Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

fix #5398 - editing page permissions

Browse Source
This commit is contained in:
sbwalker
2025-05-13 15:49:16 -04:00
parent deb4607081
commit a0f41341ac
5 changed files with 82 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
Oqtane.Client/Modules/Admin/Pages/Edit.razor
View File

@ -30,16 +30,16 @@
<div class="row mb-1 align-items-center"> <div class="row mb-1 align-items-center">
<Label Class="col-sm-3" For="parent" HelpText="Select the parent for the page in the site hierarchy" ResourceKey="Parent">Parent: </Label> <Label Class="col-sm-3" For="parent" HelpText="Select the parent for the page in the site hierarchy" ResourceKey="Parent">Parent: </Label>
<div class="col-sm-9"> <div class="col-sm-9">
<select id="parent" class="form-select" value="@_parentid" @onchange="(e => ParentChanged(e))" required> <select id="parent" class="form-select" value="@_parentid" @onchange="(e => ParentChanged(e))" required>
<option value="-1">&lt;@Localizer["SiteRoot"]&gt;</option> <option value="-1">&lt;@Localizer["SiteRoot"]&gt;</option>
@foreach (Page page in _pages) @foreach (Page page in _pages)
{
if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, page.PermissionList) && page.PageId != _pageId)
{ {
if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, page.PermissionList) && page.PageId != _pageId) <option value="@(page.PageId)">@(new string('-', page.Level * 2))@(page.Name)</option>
{
<option value="@(page.PageId)">@(new string('-', page.Level * 2))@(page.Name)</option>
}
} }
</select> }
</select>
</div> </div>
</div> </div>
<div class="row mb-1 align-items-center"> <div class="row mb-1 align-items-center">
@ -217,6 +217,9 @@
</div> </div>
</Section> </Section>
<br /> <br />
<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
<br />
<br /> <br />
<AuditInfo CreatedBy="@_createdby" CreatedOn="@_createdon" ModifiedBy="@_modifiedby" ModifiedOn="@_modifiedon" DeletedBy="@_deletedby" DeletedOn="@_deletedon"></AuditInfo> <AuditInfo CreatedBy="@_createdby" CreatedOn="@_createdon" ModifiedBy="@_modifiedby" ModifiedOn="@_modifiedon" DeletedBy="@_deletedby" DeletedOn="@_deletedon"></AuditInfo>
</TabPanel> </TabPanel>
@ -225,15 +228,28 @@
<div class="row mb-1 align-items-center"> <div class="row mb-1 align-items-center">
<PermissionGrid EntityName="@EntityNames.Page" PermissionList="@_permissions" @ref="_permissionGrid" /> <PermissionGrid EntityName="@EntityNames.Page" PermissionList="@_permissions" @ref="_permissionGrid" />
</div> </div>
<br /><br />
<div class="row mb-1 align-items-center">
<Label Class="col-sm-3" For="updatemodulepermissions" HelpText="Specify if changes made to page permissions should be propagated to the modules on this page" ResourceKey="UpdateModulePermissions">Update Module Permissions? </Label>
<div class="col-sm-9">
<select id="updatemodulepermissions" class="form-select" @bind="@_updatemodulepermissions" required>
<option value="True">@SharedLocalizer["Yes"]</option>
<option value="False">@SharedLocalizer["No"]</option>
</select>
</div>
</div>
<br />
<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
</div> </div>
</TabPanel> </TabPanel>
