Diplomarbeit-Absolventenverein/oqtane.framework-not-mirrored
Archived
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into NamingFixes

Browse Source
This commit is contained in:
Shaun Walker 2020-03-14 12:27:34 -04:00 committed by GitHub
commit eec983707a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 133 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Oqtane.Client/Modules/Admin/Dashboard/Index.razor
View File

@ -6,7 +6,7 @@
<div class="row">
@foreach (var p in _pages)
{
if (UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, p.Permissions))
{
string url = NavigateUrl(p.Path);
<div class="col-md-2 mx-auto text-center">

12
Oqtane.Client/Modules/Admin/Files/Edit.razor
View File

@ -100,12 +100,12 @@
}
else
{
_parentId = _folders[0].FolderId;
List<PermissionString> permissionStrings = new List<PermissionString>();
permissionStrings.Add(new PermissionString { PermissionName = "Browse", Permissions = Constants.AdminRole });
permissionStrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AdminRole });
permissionStrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
_permissions = UserSecurity.SetPermissionStrings(permissionStrings);
parentid = folders[0].FolderId;
List<PermissionString> permissionstrings = new List<PermissionString>();
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.Browse, Permissions = Constants.AdminRole });
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = Constants.AdminRole });
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole });
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
}
}
catch (Exception ex)

2
Oqtane.Client/Modules/Admin/ModuleDefinitions/Edit.razor
View File

@ -17,7 +17,7 @@
<label class="control-label">Permissions: </label>
</td>
<td>
<PermissionGrid EntityName="ModuleDefinition" PermissionNames="Utilize" Permissions="@_permissions" @ref="_permissionGrid" />
<PermissionGrid EntityName="ModuleDefinition" PermissionNames=PermissionNames.Utilize Permissions="@permissions" @ref="permissiongrid" />
</td>
</tr>
</table>

4
Oqtane.Client/Modules/Admin/Pages/Add.razor
View File

@ -184,8 +184,8 @@
layouttype = PageState.Site.DefaultLayoutType;
List<PermissionString> permissionstrings = new List<PermissionString>();
permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AdminRole });
permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = Constants.AdminRole });
permissionstrings.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole });
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
}
catch (Exception ex)

2
Oqtane.Client/Modules/Admin/Sites/Edit.razor
View File

@ -241,7 +241,7 @@
}
}
await Log(Alias, LogLevel.Information, "Edit", null, "Site Saved {Site}", site);
await Log(Alias, LogLevel.Information,PermissionNames.Edit, null, "Site Saved {Site}", site);
NavigationManager.NavigateTo(NavigateUrl());
}

2
Oqtane.Client/Modules/Admin/UserProfile/Index.razor
View File

@ -101,7 +101,7 @@
<label for="@p.Name" class="control-label">@p.Title: </label>
</td>
<td>
<input class="form-control" maxlength="@p.MaxLength" value="@GetProfileValue(p.Name, p.DefaultValue)" placeholder="@p.Description" @onchange="(e => ProfileChanged(e, p.Name))" />
<input class="form-control" maxlength="@p.MaxLength" value="@GetProfileValue(p.Name, p.DefaultValue)" placeholder="@p.Description" @onchange="@(e => ProfileChanged(e, p.Name))" />
</td>
</tr>
}

2
Oqtane.Client/Modules/Admin/Users/Add.razor
View File

@ -66,7 +66,7 @@
<label for="@p.Name" class="control-label">@p.Title: </label>
</td>
<td>
<input class="form-control" maxlength="@p.MaxLength" placeholder="@p.Description" @onchange="(e => ProfileChanged(e, p.Name))" />
<input class="form-control" maxlength="@p.MaxLength" placeholder="@p.Description" @onchange="@(e => ProfileChanged(e, p.Name))" />
</td>
</tr>
}

