);
}
return false;

17
src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs
View File

@@ -1,5 +1,6 @@
using System;
using Umbraco.Core.Logging;
using System.Linq;
using umbraco.BusinessLogic;
using umbraco.businesslogic.Exceptions;
using umbraco.IO;
@@ -22,20 +23,16 @@ namespace umbraco.BasePages
}
[Obsolete("This constructor is not used and will be removed from the codebase in the future")]
public UmbracoEnsuredPage(string hest)
{
}
private bool _redirectToUmbraco;
/// <summary>
/// If true then umbraco will force any window/frame to reload umbraco in the main window
/// </summary>
public bool RedirectToUmbraco
{
get { return _redirectToUmbraco; }
set { _redirectToUmbraco = value; }
}
public bool RedirectToUmbraco { get; set; }
/// <summary>
/// Validates the user for access to a certain application
@@ -44,11 +41,7 @@ namespace umbraco.BasePages
/// <returns></returns>
public bool ValidateUserApp(string app)
{
foreach (Application uApp in getUser().Applications)
if (uApp.alias == app)
return true;
return false;
return getUser().Applications.Any(uApp => uApp.alias == app);
}
/// <summary>
@@ -72,7 +65,7 @@ namespace umbraco.BasePages
/// Gets the current user.
/// </summary>
/// <value>The current user.</value>
public static BusinessLogic.User CurrentUser
public static User CurrentUser
{
get
{