/// <summary>
/// Returns the <see cref="Rock.Model.UserLogin"/>
/// </summary>
/// <param name="userIsOnline">A <see cref="System.Boolean"/> value that returns the logged in user if <c>true</c>; otherwise can return the impersonated user</param>
/// <returns>The current <see cref="Rock.Model.UserLogin"/></returns>
public static UserLogin GetCurrentUser(bool userIsOnline)
{
string userName = UserLogin.GetCurrentUserName();
if (userName != string.Empty)
{
if (userName.StartsWith("rckipid="))
{
Rock.Model.PersonService personService = new Model.PersonService();
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey(userName.Substring(8));
if (impersonatedPerson != null)
{
return(impersonatedPerson.ImpersonatedUser);
}
}
else
{
var userLoginService = new UserLoginService();
UserLogin user = userLoginService.GetByUserName(userName);
if (user != null && userIsOnline)
{
// Save last activity date
var transaction = new Rock.Transactions.UserLastActivityTransaction();
transaction.UserId = user.Id;
transaction.LastActivityDate = DateTime.Now;
Rock.Transactions.RockQueue.TransactionQueue.Enqueue(transaction);
}
return(user);
}
}
return(null);
}
/// <summary>
/// Gets the currently logged in Person
/// </summary>
/// <param name="rockContext">The rock context.</param>
/// <returns></returns>
protected virtual Rock.Model.Person GetPerson(RockContext rockContext)
{
if (Request.Properties.Keys.Contains("Person"))
{
return(Request.Properties["Person"] as Person);
}
var principal = ControllerContext.Request.GetUserPrincipal();
if (principal != null && principal.Identity != null)
{
if (principal.Identity.Name.StartsWith("rckipid="))
{
var personService = new Model.PersonService(rockContext ?? new RockContext());
Rock.Model.Person impersonatedPerson = personService.GetByImpersonationToken(principal.Identity.Name.Substring(8), false, null);
if (impersonatedPerson != null)
{
return(impersonatedPerson);
}
}
else
{
var userLoginService = new Rock.Model.UserLoginService(rockContext ?? new RockContext());
var userLogin = userLoginService.GetByUserName(principal.Identity.Name);
if (userLogin != null)
{
var person = userLogin.Person;
Request.Properties.Add("Person", person);
return(userLogin.Person);
}
}
}
return(null);
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
var reflectedHttpActionDescriptor = ( ReflectedHttpActionDescriptor )actionContext.ActionDescriptor;
var controller = actionContext.ActionDescriptor.ControllerDescriptor;
string controllerClassName = controller.ControllerType.FullName;
string actionMethod = actionContext.Request.Method.Method;
var apiId = RestControllerService.GetApiId(reflectedHttpActionDescriptor.MethodInfo, actionMethod, controller.ControllerName);
ISecured item = RestActionCache.Get(apiId);
if (item == null)
{
// if there isn't a RestAction in the database, use the Controller as the secured item
item = RestControllerCache.Get(controllerClassName);
if (item == null)
{
item = new RestController();
}
}
Person person = null;
if (actionContext.Request.Properties.Keys.Contains("Person"))
{
person = actionContext.Request.Properties["Person"] as Person;
}
else
{
var principal = actionContext.Request.GetUserPrincipal();
if (principal != null && principal.Identity != null)
{
using (var rockContext = new RockContext())
{
string userName = principal.Identity.Name;
UserLogin userLogin = null;
if (userName.StartsWith("rckipid="))
{
Rock.Model.PersonService personService = new Model.PersonService(rockContext);
Rock.Model.Person impersonatedPerson = personService.GetByImpersonationToken(userName.Substring(8));
if (impersonatedPerson != null)
{
userLogin = impersonatedPerson.GetImpersonatedUser();
}
}
else
{
var userLoginService = new Rock.Model.UserLoginService(rockContext);
userLogin = userLoginService.GetByUserName(userName);
}
if (userLogin != null)
{
person = userLogin.Person;
actionContext.Request.Properties.Add("Person", person);
/* 12/12/2019 BJW
*
* Setting this current person item was only done in put, post, and patch in the ApiController
* class. Set it here so that it is always set for all methods, including delete. This enhances
* history logging done in the pre and post save model hooks (when the pre-save event is called
* we can access DbContext.GetCurrentPersonAlias and log who deleted the record).
*
* Task: https://app.asana.com/0/1120115219297347/1153140643799337/f
*/
System.Web.HttpContext.Current.AddOrReplaceItem("CurrentPerson", person);
}
}
}
}
string action = actionMethod.Equals("GET", StringComparison.OrdinalIgnoreCase) ?
Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT;
if (!item.IsAuthorized(action, person))
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
/// <summary>
/// Returns the <see cref="Rock.Model.UserLogin"/>
/// </summary>
/// <param name="userIsOnline">A <see cref="System.Boolean"/> value that returns the logged in user if <c>true</c>; otherwise can return the impersonated user</param>
/// <returns>The current <see cref="Rock.Model.UserLogin"/></returns>
public static UserLogin GetCurrentUser(bool userIsOnline)
{
var rockContext = new RockContext();
string userName = UserLogin.GetCurrentUserName();
if (userName != string.Empty)
{
if (userName.StartsWith("rckipid="))
{
Rock.Model.PersonService personService = new Model.PersonService(rockContext);
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey(userName.Substring(8));
if (impersonatedPerson != null)
{
return(impersonatedPerson.GetImpersonatedUser());
}
}
else
{
var userLoginService = new UserLoginService(rockContext);
UserLogin user = userLoginService.GetByUserName(userName);
if (user != null && userIsOnline)
{
// Save last activity date
var transaction = new Rock.Transactions.UserLastActivityTransaction();
transaction.UserId = user.Id;
transaction.LastActivityDate = RockDateTime.Now;
if ((user.IsConfirmed ?? true) && !(user.IsLockedOut ?? false))
{
if (HttpContext.Current != null && HttpContext.Current.Session != null)
{
HttpContext.Current.Session["RockUserId"] = user.Id;
}
// see if there is already a LastActivitytransaction queued for this user, and just update its LastActivityDate instead of adding another to the queue
var userLastActivity = Rock.Transactions.RockQueue.TransactionQueue.ToArray().OfType <Rock.Transactions.UserLastActivityTransaction>()
.Where(a => a.UserId == transaction.UserId).FirstOrDefault();
if (userLastActivity != null)
{
userLastActivity.LastActivityDate = transaction.LastActivityDate;
}
else
{
Rock.Transactions.RockQueue.TransactionQueue.Enqueue(transaction);
}
}
else
{
transaction.IsOnLine = false;
Rock.Transactions.RockQueue.TransactionQueue.Enqueue(transaction);
FormsAuthentication.SignOut();
return(null);
}
}
return(user);
}
}
return(null);
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting( HttpActionContext actionContext )
{
var controller = actionContext.ActionDescriptor.ControllerDescriptor;
string controllerClassName = controller.ControllerType.FullName;
string actionMethod = actionContext.Request.Method.Method;
string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate.Replace( "{controller}", controller.ControllerName );
ISecured item = Rock.Web.Cache.RestActionCache.Read( actionMethod + actionPath );
if ( item == null )
{
item = Rock.Web.Cache.RestControllerCache.Read( controllerClassName );
if ( item == null )
{
item = new RestController();
}
}
Person person = null;
if ( actionContext.Request.Properties.Keys.Contains( "Person" ) )
{
person = actionContext.Request.Properties["Person"] as Person;
}
else
{
var principal = actionContext.Request.GetUserPrincipal();
if ( principal != null && principal.Identity != null )
{
using ( var rockContext = new RockContext() )
{
string userName = principal.Identity.Name;
UserLogin userLogin = null;
if ( userName.StartsWith( "rckipid=" ) )
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( userName.Substring( 8 ) );
if ( impersonatedPerson != null )
{
userLogin = impersonatedPerson.GetImpersonatedUser();
}
}
else
{
var userLoginService = new Rock.Model.UserLoginService( rockContext );
userLogin = userLoginService.GetByUserName( userName );
}
if ( userLogin != null )
{
person = userLogin.Person;
actionContext.Request.Properties.Add( "Person", person );
}
}
}
}
string action = actionMethod.Equals( "GET", StringComparison.OrdinalIgnoreCase ) ?
Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT;
if ( !item.IsAuthorized( action, person ) )
{
actionContext.Response = new HttpResponseMessage( HttpStatusCode.Unauthorized );
}
}
/// <summary>
/// Loads all of the configured blocks for the current page into the control tree
/// </summary>
/// <param name="e"></param>
protected override void OnInit( EventArgs e )
{
// Add the ScriptManager to each page
_scriptManager = ScriptManager.GetCurrent( this.Page );
if ( _scriptManager == null )
{
_scriptManager = new AjaxControlToolkit.ToolkitScriptManager { ID = "sManager" };
Page.Trace.Warn( "Adding script manager" );
Page.Form.Controls.AddAt( 0, _scriptManager );
}
// enable history on the ScriptManager
_scriptManager.EnableHistory = true;
// TODO: Delete this line, only used for testing
_scriptManager.AsyncPostBackTimeout = 180;
// wire up navigation event
_scriptManager.Navigate += new EventHandler<HistoryEventArgs>( scriptManager_Navigate );
// add ckeditor (doesn't like to be added during an async postback)
_scriptManager.Scripts.Add( new ScriptReference( ResolveRockUrl( "~/Scripts/ckeditor/ckeditor.js", true ) ) );
// Add library and UI bundles during init, that way theme developers will only
// need to worry about registering any custom scripts or script bundles they need
_scriptManager.Scripts.Add( new ScriptReference( "~/Bundles/WebFormsJs" ) );
_scriptManager.Scripts.Add( new ScriptReference( "~/Scripts/Bundles/RockLibs" ) );
_scriptManager.Scripts.Add( new ScriptReference( "~/Scripts/Bundles/RockUi" ) );
_scriptManager.Scripts.Add( new ScriptReference( "~/Scripts/Bundles/RockValidation" ) );
// add Google Maps API (doesn't like to be added during an async postback )
var googleAPIKey = GlobalAttributesCache.Read().GetValue( "GoogleAPIKey" );
string keyParameter = string.IsNullOrWhiteSpace(googleAPIKey) ? "" : string.Format("key={0}&", googleAPIKey);
_scriptManager.Scripts.Add( new ScriptReference( string.Format( "https://maps.googleapis.com/maps/api/js?{0}sensor=false&libraries=drawing", keyParameter ) ) );
// Recurse the page controls to find the rock page title and zone controls
Page.Trace.Warn( "Recursing layout to find zones" );
Zones = new Dictionary<string, KeyValuePair<string, Zone>>();
FindRockControls( this.Controls );
// Add a Rock version meta tag
Page.Trace.Warn( "Adding Rock metatag" );
string version = typeof( Rock.Web.UI.RockPage ).Assembly.GetName().Version.ToString();
HtmlMeta rockVersion = new HtmlMeta();
rockVersion.Attributes.Add( "name", "generator" );
rockVersion.Attributes.Add( "content", string.Format( "Rock v{0}", version ) );
AddMetaTag( this.Page, rockVersion );
// If the logout parameter was entered, delete the user's forms authentication cookie and redirect them
// back to the same page.
Page.Trace.Warn( "Checking for logout request" );
if ( PageParameter( "logout" ) != string.Empty )
{
if ( CurrentUser != null )
{
var transaction = new Rock.Transactions.UserLastActivityTransaction();
transaction.UserId = CurrentUser.Id;
transaction.LastActivityDate = RockDateTime.Now;
transaction.IsOnLine = false;
Rock.Transactions.RockQueue.TransactionQueue.Enqueue( transaction );
}
FormsAuthentication.SignOut();
// After logging out check to see if an anonymous user is allowed to view the current page. If so
// redirect back to the current page, otherwise redirect to the site's default page
if ( _pageCache != null )
{
if ( _pageCache.IsAuthorized( Authorization.VIEW, null ) )
{
// Remove the 'logout' queryparam before redirecting
var pageReference = new PageReference( PageReference.PageId, PageReference.RouteId, PageReference.Parameters );
foreach ( string key in PageReference.QueryString )
{
if ( !key.Equals( "logout", StringComparison.OrdinalIgnoreCase ) )
{
pageReference.Parameters.Add( key, PageReference.QueryString[key] );
}
}
Response.Redirect( pageReference.BuildUrl(), false );
Context.ApplicationInstance.CompleteRequest();
}
else
{
_pageCache.Layout.Site.RedirectToDefaultPage();
}
return;
}
else
{
CurrentPerson = null;
CurrentUser = null;
}
}
var rockContext = new RockContext();
// If the impersonated query key was included then set the current person
Page.Trace.Warn( "Checking for person impersanation" );
string impersonatedPersonKey = PageParameter( "rckipid" );
if ( !String.IsNullOrEmpty( impersonatedPersonKey ) )
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( impersonatedPersonKey );
if ( impersonatedPerson != null )
{
Rock.Security.Authorization.SetAuthCookie( "rckipid=" + impersonatedPerson.EncryptedKey, false, true );
CurrentUser = impersonatedPerson.GetImpersonatedUser();
}
}
// Get current user/person info
Page.Trace.Warn( "Getting CurrentUser" );
Rock.Model.UserLogin user = CurrentUser;
// If there is a logged in user, see if it has an associated Person Record. If so, set the UserName to
// the person's full name (which is then cached in the Session state for future page requests)
if ( user != null )
{
Page.Trace.Warn( "Setting CurrentPerson" );
UserName = user.UserName;
int? personId = user.PersonId;
if ( personId.HasValue )
{
string personNameKey = "PersonName_" + personId.Value.ToString();
if ( Session[personNameKey] != null )
{
UserName = Session[personNameKey].ToString();
}
else
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person person = personService.Get( personId.Value );
if ( person != null )
{
UserName = person.FullName;
CurrentPerson = person;
}
Session[personNameKey] = UserName;
}
}
}
// If a PageInstance exists
if ( _pageCache != null )
{
BrowserTitle = _pageCache.BrowserTitle;
PageTitle = _pageCache.PageTitle;
PageIcon = _pageCache.IconCssClass;
// If there's a master page, update it's reference to Current Page
if ( this.Master is RockMasterPage )
{
( (RockMasterPage)this.Master ).SetPage( _pageCache );
}
// check if page should have been loaded via ssl
Page.Trace.Warn( "Checking for SSL request" );
if ( !Request.IsSecureConnection && _pageCache.RequiresEncryption )
{
string redirectUrl = Request.Url.ToString().Replace( "http:", "https:" );
Response.Redirect( redirectUrl, false );
Context.ApplicationInstance.CompleteRequest();
return;
}
// Verify that the current user is allowed to view the page.