2
Oqtane.Client/Modules/Admin/Users/Edit.razor
View File

@ -82,7 +82,7 @@
<label for="@p.Name" class="control-label">@p.Title: </label>
</td>
<td>
<input class="form-control" maxlength="@p.MaxLength" value="@GetProfileValue(p.Name, p.DefaultValue)" placeholder="@p.Description" @onchange="(e => ProfileChanged(e, p.Name))" />
<input class="form-control" maxlength="@p.MaxLength" value="@GetProfileValue(p.Name, p.DefaultValue)" placeholder="@p.Description" @onchange="@(e => ProfileChanged(e, p.Name))" />
</td>
</tr>
}

4
Oqtane.Client/Modules/Controls/ActionDialog.razor
View File

@ -117,10 +117,10 @@
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, ModuleState.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, ModuleState.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);

4
Oqtane.Client/Modules/Controls/ActionLink.razor
View File

@ -110,10 +110,10 @@
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, ModuleState.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, ModuleState.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);

2
Oqtane.Client/Modules/Controls/FileManager.razor
View File

@ -181,7 +181,7 @@
Folder folder = folders.Where(item => item.FolderId == folderid).FirstOrDefault();
if (folder != null)
{
haseditpermission = UserSecurity.IsAuthorized(PageState.User, "Edit", folder.Permissions);
haseditpermission = UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, folder.Permissions);
files = await FileService.GetFilesAsync(folderid);
}
else

18
Oqtane.Client/Themes/Controls/ControlPanel.razor
View File

@ -9,7 +9,7 @@
@inject IPageModuleService PageModuleService
@inject ILogService logger
@if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
@if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions))
{
<div class="app-controlpanel" style="@_display">
@ -96,7 +96,7 @@
<option value="-">&lt;Select Module&gt;</option>
@foreach (var moduledefinition in _moduleDefinitions)
{
if (UserSecurity.IsAuthorized(PageState.User, "Utilize", moduledefinition.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Utilize, moduledefinition.Permissions))
{
<option value="@moduledefinition.ModuleDefinitionName">@moduledefinition.Name</option>
}
@ -162,7 +162,7 @@
</div>
}
@if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions) || (PageState.Page.IsPersonalizable && PageState.User != null))
@if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions) || (PageState.Page.IsPersonalizable && PageState.User != null))
{
@if (PageState.Page.EditMode)
{
@ -187,7 +187,7 @@
}
}
@if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
@if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions))
{
<button type="button" class="btn @ButtonClass" @onclick="ShowControlPanel">
<span class="oi oi-menu"></span>
@ -244,7 +244,7 @@
BodyClass = "card-body";
}
if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions))
{
_pages?.Clear();
@ -265,7 +265,7 @@
_moduleDefinitions = _allModuleDefinitions.Where(item => item.Categories == "").ToList();
foreach (Page p in PageState.Pages)
{
if (UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, p.Permissions))
{
_pages.Add(p);
}
@ -301,7 +301,7 @@
{
foreach (Module module in PageState.Modules.Where(item => item.PageId == int.Parse(_pageId) && !item.IsDeleted))
{
if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, module.Permissions))
{
_modules.Add(module);
}
@ -313,7 +313,7 @@
private async Task AddModule()
{
if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions))
{
if ((_moduleType == "new" && _moduleDefinitionName != "-") || (_moduleType != "new" && _moduleId != "-"))
{
@ -381,7 +381,7 @@
private async Task ToggleEditMode(bool EditMode)
{
if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions))
{
if (EditMode)
{

