Replace magic strings in other places
This commit is contained in:
Pavel Vesely
@ -100,9 +100,9 @@
|
|||||||
{
|
{
|
||||||
parentid = folders[0].FolderId;
|
parentid = folders[0].FolderId;
|
||||||
List<PermissionString> permissionstrings = new List<PermissionString>();
|
List<PermissionString> permissionstrings = new List<PermissionString>();
|
||||||
permissionstrings.Add(new PermissionString { PermissionName = "Browse", Permissions = Constants.AdminRole });
|
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.Browse, Permissions = Constants.AdminRole });
|
||||||
permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AdminRole });
|
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = Constants.AdminRole });
|
||||||
permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
|
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole });
|
||||||
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
|
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -17,7 +17,7 @@
|
|||||||
<label for="Name" class="control-label">Permissions: </label>
|
<label for="Name" class="control-label">Permissions: </label>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<PermissionGrid EntityName="ModuleDefinition" PermissionNames="Utilize" Permissions="@permissions" @ref="permissiongrid" />
|
<PermissionGrid EntityName="ModuleDefinition" PermissionNames=PermissionNames.Utilize Permissions="@permissions" @ref="permissiongrid" />
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|||||||
@ -184,8 +184,8 @@
|
|||||||
layouttype = PageState.Site.DefaultLayoutType;
|
layouttype = PageState.Site.DefaultLayoutType;
|
||||||
|
|
||||||
List<PermissionString> permissionstrings = new List<PermissionString>();
|
List<PermissionString> permissionstrings = new List<PermissionString>();
|
||||||
permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AdminRole });
|
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = Constants.AdminRole });
|
||||||
permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
|
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole });
|
||||||
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
|
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
|
||||||
}
|
}
|
||||||
catch (Exception ex)
|
catch (Exception ex)
|
||||||
|
|||||||
@ -47,7 +47,7 @@ namespace Oqtane.Controllers
|
|||||||
if (int.TryParse(folder, out folderid))
|
if (int.TryParse(folder, out folderid))
|
||||||
{
|
{
|
||||||
Folder f = _folders.GetFolder(folderid);
|
Folder f = _folders.GetFolder(folderid);
|
||||||
if (f != null && _userPermissions.IsAuthorized(User, "Browse", f.Permissions))
|
if (f != null && _userPermissions.IsAuthorized(User, PermissionNames.Browse, f.Permissions))
|
||||||
{
|
{
|
||||||
files = _files.GetFiles(folderid).ToList();
|
files = _files.GetFiles(folderid).ToList();
|
||||||
}
|
}
|
||||||
@ -77,7 +77,7 @@ namespace Oqtane.Controllers
|
|||||||
Folder folder = _folders.GetFolder(siteId, folderPath);
|
Folder folder = _folders.GetFolder(siteId, folderPath);
|
||||||
List<Models.File> files;
|
List<Models.File> files;
|
||||||
if (folder != null)
|
if (folder != null)
|
||||||
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
|
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
|
||||||
{
|
{
|
||||||
files = _files.GetFiles(folder.FolderId).ToList();
|
files = _files.GetFiles(folder.FolderId).ToList();
|
||||||
}
|
}
|
||||||
@ -120,7 +120,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public Models.File Put(int id, [FromBody] Models.File File)
|
public Models.File Put(int id, [FromBody] Models.File File)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", File.Folder.FolderId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", File.Folder.FolderId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
File = _files.UpdateFile(File);
|
File = _files.UpdateFile(File);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Update, "File Updated {File}", File);
|
_logger.Log(LogLevel.Information, this, LogFunction.Update, "File Updated {File}", File);
|
||||||
@ -140,7 +140,7 @@ namespace Oqtane.Controllers
|
|||||||
public void Delete(int id)
|
public void Delete(int id)
|
||||||
{
|
{
|
||||||
Models.File file = _files.GetFile(id);
|
Models.File file = _files.GetFile(id);
|
||||||
if (_userPermissions.IsAuthorized(User, "Folder", file.Folder.FolderId, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Folder", file.Folder.FolderId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
_files.DeleteFile(id);
|
_files.DeleteFile(id);
|
||||||
|
|
||||||
|
|||||||
@ -32,7 +32,7 @@ namespace Oqtane.Controllers
|
|||||||
List<Folder> folders = new List<Folder>();
|
List<Folder> folders = new List<Folder>();
|
||||||
foreach(Folder folder in _folders.GetFolders(int.Parse(siteid)))