Page.Trace.Warn( "Checking if user is authorized" );
if ( !_pageCache.IsAuthorized( Authorization.VIEW, CurrentPerson ) )
{
if ( user == null )
{
// If not authorized, and the user hasn't logged in yet, redirect to the login page
Page.Trace.Warn( "Redirecting to login page" );
var site = _pageCache.Layout.Site;
if ( site.LoginPageId.HasValue )
{
site.RedirectToLoginPage( true );
}
else
{
FormsAuthentication.RedirectToLoginPage();
}
}
else
{
// If not authorized, and the user has logged in, redirect to error page
Page.Trace.Warn( "Redirecting to error page" );
Response.Redirect( "~/error.aspx?type=security", false );
Context.ApplicationInstance.CompleteRequest();
}
}
else
{
// Set current models (context)
Page.Trace.Warn( "Checking for Context" );
ModelContext = new Dictionary<string, Data.KeyEntity>();
try
{
// first search cookies, but pageContext can replace it
GetCookieContext( GetContextCookieName( false ) ); // Site
GetCookieContext( GetContextCookieName( true ) ); // Page (will replace any site values)
foreach ( var pageContext in _pageCache.PageContexts )
{
int? contextId = PageParameter( pageContext.Value ).AsIntegerOrNull();
if ( contextId.HasValue )
{
ModelContext.AddOrReplace( pageContext.Key, new Data.KeyEntity( contextId.Value ) );
}
}
char[] delim = new char[1] { ',' };
foreach ( string param in PageParameter( "context", true ).Split( delim, StringSplitOptions.RemoveEmptyEntries ) )
{
string contextItem = Rock.Security.Encryption.DecryptString( param );
string[] parts = contextItem.Split( '|' );
if ( parts.Length == 2 )
{
ModelContext.AddOrReplace( parts[0], new Data.KeyEntity( parts[1] ) );
}
}
}
catch
{
// intentionally ignore exception
}
// set viewstate on/off
this.EnableViewState = _pageCache.EnableViewState;
// Cache object used for block output caching
Page.Trace.Warn( "Getting memory cache" );
ObjectCache cache = MemoryCache.Default;
Page.Trace.Warn( "Checking if user can administer" );
bool canAdministratePage = _pageCache.IsAuthorized( Authorization.ADMINISTRATE, CurrentPerson );
// Create a javascript object to store information about the current page for client side scripts to use
Page.Trace.Warn( "Creating JS objects" );
string script = string.Format( @"
Rock.settings.initialize({{
siteId: {0},
layoutId: {1},
pageId: {2},
layout: '{3}',
baseUrl: '{4}'
}});",
_pageCache.Layout.SiteId, _pageCache.LayoutId, _pageCache.Id, _pageCache.Layout.FileName, ResolveUrl( "~" ) );
ScriptManager.RegisterStartupScript( this.Page, this.GetType(), "rock-js-object", script, true );
AddTriggerPanel();
// Add config elements
if ( _pageCache.IncludeAdminFooter )
{
Page.Trace.Warn( "Adding popup controls (footer elements)" );
AddPopupControls();
Page.Trace.Warn( "Adding zone elements" );
AddZoneElements( canAdministratePage );
}
// Initialize the list of breadcrumbs for the current page (and blocks on the page)
Page.Trace.Warn( "Setting breadcrumbs" );
PageReference.BreadCrumbs = new List<BreadCrumb>();
// If the page is configured to display in the breadcrumbs...
string bcName = _pageCache.BreadCrumbText;
if ( bcName != string.Empty )
{
PageReference.BreadCrumbs.Add( new BreadCrumb( bcName, PageReference.BuildUrl() ) );
}
// Add the Google Analytics Code script if a code was specified for the site
if ( !string.IsNullOrWhiteSpace( _pageCache.Layout.Site.GoogleAnalyticsCode ) )
{
AddGoogleAnalytics( _pageCache.Layout.Site.GoogleAnalyticsCode );
}
// Flag indicating if user has rights to administer one or more of the blocks on page
bool canAdministrateBlock = false;
// Load the blocks and insert them into page zones
Page.Trace.Warn( "Loading Blocks" );
foreach ( Rock.Web.Cache.BlockCache block in _pageCache.Blocks )
{
Page.Trace.Warn( string.Format( "\tLoading '{0}' block", block.Name ) );
// Get current user's permissions for the block instance
Page.Trace.Warn( "\tChecking permission" );
bool canAdministrate = block.IsAuthorized( Authorization.ADMINISTRATE, CurrentPerson );
bool canEdit = block.IsAuthorized( Authorization.EDIT, CurrentPerson );
bool canView = block.IsAuthorized( Authorization.VIEW, CurrentPerson );
if ( canAdministrate || canEdit )
{
canAdministrateBlock = true;
}
// Make sure user has access to view block instance
if ( canAdministrate || canEdit || canView )
{
// Create block wrapper control (implements INamingContainer so child control IDs are unique for
// each block instance
Page.Trace.Warn( "\tAdding block wrapper html" );
HtmlGenericContainer blockWrapper = new HtmlGenericContainer( "div" );
blockWrapper.ID = string.Format( "bid_{0}", block.Id );
blockWrapper.Attributes.Add( "data-zone-location", block.BlockLocation.ToString() );
blockWrapper.ClientIDMode = ClientIDMode.Static;
FindZone( block.Zone ).Controls.Add( blockWrapper );
string blockTypeCss = block.BlockType != null ? block.BlockType.Name : "";
var parts = blockTypeCss.Split( new char[] { '>' } );
if ( parts.Length > 1 )
{
blockTypeCss = parts[parts.Length - 1].Trim();
}
blockTypeCss = blockTypeCss.Replace( ' ', '-' ).ToLower();
blockWrapper.Attributes.Add( "class", "block-instance " + blockTypeCss +
( string.IsNullOrWhiteSpace( block.CssClass ) ? "" : " " + block.CssClass.Trim() ) +
( canAdministrate || canEdit ? " can-configure " : "" ) );
// Check to see if block is configured to use a "Cache Duration'
string blockCacheKey = string.Format( "Rock:BlockOutput:{0}", block.Id );
if ( block.OutputCacheDuration > 0 && cache.Contains( blockCacheKey ) )
{
// If the current block exists in our custom output cache, add the cached output instead of adding the control
blockWrapper.Controls.Add( new LiteralControl( cache[blockCacheKey] as string ) );
}
else
{
// Load the control and add to the control tree
Page.Trace.Warn( "\tLoading control" );
Control control;
try
{
control = TemplateControl.LoadControl( block.BlockType.Path );
control.ClientIDMode = ClientIDMode.AutoID;
}
catch ( Exception ex )
{
NotificationBox nbBlockLoad = new NotificationBox();
nbBlockLoad.ID = string.Format( "nbBlockLoad_{0}", block.Id );
nbBlockLoad.CssClass = "system-error";
nbBlockLoad.NotificationBoxType = NotificationBoxType.Danger;
nbBlockLoad.Text = string.Format( "Error Loading Block: {0}", block.Name );
nbBlockLoad.Details = string.Format( "{0}<pre>{1}</pre>", ex.Message, ex.StackTrace );
nbBlockLoad.Dismissable = true;
control = nbBlockLoad;
if ( this.IsPostBack )
{
// throw an error on PostBack so that the ErrorPage gets shown (vs nothing happening)
throw ex;
}
}
RockBlock blockControl = null;
// Check to see if the control was a PartialCachingControl or not
Page.Trace.Warn( "\tChecking block for partial caching" );
if ( control is RockBlock )
blockControl = control as RockBlock;
else
{
if ( control is PartialCachingControl && ( (PartialCachingControl)control ).CachedControl != null )
{
blockControl = (RockBlock)( (PartialCachingControl)control ).CachedControl;
}
}
// If the current control is a block, set it's properties
if ( blockControl != null )
{
Page.Trace.Warn( "\tSetting block properties" );
blockControl.SetBlock( block );
// Add any breadcrumbs to current page reference that the block creates
Page.Trace.Warn( "\tAdding any breadcrumbs from block" );
if ( block.BlockLocation == BlockLocation.Page )
{
blockControl.GetBreadCrumbs( PageReference ).ForEach( c => PageReference.BreadCrumbs.Add( c ) );
}
// If the blocktype's security actions have not yet been loaded, load them now
if ( !block.BlockType.CheckedSecurityActions )
{
Page.Trace.Warn( "\tAdding additional security actions for blcok" );
block.BlockType.SecurityActions = new Dictionary<string, string>();
foreach ( var action in blockControl.GetSecurityActionAttributes() )
{
if ( block.BlockType.SecurityActions.ContainsKey( action.Key ) )
{
block.BlockType.SecurityActions[action.Key] = action.Value;
}
else
{
block.BlockType.SecurityActions.Add( action.Key, action.Value );
}
}
block.BlockType.CheckedSecurityActions = true;
}
// If the block's AttributeProperty values have not yet been verified verify them.
