public dynamic DialogSettings(IInstanceContext context, ContextBuilderBase contextBuilder, int appId)
{
IApp app = null;
// if we have an appid (we don't have it in an install-new-apps-scenario) check permissions
if (appId != 0 && appId != Eav.Constants.AppIdEmpty)
{
var appAndPerms = new MultiPermissionsApp().Init(context, GetApp(appId, null), Log);
if (!appAndPerms.ZoneIsOfCurrentContextOrUserIsSuper(out var error))
{
throw HttpException.PermissionDenied(error);
}
app = appAndPerms.App;
}
var cb = contextBuilder.InitApp(app?.ZoneId, app);
return(new
{
// TODO: Deprecate PARAMS these properties as soon as old UI is gone
//IsContent = app?.AppGuid == "Default",
//Language = psCurrent.CultureCode,
//LanguageDefault = psCurrent.DefaultLanguage,
//AppPath = app?.Path,
//GettingStartedUrl = cb.GettingStartedUrl(),
// END TODO
Context = cb.Get(Ctx.All),
});
}
public IEnumerable <ViewDto> ViewUsage(IInstanceContext context, int appId, Guid guid,
Func <List <IView>, List <BlockConfiguration>, IEnumerable <ViewDto> > finalBuilder)
{
var wrapLog = Log.Call <IEnumerable <ViewDto> >($"{appId}, {guid}");
// extra security to only allow zone change if host user
var permCheck = new MultiPermissionsApp().Init(context, GetApp(appId, null), Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var error))
{
throw HttpException.PermissionDenied(error);
}
var cms = new CmsRuntime(appId, Log, true);
// treat view as a list - in case future code will want to analyze many views together
var views = new List <IView> {
cms.Views.Get(guid)
};
var blocks = cms.Blocks.AllWithView();
Log.Add($"Found {blocks.Count} content blocks");
var result = finalBuilder(views, blocks);
return(wrapLog("ok", result));
}
public dynamic Usage(int appId, Guid guid)
{
var wrapLog = Log.Call <dynamic>($"{appId}, {guid}");
// extra security to only allow zone change if host user
var permCheck = new MultiPermissionsApp(BlockBuilder, appId, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception))
{
throw exception;
}
var cms = new CmsRuntime(appId, Log, true);
// treat view as a list - in case future code will want to analyze many views together
var views = new List <IView> {
cms.Views.Get(guid)
};
var blocks = cms.Blocks.AllWithView();
Log.Add($"Found {blocks.Count} content blocks");
// create array with all 2sxc modules in this portal
var allMods = new Pages(Log).AllModulesWithContent(PortalSettings.PortalId);
Log.Add($"Found {allMods.Count} modules");
var result = views.Select(vwb => new ViewDto(vwb, blocks, allMods));
return(wrapLog("ok", result));
}
public dynamic DialogSettings(int appId)
{
var appAndPerms = new MultiPermissionsApp(SxcInstance, appId, Log);
if (!appAndPerms.ZoneIsOfCurrentContextOrUserIsSuper(out var exp))
{
throw exp;
}
//var appIdentity = new AppPermissionBeforeUsing(SxcInstance, Log)
// .GetAppIdentityOrThrowIfNotAllowed(appId);
var app = appAndPerms.App;
//App app = null;
//try
//{
// app = new App(new DnnTenant(PortalSettings.Current), appIdentity.ZoneId, appIdentity.AppId, false, Log);
//}
//catch (KeyNotFoundException) {}
return(new
{
IsContent = app?.AppGuid == "Default",
Language = PortalSettings.Current.CultureCode,
LanguageDefault = PortalSettings.Current.DefaultLanguage,
GettingStartedUrl = app == null ? "" : IntroductionToAppUrl(app)
});
}
internal static IEnumerable <Feature> FeatureListWithPermissionCheck(MultiPermissionsApp permCheck)
{
// if the user has full edit permissions, he may also get the un-public features
// otherwise just the public Ui features
var includeNonPublic = permCheck.UserMayOnAll(GrantSets.WritePublished);
return(Eav.Configuration.Features.Ui.Where(f => includeNonPublic || f.Public == true));
}
public Guid?SaveTemplateId(int templateId, bool forceCreateContentGroup)
{
var permCheck = new MultiPermissionsApp(BlockBuilder, App.AppId, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exp))
{
throw exp;
}
return(BlockEditor.SaveTemplateId(templateId, forceCreateContentGroup));
}
public Guid?SaveTemplateId(int templateId, bool forceCreateContentGroup)
{
