public static void ReplaceAssetFile(Asset asset, BinaryFile file, bool notify, User uploadUser)
{
m_Logger.DebugFormat("ReplaceAssetFile() - AssetId: {0}", asset.AssetId);
// Will save the asset file, increment version, etc
AssetFileManager.SaveAssetFile(asset, file, notify);
if (asset.AssetPublishStatus == AssetPublishStatus.PendingApproval)
{
// The asset is still in a workflow, which we need to cancel and re-submit
// Get the most recent workflow and perform relevant actions on it
if (asset.AssetWorkflowList.Count > 0)
{
// Get the most recent workflow
AssetWorkflow assetWorkflow = asset.AssetWorkflowList[0];
// Cancel it
WorkflowManager.CancelWorkflow(assetWorkflow);
m_Logger.DebugFormat("Cancelled AssetWorkflow - AssetWorkflowId: {0}", assetWorkflow.AssetWorkflowId);
// Resubmit it
WorkflowManager.SubmitAssetToWorkflow(asset, uploadUser);
m_Logger.DebugFormat("Resubmitted asset to workflow. AssetId: {0}", asset.AssetId);
}
}
AuditLogManager.LogAssetAction(asset, uploadUser, AuditAssetAction.ReplacedAssetFile);
AuditLogManager.LogUserAction(uploadUser, AuditUserAction.ReplacedAssetFile, string.Format("Replaced asset file of AssetId: {0}", asset.AssetId));
}
public static void AssetWorkflowCancelled(AssetWorkflow assetWorkflow)
{
// Get the message template and set the subject
Email email = NotifyEngine.GetEmailTemplate("Admin.AssetWorkflowCancelled");
email.Subject = NotifyEngine.GetSubject("An asset workflow has been cancelled");
// Add the upload user
email.Recipients.Add(assetWorkflow.Asset.UploadedByUser.Email);
// Add all of the users in the workflow
foreach (AssetWorkflowUser awfu in assetWorkflow.AssetWorkflowUserList)
{
email.Recipients.Add(awfu.User.Email);
}
// Add message parameters
email.AddBodyParameter("asset-id", assetWorkflow.Asset.AssetId);
email.AddBodyParameter("asset-type", assetWorkflow.Asset.AssetType.Name);
email.AddBodyParameter("upload-user-name", assetWorkflow.Asset.UploadedByUser.FullName);
// RAD = Review Asset Details
string url = SiteUtils.GetWebsiteUrl(string.Format("~/Go.ashx/RAD/AID{0}/", assetWorkflow.AssetId));
email.AddBodyParameter("url", url);
// Send it
NotifyEngine.SendMessage(email);
}
public static void CancelWorkflow(AssetWorkflow assetWorkflow)
{
assetWorkflow.IsComplete = true;
AssetWorkflow.Update(assetWorkflow);
m_Logger.DebugFormat("Cancelled AssetWorkflow - AssetWorkflowId: {0}", assetWorkflow.AssetWorkflowId);
if (AssetWorkflowCancelled != null)
{
AssetWorkflowCancelled(null, new AssetWorkflowEventArgs(assetWorkflow));
}
}
private static void CompleteWorkflow(AssetWorkflow assetWorkflow)
{
assetWorkflow.IsComplete = true;
AssetWorkflow.Update(assetWorkflow);
assetWorkflow.Asset.AssetPublishStatus = AssetPublishStatus.Approved;
Asset.Update(assetWorkflow.Asset);
if (AssetWorkflowComplete != null)
{
AssetWorkflowComplete(null, new AssetWorkflowEventArgs(assetWorkflow));
}
}
private static void RejectAndCompleteWorkflow(AssetWorkflow assetWorkflow, AssetWorkflowUser rejectingUser)
{
assetWorkflow.IsComplete = true;
AssetWorkflow.Update(assetWorkflow);
assetWorkflow.Asset.AssetPublishStatus = AssetPublishStatus.NotApproved;
Asset.Update(assetWorkflow.Asset);
if (AssetWorkflowRejected != null)
{
AssetWorkflowRejected(null, new AssetWorkflowRejectedEventArgs(assetWorkflow, rejectingUser));
}
}
/// <summary>
/// Checks if the specified user can manage the specified assetworkflow
/// (Either as a user or a commenter)
/// </summary>
public static bool CanParticipateInAssetWorkflow(User user, AssetWorkflow assetWorkflow)
{
// User can participiate in workflow
if (assetWorkflow.AssetWorkflowUserList.Any(au => au.UserId == user.UserId.GetValueOrDefault()))
{
return(true);
}
// Commenter can participate in workflow
if (assetWorkflow.AssetWorkflowCommenterList.Any(ac => ac.UserId == user.UserId.GetValueOrDefault()))
{
return(true);
}
// No-one else can participate in workflow
// Must be a user or invited commenter.
