From ffba735aac6e4c5f0aaba9026078f0ec32ce664c Mon Sep 17 00:00:00 2001 From: Shaun Walker Date: Sun, 10 Nov 2019 14:56:29 -0500 Subject: [PATCH] Support for user personalizable pages --- Oqtane.Client/Modules/Admin/Pages/Add.razor | 254 +++++++-------- Oqtane.Client/Modules/Admin/Pages/Edit.razor | 291 +++++++++--------- .../Services/Interfaces/IPageService.cs | 3 +- Oqtane.Client/Services/PageService.cs | 9 +- Oqtane.Client/Shared/SiteRouter.razor | 17 +- .../Themes/Controls/ControlPanel.razor | 116 ++++++- Oqtane.Server/Controllers/ModuleController.cs | 87 +++--- Oqtane.Server/Controllers/PageController.cs | 60 ++-- .../Controllers/PageModuleController.cs | 46 +-- .../Repository/Interfaces/IPageRepository.cs | 1 + Oqtane.Server/Repository/PageRepository.cs | 21 +- Oqtane.Server/Repository/SiteRepository.cs | 44 +-- Oqtane.Server/Scripts/00.00.00.sql | 5 +- Oqtane.Server/Security/IUserPermissions.cs | 1 + Oqtane.Server/Security/UserPermissions.cs | 7 +- Oqtane.Shared/Models/Page.cs | 2 + Oqtane.Shared/Models/PageTemplate.cs | 1 + 17 files changed, 587 insertions(+), 378 deletions(-) diff --git a/Oqtane.Client/Modules/Admin/Pages/Add.razor b/Oqtane.Client/Modules/Admin/Pages/Add.razor index 733a9b3a..fe217df0 100644 --- a/Oqtane.Client/Modules/Admin/Pages/Add.razor +++ b/Oqtane.Client/Modules/Admin/Pages/Add.razor @@ -4,130 +4,141 @@ @inject IPageService PageService @inject IThemeService ThemeService - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
- - - -
- - - -
- - - -
- - - - @if (children != null && children.Count > 0 && (insert == "<" || insert == ">")) - { - + + + + + + + + + + + - - - - - - - - - - - - + + + + - - - - - - - - - - - - - -
+ + + +
+ + + +
+ + + - } -
- - - -
- - - -
- - -
+ + + + @if (children != null && children.Count > 0 && (insert == "<" || insert == ">")) { - + } - -
- - - -
- - - -
- - - -
+
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
Cancel @@ -145,6 +156,7 @@ List children; int childid = -1; string isnavigation = "True"; + string ispersonalizable = "False"; string mode = "view"; string themetype = ""; string layouttype = ""; @@ -291,9 +303,11 @@ { page.LayoutType = ""; } + page.IsPersonalizable = (ispersonalizable == null ? false : Boolean.Parse(ispersonalizable)); + page.UserId = null; await PageService.AddPageAsync(page); - await PageService.UpdatePageOrderAsync(page.SiteId, page.ParentId); + await PageService.UpdatePageOrderAsync(page.SiteId, page.PageId, page.ParentId); await logger.LogInformation("Page Added {Page}", page); NavigationManager.NavigateTo(NavigateUrl(page.Path, Reload.Site)); diff --git a/Oqtane.Client/Modules/Admin/Pages/Edit.razor b/Oqtane.Client/Modules/Admin/Pages/Edit.razor index 3f932150..bc960d0b 100644 --- a/Oqtane.Client/Modules/Admin/Pages/Edit.razor +++ b/Oqtane.Client/Modules/Admin/Pages/Edit.razor @@ -4,148 +4,159 @@ @inject IPageService PageService @inject IThemeService ThemeService - - - - - - - - - - - - - - - - + + + + + + + + + + + + + +
- - - -
- - - -
- - - -
- - - - @if (children != null && children.Count > 0 && (insert == "<" || insert == ">")) + + + + + + + + + + + + - - - - - - - - - - - - + + + + - - - - + + + + + + + + + + + + + + + + - - - - - - - - - -
+ + + +
+ + + +
+ + + - - @foreach (Page page in children) - { - - } - + if (page.PageId.ToString() == parentid) + { + + } + else + { + + } } -
- - - -
- - - -
- - - +
+ + + + @if (children != null && children.Count > 0 && (insert == "<" || insert == ">")) + { + -
- - -
+ + + +
+ + + +
+ + + +
+ + + -
- - - -
- - - -
+ else + { + + } + } + +
+ + + +
+ + + +
+ + + +
Cancel
@@ -168,6 +179,7 @@ List children; int childid = -1; string isnavigation; + string ispersonalizable; string mode; string themetype; string layouttype; @@ -211,6 +223,7 @@ } currentparentid = parentid; isnavigation = page.IsNavigation.ToString(); + ispersonalizable = page.IsPersonalizable.ToString(); mode = (page.EditMode) ? "edit" : "view"; themetype = page.ThemeType; panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes, themetype); @@ -357,16 +370,18 @@ { page.LayoutType = ""; } + page.IsPersonalizable = (ispersonalizable == null ? false : Boolean.Parse(ispersonalizable)); + page.UserId = null; await PageService.UpdatePageAsync(page); - await PageService.UpdatePageOrderAsync(page.SiteId, page.ParentId); + await PageService.UpdatePageOrderAsync(page.SiteId, page.PageId, page.ParentId); if (currentparentid == "") { - await PageService.UpdatePageOrderAsync(page.SiteId, null); + await PageService.UpdatePageOrderAsync(page.SiteId, page.PageId, null); } else { - await PageService.UpdatePageOrderAsync(page.SiteId, int.Parse(currentparentid)); + await PageService.UpdatePageOrderAsync(page.SiteId, page.PageId, int.Parse(currentparentid)); } // update child paths diff --git a/Oqtane.Client/Services/Interfaces/IPageService.cs b/Oqtane.Client/Services/Interfaces/IPageService.cs index d1ec74f4..d3ab967b 100644 --- a/Oqtane.Client/Services/Interfaces/IPageService.cs +++ b/Oqtane.Client/Services/Interfaces/IPageService.cs @@ -8,9 +8,10 @@ namespace Oqtane.Services { Task> GetPagesAsync(int SiteId); Task GetPageAsync(int PageId); + Task GetPageAsync(int PageId, int UserId); Task AddPageAsync(Page Page); Task UpdatePageAsync(Page Page); - Task UpdatePageOrderAsync(int SiteId, int? ParentId); + Task UpdatePageOrderAsync(int SiteId, int PageId, int? ParentId); Task DeletePageAsync(int PageId); } } diff --git a/Oqtane.Client/Services/PageService.cs b/Oqtane.Client/Services/PageService.cs index af806412..ddcd3324 100644 --- a/Oqtane.Client/Services/PageService.cs +++ b/Oqtane.Client/Services/PageService.cs @@ -39,6 +39,11 @@ namespace Oqtane.Services return await http.GetJsonAsync(apiurl + "/" + PageId.ToString()); } + public async Task GetPageAsync(int PageId, int UserId) + { + return await http.GetJsonAsync(apiurl + "/" + PageId.ToString() + "?userid=" + UserId.ToString()); + } + public async Task AddPageAsync(Page Page) { return await http.PostJsonAsync(apiurl, Page); @@ -49,9 +54,9 @@ namespace Oqtane.Services return await http.PutJsonAsync(apiurl + "/" + Page.PageId.ToString(), Page); } - public async Task UpdatePageOrderAsync(int SiteId, int? ParentId) + public async Task UpdatePageOrderAsync(int SiteId, int PageId, int? ParentId) { - await http.PutJsonAsync(apiurl + "/?siteid=" + SiteId.ToString() + "&parentid=" + ((ParentId == null) ? "" : ParentId.ToString()), null); + await http.PutJsonAsync(apiurl + "/?siteid=" + SiteId.ToString() + "&pageid=" + PageId.ToString() + "&parentid=" + ((ParentId == null) ? "" : ParentId.ToString()), null); } public async Task DeletePageAsync(int PageId) diff --git a/Oqtane.Client/Shared/SiteRouter.razor b/Oqtane.Client/Shared/SiteRouter.razor index 481d01d6..4b63f2b6 100644 --- a/Oqtane.Client/Shared/SiteRouter.razor +++ b/Oqtane.Client/Shared/SiteRouter.razor @@ -218,11 +218,11 @@ if (page != null) { - page = ProcessPage(page, site); - // check if user is authorized to view page if (UserSecurity.IsAuthorized(user, "View", page.Permissions)) { + page = await ProcessPage(page, site, user); + pagestate = new PageState(); pagestate.ModuleDefinitions = moduledefinitions; pagestate.Themes = themes; @@ -260,11 +260,16 @@ else { // user is not authorized to view page + if (path != "") + { + NavigationManager.NavigateTo(""); + } } } else { // page does not exist + NavigationManager.NavigateTo(""); } } else @@ -313,10 +318,16 @@ return querystring; } - private Page ProcessPage(Page page, Site site) + private async Task ProcessPage(Page page, Site site, User user) { try { + if (page.IsPersonalizable && user != null) + { + // load the personalized page + page = await PageService.GetPageAsync(page.PageId, user.UserId); + } + if (string.IsNullOrEmpty(page.ThemeType)) { page.ThemeType = site.DefaultThemeType; diff --git a/Oqtane.Client/Themes/Controls/ControlPanel.razor b/Oqtane.Client/Themes/Controls/ControlPanel.razor index 2612557f..3747108b 100644 --- a/Oqtane.Client/Themes/Controls/ControlPanel.razor +++ b/Oqtane.Client/Themes/Controls/ControlPanel.razor @@ -21,10 +21,13 @@
    -
    • -
  •  
    • -
    • -
    • + @if (UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole)) + { +
    • +
  •  
    • +
    • +
    • + }
  • @if (deleteconfirmation) @@ -146,19 +149,26 @@
+} +@if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions) || (PageState.Page.IsPersonalizable && PageState.User != null)) +{ @if (PageState.EditMode) { - } else { - } +} + +@if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions)) +{ @@ -292,7 +302,7 @@ } PageModule pagemodule = new PageModule(); - pagemodule.PageId = string.IsNullOrWhiteSpace(pageid) ? PageState.Page.PageId : int.Parse(pageid); + pagemodule.PageId = string.IsNullOrEmpty(pageid) ? PageState.Page.PageId : int.Parse(pageid); pagemodule.ModuleId = int.Parse(moduleid); pagemodule.Title = title; if (pagemodule.Title == "") @@ -330,7 +340,7 @@ } } - private void ToggleEditMode(bool EditMode) + private async Task ToggleEditMode(bool EditMode) { if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions)) { @@ -346,6 +356,16 @@ } NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, "edit=" + ((PageState.EditMode) ? "1" : "0"), Reload.Page)); } + else + { + if (PageState.Page.IsPersonalizable && PageState.User != null) + { + await CreatePersonalizedPage(); + PageState.EditMode = true; + PageState.DesignMode = true; + NavigationManager.NavigateTo(NavigateUrl(PageState.Page.Path, "edit=" + ((PageState.EditMode) ? "1" : "0"), Reload.Page)); + } + } } private void ShowControlPanel() @@ -413,14 +433,86 @@ Page page = PageState.Page; try { - page.IsDeleted = true; - await PageService.UpdatePageAsync(page); - await logger.Log(page.PageId, null, PageState.User.UserId, this.GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page); - NavigationManager.NavigateTo(NavigateUrl("", Reload.Site)); + if (page.UserId == null) + { + page.IsDeleted = true; + await PageService.UpdatePageAsync(page); + await logger.Log(page.PageId, null, PageState.User.UserId, this.GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page); + NavigationManager.NavigateTo(NavigateUrl("", Reload.Site)); + } + else // personalized page + { + await PageService.DeletePageAsync(page.PageId); + await logger.Log(page.PageId, null, PageState.User.UserId, this.GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page); + NavigationManager.NavigateTo(NavigateUrl(Reload.Page)); + } } catch (Exception ex) { await logger.Log(page.PageId, null, PageState.User.UserId, this.GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, ex, "Page Deleted {Page} {Error}", page, ex.Message); } } + + private async Task CreatePersonalizedPage() + { + Page page = new Page(); + page.SiteId = PageState.Page.SiteId; + page.Name = PageState.Page.Name; + page.Path = PageState.Page.Path; + page.ParentId = PageState.Page.ParentId; + page.Order = 0; + page.IsNavigation = false; + page.EditMode = false; + page.ThemeType = PageState.Page.ThemeType; + if (page.ThemeType == PageState.Site.DefaultThemeType) + { + page.ThemeType = ""; + } + page.LayoutType = PageState.Page.LayoutType; + if (page.LayoutType == PageState.Site.DefaultLayoutType) + { + page.LayoutType = ""; + } + page.Icon = PageState.Page.Icon; + List permissions = new List(); + permissions.Add(new PermissionString { PermissionName = "View", Permissions = "[" + PageState.User.UserId.ToString() + "]" }); + permissions.Add(new PermissionString { PermissionName = "Edit", Permissions = "[" + PageState.User.UserId.ToString() + "]" }); + page.Permissions = UserSecurity.SetPermissionStrings(permissions); + page.IsPersonalizable = false; + page.UserId = PageState.User.UserId; + page = await PageService.AddPageAsync(page); + + // copy modules + foreach (Module m in PageState.Modules.Where(item => item.PageId == PageState.Page.PageId && !item.IsDeleted)) + { + Module module = new Module(); + module.SiteId = m.SiteId; + module.ModuleDefinitionName = m.ModuleDefinitionName; + permissions = new List(); + permissions.Add(new PermissionString { PermissionName = "View", Permissions = "[" + PageState.User.UserId.ToString() + "]" }); + permissions.Add(new PermissionString { PermissionName = "Edit", Permissions = "[" + PageState.User.UserId.ToString() + "]" }); + module.Permissions = UserSecurity.SetPermissionStrings(permissions); + module = await ModuleService.AddModuleAsync(module); + + string content = await ModuleService.ExportModuleAsync(m.ModuleId); + if (content != "") + { + await ModuleService.ImportModuleAsync(module.ModuleId, content); + } + + PageModule pagemodule = new PageModule(); + pagemodule.PageId = page.PageId; + pagemodule.ModuleId = module.ModuleId; + pagemodule.Title = m.Title; + pagemodule.Pane = m.Pane; + pagemodule.Order = m.Order; + pagemodule.ContainerType = m.ContainerType; + if (pagemodule.ContainerType == PageState.Site.DefaultContainerType) + { + pagemodule.ContainerType = ""; + } + + await PageModuleService.AddPageModuleAsync(pagemodule); + } + } } diff --git a/Oqtane.Server/Controllers/ModuleController.cs b/Oqtane.Server/Controllers/ModuleController.cs index f83e75c0..46a6f2fd 100644 --- a/Oqtane.Server/Controllers/ModuleController.cs +++ b/Oqtane.Server/Controllers/ModuleController.cs @@ -11,6 +11,7 @@ using Oqtane.Modules; using Microsoft.Extensions.DependencyInjection; using System.Text.Json; using Oqtane.Infrastructure; +using Oqtane.Security; namespace Oqtane.Controllers { @@ -21,14 +22,16 @@ namespace Oqtane.Controllers private readonly IPageModuleRepository PageModules; private readonly IModuleDefinitionRepository ModuleDefinitions; private readonly IServiceProvider ServiceProvider; + private readonly IUserPermissions UserPermissions; private readonly ILogManager logger; - public ModuleController(IModuleRepository Modules, IPageModuleRepository PageModules, IModuleDefinitionRepository ModuleDefinitions, IServiceProvider ServiceProvider, ILogManager logger) + public ModuleController(IModuleRepository Modules, IPageModuleRepository PageModules, IModuleDefinitionRepository ModuleDefinitions, IServiceProvider ServiceProvider, IUserPermissions UserPermissions, ILogManager logger) { this.Modules = Modules; this.PageModules = PageModules; this.ModuleDefinitions = ModuleDefinitions; this.ServiceProvider = ServiceProvider; + this.UserPermissions = UserPermissions; this.logger = logger; } @@ -70,10 +73,10 @@ namespace Oqtane.Controllers // POST api/ [HttpPost] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public Models.Module Post([FromBody] Models.Module Module) { - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Edit", Module.Permissions)) { Module = Modules.AddModule(Module); logger.Log(LogLevel.Information, this, LogFunction.Create, "Module Added {Module}", Module); @@ -83,10 +86,10 @@ namespace Oqtane.Controllers // PUT api//5 [HttpPut("{id}")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public Models.Module Put(int id, [FromBody] Models.Module Module) { - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Module", Module.ModuleId, "Edit")) { Module = Modules.UpdateModule(Module); logger.Log(LogLevel.Information, this, LogFunction.Update, "Module Updated {Module}", Module); @@ -96,69 +99,75 @@ namespace Oqtane.Controllers // DELETE api//5 [HttpDelete("{id}")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public void Delete(int id) { - Modules.DeleteModule(id); - logger.Log(LogLevel.Information, this, LogFunction.Delete, "Module Deleted {ModuleId}", id); + if (UserPermissions.IsAuthorized(User, "Module", id, "Edit")) + { + Modules.DeleteModule(id); + logger.Log(LogLevel.Information, this, LogFunction.Delete, "Module Deleted {ModuleId}", id); + } } // GET api//export?moduleid=x [HttpGet("export")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public string Export(int moduleid) { string content = ""; - try + if (UserPermissions.IsAuthorized(User, "Module", moduleid, "View")) { - Models.Module module = Modules.GetModule(moduleid); - if (module != null) + try { - List moduledefinitions = ModuleDefinitions.GetModuleDefinitions(module.SiteId).ToList(); - ModuleDefinition moduledefinition = moduledefinitions.Where(item => item.ModuleDefinitionName == module.ModuleDefinitionName).FirstOrDefault(); - if (moduledefinition != null) + Models.Module module = Modules.GetModule(moduleid); + if (module != null) { - ModuleContent modulecontent = new ModuleContent(); - modulecontent.ModuleDefinitionName = moduledefinition.ModuleDefinitionName; - modulecontent.Version = moduledefinition.Version; - modulecontent.Content = ""; - - if (moduledefinition.ServerAssemblyName != "") + List moduledefinitions = ModuleDefinitions.GetModuleDefinitions(module.SiteId).ToList(); + ModuleDefinition moduledefinition = moduledefinitions.Where(item => item.ModuleDefinitionName == module.ModuleDefinitionName).FirstOrDefault(); + if (moduledefinition != null) { - Assembly assembly = AppDomain.CurrentDomain.GetAssemblies() - .Where(item => item.FullName.StartsWith(moduledefinition.ServerAssemblyName)).FirstOrDefault(); - if (assembly != null) + ModuleContent modulecontent = new ModuleContent(); + modulecontent.ModuleDefinitionName = moduledefinition.ModuleDefinitionName; + modulecontent.Version = moduledefinition.Version; + modulecontent.Content = ""; + + if (moduledefinition.ServerAssemblyName != "") { - Type moduletype = assembly.GetTypes() - .Where(item => item.Namespace != null) - .Where(item => item.Namespace.StartsWith(moduledefinition.ModuleDefinitionName.Substring(0, moduledefinition.ModuleDefinitionName.IndexOf(",")))) - .Where(item => item.GetInterfaces().Contains(typeof(IPortable))).FirstOrDefault(); - if (moduletype != null) + Assembly assembly = AppDomain.CurrentDomain.GetAssemblies() + .Where(item => item.FullName.StartsWith(moduledefinition.ServerAssemblyName)).FirstOrDefault(); + if (assembly != null) { - var moduleobject = ActivatorUtilities.CreateInstance(ServiceProvider, moduletype); - modulecontent.Content = ((IPortable)moduleobject).ExportModule(module); + Type moduletype = assembly.GetTypes() + .Where(item => item.Namespace != null) + .Where(item => item.Namespace.StartsWith(moduledefinition.ModuleDefinitionName.Substring(0, moduledefinition.ModuleDefinitionName.IndexOf(",")))) + .Where(item => item.GetInterfaces().Contains(typeof(IPortable))).FirstOrDefault(); + if (moduletype != null) + { + var moduleobject = ActivatorUtilities.CreateInstance(ServiceProvider, moduletype); + modulecontent.Content = ((IPortable)moduleobject).ExportModule(module); + } } } + content = JsonSerializer.Serialize(modulecontent); + logger.Log(LogLevel.Information, this, LogFunction.Read, "Module Content Exported {ModuleId}", moduleid); } - content = JsonSerializer.Serialize(modulecontent); - logger.Log(LogLevel.Information, this, LogFunction.Read, "Module Content Exported {ModuleId}", moduleid); } } - } - catch - { - // error occurred during export + catch + { + // error occurred during export + } } return content; } // POST api//import?moduleid=x [HttpPost("import")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public bool Import(int moduleid, [FromBody] string Content) { bool success = false; - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Module", moduleid, "Edit")) { try { diff --git a/Oqtane.Server/Controllers/PageController.cs b/Oqtane.Server/Controllers/PageController.cs index a0ce7610..560bf5f8 100644 --- a/Oqtane.Server/Controllers/PageController.cs +++ b/Oqtane.Server/Controllers/PageController.cs @@ -6,6 +6,7 @@ using Oqtane.Models; using Oqtane.Shared; using System.Linq; using Oqtane.Infrastructure; +using Oqtane.Security; namespace Oqtane.Controllers { @@ -13,11 +14,13 @@ namespace