kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #215 from sbwalker/master

Browse Source 
fix page management
This commit is contained in:
Shaun Walker 2020-02-18 17:52:08 -05:00 committed by GitHub
commit db322feb5e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 197 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Oqtane.Client/Modules/Admin/Pages/Add.razor
View File

@ -4,6 +4,8 @@
@inject IPageService PageService
@inject IThemeService ThemeService
@if (Themes != null)
{
<table class="table table-borderless">
<tr>
<td>
@ -139,8 +141,9 @@
</td>
</tr>
</table>
<button type="button" class="btn btn-success" @onclick="SavePage">Save</button>
<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
<button type="button" class="btn btn-success" @onclick="SavePage">Save</button>
<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
}
@code {
public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }

301
Oqtane.Client/Modules/Admin/Pages/Edit.razor
View File

@ -4,164 +4,167 @@
@inject IPageService PageService
@inject IThemeService ThemeService
<table class="table table-borderless">
<tr>
<td>
<label for="Name" class="control-label">Name: </label>
</td>
<td>
<input class="form-control" @bind="@name" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Path: </label>
</td>
<td>
<input class="form-control" @bind="@path" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Parent: </label>
</td>
<td>
<select class="form-control" @onchange="(e => ParentChanged(e))">
<option value="-1">&lt;Site Root&gt;</option>
@foreach (Page page in pages)
{
if (page.PageId.ToString() == parentid)
@if (Themes != null)
{
<table class="table table-borderless">
<tr>
<td>
<label for="Name" class="control-label">Name: </label>
</td>
<td>
<input class="form-control" @bind="@name" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Path: </label>
</td>
<td>
<input class="form-control" @bind="@path" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Parent: </label>
</td>
<td>
<select class="form-control" @onchange="(e => ParentChanged(e))">
<option value="-1">&lt;Site Root&gt;</option>
@foreach (Page page in pages)
{
<option value="@(page.PageId)" selected>@(new string('-', page.Level * 2))@(page.Name)</option>
}
else
{
<option value="@(page.PageId)">@(new string('-', page.Level * 2))@(page.Name)</option>
}
}
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Move: </label>
</td>
<td>
<select class="form-control" @bind="@insert">
@if (parentid == currentparentid)
{
<option value="=">&lt;Maintain Current Location&gt;</option>
}
<option value="<<">To Beginning</option>
@if (children != null && children.Count > 0)
{
<option value="<">Before</option>
<option value=">">After</option>
}
<option value=">>">To End</option>
</select>
@if (children != null && children.Count > 0 && (insert == "<" || insert == ">"))
{
<select class="form-control" @bind="@childid">
<option value="-1">&lt;Select Page&gt;</option>
@foreach (Page page in children)
{
<option value="@(page.PageId)">@(page.Name)</option>
if (page.PageId.ToString() == parentid)
{
<option value="@(page.PageId)" selected>@(new string('-', page.Level * 2))@(page.Name)</option>
}
else
{
<option value="@(page.PageId)">@(new string('-', page.Level * 2))@(page.Name)</option>
}
}
</select>
}
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Navigation? </label>
</td>
<td>
<select class="form-control" @bind="@isnavigation">
<option value="True">Yes</option>
<option value="False">No</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Personalizable? </label>
</td>
<td>
<select class="form-control" @bind="@ispersonalizable">
<option value="True">Yes</option>
<option value="False">No</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Default Mode? </label>
</td>
<td>
<select class="form-control" @bind="@mode">
<option value="view">View Mode</option>
<option value="edit">Edit Mode</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Theme: </label>
</td>
<td>
<select class="form-control" @onchange="(e => ThemeChanged(e))">
<option value="">&lt;Select Theme&gt;</option>
@foreach (KeyValuePair<string, string> item in themes)
{
if (item.Key == themetype)
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Move: </label>
</td>
<td>
<select class="form-control" @bind="@insert">
@if (parentid == currentparentid)
{
<option value="@item.Key" selected>@item.Value</option>
<option value="=">&lt;Maintain Current Location&gt;</option>
}
else
<option value="<<">To Beginning</option>
@if (children != null && children.Count > 0)
{
<option value="@item.Key">@item.Value</option>
<option value="<">Before</option>
<option value=">">After</option>
}
}
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Layout: </label>
</td>
<td>
<select class="form-control" @bind="@layouttype">
<option value="">&lt;Select Layout&gt;</option>
@foreach (KeyValuePair<string, string> panelayout in panelayouts)
<option value=">>">To End</option>
</select>
@if (children != null && children.Count > 0 && (insert == "<" || insert == ">"))
{
<option value="@panelayout.Key">@panelayout.Value</option>
<select class="form-control" @bind="@childid">
<option value="-1">&lt;Select Page&gt;</option>
@foreach (Page page in children)
{
<option value="@(page.PageId)">@(page.Name)</option>
}
</select>
}
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Icon: </label>
</td>
<td>
<input class="form-control" @bind="@icon" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Permissions: </label>
</td>
<td>
<PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" />
</td>
</tr>
</table>
<button type="button" class="btn btn-success" @onclick="SavePage">Save</button>
<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
<br />
<br />
<AuditInfo CreatedBy="@createdby" CreatedOn="@createdon" ModifiedBy="@modifiedby" ModifiedOn="@modifiedon" DeletedBy="@deletedby" DeletedOn="@deletedon"></AuditInfo>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Navigation? </label>
</td>
<td>
<select class="form-control" @bind="@isnavigation">
<option value="True">Yes</option>
<option value="False">No</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Personalizable? </label>
</td>
<td>
<select class="form-control" @bind="@ispersonalizable">
<option value="True">Yes</option>
<option value="False">No</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Default Mode? </label>
</td>
<td>
<select class="form-control" @bind="@mode">
<option value="view">View Mode</option>
<option value="edit">Edit Mode</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Theme: </label>
</td>
<td>
<select class="form-control" @onchange="(e => ThemeChanged(e))">
<option value="">&lt;Select Theme&gt;</option>
@foreach (KeyValuePair<string, string> item in themes)
{
if (item.Key == themetype)
{
<option value="@item.Key" selected>@item.Value</option>
}
else
{
<option value="@item.Key">@item.Value</option>
}
}
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Layout: </label>
</td>
<td>
<select class="form-control" @bind="@layouttype">
<option value="">&lt;Select Layout&gt;</option>
@foreach (KeyValuePair<string, string> panelayout in panelayouts)
{
<option value="@panelayout.Key">@panelayout.Value</option>
}
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Icon: </label>
</td>
<td>
<input class="form-control" @bind="@icon" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Permissions: </label>
</td>
<td>
<PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" />
</td>
</tr>
</table>
<button type="button" class="btn btn-success" @onclick="SavePage">Save</button>
<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
<br />
<br />
<AuditInfo CreatedBy="@createdby" CreatedOn="@createdon" ModifiedBy="@modifiedby" ModifiedOn="@modifiedon" DeletedBy="@deletedby" DeletedOn="@deletedon"></AuditInfo>
}
@code {
public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }

10
Oqtane.Server/Controllers/NotificationController.cs
View File

@ -5,8 +5,8 @@ using Oqtane.Repository;
using Oqtane.Models;
using Oqtane.Shared;
using Oqtane.Infrastructure;
using System.Security.Claims;
using Microsoft.AspNetCore.Http;
using Oqtane.Security;
namespace Oqtane.Controllers
{
@ -14,13 +14,13 @@ namespace Oqtane.Controllers
public class NotificationController : Controller
{
private readonly INotificationRepository Notifications;
private readonly IHttpContextAccessor Accessor;
private readonly IUserPermissions UserPermissions;
private readonly ILogManager logger;
public NotificationController(INotificationRepository Notifications, IHttpContextAccessor Accessor, ILogManager logger)
public NotificationController(INotificationRepository Notifications, IUserPermissions UserPermissions, ILogManager logger)
{
this.Notifications = Notifications;
this.Accessor = Accessor;
this.UserPermissions = UserPermissions;
this.logger = logger;
}
@ -101,7 +101,7 @@ namespace Oqtane.Controllers
bool authorized = true;
if (userid != null)
{
authorized = (int.Parse(Accessor.HttpContext.User.FindFirst(ClaimTypes.PrimarySid).Value) == userid);
authorized = (UserPermissions.GetUser(User).UserId == userid);
}
return authorized;
}

2
Oqtane.Server/Controllers/PageController.cs
View File

@ -107,7 +107,7 @@ namespace Oqtane.Controllers
{
Page page = null;
Page parent = Pages.GetPage(id);
if (parent != null && parent.IsPersonalizable && !string.IsNullOrEmpty(userid))
if (parent != null && parent.IsPersonalizable && UserPermissions.GetUser(User).UserId == int.Parse(userid))
{
page = new Page();
page.SiteId = parent.SiteId;