var permCheck = new MultiPermissionsApp().Init(_context, _block.App, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var error))
{
throw HttpException.PermissionDenied(error);
}
return(BlockEditorBase.GetEditor(_block).SaveTemplateId(templateId, forceCreateContentGroup));
}
public Guid?SaveTemplateId(int templateId, bool forceCreateContentGroup)
{
var permCheck = new MultiPermissionsApp(SxcInstance, App.AppId, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exp))
{
throw exp;
}
return(ContentGroupReferenceManager.SaveTemplateId(templateId, forceCreateContentGroup));
}
public string ResolveHyperlink(string hyperlink, int appId, string contentType, Guid guid, string field)
{
try
{
// different security checks depending on the link-type
var lookupPage = hyperlink.Trim().StartsWith("page", StringComparison.OrdinalIgnoreCase);
// look it up first, because we need to know if the result is in ADAM or not (different security scenario)
var conv = new DnnValueConverter();
var resolved = conv.Convert(ConversionScenario.GetFriendlyValue, "Hyperlink", hyperlink);
if (lookupPage)
{
// page link - only resolve if the user has edit-permissions
// only people who have some full edit permissions may actually look up pages
var permCheckPage = new MultiPermissionsApp(SxcInstance, appId, Log);
return(permCheckPage.UserMayOnAll(GrantSets.WritePublished)
? resolved
: hyperlink);
}
// for file, we need guid & field - otherwise return the original unmodified
if (guid == default(Guid) || string.IsNullOrEmpty(field) || string.IsNullOrEmpty(contentType))
{
return(hyperlink);
}
var isOutsideOfAdam = !(resolved.IndexOf("/adam/", StringComparison.Ordinal) > 0);
// file-check, more abilities to allow
// this will already do a ensure-or-throw inside it if outside of adam
var adamCheck = new AdamSecureState(SxcInstance, appId, contentType, field, guid, isOutsideOfAdam, Log);
if (!adamCheck.SuperUserOrAccessingItemFolder(resolved, out var exp))
{
throw exp;
}
if (!adamCheck.UserIsPermittedOnField(GrantSets.ReadSomething, out exp))
{
throw exp;
}
// if everythig worked till now, it's ok to return the result
return(resolved);
}
catch
{
return(hyperlink);
}
}
public dynamic Usage(IInstanceContext context, IApp app, Guid guid)
{
var permCheck = new MultiPermissionsApp().Init(context, app, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var error))
{
throw HttpException.PermissionDenied(error);
}
var appData = permCheck.App.Data;
var item = appData.List.One(guid);
var relationships = item.Relationships.AllRelationships;
// var result = relationships.Select(r => new EntityInRelationDto(r.))
// todo: don't forget Metadata relationships
return(null);
}
public dynamic Usage(int appId, Guid guid)
{
var permCheck = new MultiPermissionsApp(BlockBuilder, appId, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception))
{
throw exception;
}
var appData = permCheck.App.Data;
var item = appData.List.One(guid);
var relationships = item.Relationships.AllRelationships;
// var result = relationships.Select(r => new EntityInRelationDto(r.))
// todo: don't forget Metadata relationships
return(null);
}
public dynamic DialogSettings(int appId)
{
var appAndPerms = new MultiPermissionsApp(BlockBuilder, appId, Log);
if (!appAndPerms.ZoneIsOfCurrentContextOrUserIsSuper(out var exp))
{
throw exp;
}
var app = appAndPerms.App;
return(new
{
IsContent = app?.AppGuid == "Default",
Language = PortalSettings.Current.CultureCode,
LanguageDefault = PortalSettings.Current.DefaultLanguage,
GettingStartedUrl = app == null ? "" : IntroductionToAppUrl(app),
AppPath = app?.Path
});
}
internal static IEnumerable <Feature> FeatureListWithPermissionCheck(int appId, MultiPermissionsApp permCheck)
{
// if the user has full edit permissions, he may also get the unpublic features
// otherwise just the public Ui features
//var permCheck = new AppAndPermissions(sxcInstance, appId, log);
//if (permCheck.Permissions == null)
// permCheck.GetTypePermissionChecker(null);
var includeNonPublic = permCheck.UserMayOnAll(GrantSets.WritePublished);
return(Eav.Configuration.Features.Ui
.Where(f => includeNonPublic || f.Public == true));
}