Oqtane.Controllers public class PageController : Controller { private readonly IPageRepository Pages; + private readonly IUserPermissions UserPermissions; private readonly ILogManager logger; - public PageController(IPageRepository Pages, ILogManager logger) + public PageController(IPageRepository Pages, IUserPermissions UserPermissions, ILogManager logger) { this.Pages = Pages; + this.UserPermissions = UserPermissions; this.logger = logger; } @@ -35,19 +38,26 @@ namespace Oqtane.Controllers } } - // GET api//5 + // GET api//5?userid=x [HttpGet("{id}")] - public Page Get(int id) + public Page Get(int id, string userid) { - return Pages.GetPage(id); + if (userid == "") + { + return Pages.GetPage(id); + } + else + { + return Pages.GetPage(id, int.Parse(userid)); + } } // POST api/ [HttpPost] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public Page Post([FromBody] Page Page) { - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Edit", Page.Permissions)) { Page = Pages.AddPage(Page); logger.Log(LogLevel.Information, this, LogFunction.Create, "Page Added {Page}", Page); @@ -57,10 +67,10 @@ namespace Oqtane.Controllers // PUT api//5 [HttpPut("{id}")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public Page Put(int id, [FromBody] Page Page) { - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Page", Page.PageId, "Edit")) { Page = Pages.UpdatePage(Page); logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Updated {Page}", Page); @@ -68,32 +78,38 @@ namespace Oqtane.Controllers return Page; } - // PUT api//?siteid=x&parentid=y + // PUT api//?siteid=x&pageid=y&parentid=z [HttpPut] - [Authorize(Roles = Constants.AdminRole)] - public void Put(int siteid, int? parentid) + [Authorize(Roles = Constants.RegisteredRole)] + public void Put(int siteid, int pageid, int? parentid) { - int order = 1; - List pages = Pages.GetPages(siteid).ToList(); - foreach (Page page in pages.Where(item => item.ParentId == parentid).OrderBy(item => item.Order)) + if (UserPermissions.IsAuthorized(User, "Page", pageid, "Edit")) { - if (page.Order != order) + int order = 1; + List pages = Pages.GetPages(siteid).ToList(); + foreach (Page page in pages.Where(item => item.ParentId == parentid).OrderBy(item => item.Order)) { - page.Order = order; - Pages.UpdatePage(page); + if (page.Order != order) + { + page.Order = order; + Pages.UpdatePage(page); + } + order += 2; } - order += 2; + logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Order Updated {SiteId} {PageId} {ParentId}", siteid, pageid, parentid); } - logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Order Updated {SiteId} {ParentId}", siteid, parentid); } // DELETE api//5 [HttpDelete("{id}")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public void Delete(int id) { - Pages.DeletePage(id); - logger.Log(LogLevel.Information, this, LogFunction.Delete, "Page Deleted {PageId}", id); + if (UserPermissions.IsAuthorized(User, "Page", id, "Edit")) + { + Pages.DeletePage(id); + logger.Log(LogLevel.Information, this, LogFunction.Delete, "Page Deleted {PageId}", id); + } } } } diff --git a/Oqtane.Server/Controllers/PageModuleController.cs b/Oqtane.Server/Controllers/PageModuleController.cs index 2eb6694f..953d93b8 100644 --- a/Oqtane.Server/Controllers/PageModuleController.cs +++ b/Oqtane.Server/Controllers/PageModuleController.cs @@ -6,6 +6,7 @@ using Oqtane.Models; using Oqtane.Shared; using System.Linq; using Oqtane.Infrastructure; +using Oqtane.Security; namespace Oqtane.Controllers { @@ -13,13 +14,13 @@ namespace Oqtane.Controllers public class PageModuleController : Controller { private readonly IPageModuleRepository PageModules; - private readonly IModuleRepository Modules; + private readonly IUserPermissions UserPermissions; private readonly ILogManager logger; - public PageModuleController(IPageModuleRepository PageModules, IModuleRepository Modules, ILogManager logger) + public PageModuleController(IPageModuleRepository PageModules, IUserPermissions UserPermissions, ILogManager logger) { this.PageModules = PageModules; - this.Modules = Modules; + this.UserPermissions = UserPermissions; this.logger = logger; } @@ -46,10 +47,10 @@ namespace Oqtane.Controllers // POST api/ [HttpPost] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public PageModule Post([FromBody] PageModule PageModule) { - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Page", PageModule.PageId, "Edit")) { PageModule = PageModules.AddPageModule(PageModule); logger.Log(LogLevel.Information, this, LogFunction.Create, "Page Module Added {PageModule}", PageModule); @@ -59,10 +60,10 @@ namespace Oqtane.Controllers // PUT api//5 [HttpPut("{id}")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public PageModule Put(int id, [FromBody] PageModule PageModule) { - if (ModelState.IsValid) + if (ModelState.IsValid && UserPermissions.IsAuthorized(User, "Page", PageModule.PageId, "Edit")) { PageModule = PageModules.UpdatePageModule(PageModule); logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Module Updated {PageModule}", PageModule); @@ -72,30 +73,37 @@ namespace Oqtane.Controllers // PUT api//?pageid=x&pane=y [HttpPut] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public void Put(int pageid, string pane) { - int order = 1; - List pagemodules = PageModules.GetPageModules(pageid).ToList(); - foreach (PageModule pagemodule in pagemodules.Where(item => item.Pane == pane).OrderBy(item => item.Order)) + if (UserPermissions.IsAuthorized(User, "Page", pageid, "Edit")) { - if (pagemodule.Order != order) + int order = 1; + List pagemodules = PageModules.GetPageModules(pageid).ToList(); + foreach (PageModule pagemodule in pagemodules.Where(item => item.Pane == pane).OrderBy(item => item.Order)) { - pagemodule.Order = order; - PageModules.UpdatePageModule(pagemodule); + if (pagemodule.Order != order) + { + pagemodule.Order = order; + PageModules.UpdatePageModule(pagemodule); + } + order += 2; } - order += 2; + logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Module Order Updated {PageId} {Pane}", pageid, pane); } - logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Module Order Updated {PageId} {Pane}", pageid, pane); } // DELETE api//5 [HttpDelete("{id}")] - [Authorize(Roles = Constants.AdminRole)] + [Authorize(Roles = Constants.RegisteredRole)] public void Delete(int id) { - PageModules.DeletePageModule(id); - logger.Log(LogLevel.Information, this, LogFunction.Delete, "Page Module Deleted {PageModuleId}", id); + PageModule pagemodule = PageModules.GetPageModule(id); + if (UserPermissions.IsAuthorized(User, "Page", pagemodule.PageId, "Edit")) + { + PageModules.DeletePageModule(id); + logger.Log(LogLevel.Information, this, LogFunction.Delete, "Page Module Deleted {PageModuleId}", id); + } } } } diff --git a/Oqtane.Server/Repository/Interfaces/IPageRepository.cs b/Oqtane.Server/Repository/Interfaces/IPageRepository.cs index cb479e98..e6d7cf8d 100644 --- a/Oqtane.Server/Repository/Interfaces/IPageRepository.cs +++ b/Oqtane.Server/Repository/Interfaces/IPageRepository.cs @@ -10,6 +10,7 @@ namespace Oqtane.Repository Page AddPage(Page Page); Page UpdatePage(Page Page); Page GetPage(int PageId); + Page GetPage(int PageId, int UserId); void DeletePage(int PageId); } } diff --git a/Oqtane.Server/Repository/PageRepository.cs b/Oqtane.Server/Repository/PageRepository.cs index 51b6510a..8ec9d1fd 100644 --- a/Oqtane.Server/Repository/PageRepository.cs +++ b/Oqtane.Server/Repository/PageRepository.cs @@ -26,7 +26,7 @@ namespace Oqtane.Repository public IEnumerable GetPages(int SiteId) { IEnumerable permissions = Permissions.GetPermissions(SiteId, "Page").ToList(); - IEnumerable pages = db.Page.Where(item => item.SiteId == SiteId); + IEnumerable pages = db.Page.Where(item => item.SiteId == SiteId && item.UserId == null); foreach(Page page in pages) { page.Permissions = Permissions.EncodePermissions(page.PageId, permissions); @@ -61,6 +61,25 @@ namespace Oqtane.Repository return page; } + public Page GetPage(int PageId, int UserId) + { + Page page = db.Page.Find(PageId); + if (page != null) + { + Page personalized = db.Page.Where(item => item.SiteId == page.SiteId && item.Path == page.Path && item.UserId == UserId).FirstOrDefault(); + if (personalized != null) + { + page = personalized; + } + if (page != null) + { + IEnumerable permissions = Permissions.GetPermissions("Page", page.PageId); + page.Permissions = Permissions.EncodePermissions(page.PageId, permissions); + } + } + return page; + } + public void DeletePage(int PageId) { Page Page = db.Page.Find(PageId); diff --git a/Oqtane.Server/Repository/SiteRepository.cs b/Oqtane.Server/Repository/SiteRepository.cs index a3a93edb..d21a7fe7 100644 --- a/Oqtane.Server/Repository/SiteRepository.cs +++ b/Oqtane.Server/Repository/SiteRepository.cs @@ -35,7 +35,7 @@ namespace Oqtane.Repository // define the default site template SiteTemplate = new List(); - SiteTemplate.Add(new PageTemplate { Name = "Home", Parent = "", Path = "", Icon = "home", IsNavigation = true, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Home", Parent = "", Path = "", Icon = "home", IsNavigation = true, IsPersonalizable = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.HtmlText, Oqtane.Client", Title = "Welcome To Oqtane...", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "

Oqtane is an open source modular application framework built from the ground up using modern .NET Core technology. It leverages the revolutionary new Blazor component model to create a fully dynamic web development experience which can be executed on a client or server. Whether you are looking for a platform to accelerate your web development efforts, or simply interested in exploring the anatomy of a large-scale Blazor application, Oqtane provides a solid foundation based on proven enterprise architectural principles.