7
Oqtane.Server/Controllers/SettingController.cs
View File

@ -6,7 +6,6 @@ using Oqtane.Shared;
using Oqtane.Security;
using Oqtane.Infrastructure;
using System.Linq;
using System.Security.Claims;
using Microsoft.AspNetCore.Http;
namespace Oqtane.Controllers
@ -17,15 +16,13 @@ namespace Oqtane.Controllers
private readonly ISettingRepository Settings;
private readonly IPageModuleRepository PageModules;
private readonly IUserPermissions UserPermissions;
private readonly IHttpContextAccessor Accessor;
private readonly ILogManager logger;
public SettingController(ISettingRepository Settings, IPageModuleRepository PageModules, IUserPermissions UserPermissions, IHttpContextAccessor Accessor, ILogManager logger)
public SettingController(ISettingRepository Settings, IPageModuleRepository PageModules, IUserPermissions UserPermissions, ILogManager logger)
{
this.Settings = Settings;
this.PageModules = PageModules;
this.UserPermissions = UserPermissions;
this.Accessor = Accessor;
this.logger = logger;
}
@ -141,7 +138,7 @@ namespace Oqtane.Controllers
authorized = true;
if (PermissionName == "Edit")
{
authorized = User.IsInRole(Constants.AdminRole) || (int.Parse(Accessor.HttpContext.User.FindFirst(ClaimTypes.PrimarySid).Value) == EntityId);
authorized = User.IsInRole(Constants.AdminRole) || (UserPermissions.GetUser(User).UserId == EntityId);
}
break;
}

12
Oqtane.Server/Infrastructure/LogManager.cs
View File

@ -5,8 +5,8 @@ using System.Text.Json;
using Oqtane.Repository;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Http;
using System.Security.Claims;
using System.Collections.Generic;
using Oqtane.Security;
namespace Oqtane.Infrastructure
{
@ -15,13 +15,15 @@ namespace Oqtane.Infrastructure
private readonly ILogRepository Logs;
private readonly ITenantResolver TenantResolver;
private readonly IConfigurationRoot Config;
private readonly IUserPermissions UserPermissions;
private readonly IHttpContextAccessor Accessor;
public LogManager(ILogRepository Logs, ITenantResolver TenantResolver, IConfigurationRoot Config, IHttpContextAccessor Accessor)
public LogManager(ILogRepository Logs, ITenantResolver TenantResolver, IConfigurationRoot Config, IUserPermissions UserPermissions, IHttpContextAccessor Accessor)
{
this.Logs = Logs;
this.TenantResolver = TenantResolver;
this.Config = Config;
this.UserPermissions = UserPermissions;
this.Accessor = Accessor;
}
@ -37,9 +39,11 @@ namespace Oqtane.Infrastructure
log.SiteId = alias.SiteId;
log.PageId = null;
log.ModuleId = null;
if (Accessor.HttpContext.User.FindFirst(ClaimTypes.PrimarySid) != null)
log.UserId = null;
User user = UserPermissions.GetUser();
if (user != null)
{
log.UserId = int.Parse(Accessor.HttpContext.User.FindFirst(ClaimTypes.PrimarySid).Value);
log.UserId = user.UserId;
}
HttpRequest request = Accessor.HttpContext.Request;
if (request != null)

5
Oqtane.Server/Security/IUserPermissions.cs
View File

@ -1,4 +1,5 @@
using System.Security.Claims;
using Oqtane.Models;
using System.Security.Claims;
namespace Oqtane.Security
{
@ -6,5 +7,7 @@ namespace Oqtane.Security
{
bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName);
bool IsAuthorized(ClaimsPrincipal User, string PermissionName, string Permissions);
User GetUser(ClaimsPrincipal User);
User GetUser();
}
}

23
Oqtane.Server/Security/UserPermissions.cs
View File

@ -1,4 +1,5 @@
using Oqtane.Models;
using Microsoft.AspNetCore.Http;
using Oqtane.Models;
using Oqtane.Repository;
using System.Linq;
using System.Security.Claims;
@ -8,10 +9,12 @@ namespace Oqtane.Security
public class UserPermissions : IUserPermissions
{
private readonly IPermissionRepository Permissions;
private readonly IHttpContextAccessor Accessor;
public UserPermissions(IPermissionRepository Permissions)
public UserPermissions(IPermissionRepository Permissions, IHttpContextAccessor Accessor)
{
this.Permissions = Permissions;
this.Accessor = Accessor;
}
public bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName)
@ -20,13 +23,22 @@ namespace Oqtane.Security
}
public bool IsAuthorized(ClaimsPrincipal User, string PermissionName, string Permissions)
{
return UserSecurity.IsAuthorized(GetUser(User), PermissionName, Permissions);
}
public User GetUser(ClaimsPrincipal User)
{
User user = new User();
user.Username = "";
user.IsAuthenticated = false;
user.UserId = -1;
user.Roles = "";
if (User != null)
{
user.Username = User.Identity.Name;
user.IsAuthenticated = User.Identity.IsAuthenticated;
var idclaim = User.Claims.Where(item => item.Type == ClaimTypes.PrimarySid).FirstOrDefault();
if (idclaim != null)
{
@ -39,7 +51,12 @@ namespace Oqtane.Security
}
}
return UserSecurity.IsAuthorized(user, PermissionName, Permissions);
return user;
}
public User GetUser()
{
return GetUser(Accessor.HttpContext.User);
}
}
}