// (This provides a mechanism for block developers to define the needed block
// attributes in code and have them automatically added to the database)
Page.Trace.Warn( "\tChecking if block attributes need refresh" );
if ( !block.BlockType.IsInstancePropertiesVerified )
{
Page.Trace.Warn( "\tCreating block attributes" );
blockControl.CreateAttributes( rockContext );
block.BlockType.IsInstancePropertiesVerified = true;
}
// Add the block configuration scripts and icons if user is authorized
if ( _pageCache.IncludeAdminFooter )
{
Page.Trace.Warn( "\tAdding block configuration tools" );
AddBlockConfig( blockWrapper, blockControl, block, canAdministrate, canEdit );
}
}
Page.Trace.Warn( "\tAdding block to control tree" );
HtmlGenericContainer blockContent = new HtmlGenericContainer( "div" );
blockContent.Attributes.Add( "class", "block-content" );
blockWrapper.Controls.Add( blockContent );
// Add the block
blockContent.Controls.Add( control );
}
}
}
// Make the last crumb for this page the active one
Page.Trace.Warn( "Setting active breadcrumb" );
if ( PageReference.BreadCrumbs.Any() )
{
PageReference.BreadCrumbs.Last().Active = true;
}
Page.Trace.Warn( "Getting parent page references" );
var pageReferences = PageReference.GetParentPageReferences( this, _pageCache, PageReference );
pageReferences.Add( PageReference );
PageReference.SavePageReferences( pageReferences );
// Update breadcrumbs
Page.Trace.Warn( "Updating breadcrumbs" );
BreadCrumbs = new List<BreadCrumb>();
foreach ( var pageReference in pageReferences )
{
pageReference.BreadCrumbs.ForEach( c => BreadCrumbs.Add( c ) );
}
// Add the page admin footer if the user is authorized to edit the page
if ( _pageCache.IncludeAdminFooter && ( canAdministratePage || canAdministrateBlock ) )
{
// Add the page admin script
AddScriptLink( Page, "~/Scripts/Bundles/RockAdmin", false );
Page.Trace.Warn( "Adding admin footer to page" );
HtmlGenericControl adminFooter = new HtmlGenericControl( "div" );
adminFooter.ID = "cms-admin-footer";
adminFooter.ClientIDMode = System.Web.UI.ClientIDMode.Static;
this.Form.Controls.Add( adminFooter );
phLoadTime = new PlaceHolder();
adminFooter.Controls.Add( phLoadTime );
HtmlGenericControl buttonBar = new HtmlGenericControl( "div" );
adminFooter.Controls.Add( buttonBar );
buttonBar.Attributes.Add( "class", "button-bar" );
// RockBlock Config
HtmlGenericControl aBlockConfig = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aBlockConfig );
aBlockConfig.Attributes.Add( "class", "btn block-config" );
aBlockConfig.Attributes.Add( "href", "javascript: Rock.admin.pageAdmin.showBlockConfig();" );
aBlockConfig.Attributes.Add( "Title", "Block Configuration" );
HtmlGenericControl iBlockConfig = new HtmlGenericControl( "i" );
aBlockConfig.Controls.Add( iBlockConfig );
iBlockConfig.Attributes.Add( "class", "fa fa-th-large" );
if ( canAdministratePage )
{
// RockPage Properties
HtmlGenericControl aAttributes = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aAttributes );
aAttributes.ID = "aPageProperties";
aAttributes.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aAttributes.Attributes.Add( "class", "btn properties" );
aAttributes.Attributes.Add( "height", "500px" );
aAttributes.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( string.Format( "~/PageProperties/{0}?t=Page Properties", _pageCache.Id ) ) + "')" );
aAttributes.Attributes.Add( "Title", "Page Properties" );
HtmlGenericControl iAttributes = new HtmlGenericControl( "i" );
aAttributes.Controls.Add( iAttributes );
iAttributes.Attributes.Add( "class", "fa fa-cog" );
// Child Pages
HtmlGenericControl aChildPages = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aChildPages );
aChildPages.ID = "aChildPages";
aChildPages.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aChildPages.Attributes.Add( "class", "btn page-child-pages" );
aChildPages.Attributes.Add( "height", "500px" );
aChildPages.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( string.Format( "~/pages/{0}?t=Child Pages&pb=&sb=Done", _pageCache.Id ) ) + "')" );
aChildPages.Attributes.Add( "Title", "Child Pages" );
HtmlGenericControl iChildPages = new HtmlGenericControl( "i" );
aChildPages.Controls.Add( iChildPages );
iChildPages.Attributes.Add( "class", "fa fa-sitemap" );
// RockPage Zones
HtmlGenericControl aPageZones = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aPageZones );
aPageZones.Attributes.Add( "class", "btn page-zones" );
aPageZones.Attributes.Add( "href", "javascript: Rock.admin.pageAdmin.showPageZones();" );
aPageZones.Attributes.Add( "Title", "Page Zones" );
HtmlGenericControl iPageZones = new HtmlGenericControl( "i" );
aPageZones.Controls.Add( iPageZones );
iPageZones.Attributes.Add( "class", "fa fa-columns" );
// RockPage Security
HtmlGenericControl aPageSecurity = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aPageSecurity );
aPageSecurity.ID = "aPageSecurity";
aPageSecurity.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aPageSecurity.Attributes.Add( "class", "btn page-security" );
aPageSecurity.Attributes.Add( "height", "500px" );
aPageSecurity.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( string.Format( "~/Secure/{0}/{1}?t=Page Security&pb=&sb=Done",
EntityTypeCache.Read( typeof( Rock.Model.Page ) ).Id, _pageCache.Id ) ) + "')" );
aPageSecurity.Attributes.Add( "Title", "Page Security" );
HtmlGenericControl iPageSecurity = new HtmlGenericControl( "i" );
aPageSecurity.Controls.Add( iPageSecurity );
iPageSecurity.Attributes.Add( "class", "fa fa-lock" );
// System Info
HtmlGenericControl aSystemInfo = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aSystemInfo );
aSystemInfo.ID = "aSystemInfo";
aSystemInfo.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aSystemInfo.Attributes.Add( "class", "btn system-info" );
aSystemInfo.Attributes.Add( "height", "500px" );
aSystemInfo.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( "~/SystemInfo?t=System Information&pb=&sb=Done" ) + "')" );
aSystemInfo.Attributes.Add( "Title", "Rock Information" );
HtmlGenericControl iSystemInfo = new HtmlGenericControl( "i" );
aSystemInfo.Controls.Add( iSystemInfo );
iSystemInfo.Attributes.Add( "class", "fa fa-info-circle" );
}
}
// Check to see if page output should be cached. The RockRouteHandler
// saves the PageCacheData information for the current page to memorycache
// so it should always exist
if ( _pageCache.OutputCacheDuration > 0 )
{
Response.Cache.SetCacheability( System.Web.HttpCacheability.Public );
Response.Cache.SetExpires( RockDateTime.Now.AddSeconds( _pageCache.OutputCacheDuration ) );
Response.Cache.SetValidUntilExpires( true );
}
}
string pageTitle = BrowserTitle;
string siteTitle = _pageCache.Layout.Site.Name;
string seperator = pageTitle.Trim() != string.Empty && siteTitle.Trim() != string.Empty ? " | " : "";
base.Title = pageTitle + seperator + siteTitle;
if ( !string.IsNullOrWhiteSpace( _pageCache.Description ) )
{
HtmlMeta metaTag = new HtmlMeta();
metaTag.Attributes.Add( "name", "description" );
metaTag.Attributes.Add( "content", _pageCache.Description.Trim() );
AddMetaTag( this.Page, metaTag );
}
if ( !string.IsNullOrWhiteSpace( _pageCache.KeyWords ) )
{
HtmlMeta metaTag = new HtmlMeta();
metaTag.Attributes.Add( "name", "keywords" );
metaTag.Attributes.Add( "content", _pageCache.KeyWords.Trim() );