4
Oqtane.Client/Themes/Controls/Menu.razor
View File

@ -36,7 +36,7 @@
foreach (Page p in PageState.Pages.Where(item => item.IsNavigation && !item.IsDeleted))
{
if (UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions) && p.Level <= securitylevel)
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, p.Permissions) && p.Level <= securitylevel)
{
securitylevel = int.MaxValue;
@ -74,7 +74,7 @@
menu += "<ul class=\"navbar-nav mr-auto\">";
foreach (Page p in PageState.Pages.Where(item => item.IsNavigation && !item.IsDeleted))
{
if (UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions) && p.ParentId == PageState.Page.ParentId && p.Level == PageState.Page.Level)
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, p.Permissions) && p.ParentId == PageState.Page.ParentId && p.Level == PageState.Page.Level)
{
if (p.PageId == PageState.Page.PageId)
{

8
Oqtane.Client/Themes/Controls/ModuleActions.razor
View File

@ -4,7 +4,7 @@
@inject IUserService UserService
@inject IPageModuleService PageModuleService
@if (PageState.EditMode && !PageState.Page.EditMode && UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
@if (PageState.EditMode && !PageState.Page.EditMode && UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, ModuleState.Permissions))
{
<a class="nav-link dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"></a>
<div class="dropdown-menu" x-placement="bottom-start" style="position: absolute; will-change: transform; top: 0px; left: 0px; transform: translate3d(0px, 37px, 0px);">
@ -27,7 +27,7 @@
protected override void OnParametersSet()
{
if (PageState.EditMode && UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
if (PageState.EditMode && UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, ModuleState.Permissions))
{
actions = new List<ActionViewModel>();
actions.Add(new ActionViewModel { Action = "settings", Name = "Manage Settings" });
@ -66,7 +66,7 @@
protected async Task ModuleAction(string action)
{
if (PageState.EditMode && UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
if (PageState.EditMode && UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, ModuleState.Permissions))
{
PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId);
@ -125,4 +125,4 @@
public string Action { set; get; }
public string Name { set; get; }
}
}
}

14
Oqtane.Client/UI/Pane.razor
View File

@ -25,7 +25,7 @@
protected override void OnParametersSet()
{
if (PageState.EditMode && !PageState.Page.EditMode && UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions) && Name != Constants.AdminPane)
if (PageState.EditMode && !PageState.Page.EditMode && UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions) && Name != Constants.AdminPane)
{
paneadminborder = "app-pane-admin-border";
panetitle = "<div class=\"app-pane-admin-title\">" + Name + " Pane</div>";
@ -57,7 +57,7 @@
bool authorized = false;
if (Constants.DefaultModuleActions.Contains(PageState.Action))
{
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, PageState.Page.Permissions);
}
else
{
@ -68,10 +68,10 @@
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, module.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", module.Permissions);
authorized = UserSecurity.IsAuthorized(PageState.User,PermissionNames.Edit, module.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
@ -107,7 +107,7 @@
if (module != null && module.Pane.ToLower() == Name.ToLower())
{
// check if user is authorized to view module
if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, module.Permissions))
{
builder.OpenComponent(0, Type.GetType(Constants.ContainerComponent));
builder.AddAttribute(1, "Module", module);
@ -120,7 +120,7 @@
foreach (Module module in PageState.Modules.Where(item => item.PageId == PageState.Page.PageId && item.Pane.ToLower() == Name.ToLower() && !item.IsDeleted).OrderBy(x => x.Order).ToArray())
{
// check if user is authorized to view module
if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
if (UserSecurity.IsAuthorized(PageState.User,PermissionNames.View, module.Permissions))
{
builder.OpenComponent(0, Type.GetType(Constants.ContainerComponent));
builder.AddAttribute(1, "Module", module);
@ -132,4 +132,4 @@
};
};
}
}
}

4
Oqtane.Client/UI/SiteRouter.razor
View File

@ -231,7 +231,7 @@
}
// check if user is authorized to view page
if (UserSecurity.IsAuthorized(user, "View", page.Permissions))
if (UserSecurity.IsAuthorized(user,PermissionNames.View, page.Permissions))
{
page = await ProcessPage(page, site, user);
@ -453,4 +453,4 @@
return modules;
}
}
}