return(false);
}
protected override void OnLoad(EventArgs e)
{
m_AssetWorkflowId = WebUtils.GetIntRequestParam("AssetWorkflowId", 0);
if (!Page.IsPostBack)
{
if (AssetWorkflowId == 0)
{
Response.Redirect("~/Admin/Assets/AssetList.aspx");
return;
}
AssetWorkflow assetWorkflow = AssetWorkflow.Get(AssetWorkflowId);
if (assetWorkflow.IsNull)
{
Response.Redirect("~/Admin/Assets/AssetList.aspx");
return;
}
}
base.OnLoad(e);
}
public AssetWorkflowRejectedEventArgs(AssetWorkflow assetWorkflow, AssetWorkflowUser rejectingUser)
{
AssetWorkflow = assetWorkflow;
RejectingUser = rejectingUser;
}
public AssetWorkflowEventArgs(AssetWorkflow assetWorkflow)
{
AssetWorkflow = assetWorkflow;
}
/// <summary>
/// Gets workflow info
/// </summary>
/// <param name="asset">The asset for which workflow info is required</param>
/// <returns></returns>
public static WorkflowInfo GetWorkflowInfo(Asset asset)
{
WorkflowInfo workflowInfo = new WorkflowInfo();
if (asset.AssetWorkflowList.Count > 0)
{
// Get the most recent workflow
AssetWorkflow aw = asset.AssetWorkflowList[0];
// Get the total number of users in the workflow
workflowInfo.TotalWorkflowUserCount = aw.AssetWorkflowUserList.Count;
// Add all of the users in the workflow
foreach (AssetWorkflowUser awfu in aw.AssetWorkflowUserList)
{
WorkflowInfoItem wi = new WorkflowInfoItem
{
WorkflowInfo = workflowInfo,
UserName = awfu.User.FullName,
UserEmail = awfu.User.Email,
Position = awfu.Position,
Comments = awfu.Comments,
AssetWorkflowUserStatus = awfu.AssetWorkflowUserStatus,
IsComment = false,
Date = awfu.LastUpdate,
AssetWorkflowUser = awfu
};
workflowInfo.WorkflowInfoItemList.Add(wi);
}
// Get the total number of commenters in this workflow
workflowInfo.TotalCommenterCount = aw.AssetWorkflowCommenterList.Count;
// Add all of the commenters in the workflow
foreach (AssetWorkflowCommenter awfc in aw.AssetWorkflowCommenterList)
{
WorkflowInfoItem wi = new WorkflowInfoItem
{
WorkflowInfo = workflowInfo,
UserName = awfc.User.FullName,
UserEmail = awfc.User.Email,
Comments = awfc.Comments,
AssetWorkflowUserStatus = AssetWorkflowUserStatus.Approved,
IsComment = true,
AssetWorkflowCommenter = awfc
};
wi.Date = StringUtils.IsBlank(wi.Comments) ? awfc.CreateDate : awfc.LastUpdate;
workflowInfo.WorkflowInfoItemList.Add(wi);
}
// Now that we've got the data, we need to sort it by date
workflowInfo.WorkflowInfoItemList.Sort(delegate(WorkflowInfoItem left, WorkflowInfoItem right)
{
// First get the dates from each object
DateTime leftDate = left.Date;
DateTime rightDate = right.Date;
// For items that are pending or waiting, we want to ignore the date as the item hasn't been actioned yet, and
// therefore needs to be pushed to the bottom of the list, so we set the date to max.
if (left.AssetWorkflowUserStatus == AssetWorkflowUserStatus.Pending || left.AssetWorkflowUserStatus == AssetWorkflowUserStatus.Waiting)
{
leftDate = DateTime.MaxValue;
}
if (right.AssetWorkflowUserStatus == AssetWorkflowUserStatus.Pending || right.AssetWorkflowUserStatus == AssetWorkflowUserStatus.Waiting)
{
rightDate = DateTime.MaxValue;
}
// Compare using position if dates are same. Otherwise, use dates.