AddMetaTag( this.Page, metaTag );
}
if ( !string.IsNullOrWhiteSpace( _pageCache.HeaderContent ) )
{
Page.Header.Controls.Add( new LiteralControl( _pageCache.HeaderContent ) );
}
}
}
/// <summary>
/// Loads all of the configured blocks for the current page into the control tree
/// </summary>
/// <param name="e"></param>
protected override void OnInit( EventArgs e )
{
var slDebugTimings = new StringBuilder();
var stopwatchInitEvents = Stopwatch.StartNew();
bool showDebugTimings = this.PageParameter( "ShowDebugTimings" ).AsBoolean();
bool canAdministratePage = false;
if ( showDebugTimings )
{
TimeSpan tsDuration = RockDateTime.Now.Subtract( (DateTime)Context.Items["Request_Start_Time"] );
slDebugTimings.AppendFormat( "OnInit [{0}ms] @ {1} \n", stopwatchInitEvents.Elapsed.TotalMilliseconds, tsDuration.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// Add the ScriptManager to each page
_scriptManager = ScriptManager.GetCurrent( this.Page );
if ( _scriptManager == null )
{
_scriptManager = new ScriptManager { ID = "sManager" };
Page.Trace.Warn( "Adding script manager" );
Page.Form.Controls.AddAt( 0, _scriptManager );
}
// enable history on the ScriptManager
_scriptManager.EnableHistory = true;
// TODO: Delete this line, only used for testing
_scriptManager.AsyncPostBackTimeout = 180;
// wire up navigation event
_scriptManager.Navigate += new EventHandler<HistoryEventArgs>( scriptManager_Navigate );
// Add library and UI bundles during init, that way theme developers will only
// need to worry about registering any custom scripts or script bundles they need
_scriptManager.Scripts.Add( new ScriptReference( "~/Bundles/WebFormsJs" ) );
_scriptManager.Scripts.Add( new ScriptReference( "~/Scripts/Bundles/RockLibs" ) );
_scriptManager.Scripts.Add( new ScriptReference( "~/Scripts/Bundles/RockUi" ) );
_scriptManager.Scripts.Add( new ScriptReference( "~/Scripts/Bundles/RockValidation" ) );
// Recurse the page controls to find the rock page title and zone controls
Page.Trace.Warn( "Recursing layout to find zones" );
Zones = new Dictionary<string, KeyValuePair<string, Zone>>();
FindRockControls( this.Controls );
// Add a Rock version meta tag
Page.Trace.Warn( "Adding Rock metatag" );
string version = typeof( Rock.Web.UI.RockPage ).Assembly.GetName().Version.ToString();
HtmlMeta rockVersion = new HtmlMeta();
rockVersion.Attributes.Add( "name", "generator" );
rockVersion.Attributes.Add( "content", string.Format( "Rock v{0}", version ) );
AddMetaTag( this.Page, rockVersion );
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "CheckingForLogout [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// If the logout parameter was entered, delete the user's forms authentication cookie and redirect them
// back to the same page.
Page.Trace.Warn( "Checking for logout request" );
if ( PageParameter( "logout" ) != string.Empty )
{
if ( CurrentUser != null )
{
var transaction = new Rock.Transactions.UserLastActivityTransaction();
transaction.UserId = CurrentUser.Id;
transaction.LastActivityDate = RockDateTime.Now;
transaction.IsOnLine = false;
Rock.Transactions.RockQueue.TransactionQueue.Enqueue( transaction );
}
FormsAuthentication.SignOut();
// After logging out check to see if an anonymous user is allowed to view the current page. If so
// redirect back to the current page, otherwise redirect to the site's default page
if ( _pageCache != null )
{
if ( _pageCache.IsAuthorized( Authorization.VIEW, null ) )
{
// Remove the 'logout' queryparam before redirecting
var pageReference = new PageReference( PageReference.PageId, PageReference.RouteId, PageReference.Parameters );
foreach ( string key in PageReference.QueryString )
{
if ( !key.Equals( "logout", StringComparison.OrdinalIgnoreCase ) )
{
pageReference.Parameters.Add( key, PageReference.QueryString[key] );
}
}
Response.Redirect( pageReference.BuildUrl(), false );
Context.ApplicationInstance.CompleteRequest();
}
else
{
_pageCache.Layout.Site.RedirectToDefaultPage();
}
return;
}
else
{
CurrentPerson = null;
CurrentUser = null;
}
}
var rockContext = new RockContext();
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "CreateRockContext [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// If the impersonated query key was included then set the current person
Page.Trace.Warn( "Checking for person impersanation" );
string impersonatedPersonKey = PageParameter( "rckipid" );
if ( !String.IsNullOrEmpty( impersonatedPersonKey ) )
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( impersonatedPersonKey );
if ( impersonatedPerson == null )
{
impersonatedPerson = personService.GetByUrlEncodedKey( impersonatedPersonKey );
}
if ( impersonatedPerson != null )
{
Rock.Security.Authorization.SetAuthCookie( "rckipid=" + impersonatedPerson.EncryptedKey, false, true );
CurrentUser = impersonatedPerson.GetImpersonatedUser();
}
}
// Get current user/person info
Page.Trace.Warn( "Getting CurrentUser" );
Rock.Model.UserLogin user = CurrentUser;
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "GetCurrentUser [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// If there is a logged in user, see if it has an associated Person Record. If so, set the UserName to
// the person's full name (which is then cached in the Session state for future page requests)
if ( user != null )
{
Page.Trace.Warn( "Setting CurrentPerson" );
UserName = user.UserName;
int? personId = user.PersonId;
if ( personId.HasValue )
{
string personNameKey = "PersonName_" + personId.Value.ToString();
if ( Session[personNameKey] != null )
{
UserName = Session[personNameKey].ToString();
}
else
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person person = personService.Get( personId.Value );
if ( person != null )
{
UserName = person.FullName;
CurrentPerson = person;
}
Session[personNameKey] = UserName;
}
}
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "GetCurrentPerson [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// check that they aren't required to change their password
if ( user.IsPasswordChangeRequired == true && Site.ChangePasswordPageReference != null )
{
// don't redirect if this is the change password page
if ( Site.ChangePasswordPageReference.PageId != this.PageId )
{
Site.RedirectToChangePasswordPage( true, true );
}
}
}
// If a PageInstance exists
if ( _pageCache != null )
{
BrowserTitle = _pageCache.BrowserTitle;
PageTitle = _pageCache.PageTitle;
PageIcon = _pageCache.IconCssClass;
BodyCssClass = _pageCache.BodyCssClass;
// If there's a master page, update its reference to Current Page
if ( this.Master is RockMasterPage )
{
( (RockMasterPage)this.Master ).SetPage( _pageCache );
}
// Add CSS class to body
if ( !string.IsNullOrWhiteSpace( this.BodyCssClass ) )
{
// attempt to find the body tag
var body = (HtmlGenericControl)this.Master.FindControl( "body" );
if ( body != null )
{
body.Attributes.Add( "class", this.BodyCssClass );
}
}
// check if page should have been loaded via ssl
Page.Trace.Warn( "Checking for SSL request" );
if ( !Request.IsSecureConnection && (_pageCache.RequiresEncryption || Site.RequiresEncryption) )
{
string redirectUrl = Request.Url.ToString().Replace( "http:", "https:" );
Response.Redirect( redirectUrl, false );
Context.ApplicationInstance.CompleteRequest();
return;
}
// Verify that the current user is allowed to view the page.