16
Oqtane.Server/Controllers/FileController.cs
View File

@ -47,7 +47,7 @@ namespace Oqtane.Controllers
if (int.TryParse(folder, out folderid))
{
Folder f = _folders.GetFolder(folderid);
if (f != null && _userPermissions.IsAuthorized(User, "Browse", f.Permissions))
if (f != null && _userPermissions.IsAuthorized(User, PermissionNames.Browse, f.Permissions))
{
files = _files.GetFiles(folderid).ToList();
}
@ -77,7 +77,7 @@ namespace Oqtane.Controllers
Folder folder = _folders.GetFolder(siteId, folderPath);
List<Models.File> files;
if (folder != null)
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
{
files = _files.GetFiles(folder.FolderId).ToList();
}
@ -103,7 +103,7 @@ namespace Oqtane.Controllers
public Models.File Get(int id)
{
Models.File file = _files.GetFile(id);
if (_userPermissions.IsAuthorized(User, "View", file.Folder.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, file.Folder.Permissions))
{
return file;
}
@ -120,7 +120,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public Models.File Put(int id, [FromBody] Models.File File)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", File.Folder.FolderId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", File.Folder.FolderId, PermissionNames.Edit))
{
File = _files.UpdateFile(File);
_logger.Log(LogLevel.Information, this, LogFunction.Update, "File Updated {File}", File);
@ -140,7 +140,7 @@ namespace Oqtane.Controllers
public void Delete(int id)
{
Models.File file = _files.GetFile(id);
if (_userPermissions.IsAuthorized(User, "Folder", file.Folder.FolderId, "Edit"))
if (_userPermissions.IsAuthorized(User, "Folder", file.Folder.FolderId, PermissionNames.Edit))
{
_files.DeleteFile(id);
@ -164,7 +164,7 @@ namespace Oqtane.Controllers
{
Models.File file = null;
Folder folder = _folders.GetFolder(int.Parse(folderid));
if (folder != null && _userPermissions.IsAuthorized(User, "Edit", folder.Permissions))
if (folder != null && _userPermissions.IsAuthorized(User,PermissionNames.Edit, folder.Permissions))
{
string folderpath = GetFolderPath(folder);
CreateDirectory(folderpath);
@ -213,7 +213,7 @@ namespace Oqtane.Controllers
if (int.TryParse(folder, out folderid))
{
Folder Folder = _folders.GetFolder(folderid);
if (Folder != null && _userPermissions.IsAuthorized(User, "Edit", Folder.Permissions))
if (Folder != null && _userPermissions.IsAuthorized(User,PermissionNames.Edit, Folder.Permissions))
{
folderpath = GetFolderPath(Folder);
}
@ -364,7 +364,7 @@ namespace Oqtane.Controllers
public IActionResult Download(int id)
{
Models.File file = _files.GetFile(id);
if (file != null && _userPermissions.IsAuthorized(User, "View", file.Folder.Permissions))
if (file != null && _userPermissions.IsAuthorized(User,PermissionNames.View, file.Folder.Permissions))
{
string filepath = GetFolderPath(file.Folder) + file.Name;
if (System.IO.File.Exists(filepath))