if (leftDate == rightDate)
{
return(left.Position.CompareTo(right.Position));
}
return(leftDate.CompareTo(rightDate));
});
}
return(workflowInfo);
}
/// <summary>
/// Submits an asset to a workflow, and starts the approval process
/// </summary>
public static void SubmitAssetToWorkflow(Asset asset, User submittedByUser)
{
m_Logger.DebugFormat("Asset: {0} submitted to workflow", asset.AssetId);
// First ensure we have a workflow
if (asset.WorkflowId.GetValueOrDefault() == 0)
{
throw new SystemException("Asset submitted to workflow, but workflow is not specified");
}
// First get all of the users in the workflow
WorkflowUserFinder finder = new WorkflowUserFinder {
WorkflowId = asset.WorkflowId.GetValueOrDefault()
};
finder.SortExpressions.Add(new AscendingSort(WorkflowUser.Columns.Position));
List <WorkflowUser> workflowUserList = WorkflowUser.FindMany(finder);
// Ensure workflow has users
if (workflowUserList.Count == 0)
{
throw new SystemException("Asset submitted to workflow, but workflow does not have any users");
}
// Create a new asset workflow
AssetWorkflow aw = AssetWorkflow.New();
aw.AssetId = asset.AssetId.GetValueOrDefault();
aw.IsComplete = false;
aw.SubmittedByUserId = submittedByUser.UserId.GetValueOrDefault();
aw.CreateDate = DateTime.Now;
AssetWorkflow.Update(aw);
// Now add all the users to it
for (int position = 0; position < workflowUserList.Count; position++)
{
// Get the current workflow user
WorkflowUser wfu = workflowUserList[position];
// Ensure it's not a duplicate
if (aw.AssetWorkflowUserList.Any(awfu => awfu.UserId == wfu.UserId))
{
continue;
}
// Set-up the asset workflow user
AssetWorkflowUser awu = AssetWorkflowUser.New();
awu.AssetWorkflowId = aw.AssetWorkflowId.GetValueOrDefault();
awu.UserId = wfu.UserId;
awu.Position = position + 1;
awu.AssetWorkflowUserStatus = AssetWorkflowUserStatus.Waiting;
awu.CreateDate = DateTime.Now;
awu.LastUpdate = DateTime.Now;
// Save the workflow user to the DB
AssetWorkflowUser.Update(awu);
// Add the user to the workflow
aw.AssetWorkflowUserList.Add(awu);
}
if (AssetSubmittedToWorkflow != null)
{
AssetSubmittedToWorkflow(null, new AssetEventArgs(asset));
}
// Now notify the next user. First get them
AssetWorkflowUser nextUserInWorkflow = aw.AssetWorkflowUserList[0];
// The send notification
NotifyUser(nextUserInWorkflow);
}
/// <summary>
/// Checks if the user has access to the requested path.
/// This method is the 'big kahuna', and does various security checks. It's main
/// purpose is to ensure that the admin area pages are correctly restricted, and it
/// ensures that upload users and brand admins cannot access entities to
/// which their role does not have permission (ie. those outside their brand).
/// </summary>
/// <param name="user">The user requesting access</param>
/// <param name="path">The path to which access is being requested</param>
/// <returns>[True] if user can access path. Otherwise [False].</returns>
public static bool UserHasAccess(User user, Uri path)
{
// Turn the path into a relative one (eg. /AppVirtualDir/Admin/Default.aspx -> ~/Admin/Default.aspx)
string relativePath = VirtualPathUtility.ToAppRelative(path.AbsolutePath).ToLower();
// Always allow NeatUpload stuff through
if (relativePath.StartsWith("~/neatupload/"))
{
return(true);
}
// Login and registration pages open to all. Admin homepage open to
// any user belonging to any role greater than normal.