" + "



Join Our Community  Clone Our Repo

" + @@ -50,52 +50,58 @@ namespace Oqtane.Repository } } }); - SiteTemplate.Add(new PageTemplate { Name = "Admin", Parent = "", Path = "admin", Icon = "", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "My Page", Parent = "", Path = "portal", Icon = "target", IsNavigation = true, IsPersonalizable = true, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.HtmlText, Oqtane.Client", Title = "My Page", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", + Content = "

Oqtane offers native support for user personalized pages. If a page is identified as personalizable by the site administrator in the page settings, when an authenticated user visits the page they will see an edit button at the top right corner of the page next to their username. When they click this button the sytem will create a new version of the page and allow them to edit the page content.

" + } + } + }); + SiteTemplate.Add(new PageTemplate { Name = "Admin", Parent = "", Path = "admin", Icon = "", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Dashboard, Oqtane.Client", Title = "Admin Dashboard", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Site Management", Parent = "Admin", Path = "admin/sites", Icon = "globe", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Site Management", Parent = "Admin", Path = "admin/sites", Icon = "globe", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Sites, Oqtane.Client", Title = "Site Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Page Management", Parent = "Admin", Path = "admin/pages", Icon = "layers", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Page Management", Parent = "Admin", Path = "admin/pages", Icon = "layers", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Pages, Oqtane.Client", Title = "Page Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "User Management", Parent = "Admin", Path = "admin/users", Icon = "people", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "User Management", Parent = "Admin", Path = "admin/users", Icon = "people", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Users, Oqtane.Client", Title = "User Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Profile Management", Parent = "Admin", Path = "admin/profiles", Icon = "person", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Profile Management", Parent = "Admin", Path = "admin/profiles", Icon = "person", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Profiles, Oqtane.Client", Title = "Profile Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Role Management", Parent = "Admin", Path = "admin/roles", Icon = "lock-locked", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Role Management", Parent = "Admin", Path = "admin/roles", Icon = "lock-locked", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Roles, Oqtane.Client", Title = "Role Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Event Log", Parent = "Admin", Path = "admin/log", Icon = "magnifying-glass", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Event Log", Parent = "Admin", Path = "admin/log", Icon = "magnifying-glass", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Logs, Oqtane.Client", Title = "Event Log", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "File Management", Parent = "Admin", Path = "admin/files", Icon = "file", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "File Management", Parent = "Admin", Path = "admin/files", Icon = "file", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Files, Oqtane.Client", Title = "File Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Recycle Bin", Parent = "Admin", Path = "admin/recyclebin", Icon = "trash", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Recycle Bin", Parent = "Admin", Path = "admin/recyclebin", Icon = "trash", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.RecycleBin, Oqtane.Client", Title = "Recycle Bin", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Tenant Management", Parent = "Admin", Path = "admin/tenants", Icon = "list", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Tenant Management", Parent = "Admin", Path = "admin/tenants", Icon = "list", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Tenants, Oqtane.Client", Title = "Tenant Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Module Management", Parent = "Admin", Path = "admin/modules", Icon = "browser", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Module Management", Parent = "Admin", Path = "admin/modules", Icon = "browser", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.ModuleDefinitions, Oqtane.Client", Title = "Module Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Theme Management", Parent = "Admin", Path = "admin/themes", Icon = "brush", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Theme Management", Parent = "Admin", Path = "admin/themes", Icon = "brush", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Themes, Oqtane.Client", Title = "Theme Management", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Upgrade Service", Parent = "Admin", Path = "admin/upgrade", Icon = "aperture", IsNavigation = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Upgrade Service", Parent = "Admin", Path = "admin/upgrade", Icon = "aperture", IsNavigation = false, IsPersonalizable = false, EditMode = true, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Upgrade, Oqtane.Client", Title = "Upgrade Service", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Login", Parent = "", Path = "login", Icon = "lock-locked", IsNavigation = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Login", Parent = "", Path = "login", Icon = "lock-locked", IsNavigation = false, IsPersonalizable = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Login, Oqtane.Client", Title = "User Login", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Register", Parent = "", Path = "register", Icon = "person", IsNavigation = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Register", Parent = "", Path = "register", Icon = "person", IsNavigation = false, IsPersonalizable = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.Register, Oqtane.Client", Title = "User Registration", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); - SiteTemplate.Add(new PageTemplate { Name = "Profile", Parent = "", Path = "profile", Icon = "person", IsNavigation = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { + SiteTemplate.Add(new PageTemplate { Name = "Profile", Parent = "", Path = "profile", Icon = "person", IsNavigation = false, IsPersonalizable = false, EditMode = false, PagePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", PageTemplateModules = new List { new PageTemplateModule { ModuleDefinitionName = "Oqtane.Modules.Admin.UserProfile, Oqtane.Client", Title = "User Profile", Pane = "Content", ModulePermissions = "[{\"PermissionName\":\"View\",\"Permissions\":\"All Users;Administrators\"},{\"PermissionName\":\"Edit\",\"Permissions\":\"Administrators\"}]", Content = "" } }}); } @@ -179,7 +185,9 @@ namespace Oqtane.Repository ThemeType = "", LayoutType = "", Icon = pagetemplate.Icon, - Permissions = pagetemplate.PagePermissions + Permissions = pagetemplate.PagePermissions, + IsPersonalizable = pagetemplate.IsPersonalizable, + UserId = null }; page = PageRepository.AddPage(page); diff --git a/Oqtane.Server/Scripts/00.00.00.sql b/Oqtane.Server/Scripts/00.00.00.sql index 2beffda6..f5c4e281 100644 --- a/Oqtane.Server/Scripts/00.00.00.sql +++ b/Oqtane.Server/Scripts/00.00.00.sql @@ -38,6 +38,8 @@ CREATE TABLE [dbo].[Page]( [IsNavigation] [bit] NOT NULL, [LayoutType] [nvarchar](200) NOT NULL, [EditMode] [bit] NOT NULL, + [UserId] [int] NULL, + [IsPersonalizable] [bit] NOT NULL, [CreatedBy] [nvarchar](256) NOT NULL, [CreatedOn] [datetime] NOT NULL, [ModifiedBy] [nvarchar](256) NOT NULL, @@ -346,7 +348,8 @@ GO CREATE UNIQUE NONCLUSTERED INDEX IX_Page ON dbo.Page ( SiteId, - [Path] + [Path], + UserId ) ON [PRIMARY] GO diff --git a/Oqtane.Server/Security/IUserPermissions.cs b/Oqtane.Server/Security/IUserPermissions.cs index 587c68ea..a04aff07 100644 --- a/Oqtane.Server/Security/IUserPermissions.cs +++ b/Oqtane.Server/Security/IUserPermissions.cs @@ -5,5 +5,6 @@ namespace Oqtane.Security public interface IUserPermissions { bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName); + bool IsAuthorized(ClaimsPrincipal User, string PermissionName, string Permissions); } } diff --git a/Oqtane.Server/Security/UserPermissions.cs b/Oqtane.Server/Security/UserPermissions.cs index 6b28d6fd..43eb8e20 100644 --- a/Oqtane.Server/Security/UserPermissions.cs +++ b/Oqtane.Server/Security/UserPermissions.cs @@ -16,8 +16,11 @@ namespace Oqtane.Security public bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName) { - string permissionstrings = Permissions.EncodePermissions(EntityId, Permissions.GetPermissions(EntityName, EntityId, PermissionName).ToList()); + return IsAuthorized(User, PermissionName, Permissions.EncodePermissions(EntityId, Permissions.GetPermissions(EntityName, EntityId, PermissionName).ToList())); + } + public bool IsAuthorized(ClaimsPrincipal User, string PermissionName, string Permissions) + { User user = new User(); user.UserId = -1; user.Roles = ""; @@ -36,7 +39,7 @@ namespace Oqtane.Security } } - return UserSecurity.IsAuthorized(user, PermissionName, permissionstrings); + return UserSecurity.IsAuthorized(user, PermissionName, Permissions); } } } diff --git a/Oqtane.Shared/Models/Page.cs b/Oqtane.Shared/Models/Page.cs index 8083fc76..d9c40e36 100644 --- a/Oqtane.Shared/Models/Page.cs +++ b/Oqtane.Shared/Models/Page.cs @@ -16,6 +16,8 @@ namespace Oqtane.Models public string Icon { get; set; } public bool IsNavigation { get; set; } public bool EditMode { get; set; } + public int? UserId { get; set; } + public bool IsPersonalizable { get; set; } public string CreatedBy { get; set; } public DateTime CreatedOn { get; set; } diff --git a/Oqtane.Shared/Models/PageTemplate.cs b/Oqtane.Shared/Models/PageTemplate.cs index 0e3851df..c87d2e58 100644 --- a/Oqtane.Shared/Models/PageTemplate.cs +++ b/Oqtane.Shared/Models/PageTemplate.cs @@ -9,6 +9,7 @@ namespace Oqtane.Models public string Path { get; set; } public string Icon { get; set; } public bool IsNavigation { get; set; } + public bool IsPersonalizable { get; set; } public bool EditMode { get; set; } public string PagePermissions { get; set; } public List PageTemplateModules { get; set; }