16
Oqtane.Server/Controllers/FolderController.cs
View File

@ -32,7 +32,7 @@ namespace Oqtane.Controllers
List<Folder> folders = new List<Folder>();
foreach(Folder folder in _folders.GetFolders(int.Parse(siteid)))
{
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
{
folders.Add(folder);
}
@ -45,7 +45,7 @@ namespace Oqtane.Controllers
public Folder Get(int id)
{
Folder folder = _folders.GetFolder(id);
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
{
return folder;
}
@ -63,7 +63,7 @@ namespace Oqtane.Controllers
var folderPath = WebUtility.UrlDecode(path);
Folder folder = _folders.GetFolder(siteId, folderPath);
if (folder != null)
if (_userPermissions.IsAuthorized(User, "Browse", folder.Permissions))
if (_userPermissions.IsAuthorized(User, PermissionNames.Browse, folder.Permissions))
{
return folder;
}
@ -97,9 +97,9 @@ namespace Oqtane.Controllers
}
else
{
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole } });
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole } });
}
if (_userPermissions.IsAuthorized(User, "Edit", permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.Edit, permissions))
{
if (string.IsNullOrEmpty(Folder.Path) && Folder.ParentId != null)
{
@ -124,7 +124,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public Folder Put(int id, [FromBody] Folder Folder)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", Folder.FolderId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Folder", Folder.FolderId, PermissionNames.Edit))
{
if (string.IsNullOrEmpty(Folder.Path) && Folder.ParentId != null)
{
@ -148,7 +148,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public void Put(int siteid, int folderid, int? parentid)
{
if (_userPermissions.IsAuthorized(User, "Folder", folderid, "Edit"))
if (_userPermissions.IsAuthorized(User, "Folder", folderid, PermissionNames.Edit))
{
int order = 1;
List<Folder> folders = _folders.GetFolders(siteid).ToList();
@ -175,7 +175,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public void Delete(int id)
{
if (_userPermissions.IsAuthorized(User, "Folder", id, "Edit"))
if (_userPermissions.IsAuthorized(User, "Folder", id, PermissionNames.Edit))
{
_folders.DeleteFolder(id);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Folder Deleted {FolderId}", id);

14
Oqtane.Server/Controllers/ModuleController.cs
View File

@ -37,7 +37,7 @@ namespace Oqtane.Controllers
List<Models.Module> modules = new List<Models.Module>();
foreach (PageModule pagemodule in _pageModules.GetPageModules(int.Parse(siteid)))
{
if (_userPermissions.IsAuthorized(User, "View", pagemodule.Module.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, pagemodule.Module.Permissions))
{
Models.Module module = new Models.Module();
module.SiteId = pagemodule.Module.SiteId;
@ -70,7 +70,7 @@ namespace Oqtane.Controllers
public Models.Module Get(int id)
{
Models.Module module = _modules.GetModule(id);
if (_userPermissions.IsAuthorized(User, "View", module.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, module.Permissions))
{
List<ModuleDefinition> moduledefinitions = _moduleDefinitions.GetModuleDefinitions(module.SiteId).ToList();
module.ModuleDefinition = moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName);
@ -89,7 +89,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public Models.Module Post([FromBody] Models.Module Module)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Module.PageId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Module.PageId, PermissionNames.Edit))
{
Module = _modules.AddModule(Module);
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Module Added {Module}", Module);
@ -108,7 +108,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public Models.Module Put(int id, [FromBody] Models.Module Module)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", Module.ModuleId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", Module.ModuleId, PermissionNames.Edit))
{
Module = _modules.UpdateModule(Module);
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Module Updated {Module}", Module);
@ -127,7 +127,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public void Delete(int id)
{
if (_userPermissions.IsAuthorized(User, "Module", id, "Edit"))
if (_userPermissions.IsAuthorized(User, "Module", id, PermissionNames.Edit))
{
_modules.DeleteModule(id);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Module Deleted {ModuleId}", id);
@ -145,7 +145,7 @@ namespace Oqtane.Controllers
public string Export(int moduleid)
{
string content = "";
if (_userPermissions.IsAuthorized(User, "Module", moduleid, "Edit"))
if (_userPermissions.IsAuthorized(User, "Module", moduleid, PermissionNames.Edit))
{
content = _modules.ExportModule(moduleid);
}
@ -163,7 +163,7 @@ namespace Oqtane.Controllers
public bool Import(int moduleid, [FromBody] string Content)
{
bool success = false;
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", moduleid, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", moduleid, PermissionNames.Edit))
{
success = _modules.ImportModule(moduleid, Content);
}