|
foreach(Folder folder in _folders.GetFolders(int.Parse(siteid)))
|
||||||
{
|
{
|
||||||
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
|
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
|
||||||
{
|
{
|
||||||
folders.Add(folder);
|
folders.Add(folder);
|
||||||
}
|
}
|
||||||
@ -45,7 +45,7 @@ namespace Oqtane.Controllers
|
|||||||
public Folder Get(int id)
|
public Folder Get(int id)
|
||||||
{
|
{
|
||||||
Folder folder = _folders.GetFolder(id);
|
Folder folder = _folders.GetFolder(id);
|
||||||
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
|
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
|
||||||
{
|
{
|
||||||
return folder;
|
return folder;
|
||||||
}
|
}
|
||||||
@ -63,7 +63,7 @@ namespace Oqtane.Controllers
|
|||||||
var folderPath = WebUtility.UrlDecode(path);
|
var folderPath = WebUtility.UrlDecode(path);
|
||||||
Folder folder = _folders.GetFolder(siteId, folderPath);
|
Folder folder = _folders.GetFolder(siteId, folderPath);
|
||||||
if (folder != null)
|
if (folder != null)
|
||||||
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
|
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
|
||||||
{
|
{
|
||||||
return folder;
|
return folder;
|
||||||
}
|
}
|
||||||
@ -97,7 +97,7 @@ namespace Oqtane.Controllers
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole } });
|
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole } });
|
||||||
}
|
}
|
||||||
if (_userPermissions.IsAuthorized(User,PermissionNames.Edit, permissions))
|
if (_userPermissions.IsAuthorized(User,PermissionNames.Edit, permissions))
|
||||||
{
|
{
|
||||||
@ -124,7 +124,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public Folder Put(int id, [FromBody] Folder Folder)
|
public Folder Put(int id, [FromBody] Folder Folder)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", Folder.FolderId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", Folder.FolderId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
if (string.IsNullOrEmpty(Folder.Path) && Folder.ParentId != null)
|
if (string.IsNullOrEmpty(Folder.Path) && Folder.ParentId != null)
|
||||||
{
|
{
|
||||||
@ -148,7 +148,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public void Put(int siteid, int folderid, int? parentid)
|
public void Put(int siteid, int folderid, int? parentid)
|
||||||
{
|
{
|
||||||
if (_userPermissions.IsAuthorized(User, "Folder", folderid, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Folder", folderid, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
int order = 1;
|
int order = 1;
|
||||||
List<Folder> folders = _folders.GetFolders(siteid).ToList();
|
List<Folder> folders = _folders.GetFolders(siteid).ToList();
|
||||||
@ -175,7 +175,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public void Delete(int id)
|
public void Delete(int id)
|
||||||
{
|
{
|
||||||
if (_userPermissions.IsAuthorized(User, "Folder", id, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Folder", id, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
_folders.DeleteFolder(id);
|
_folders.DeleteFolder(id);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Folder Deleted {FolderId}", id);
|
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Folder Deleted {FolderId}", id);
|
||||||
|
|||||||
@ -89,7 +89,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public Models.Module Post([FromBody] Models.Module Module)
|
public Models.Module Post([FromBody] Models.Module Module)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Module.PageId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Module.PageId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
Module = _modules.AddModule(Module);
|
Module = _modules.AddModule(Module);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Module Added {Module}", Module);
|
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Module Added {Module}", Module);
|
||||||
@ -108,7 +108,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public Models.Module Put(int id, [FromBody] Models.Module Module)
|
public Models.Module Put(int id, [FromBody] Models.Module Module)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", Module.ModuleId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", Module.ModuleId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
Module = _modules.UpdateModule(Module);
|
Module = _modules.UpdateModule(Module);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Module Updated {Module}", Module);
|
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Module Updated {Module}", Module);
|
||||||
@ -127,7 +127,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public void Delete(int id)
|
public void Delete(int id)
|
||||||
{
|
{
|
||||||