Page.Trace.Warn( "Checking if user is authorized" );
var isCurrentPersonAuthorized = _pageCache.IsAuthorized( Authorization.VIEW, CurrentPerson );
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "isCurrentPersonAuthorized [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
if ( !isCurrentPersonAuthorized )
{
if ( user == null )
{
// If not authorized, and the user hasn't logged in yet, redirect to the login page
Page.Trace.Warn( "Redirecting to login page" );
var site = _pageCache.Layout.Site;
if ( site.LoginPageId.HasValue )
{
site.RedirectToLoginPage( true );
}
else
{
FormsAuthentication.RedirectToLoginPage();
}
}
else
{
// If not authorized, and the user has logged in, redirect to error page
Page.Trace.Warn( "Redirecting to error page" );
Response.Redirect( "~/Error.aspx?type=security", false );
Context.ApplicationInstance.CompleteRequest();
}
}
else
{
// Set current models (context)
Page.Trace.Warn( "Checking for Context" );
ModelContext = new Dictionary<string, Data.KeyEntity>();
try
{
char[] delim = new char[1] { ',' };
// Check to see if a context from query string should be saved to a cookie first
foreach ( string param in PageParameter( "SetContext", true ).Split( delim, StringSplitOptions.RemoveEmptyEntries ) )
{
string[] parts = param.Split( '|' );
if ( parts.Length == 2 )
{
var contextModelEntityType = EntityTypeCache.Read( parts[0], false, rockContext );
int? contextId = parts[1].AsIntegerOrNull();
if ( contextModelEntityType != null && contextId.HasValue )
{
var contextModelType = contextModelEntityType.GetEntityType();
var contextDbContext = Reflection.GetDbContextForEntityType( contextModelType );
if ( contextDbContext != null )
{
var contextService = Reflection.GetServiceForEntityType( contextModelType, contextDbContext );
if ( contextService != null )
{
MethodInfo getMethod = contextService.GetType().GetMethod( "Get", new Type[] { typeof( int ) } );
if ( getMethod != null )
{
var getResult = getMethod.Invoke( contextService, new object[] { contextId.Value } );
var contextEntity = getResult as IEntity;
if ( contextEntity != null )
{
SetContextCookie( contextEntity, false, false );
}
}
}
}
}
}
}
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "Set Page Context(s) [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// first search the cookies for any saved context, but pageContext can replace it
GetCookieContext( GetContextCookieName( false ) ); // Site
GetCookieContext( GetContextCookieName( true ) ); // Page (will replace any site values)
// check for page context
foreach ( var pageContext in _pageCache.PageContexts )
{
int? contextId = PageParameter( pageContext.Value ).AsIntegerOrNull();
if ( contextId.HasValue )
{
ModelContext.AddOrReplace( pageContext.Key, new Data.KeyEntity( contextId.Value ) );
}
}
// check for any encrypted contextkeys specified in query string
foreach ( string param in PageParameter( "context", true ).Split( delim, StringSplitOptions.RemoveEmptyEntries ) )
{
string contextItem = Rock.Security.Encryption.DecryptString( param );
string[] parts = contextItem.Split( '|' );
if ( parts.Length == 2 )
{
ModelContext.AddOrReplace( parts[0], new Data.KeyEntity( parts[1] ) );
}
}
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "Check Page Context(s) [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
}
catch
{
// intentionally ignore exception
}
// set viewstate on/off
this.EnableViewState = _pageCache.EnableViewState;
Page.Trace.Warn( "Checking if user can administer" );
canAdministratePage = _pageCache.IsAuthorized( Authorization.ADMINISTRATE, CurrentPerson );
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "canAdministratePage [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// Create a javascript object to store information about the current page for client side scripts to use
Page.Trace.Warn( "Creating JS objects" );
if ( !ClientScript.IsStartupScriptRegistered( "rock-js-object" ) )
{
string script = string.Format( @"
Rock.settings.initialize({{
siteId: {0},
layoutId: {1},
pageId: {2},
layout: '{3}',
baseUrl: '{4}'
}});",
_pageCache.Layout.SiteId, _pageCache.LayoutId, _pageCache.Id, _pageCache.Layout.FileName, ResolveUrl( "~" ) );
ClientScript.RegisterStartupScript( this.Page.GetType(), "rock-js-object", script, true );
}
AddTriggerPanel();
// Add config elements
if ( _pageCache.IncludeAdminFooter )
{
Page.Trace.Warn( "Adding popup controls (footer elements)" );
AddPopupControls();
Page.Trace.Warn( "Adding zone elements" );
AddZoneElements( canAdministratePage );
}
// Initialize the list of breadcrumbs for the current page (and blocks on the page)
Page.Trace.Warn( "Setting breadcrumbs" );
PageReference.BreadCrumbs = new List<BreadCrumb>();
// If the page is configured to display in the breadcrumbs...
string bcName = _pageCache.BreadCrumbText;
if ( bcName != string.Empty )
{
PageReference.BreadCrumbs.Add( new BreadCrumb( bcName, PageReference.BuildUrl() ) );
}
// Add the Google Analytics Code script if a code was specified for the site
if ( !string.IsNullOrWhiteSpace( _pageCache.Layout.Site.GoogleAnalyticsCode ) )
{
AddGoogleAnalytics( _pageCache.Layout.Site.GoogleAnalyticsCode );
}
// Flag indicating if user has rights to administer one or more of the blocks on page
bool canAdministrateBlockOnPage = false;
if ( showDebugTimings )
{
slDebugTimings.AppendFormat( "start loading blocks [{0}ms]\n", stopwatchInitEvents.Elapsed.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
// Load the blocks and insert them into page zones
Page.Trace.Warn( "Loading Blocks" );
var pageBlocks = _pageCache.Blocks;
foreach ( Rock.Web.Cache.BlockCache block in pageBlocks )
{
var stopwatchBlockInit= Stopwatch.StartNew();
Page.Trace.Warn( string.Format( "\tLoading '{0}' block", block.Name ) );
// Get current user's permissions for the block instance
Page.Trace.Warn( "\tChecking permission" );
bool canAdministrate = block.IsAuthorized( Authorization.ADMINISTRATE, CurrentPerson );
bool canEdit = block.IsAuthorized( Authorization.EDIT, CurrentPerson );
bool canView = block.IsAuthorized( Authorization.VIEW, CurrentPerson );
// Make sure user has access to view block instance
if ( canAdministrate || canEdit || canView )
{
// Load the control and add to the control tree
Page.Trace.Warn( "\tLoading control" );
Control control = null;
// Check to see if block is configured to use a "Cache Duration'
if ( block.OutputCacheDuration > 0 )
{
// Cache object used for block output caching
Page.Trace.Warn( "Getting memory cache" );
RockMemoryCache cache = RockMemoryCache.Default;
string blockCacheKey = string.Format( "Rock:BlockOutput:{0}", block.Id );
if ( cache.Contains( blockCacheKey ) )
{
// If the current block exists in our custom output cache, add the cached output instead of adding the control
control = new LiteralControl( cache[blockCacheKey] as string );
}
}
if ( control == null )
{
try
{
control = TemplateControl.LoadControl( block.BlockType.Path );
control.ClientIDMode = ClientIDMode.AutoID;
}
catch ( Exception ex )
{
NotificationBox nbBlockLoad = new NotificationBox();
nbBlockLoad.ID = string.Format( "nbBlockLoad_{0}", block.Id );
nbBlockLoad.CssClass = "system-error";
nbBlockLoad.NotificationBoxType = NotificationBoxType.Danger;
nbBlockLoad.Text = string.Format( "Error Loading Block: {0}", block.Name );
nbBlockLoad.Details = string.Format( "{0}<pre>{1}</pre>", HttpUtility.HtmlEncode( ex.Message ), HttpUtility.HtmlEncode( ex.StackTrace ) );
nbBlockLoad.Dismissable = true;
control = nbBlockLoad;
if ( this.IsPostBack )
{
// throw an error on PostBack so that the ErrorPage gets shown (vs nothing happening)
throw;
}
}
}
if ( control != null )
{
if ( canAdministrate || ( canEdit && control is RockBlockCustomSettings ) )
{
canAdministrateBlockOnPage = true;
}
// If the current control is a block, set its properties
var blockControl = control as RockBlock;
if ( blockControl != null )
{
Page.Trace.Warn( "\tSetting block properties" );
blockControl.SetBlock( _pageCache, block, canEdit, canAdministrate );
control = new RockBlockWrapper( blockControl );
// Add any breadcrumbs to current page reference that the block creates
Page.Trace.Warn( "\tAdding any breadcrumbs from block" );
if ( block.BlockLocation == BlockLocation.Page )
{
blockControl.GetBreadCrumbs( PageReference ).ForEach( c => PageReference.BreadCrumbs.Add( c ) );
}
// If the blocktype's security actions have not yet been loaded, load them now
block.BlockType.SetSecurityActions( blockControl );
// If the block's AttributeProperty values have not yet been verified verify them.