4
Oqtane.Server/Controllers/ModuleDefinitionController.cs
View File

@ -38,7 +38,7 @@ namespace Oqtane.Controllers
List<ModuleDefinition> moduledefinitions = new List<ModuleDefinition>();
foreach(ModuleDefinition moduledefinition in _moduleDefinitions.GetModuleDefinitions(int.Parse(siteid)))
{
if (_userPermissions.IsAuthorized(User, "Utilize", moduledefinition.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.Utilize, moduledefinition.Permissions))
{
moduledefinitions.Add(moduledefinition);
}
@ -51,7 +51,7 @@ namespace Oqtane.Controllers
public ModuleDefinition Get(int id, string siteid)
{
ModuleDefinition moduledefinition = _moduleDefinitions.GetModuleDefinition(id, int.Parse(siteid));
if (_userPermissions.IsAuthorized(User, "Utilize", moduledefinition.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.Utilize, moduledefinition.Permissions))
{
return moduledefinition;
}

24
Oqtane.Server/Controllers/PageController.cs
View File

@ -38,7 +38,7 @@ namespace Oqtane.Controllers
List<Page> pages = new List<Page>();
foreach (Page page in _pages.GetPages(int.Parse(siteid)))
{
if (_userPermissions.IsAuthorized(User, "View", page.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, page.Permissions))
{
pages.Add(page);
}
@ -59,7 +59,7 @@ namespace Oqtane.Controllers
{
page = _pages.GetPage(id, int.Parse(userid));
}
if (_userPermissions.IsAuthorized(User, "View", page.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, page.Permissions))
{
return page;
}
@ -78,7 +78,7 @@ namespace Oqtane.Controllers
Page page = _pages.GetPage(WebUtility.UrlDecode(path), siteid);
if (page != null)
{
if (_userPermissions.IsAuthorized(User, "View", page.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, page.Permissions))
{
return page;
}
@ -110,10 +110,10 @@ namespace Oqtane.Controllers
}
else
{
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole } });
permissions = UserSecurity.SetPermissionStrings(new List<PermissionString> { new PermissionString { PermissionName = PermissionNames.Edit, Permissions = Constants.AdminRole } });
}
if (_userPermissions.IsAuthorized(User, "Edit", permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.Edit, permissions))
{
Page = _pages.AddPage(Page);
_syncManager.AddSyncEvent("Site", Page.SiteId);
@ -150,8 +150,8 @@ namespace Oqtane.Controllers
page.LayoutType = parent.LayoutType;
page.Icon = parent.Icon;
List<PermissionString> permissions = new List<PermissionString>();
permissions.Add(new PermissionString { PermissionName = "View", Permissions = "[" + userid + "]" });
permissions.Add(new PermissionString { PermissionName = "Edit", Permissions = "[" + userid + "]" });
permissions.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = "[" + userid + "]" });
permissions.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = "[" + userid + "]" });
page.Permissions = UserSecurity.SetPermissionStrings(permissions);
page.IsPersonalizable = false;
page.UserId = int.Parse(userid);
@ -167,8 +167,8 @@ namespace Oqtane.Controllers
module.PageId = page.PageId;
module.ModuleDefinitionName = pm.Module.ModuleDefinitionName;
permissions = new List<PermissionString>();
permissions.Add(new PermissionString { PermissionName = "View", Permissions = "[" + userid + "]" });
permissions.Add(new PermissionString { PermissionName = "Edit", Permissions = "[" + userid + "]" });
permissions.Add(new PermissionString { PermissionName = PermissionNames.View, Permissions = "[" + userid + "]" });
permissions.Add(new PermissionString { PermissionName = PermissionNames.Edit, Permissions = "[" + userid + "]" });
module.Permissions = UserSecurity.SetPermissionStrings(permissions);
module = _modules.AddModule(module);
@ -197,7 +197,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public Page Put(int id, [FromBody] Page Page)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Page.PageId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", Page.PageId, PermissionNames.Edit))
{
Page = _pages.UpdatePage(Page);
_syncManager.AddSyncEvent("Site", Page.SiteId);
@ -217,7 +217,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public void Put(int siteid, int pageid, int? parentid)
{
if (_userPermissions.IsAuthorized(User, "Page", pageid, "Edit"))
if (_userPermissions.IsAuthorized(User, "Page", pageid, PermissionNames.Edit))
{
int order = 1;
List<Page> pages = _pages.GetPages(siteid).ToList();
@ -246,7 +246,7 @@ namespace Oqtane.Controllers
public void Delete(int id)
{
Page page = _pages.GetPage(id);
if (_userPermissions.IsAuthorized(User, "Page", page.PageId, "Edit"))
if (_userPermissions.IsAuthorized(User, "Page", page.PageId, PermissionNames.Edit))
{
_pages.DeletePage(page.PageId);
_syncManager.AddSyncEvent("Site", page.SiteId);

