public void CanCreateNavigationWithPermissions()
{
int permissions = 3;
using (TransactionScope ts = new TransactionScope())
{
// create a role
Role role = new Role(_portal.Tenant, "Test role for navigation permission");
_roleRepository.Save(role);
_deletedRoles.Add(role);
// create pages with a permission each
for (int i = 0; i < permissions; i++)
{
Page page = new Page(_portal.Tenant, "Test navigation item with permissions", "", "~/");
_pageRepository.Save(page);
_deletedItems.Add(page);
PagePermission permission = new PagePermission(page, role, true, true, false);
_pagePermissionRepository.Save(permission);
_deletedPermissions.Add(permission);
}
ts.Complete();
}
}
public void CanCreatePages()
{
int items = 5;
for (int i = 0; i < items; i++)
{
Page page = new Page(_portal.Tenant, "Test page", "", "~/");
_pageRepository.Save(page);
_deletedItems.Add(page);
}
Console.WriteLine("Created {0} page(s).", items);
}
public JsonNetResult UpdateProfile(UserProfileModel model)
{
User user = null;
using (TransactionScope ts = new TransactionScope())
{
user = (from u in _userRepository.All()
where u.Tenant.Id == Portal.Tenant.Id && u.Id == model.Id
select u)
.Fetch(u => u.Profile)
.SingleOrDefault();
// only allow editing if the user is editing his own profile or he has Admin role
if (!User.IsInRole("Administrator") && User.Identity.Name != user.UserName)
{
throw new Lightweight.Business.Exceptions.BusinessException("You do not have sufficient permissions to update this profile.");
}
Mapper.Map(model, user.Profile);
_userProfileRepository.Save(user.Profile);
ts.Complete();
}
return(new JsonNetResult(model));
}
public ActionResult Save(PageModel model)
{
Page page = null;
Role adminRole, memberRole, guestRole;
bool isNew = model.Id == Guid.Empty;
if (isNew) // if page is new create it
{
page = new Page(new Tenant(Portal.Tenant.Id));
if (model.ParentId.HasValue)
{
page.Parent = new Page(model.ParentId.Value);
}
}
using (TransactionScope ts = new TransactionScope())
{
// check if slug is unique
var anotherPageWithSameSlug = _pageRepository.FindBy(p => p.Tenant.Id == Portal.Tenant.Id && p.Slug == model.Slug && p.Id != model.Id) != null;
if (anotherPageWithSameSlug == true)
{
Alert(AlertType.warning, "Slug not unique", "Another page with this slug already exists.");
return(View("Page", model));
}
// if page exists, retrieve page and permissions
if (!isNew)
{
page = (from p in _pageRepository.All()
where p.Id == model.Id
select p).FetchMany(p => p.Permissions).Single();
}
// retrieve system roles
adminRole = _roleRepository.FindBy(r => r.Tenant.Id == Portal.Tenant.Id && r.Name == "Administrator");
memberRole = _roleRepository.FindBy(r => r.Tenant.Id == Portal.Tenant.Id && r.Name == "Member");
guestRole = _roleRepository.FindBy(r => r.Tenant.Id == Portal.Tenant.Id && r.Name == "Guest");
ts.Complete();
}
// update page model with new data
Mapper.Map <PageModel, Page>(model, page);
try
{
/* add / update page permissions */
var permissions = page.Permissions;
// add / update admin permission
PagePermission adminPermission = permissions.SingleOrDefault(p => p.Role.Name == adminRole.Name);
if (adminPermission == null)
{
permissions.Add(new PagePermission(page, adminRole, true, true, true));
}
else
{
adminPermission.SetPermissionRights(true, true, true);
}
// add / update member permission
PagePermission memberPermission = permissions.SingleOrDefault(p => p.Role.Name == memberRole.Name);
if (memberPermission == null && model.MembersVisible)
{
permissions.Add(new PagePermission(page, memberRole, true, false, false));
}
else if (memberPermission != null)
{
memberPermission.SetPermissionRights(model.MembersVisible, false, false);
}
// add / update guest permission
PagePermission guestPermission = permissions.SingleOrDefault(p => p.Role.Name == guestRole.Name);
if (guestPermission == null && model.GuestsVisible)
{
permissions.Add(new PagePermission(page, guestRole, true, false, false));
}
else if (guestPermission != null)
{
guestPermission.SetPermissionRights(model.GuestsVisible, false, false);
}
// save the page with permissions
using (TransactionScope ts = new TransactionScope())
{
_pageRepository.Save(page); //save the page
foreach (var permission in permissions)
{
_pagePermissionRepository.Save(permission);
}
ts.Complete();
}
model = Mapper.Map <PageModel>(page); //todo: reads permissions without transaction
}
catch
{
Alert(AlertType.danger, "Error", "Failed to create/update page.");
return(View("Page", model));
}
Alert(AlertType.success, "Success", "Page successfully created/updated.");
return(RedirectToAction("edit", "page", new { slug = model.Slug }));
}