if (_userPermissions.IsAuthorized(User, "Module", id, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Module", id, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
_modules.DeleteModule(id);
|
_modules.DeleteModule(id);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Module Deleted {ModuleId}", id);
|
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Module Deleted {ModuleId}", id);
|
||||||
@ -145,7 +145,7 @@ namespace Oqtane.Controllers
|
|||||||
public string Export(int moduleid)
|
public string Export(int moduleid)
|
||||||
{
|
{
|
||||||
string content = "";
|
string content = "";
|
||||||
if (_userPermissions.IsAuthorized(User, "Module", moduleid, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Module", moduleid, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
content = _modules.ExportModule(moduleid);
|
content = _modules.ExportModule(moduleid);
|
||||||
}
|
}
|
||||||
@ -163,7 +163,7 @@ namespace Oqtane.Controllers
|
|||||||
public bool Import(int moduleid, [FromBody] string Content)
|
public bool Import(int moduleid, [FromBody] string Content)
|
||||||
{
|
{
|
||||||
bool success = false;
|
bool success = false;
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", moduleid, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", moduleid, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
success = _modules.ImportModule(moduleid, Content);
|
success = _modules.ImportModule(moduleid, Content);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -110,7 +110,7 @@ namespace Oqtane.Controllers
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole } });
|
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole } });
|
||||||
}
|
}
|
||||||
|
|
||||||
if (_userPermissions.IsAuthorized(User,PermissionNames.Edit, permissions))
|
if (_userPermissions.IsAuthorized(User,PermissionNames.Edit, permissions))
|
||||||
@ -150,8 +150,8 @@ namespace Oqtane.Controllers
|
|||||||
page.LayoutType = parent.LayoutType;
|
page.LayoutType = parent.LayoutType;
|
||||||
page.Icon = parent.Icon;
|
page.Icon = parent.Icon;
|
||||||
List<PermissionString> permissions = new List<PermissionString>();
|
List<PermissionString> permissions = new List<PermissionString>();
|
||||||
permissions.Add(new PermissionString { PermissionName = "View", Permissions = "[" + userid + "]" });
|
permissions.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = "[" + userid + "]" });
|
||||||
permissions.Add(new PermissionString { PermissionName = "Edit", Permissions = "[" + userid + "]" });
|
permissions.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = "[" + userid + "]" });
|
||||||
page.Permissions = UserSecurity.SetPermissionStrings(permissions);
|
page.Permissions = UserSecurity.SetPermissionStrings(permissions);
|
||||||
page.IsPersonalizable = false;
|
page.IsPersonalizable = false;
|
||||||
page.UserId = int.Parse(userid);
|
page.UserId = int.Parse(userid);
|
||||||
@ -167,8 +167,8 @@ namespace Oqtane.Controllers
|
|||||||
module.PageId = page.PageId;
|
module.PageId = page.PageId;
|
||||||
module.ModuleDefinitionName = pm.Module.ModuleDefinitionName;
|
module.ModuleDefinitionName = pm.Module.ModuleDefinitionName;
|
||||||
permissions = new List<PermissionString>();
|
permissions = new List<PermissionString>();
|
||||||
permissions.Add(new PermissionString { PermissionName = "View", Permissions = "[" + userid + "]" });
|
permissions.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = "[" + userid + "]" });
|
||||||
permissions.Add(new PermissionString { PermissionName = "Edit", Permissions = "[" + userid + "]" });
|
permissions.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = "[" + userid + "]" });
|
||||||
module.Permissions = UserSecurity.SetPermissionStrings(permissions);
|
module.Permissions = UserSecurity.SetPermissionStrings(permissions);
|
||||||
module = _modules.AddModule(module);
|
module = _modules.AddModule(module);
|
||||||
|
|
||||||
@ -197,7 +197,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public Page Put(int id, [FromBody] Page Page)
|
public Page Put(int id, [FromBody] Page Page)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Page.PageId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Page.PageId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
Page = _pages.UpdatePage(Page);
|
Page = _pages.UpdatePage(Page);
|
||||||
_syncManager.AddSyncEvent("Site", Page.SiteId);
|
_syncManager.AddSyncEvent("Site", Page.SiteId);
|
||||||
@ -217,7 +217,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public void Put(int siteid, int pageid, int? parentid)
|
public void Put(int siteid, int pageid, int? parentid)
|
||||||
{
|
{
|
||||||
if (_userPermissions.IsAuthorized(User, "Page", pageid, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Page", pageid, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
int order = 1;
|
int order = 1;
|
||||||