switch (relativePath)
{
case "~/login.aspx":
case "~/register.aspx":
case "~/changepassword.aspx":
case "~/reactivate.aspx":
case "~/viewcontactsheet.aspx":
case "~/popups/termsconditions.aspx":
case "~/popups/privacypolicy.aspx":
return(true);
case "~/admin/default.aspx":
return(user.UserRoleId > Convert.ToInt32(UserRole.Normal));
}
// Allow access to non-existent pages so we can redirect to 404
if (!File.Exists(HttpContext.Current.Server.MapPath(relativePath)))
{
return(true);
}
// Everything from here on needs a user
if (user.IsNull)
{
return(false);
}
// Ensure that the asset popup can only be viewed by authorised users
if (relativePath.StartsWith("~/popups/assetinfo.aspx"))
{
int assetId = GetQuerystringValue(path.Query, "assetId", -1);
if (assetId != -1)
{
Asset asset = Asset.Get(assetId);
if (asset.IsNull || !EntitySecurityManager.CanViewAssetInfo(user, asset))
{
return(false);
}
HttpContext.Current.Items.Add("Asset", asset);
}
}
if (relativePath.StartsWith("~/admin/"))
{
// Get the admin section page by the URL
AdminSectionPage adminSectionPage = AdminNavigationManager.GetAdminSectionPageByUrl(relativePath);
// Ensure that we found it in the admin page list
if (adminSectionPage == null)
{
throw new SystemException(string.Format("Unknown admin page: '{0}'. Please check AdminNavigation.Config", relativePath));
}
// Ensure that the page being accessed is available to the user role.
// No point continuing if their role is too weak
if (!adminSectionPage.UserRoleList.Contains(user.UserRole))
{
return(false);
}
// Do role specific processing, as some roles can access pages, but
// only when editing certain entities - ie. a Brand Admin can
// access the user pages, but only when managing users from their own
// brand. Here, we check the querystring for values, get the
// matching entity, and then ensure that it's from the same BU as
// the requesting user.
if (user.UserRole == UserRole.SuperAdministrator)
{
return(true);
}
if (user.UserRole == UserRole.Normal)
{
throw new SecurityException("Access to admin area denied");
}
if (GeneralUtils.ValueIsInList(user.UserRole, UserRole.BrandAdministrator, UserRole.UploadUser))
{
// Assume page is okay, as querystring might be blank
bool ok = true;
// Check for user ID, and if it exists, ensure the user
// can be accessed by the requesting user
int userId = GetQuerystringValue(path.Query, "userId", -1);
if (userId != -1)
{
User u = User.Get(userId);
if (user.IsNull || !EntitySecurityManager.CanManageUser(user, u))
{
ok = false;
}
else
{
HttpContext.Current.Items.Add("User", u);
}
}
// Check for asset Id, and if it exists, ensure the
// asset can be accessed by the requesting user
if (ok)
{
int assetId = GetQuerystringValue(path.Query, "assetId", -1);
if (assetId != -1)
{
Asset asset = Asset.Get(assetId);
if (asset.IsNull || !EntitySecurityManager.CanManageAsset(user, asset))
{
ok = false;
}
else
{
HttpContext.Current.Items.Add("Asset", asset);
}
}
}
// Check for AssetWorkflowId, and if it exists, ensure the
// AssetWorkflow can be accessed by the requesting user
if (ok)
{
int assetWorkflowId = GetQuerystringValue(path.Query, "assetWorkflowId", -1);
if (assetWorkflowId != -1)
{
AssetWorkflow assetWorkflow = AssetWorkflow.Get(assetWorkflowId);
if (assetWorkflow.IsNull || !EntitySecurityManager.CanParticipateInAssetWorkflow(user, assetWorkflow))
{
ok = false;
}
else
{
HttpContext.Current.Items.Add("AssetWorkflow", assetWorkflow);
}
}
}
return(ok);
}
throw new SecurityException("Unable to check permissions for user role: " + user.UserRole);
}
return(true);
}
public static List <WaterfallAsset> GetShaders(AssetWorkflow flow)
{
return(Shaders.FindAll(x => x.Workflow == flow));
}
public static List <WaterfallAsset> GetModels(AssetWorkflow flow)
{
return(Models.FindAll(x => x.Workflow == flow));
}