12
Oqtane.Server/Controllers/PageModuleController.cs
View File

@ -33,7 +33,7 @@ namespace Oqtane.Controllers
public PageModule Get(int id)
{
PageModule pagemodule = _pageModules.GetPageModule(id);
if (_userPermissions.IsAuthorized(User, "View", pagemodule.Module.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, pagemodule.Module.Permissions))
{
return pagemodule;
}
@ -50,7 +50,7 @@ namespace Oqtane.Controllers
public PageModule Get(int pageid, int moduleid)
{
PageModule pagemodule = _pageModules.GetPageModule(pageid, moduleid);
if (_userPermissions.IsAuthorized(User, "View", pagemodule.Module.Permissions))
if (_userPermissions.IsAuthorized(User,PermissionNames.View, pagemodule.Module.Permissions))
{
return pagemodule;
}
@ -67,7 +67,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public PageModule Post([FromBody] PageModule PageModule)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", PageModule.PageId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Page", PageModule.PageId, PermissionNames.Edit))
{
PageModule = _pageModules.AddPageModule(PageModule);
_syncManager.AddSyncEvent("Page", PageModule.PageId);
@ -87,7 +87,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public PageModule Put(int id, [FromBody] PageModule PageModule)
{
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", PageModule.ModuleId, "Edit"))
if (ModelState.IsValid && _userPermissions.IsAuthorized(User, "Module", PageModule.ModuleId, PermissionNames.Edit))
{
PageModule = _pageModules.UpdatePageModule(PageModule);
_syncManager.AddSyncEvent("Page", PageModule.PageId);
@ -107,7 +107,7 @@ namespace Oqtane.Controllers
[Authorize(Roles = Constants.RegisteredRole)]
public void Put(int pageid, string pane)
{
if (_userPermissions.IsAuthorized(User, "Page", pageid, "Edit"))
if (_userPermissions.IsAuthorized(User, "Page", pageid, PermissionNames.Edit))
{
int order = 1;
List<PageModule> pagemodules = _pageModules.GetPageModules(pageid, pane).OrderBy(item => item.Order).ToList();
@ -136,7 +136,7 @@ namespace Oqtane.Controllers
public void Delete(int id)
{
PageModule pagemodule = _pageModules.GetPageModule(id);
if (_userPermissions.IsAuthorized(User, "Page", pagemodule.PageId, "Edit"))
if (_userPermissions.IsAuthorized(User, "Page", pagemodule.PageId, PermissionNames.Edit))
{
_pageModules.DeletePageModule(id);
_syncManager.AddSyncEvent("Page", pagemodule.PageId);