List<Page> pages = _pages.GetPages(siteid).ToList();
|
List<Page> pages = _pages.GetPages(siteid).ToList();
|
||||||
@ -246,7 +246,7 @@ namespace Oqtane.Controllers
|
|||||||
public void Delete(int id)
|
public void Delete(int id)
|
||||||
{
|
{
|
||||||
Page page = _pages.GetPage(id);
|
Page page = _pages.GetPage(id);
|
||||||
if (_userPermissions.IsAuthorized(User, "Page", page.PageId, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Page", page.PageId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
_pages.DeletePage(page.PageId);
|
_pages.DeletePage(page.PageId);
|
||||||
_syncManager.AddSyncEvent("Site", page.SiteId);
|
_syncManager.AddSyncEvent("Site", page.SiteId);
|
||||||
|
|||||||
@ -67,7 +67,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public PageModule Post([FromBody] PageModule PageModule)
|
public PageModule Post([FromBody] PageModule PageModule)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", PageModule.PageId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", PageModule.PageId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
PageModule = _pageModules.AddPageModule(PageModule);
|
PageModule = _pageModules.AddPageModule(PageModule);
|
||||||
_syncManager.AddSyncEvent("Page", PageModule.PageId);
|
_syncManager.AddSyncEvent("Page", PageModule.PageId);
|
||||||
@ -87,7 +87,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public PageModule Put(int id, [FromBody] PageModule PageModule)
|
public PageModule Put(int id, [FromBody] PageModule PageModule)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", PageModule.ModuleId, "Edit"))
|
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", PageModule.ModuleId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
PageModule = _pageModules.UpdatePageModule(PageModule);
|
PageModule = _pageModules.UpdatePageModule(PageModule);
|
||||||
_syncManager.AddSyncEvent("Page", PageModule.PageId);
|
_syncManager.AddSyncEvent("Page", PageModule.PageId);
|
||||||
@ -107,7 +107,7 @@ namespace Oqtane.Controllers
|
|||||||
[Authorize(Roles = Constants.RegisteredRole)]
|
[Authorize(Roles = Constants.RegisteredRole)]
|
||||||
public void Put(int pageid, string pane)
|
public void Put(int pageid, string pane)
|
||||||
{
|
{
|
||||||
if (_userPermissions.IsAuthorized(User, "Page", pageid, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Page", pageid, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
int order = 1;
|
int order = 1;
|
||||||
List<PageModule> pagemodules = _pageModules.GetPageModules(pageid, pane).OrderBy(item => item.Order).ToList();
|
List<PageModule> pagemodules = _pageModules.GetPageModules(pageid, pane).OrderBy(item => item.Order).ToList();
|
||||||
@ -136,7 +136,7 @@ namespace Oqtane.Controllers
|
|||||||
public void Delete(int id)
|
public void Delete(int id)
|
||||||
{
|
{
|
||||||
PageModule pagemodule = _pageModules.GetPageModule(id);
|
PageModule pagemodule = _pageModules.GetPageModule(id);
|
||||||
if (_userPermissions.IsAuthorized(User, "Page", pagemodule.PageId, "Edit"))
|
if (_userPermissions.IsAuthorized(User, "Page", pagemodule.PageId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
_pageModules.DeletePageModule(id);
|
_pageModules.DeletePageModule(id);
|
||||||
_syncManager.AddSyncEvent("Page", pagemodule.PageId);
|
_syncManager.AddSyncEvent("Page", pagemodule.PageId);
|
||||||
|
|||||||
@ -31,7 +31,7 @@ namespace Oqtane.Controllers
|
|||||||
public IEnumerable<Setting> Get(string entityname, int entityid)
|
public IEnumerable<Setting> Get(string entityname, int entityid)
|
||||||
{
|
{
|
||||||
List<Setting> settings = new List<Setting>();
|
List<Setting> settings = new List<Setting>();
|
||||||
if (IsAuthorized(entityname, entityid, "View"))
|
if (IsAuthorized(entityname, entityid, PermissionNames.View))
|
||||||
{
|
{
|
||||||
settings = _settings.GetSettings(entityname, entityid).ToList();
|
settings = _settings.GetSettings(entityname, entityid).ToList();
|
||||||
}
|
}
|
||||||
@ -48,7 +48,7 @@ namespace Oqtane.Controllers
|
|||||||
public Setting Get(int id)
|
public Setting Get(int id)
|
||||||
{
|
{
|
||||||
Setting setting = _settings.GetSetting(id);
|
Setting setting = _settings.GetSetting(id);
|
||||||
if (IsAuthorized(setting.EntityName, setting.EntityId, "View"))
|
if (IsAuthorized(setting.EntityName, setting.EntityId, PermissionNames.View))
|
||||||
{
|
{
|
||||||
return setting;
|
return setting;
|
||||||
}
|
}
|
||||||
@ -64,7 +64,7 @@ namespace Oqtane.Controllers
|
|||||||
[HttpPost]
|
[HttpPost]
|
||||||
public Setting Post([FromBody] Setting Setting)
|
public Setting Post([FromBody] Setting Setting)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, "Edit"))
|
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
Setting = _settings.AddSetting(Setting);
|