<TabPanel Name="PageModules" Heading="Modules" ResourceKey="PageModules"> <TabPanel Name="PageModules" Heading="Modules" ResourceKey="PageModules">
<Pager Items="_pageModules"> <Pager Items="_pageModules">
<Header> <Header>
<th style="width: 1px;">&nbsp;</th> <th style="width: 1px;">&nbsp;</th>
<th style="width: 1px;">&nbsp;</th> <th style="width: 1px;">&nbsp;</th>
<th>@Localizer["ModuleTitle"]</th> <th>@Localizer["ModuleTitle"]</th>
<th>@Localizer["ModuleDefinition"]</th> <th>@Localizer["ModuleDefinition"]</th>
</Header> </Header>
<Row> <Row>
<td><ActionLink Action="Settings" Text="Edit" Path="@_actualpath" ModuleId="@context.ModuleId" Security="SecurityAccessLevel.Edit" PermissionList="@context.PermissionList" ResourceKey="ModuleSettings" /></td> <td><ActionLink Action="Settings" Text="Edit" Path="@_actualpath" ModuleId="@context.ModuleId" Security="SecurityAccessLevel.Edit" PermissionList="@context.PermissionList" ResourceKey="ModuleSettings" /></td>
@ -247,8 +263,10 @@
{ {
<TabPanel Name="ThemeSettings" Heading="Theme Settings" ResourceKey="ThemeSettings"> <TabPanel Name="ThemeSettings" Heading="Theme Settings" ResourceKey="ThemeSettings">
@_themeSettingsComponent @_themeSettingsComponent
<br />
<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
</TabPanel> </TabPanel>
<br />
} }
</TabStrip> </TabStrip>
} }
@ -299,19 +317,21 @@
</div> </div>
</div> </div>
</div> </div>
<br />
<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
</TabPanel> </TabPanel>
@if (_themeSettingsType != null) @if (_themeSettingsType != null)
{ {
<TabPanel Name="ThemeSettings" Heading="Theme Settings" ResourceKey="ThemeSettings"> <TabPanel Name="ThemeSettings" Heading="Theme Settings" ResourceKey="ThemeSettings">
@_themeSettingsComponent @_themeSettingsComponent
<br />
<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
</TabPanel> </TabPanel>
<br />
} }
</TabStrip> </TabStrip>
} }
<br />
<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
<button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
</form> </form>
} }
@ -348,6 +368,7 @@
private string _bodycontent; private string _bodycontent;
private List<Permission> _permissions = null; private List<Permission> _permissions = null;
private PermissionGrid _permissionGrid; private PermissionGrid _permissionGrid;
private string _updatemodulepermissions;
private List<Module> _pageModules; private List<Module> _pageModules;
private string _createdby; private string _createdby;
private DateTime _createdon; private DateTime _createdon;
@ -436,6 +457,7 @@
// permissions // permissions
_permissions = _page.PermissionList; _permissions = _page.PermissionList;
_updatemodulepermissions = "True";
// page modules // page modules
var modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId); var modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId);
@ -651,6 +673,7 @@
if (_page.UserId == null) if (_page.UserId == null)
{ {
_page.PermissionList = _permissionGrid.GetPermissionList(); _page.PermissionList = _permissionGrid.GetPermissionList();
_page.UpdateModulePermissions = bool.Parse(_updatemodulepermissions);
} }
_page = await PageService.UpdatePageAsync(_page); _page = await PageService.UpdatePageAsync(_page);