// (This provides a mechanism for block developers to define the needed block
// attributes in code and have them automatically added to the database)
Page.Trace.Warn( "\tChecking if block attributes need refresh" );
if ( !block.BlockType.IsInstancePropertiesVerified )
{
Page.Trace.Warn( "\tCreating block attributes" );
if ( blockControl.CreateAttributes( rockContext ) )
{
// If attributes were updated, update the block attributes for all blocks in page of same type
pageBlocks
.Where( b => b.BlockTypeId == block.BlockTypeId )
.ToList()
.ForEach( b => b.ReloadAttributeValues() );
}
block.BlockType.IsInstancePropertiesVerified = true;
}
}
}
FindZone( block.Zone ).Controls.Add( control );
if ( control is RockBlockWrapper )
{
( (RockBlockWrapper)control ).EnsureBlockControls();
}
if ( showDebugTimings )
{
stopwatchBlockInit.Stop();
slDebugTimings.AppendFormat(
"create/init block {0} <span class='label label-{2}'>[{1}ms]</span>\n",
block.Name,
stopwatchBlockInit.Elapsed.TotalMilliseconds,
stopwatchBlockInit.Elapsed.TotalMilliseconds > 500 ? "danger" : "info");
}
}
}
// Make the last crumb for this page the active one
Page.Trace.Warn( "Setting active breadcrumb" );
if ( PageReference.BreadCrumbs.Any() )
{
PageReference.BreadCrumbs.Last().Active = true;
}
Page.Trace.Warn( "Getting parent page references" );
var pageReferences = PageReference.GetParentPageReferences( this, _pageCache, PageReference );
pageReferences.Add( PageReference );
PageReference.SavePageReferences( pageReferences );
// Update breadcrumbs
Page.Trace.Warn( "Updating breadcrumbs" );
BreadCrumbs = new List<BreadCrumb>();
foreach ( var pageReference in pageReferences )
{
pageReference.BreadCrumbs.ForEach( c => BreadCrumbs.Add( c ) );
}
// Add the page admin footer if the user is authorized to edit the page
if ( _pageCache.IncludeAdminFooter && ( canAdministratePage || canAdministrateBlockOnPage ) )
{
// Add the page admin script
AddScriptLink( Page, "~/Scripts/Bundles/RockAdmin", false );
Page.Trace.Warn( "Adding admin footer to page" );
HtmlGenericControl adminFooter = new HtmlGenericControl( "div" );
adminFooter.ID = "cms-admin-footer";
adminFooter.ClientIDMode = System.Web.UI.ClientIDMode.Static;
this.Form.Controls.Add( adminFooter );
phLoadStats = new PlaceHolder();
adminFooter.Controls.Add( phLoadStats );
HtmlGenericControl buttonBar = new HtmlGenericControl( "div" );
adminFooter.Controls.Add( buttonBar );
buttonBar.Attributes.Add( "class", "button-bar" );
// RockBlock Config
HtmlGenericControl aBlockConfig = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aBlockConfig );
aBlockConfig.Attributes.Add( "class", "btn block-config" );
aBlockConfig.Attributes.Add( "href", "javascript: Rock.admin.pageAdmin.showBlockConfig();" );
aBlockConfig.Attributes.Add( "Title", "Block Configuration" );
HtmlGenericControl iBlockConfig = new HtmlGenericControl( "i" );
aBlockConfig.Controls.Add( iBlockConfig );
iBlockConfig.Attributes.Add( "class", "fa fa-th-large" );
if ( canAdministratePage )
{
// RockPage Properties
HtmlGenericControl aAttributes = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aAttributes );
aAttributes.ID = "aPageProperties";
aAttributes.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aAttributes.Attributes.Add( "class", "btn properties" );
aAttributes.Attributes.Add( "height", "500px" );
aAttributes.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( string.Format( "~/PageProperties/{0}?t=Page Properties", _pageCache.Id ) ) + "')" );
aAttributes.Attributes.Add( "Title", "Page Properties" );
HtmlGenericControl iAttributes = new HtmlGenericControl( "i" );
aAttributes.Controls.Add( iAttributes );
iAttributes.Attributes.Add( "class", "fa fa-cog" );
// Child Pages
HtmlGenericControl aChildPages = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aChildPages );
aChildPages.ID = "aChildPages";
aChildPages.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aChildPages.Attributes.Add( "class", "btn page-child-pages" );
aChildPages.Attributes.Add( "height", "500px" );
aChildPages.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( string.Format( "~/pages/{0}?t=Child Pages&pb=&sb=Done", _pageCache.Id ) ) + "')" );
aChildPages.Attributes.Add( "Title", "Child Pages" );
HtmlGenericControl iChildPages = new HtmlGenericControl( "i" );
aChildPages.Controls.Add( iChildPages );
iChildPages.Attributes.Add( "class", "fa fa-sitemap" );
// RockPage Zones
HtmlGenericControl aPageZones = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aPageZones );
aPageZones.Attributes.Add( "class", "btn page-zones" );
aPageZones.Attributes.Add( "href", "javascript: Rock.admin.pageAdmin.showPageZones();" );
aPageZones.Attributes.Add( "Title", "Page Zones" );
HtmlGenericControl iPageZones = new HtmlGenericControl( "i" );
aPageZones.Controls.Add( iPageZones );
iPageZones.Attributes.Add( "class", "fa fa-columns" );
// RockPage Security
HtmlGenericControl aPageSecurity = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aPageSecurity );
aPageSecurity.ID = "aPageSecurity";
aPageSecurity.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aPageSecurity.Attributes.Add( "class", "btn page-security" );
aPageSecurity.Attributes.Add( "height", "500px" );
aPageSecurity.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( string.Format( "~/Secure/{0}/{1}?t=Page Security&pb=&sb=Done",
EntityTypeCache.Read( typeof( Rock.Model.Page ) ).Id, _pageCache.Id ) ) + "')" );
aPageSecurity.Attributes.Add( "Title", "Page Security" );
HtmlGenericControl iPageSecurity = new HtmlGenericControl( "i" );
aPageSecurity.Controls.Add( iPageSecurity );
iPageSecurity.Attributes.Add( "class", "fa fa-lock" );
// System Info
HtmlGenericControl aSystemInfo = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aSystemInfo );
aSystemInfo.ID = "aSystemInfo";
aSystemInfo.ClientIDMode = System.Web.UI.ClientIDMode.Static;
aSystemInfo.Attributes.Add( "class", "btn system-info" );
aSystemInfo.Attributes.Add( "height", "500px" );
aSystemInfo.Attributes.Add( "href", "javascript: Rock.controls.modal.show($(this), '" + ResolveUrl( "~/SystemInfo?t=System Information&pb=&sb=Done" ) + "')" );
aSystemInfo.Attributes.Add( "Title", "Rock Information" );
HtmlGenericControl iSystemInfo = new HtmlGenericControl( "i" );
aSystemInfo.Controls.Add( iSystemInfo );
iSystemInfo.Attributes.Add( "class", "fa fa-info-circle" );
}
}
// Check to see if page output should be cached. The RockRouteHandler