Setting = _settings.AddSetting(Setting);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Setting Added {Setting}", Setting);
|
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Setting Added {Setting}", Setting);
|
||||||
@ -82,7 +82,7 @@ namespace Oqtane.Controllers
|
|||||||
[HttpPut("{id}")]
|
[HttpPut("{id}")]
|
||||||
public Setting Put(int id, [FromBody] Setting Setting)
|
public Setting Put(int id, [FromBody] Setting Setting)
|
||||||
{
|
{
|
||||||
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, "Edit"))
|
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
Setting = _settings.UpdateSetting(Setting);
|
Setting = _settings.UpdateSetting(Setting);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Setting Updated {Setting}", Setting);
|
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Setting Updated {Setting}", Setting);
|
||||||
@ -101,7 +101,7 @@ namespace Oqtane.Controllers
|
|||||||
public void Delete(int id)
|
public void Delete(int id)
|
||||||
{
|
{
|
||||||
Setting setting = _settings.GetSetting(id);
|
Setting setting = _settings.GetSetting(id);
|
||||||
if (IsAuthorized(setting.EntityName, setting.EntityId, "Edit"))
|
if (IsAuthorized(setting.EntityName, setting.EntityId, PermissionNames.Edit))
|
||||||
{
|
{
|
||||||
_settings.DeleteSetting(id);
|
_settings.DeleteSetting(id);
|
||||||
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Setting Deleted {Setting}", setting);
|
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Setting Deleted {Setting}", setting);
|
||||||
@ -136,7 +136,7 @@ namespace Oqtane.Controllers
|
|||||||
break;
|
break;
|
||||||
case "User":
|
case "User":
|
||||||
authorized = true;
|
authorized = true;
|
||||||
if (PermissionName == "Edit")
|
if (PermissionName == PermissionNames.Edit)
|
||||||
{
|
{
|
||||||
authorized = User.IsInRole(Constants.AdminRole) || (_userPermissions.GetUser(User).UserId == EntityId);
|
authorized = User.IsInRole(Constants.AdminRole) || (_userPermissions.GetUser(User).UserId == EntityId);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -78,12 +78,12 @@ namespace Oqtane.Server
|
|||||||
// register authorization services
|
// register authorization services
|
||||||
services.AddAuthorizationCore(options =>
|
services.AddAuthorizationCore(options =>
|
||||||
{
|
{
|
||||||
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
|
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.View)));
|
||||||
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
|
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.Edit)));
|
||||||
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
|
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.View)));
|
||||||
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
|
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.Edit)));
|
||||||
options.AddPolicy("ViewFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "View")));
|
options.AddPolicy("ViewFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", PermissionNames.View)));
|
||||||
options.AddPolicy("EditFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "Edit")));
|
options.AddPolicy("EditFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", PermissionNames.Edit)));
|
||||||
options.AddPolicy("ListFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "List")));
|
options.AddPolicy("ListFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "List")));
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -253,10 +253,10 @@ namespace Oqtane.Server
|
|||||||
// register authorization services
|
// register authorization services
|
||||||
services.AddAuthorizationCore(options =>
|
services.AddAuthorizationCore(options =>
|
||||||
{
|
{
|
||||||
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
|
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.View)));
|
||||||
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
|
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.Edit)));
|
||||||
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
|
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.View)));
|
||||||
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
|
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.Edit)));
|
||||||
});
|
});
|
||||||
|
|
||||||
// register scoped core services
|
// register scoped core services
|
||||||
|
|||||||
@ -2,6 +2,7 @@
|
|||||||
{
|
{
|
||||||
public class PermissionNames
|
public class PermissionNames
|
||||||
{
|
{
|
||||||
|
public const string Browse = "Browse";
|
||||||
public const string View = "View";
|
public const string View = "View";
|
||||||
public const string Edit = "Edit";
|
public const string Edit = "Edit";
|
||||||
public const string Delete = "Delete";
|
public const string Delete = "Delete";
|
||||||
|
|||||||
Reference in New Issue
Block a user