12
Oqtane.Server/Controllers/SettingController.cs
View File

@ -31,7 +31,7 @@ namespace Oqtane.Controllers
public IEnumerable<Setting> Get(string entityname, int entityid)
{
List<Setting> settings = new List<Setting>();
if (IsAuthorized(entityname, entityid, "View"))
if (IsAuthorized(entityname, entityid, PermissionNames.View))
{
settings = _settings.GetSettings(entityname, entityid).ToList();
}
@ -48,7 +48,7 @@ namespace Oqtane.Controllers
public Setting Get(int id)
{
Setting setting = _settings.GetSetting(id);
if (IsAuthorized(setting.EntityName, setting.EntityId, "View"))
if (IsAuthorized(setting.EntityName, setting.EntityId, PermissionNames.View))
{
return setting;
}
@ -64,7 +64,7 @@ namespace Oqtane.Controllers
[HttpPost]
public Setting Post([FromBody] Setting Setting)
{
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, "Edit"))
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, PermissionNames.Edit))
{
Setting = _settings.AddSetting(Setting);
_logger.Log(LogLevel.Information, this, LogFunction.Create, "Setting Added {Setting}", Setting);
@ -82,7 +82,7 @@ namespace Oqtane.Controllers
[HttpPut("{id}")]
public Setting Put(int id, [FromBody] Setting Setting)
{
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, "Edit"))
if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId, PermissionNames.Edit))
{
Setting = _settings.UpdateSetting(Setting);
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Setting Updated {Setting}", Setting);
@ -101,7 +101,7 @@ namespace Oqtane.Controllers
public void Delete(int id)
{
Setting setting = _settings.GetSetting(id);
if (IsAuthorized(setting.EntityName, setting.EntityId, "Edit"))
if (IsAuthorized(setting.EntityName, setting.EntityId, PermissionNames.Edit))
{
_settings.DeleteSetting(id);
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "Setting Deleted {Setting}", setting);
@ -136,7 +136,7 @@ namespace Oqtane.Controllers
break;
case "User":
authorized = true;
if (PermissionName == "Edit")
if (PermissionName == PermissionNames.Edit)
{
authorized = User.IsInRole(Constants.AdminRole) || (_userPermissions.GetUser(User).UserId == EntityId);
}

20
Oqtane.Server/Startup.cs
View File

@ -78,12 +78,12 @@ namespace Oqtane.Server
// register authorization services
services.AddAuthorizationCore(options =>
{
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
options.AddPolicy("ViewFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "View")));
options.AddPolicy("EditFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "Edit")));
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.View)));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.Edit)));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.View)));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.Edit)));
options.AddPolicy("ViewFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", PermissionNames.View)));
options.AddPolicy("EditFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", PermissionNames.Edit)));
options.AddPolicy("ListFolder", policy => policy.Requirements.Add(new PermissionRequirement("Folder", "List")));
});
@ -253,10 +253,10 @@ namespace Oqtane.Server
// register authorization services
services.AddAuthorizationCore(options =>
{
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.View)));
options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", PermissionNames.Edit)));
options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.View)));
options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", PermissionNames.Edit)));
});
// register scoped core services

11
Oqtane.Shared/Shared/PermissionNames.cs Normal file
View File

@ -0,0 +1,11 @@
namespace Oqtane.Shared
{
public class PermissionNames
{
public const string Browse = "Browse";
public const string View = "View";
public const string Edit = "Edit";
public const string Utilize = "Utilize";
}
}

20
Oqtane.Test/Oqtane.Test.csproj
View File

@ -22,4 +22,24 @@
<ProjectReference Include="..\Oqtane.Shared\Oqtane.Shared.csproj" />
</ItemGroup>
<ItemGroup>
<Compile Remove="Repository\**" />
<Compile Remove="Security\**" />
</ItemGroup>
<ItemGroup>
<EmbeddedResource Remove="Repository\**" />
<EmbeddedResource Remove="Security\**" />
</ItemGroup>
<ItemGroup>
<None Remove="Repository\**" />
<None Remove="Security\**" />
</ItemGroup>
<ItemGroup>
<Content Remove="Repository\**" />
<Content Remove="Security\**" />
</ItemGroup>
</Project>