protected void AssetsRepeater_OnItemDataBound(object sender, RepeaterItemEventArgs e)
{
switch (e.Item.ItemType)
{
case ListItemType.Header:
HtmlTableCell CheckBoxHeaderCell = (HtmlTableCell)e.Item.FindControl("CheckBoxHeaderCell");
CheckBoxHeaderCell.Visible = ShowCheckBoxes;
HtmlTableCell ThumbnailHeaderCell = (HtmlTableCell)e.Item.FindControl("ThumbnailHeaderCell");
ThumbnailHeaderCell.Visible = ShowThumbnails;
break;
case (ListItemType.Item):
case (ListItemType.AlternatingItem):
Asset asset = (Asset)e.Item.DataItem;
HtmlTableCell CheckBoxCell = (HtmlTableCell)e.Item.FindControl("CheckBoxCell");
CheckBoxCell.Visible = ShowCheckBoxes;
HtmlTableCell ThumbnailCell = (HtmlTableCell)e.Item.FindControl("ThumbnailCell");
ThumbnailCell.Visible = ShowThumbnails;
if (ThumbnailCell.Visible)
{
AssetThumbnail assetThumbnail = (AssetThumbnail)e.Item.FindControl("AssetThumbnail");
assetThumbnail.Initialise(asset);
}
HiddenField AssetIdHiddenField = (HiddenField)e.Item.FindControl("AssetIdHiddenField");
AssetIdHiddenField.Value = asset.AssetId.ToString();
HyperLink AssetIdHyperLink = (HyperLink)e.Item.FindControl("AssetIdHyperLink");
AssetIdHyperLink.Text = asset.AssetId.ToString();
AssetIdHyperLink.NavigateUrl = string.Format("~/Admin/Assets/AssetForm.aspx?assetId={0}&source=assetlist", asset.AssetId);
Label AssetTypeLabel = (Label)e.Item.FindControl("AssetTypeLabel");
AssetTypeLabel.Text = asset.AssetType.Name;
Label UploadedByUserNameLabel = (Label)e.Item.FindControl("UploadedByUserNameLabel");
UploadedByUserNameLabel.Text = asset.UploadedByUser.FullName;
Label TitleLabel = (Label)e.Item.FindControl("TitleLabel");
TitleLabel.Text = asset.Title;
SiteUtils.PopulateBlankControl(TitleLabel);
Label FileSizeLabel = (Label)e.Item.FindControl("FileSizeLabel");
FileSizeLabel.Text = FileUtils.FriendlyFileSize(asset.FileSize);
Label ProductionDateLabel = (Label)e.Item.FindControl("ProductionDateLabel");
ProductionDateLabel.Text = asset.GetProductionDate();
SiteUtils.PopulateBlankControl(ProductionDateLabel);
Label IsExpiredLabel = (Label)e.Item.FindControl("IsExpiredLabel");
IsExpiredLabel.Text = (asset.ExpiryDate < DateTime.Now) ? "Y" : "N";
if (IsExpiredLabel.Text == "Y")
{
IsExpiredLabel.CssClass = "bold";
}
Label ExpiryDateLabel = (Label)e.Item.FindControl("ExpiryDateLabel");
ExpiryDateLabel.Text = asset.ExpiryDate.ToString(Global.DateFormat);
HyperLink IsPublishedHyperLink = (HyperLink)e.Item.FindControl("IsPublishedHyperLink");
IsPublishedHyperLink.Text = asset.AssetPublishStatusName;
PromptLinkButton DeleteLinkButton = (PromptLinkButton)e.Item.FindControl("DeleteLinkButton");
DeleteLinkButton.CommandArgument = asset.AssetId.ToString();
EnhancedHyperLink AuditLogHyperLink = (EnhancedHyperLink)e.Item.FindControl("AuditLogHyperLink");
SiteUtils.SetHyperLink("Reports.AssetAuditTrail", string.Format("?AssetId={0}&Source=AssetList", asset.AssetId), AuditLogHyperLink);
switch (asset.AssetPublishStatus)
{
case (AssetPublishStatus.Published):
IsPublishedHyperLink.CssClass += " Bold";
break;
case (AssetPublishStatus.PendingApproval):
IsPublishedHyperLink.CssClass += " Bold";
if (asset.AssetWorkflowList.Count > 0)
{
AssetWorkflow aw = asset.AssetWorkflowList[0];
// Only link the pending text to the approval screen if the current user is in the workflow
AssetWorkflowUser cawfu = aw.AssetWorkflowUserList.Find(awfu => awfu.UserId == CurrentUser.UserId.GetValueOrDefault());
if (cawfu != null)
{
SiteUtils.SetHyperLink("Workflow.Approve", string.Format("?AssetWorkflowId={0}", aw.AssetWorkflowId), IsPublishedHyperLink);
}
else
{
AssetWorkflowCommenter awc = aw.AssetWorkflowCommenterList.Find(awfc => awfc.UserId == CurrentUser.UserId.GetValueOrDefault());
if (awc != null)
{
SiteUtils.SetHyperLink("Workflow.Comment", string.Format("?AssetWorkflowId={0}", aw.AssetWorkflowId), IsPublishedHyperLink);
}
}
}
break;
}
break;
}
}