2
Oqtane.Client/Modules/Admin/Users/Edit.razor
View File

@ -141,7 +141,7 @@
</div> </div>
</TabPanel> </TabPanel>
</TabStrip> </TabStrip>
<br />
<button type="button" class="btn btn-success" @onclick="SaveUser">@SharedLocalizer["Save"]</button> <button type="button" class="btn btn-success" @onclick="SaveUser">@SharedLocalizer["Save"]</button>
<NavLink class="btn btn-secondary" href="@NavigateUrl()">@SharedLocalizer["Cancel"]</NavLink> <NavLink class="btn btn-secondary" href="@NavigateUrl()">@SharedLocalizer["Cancel"]</NavLink>
@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin) && PageState.Runtime != Shared.Runtime.Hybrid && !_ishost) @if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin) && PageState.Runtime != Shared.Runtime.Hybrid && !_ishost)

6
Oqtane.Client/Resources/Modules/Admin/Pages/Edit.resx
View File

@ -303,4 +303,10 @@
<data name="PersonalizedUrlPath.HelpText" xml:space="preserve"> <data name="PersonalizedUrlPath.HelpText" xml:space="preserve">
<value>Provide a url path for your personalized page. Please note that spaces and punctuation will be replaced by a dash.</value> <value>Provide a url path for your personalized page. Please note that spaces and punctuation will be replaced by a dash.</value>
</data> </data>
<data name="UpdateModulePermissions.Text" xml:space="preserve">
<value>Update Module Permissions?</value>
</data>
<data name="UpdateModulePermissions.HelpText" xml:space="preserve">
<value>Specify if changes made to page permissions should be propagated to the modules on this page</value>
</data>
</root> </root>

53
Oqtane.Server/Controllers/PageController.cs
View File

@ -295,38 +295,43 @@ namespace Oqtane.Controllers
var removed = GetPermissionsDifferences(currentPermissions, page.PermissionList); var removed = GetPermissionsDifferences(currentPermissions, page.PermissionList);
// synchronize module permissions // synchronize module permissions
if (added.Count > 0 || removed.Count > 0) if (page.UpdateModulePermissions && (added.Count > 0 || removed.Count > 0))
{ {
foreach (PageModule pageModule in _pageModules.GetPageModules(page.SiteId).Where(item => item.PageId == page.PageId).ToList()) var pageModules = _pageModules.GetPageModules(page.SiteId);
foreach (PageModule pageModule in pageModules.Where(item => item.PageId == page.PageId).ToList())
{ {
var modulePermissions = _permissionRepository.GetPermissions(pageModule.Module.SiteId, EntityNames.Module, pageModule.Module.ModuleId).ToList(); // ignore "shared" modules
// permissions added if (!pageModules.Any(item => item.ModuleId == pageModule.ModuleId && item.PageId != pageModule.PageId))
foreach (Permission permission in added)
{ {
if (!modulePermissions.Any(item => item.PermissionName == permission.PermissionName var modulePermissions = _permissionRepository.GetPermissions(pageModule.Module.SiteId, EntityNames.Module, pageModule.Module.ModuleId).ToList();
&& item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized)) // permissions added
foreach (Permission permission in added)
{ {
_permissionRepository.AddPermission(new Permission if (!modulePermissions.Any(item => item.PermissionName == permission.PermissionName
&& item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized))
{ {
SiteId = page.SiteId, _permissionRepository.AddPermission(new Permission
EntityName = EntityNames.Module, {
EntityId = pageModule.ModuleId, SiteId = page.SiteId,
PermissionName = permission.PermissionName, EntityName = EntityNames.Module,
RoleId = permission.RoleId, EntityId = pageModule.ModuleId,
UserId = permission.UserId, PermissionName = permission.PermissionName,
IsAuthorized = permission.IsAuthorized RoleId = permission.RoleId,
}); UserId = permission.UserId,
IsAuthorized = permission.IsAuthorized
});
}
} }
}
// permissions removed // permissions removed
foreach (Permission permission in removed) foreach (Permission permission in removed)
{
var modulePermission = modulePermissions.FirstOrDefault(item => item.PermissionName == permission.PermissionName
&& item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized);
if (modulePermission != null)
{ {
_permissionRepository.DeletePermission(modulePermission.PermissionId); var modulePermission = modulePermissions.FirstOrDefault(item => item.PermissionName == permission.PermissionName
&& item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized);
if (modulePermission != null)
{
_permissionRepository.DeletePermission(modulePermission.PermissionId);
}
} }
} }
} }

6
Oqtane.Shared/Models/Page.cs
View File

@ -122,6 +122,12 @@ namespace Oqtane.Models
[NotMapped] [NotMapped]
public bool HasChildren { get; set; } public bool HasChildren { get; set; }
/// <summary>
/// Indicates if module permissions should be updated to be consistent with page permissions
/// </summary>
[NotMapped]
public bool UpdateModulePermissions { get; set; }
/// <summary> /// <summary>
/// List of permissions for this page /// List of permissions for this page
/// </summary> /// </summary>