// saves the PageCacheData information for the current page to memorycache
// so it should always exist
if ( _pageCache.OutputCacheDuration > 0 )
{
Response.Cache.SetCacheability( System.Web.HttpCacheability.Public );
Response.Cache.SetExpires( RockDateTime.Now.AddSeconds( _pageCache.OutputCacheDuration ) );
Response.Cache.SetValidUntilExpires( true );
}
// create a page view transaction if enabled
if ( !Page.IsPostBack && _pageCache != null )
{
if ( _pageCache.Layout.Site.EnablePageViews )
{
PageViewTransaction transaction = new PageViewTransaction();
transaction.DateViewed = RockDateTime.Now;
transaction.PageId = _pageCache.Id;
transaction.SiteId = _pageCache.Layout.Site.Id;
if ( CurrentPersonAlias != null )
{
transaction.PersonAliasId = CurrentPersonAlias.Id;
}
transaction.IPAddress = GetClientIpAddress();
transaction.UserAgent = Request.UserAgent ?? "";
transaction.Url = Request.Url.ToString();
transaction.PageTitle = _pageCache.PageTitle;
var sessionId = Session["RockSessionID"];
if ( sessionId != null )
{
transaction.SessionId = sessionId.ToString();
}
RockQueue.TransactionQueue.Enqueue( transaction );
}
}
}
stopwatchInitEvents.Restart();
string pageTitle = BrowserTitle ?? string.Empty;
string siteTitle = _pageCache.Layout.Site.Name;
string seperator = pageTitle.Trim() != string.Empty && siteTitle.Trim() != string.Empty ? " | " : "";
base.Title = pageTitle + seperator + siteTitle;
if ( !string.IsNullOrWhiteSpace( _pageCache.Description ) )
{
HtmlMeta metaTag = new HtmlMeta();
metaTag.Attributes.Add( "name", "description" );
metaTag.Attributes.Add( "content", _pageCache.Description.Trim() );
AddMetaTag( this.Page, metaTag );
}
if ( !string.IsNullOrWhiteSpace( _pageCache.KeyWords ) )
{
HtmlMeta metaTag = new HtmlMeta();
metaTag.Attributes.Add( "name", "keywords" );
metaTag.Attributes.Add( "content", _pageCache.KeyWords.Trim() );
AddMetaTag( this.Page, metaTag );
}
if (!string.IsNullOrWhiteSpace( _pageCache.Layout.Site.PageHeaderContent ))
{
Page.Header.Controls.Add( new LiteralControl( _pageCache.Layout.Site.PageHeaderContent ) );
}
if ( !string.IsNullOrWhiteSpace( _pageCache.HeaderContent ) )
{
Page.Header.Controls.Add( new LiteralControl( _pageCache.HeaderContent ) );
}
if ( !_pageCache.AllowIndexing || !_pageCache.Layout.Site.AllowIndexing )
{
Page.Header.Controls.Add( new LiteralControl( "<meta name=\"robots\" content=\"noindex, nofollow\"/>" ) );
}
if ( showDebugTimings )
{
TimeSpan tsDuration = RockDateTime.Now.Subtract( (DateTime)Context.Items["Request_Start_Time"] );
slDebugTimings.AppendFormat( "done oninit [{0}ms] @ {1} \n", stopwatchInitEvents.Elapsed.TotalMilliseconds, tsDuration.TotalMilliseconds );
stopwatchInitEvents.Restart();
}
if ( showDebugTimings && canAdministratePage )
{
Page.Form.Controls.Add( new Label
{
ID="lblShowDebugTimings",
Text = string.Format( "<pre>{0}</pre>", slDebugTimings.ToString() )
} );
}
}
}
/// <summary>
/// Returns the <see cref="Rock.Model.UserLogin"/>
/// </summary>
/// <param name="userIsOnline">A <see cref="System.Boolean"/> value that returns the logged in user if <c>true</c>; otherwise can return the impersonated user</param>
/// <returns>The current <see cref="Rock.Model.UserLogin"/></returns>
public static UserLogin GetCurrentUser( bool userIsOnline )
{
var rockContext = new RockContext();
string userName = UserLogin.GetCurrentUserName();
if ( userName != string.Empty )
{
if ( userName.StartsWith( "rckipid=" ) )
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( userName.Substring( 8 ) );
if ( impersonatedPerson != null )
return impersonatedPerson.GetImpersonatedUser();
}
else
{
var userLoginService = new UserLoginService( rockContext );
UserLogin user = userLoginService.GetByUserName( userName );
if ( user != null && userIsOnline )
{
// Save last activity date
var transaction = new Rock.Transactions.UserLastActivityTransaction();
transaction.UserId = user.Id;
transaction.LastActivityDate = RockDateTime.Now;
if ( ( user.IsConfirmed ?? true ) && !( user.IsLockedOut ?? false ) )
{
if ( HttpContext.Current != null && HttpContext.Current.Session != null )
{
if ( HttpContext.Current.Session["RockUserId"] != null )
{
transaction.SessionUserId = (int)HttpContext.Current.Session["RockUserId"];
}
HttpContext.Current.Session["RockUserId"] = user.Id;
}
// see if there is already a LastActivitytransaction queued for this user, and just update its LastActivityDate instead of adding another to the queue
var userLastActivity = Rock.Transactions.RockQueue.TransactionQueue.ToArray().OfType<Rock.Transactions.UserLastActivityTransaction>()
.Where( a => a.UserId == transaction.UserId && a.SessionUserId == transaction.SessionUserId ).FirstOrDefault();
if ( userLastActivity != null )
{
userLastActivity.LastActivityDate = transaction.LastActivityDate;
}
else
{
Rock.Transactions.RockQueue.TransactionQueue.Enqueue( transaction );
}
}
else
{
transaction.IsOnLine = false;
Rock.Transactions.RockQueue.TransactionQueue.Enqueue( transaction );
FormsAuthentication.SignOut();
return null;
}
}
return user;
}
}
return null;
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
var controller = actionContext.ActionDescriptor.ControllerDescriptor;
string controllerClassName = controller.ControllerType.FullName;
string actionMethod = actionContext.Request.Method.Method;
string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate.Replace("{controller}", controller.ControllerName);
//// find any additional arguments that aren't part of the RouteTemplate that qualified the action method
//// for example: ~/person/search?name={name}&includeHtml={includeHtml}&includeDetails={includeDetails}&includeBusinesses={includeBusinesses}
//// is a different action method than ~/person/search?name={name}
var routeQueryParams = actionContext.ActionArguments.Where(a => !actionPath.Contains("{" + a.Key + "}"));
if (routeQueryParams.Any())
{
var actionPathQueryString = routeQueryParams.Select(a => string.Format("{0}={{{0}}}", a.Key)).ToList().AsDelimited("&");
actionPath += "?" + actionPathQueryString;
}
ISecured item = RestActionCache.Get(actionMethod + actionPath);
if (item == null)
{
item = RestControllerCache.Get(controllerClassName);
if (item == null)
{
item = new RestController();
}
}
Person person = null;
if (actionContext.Request.Properties.Keys.Contains("Person"))
{
person = actionContext.Request.Properties["Person"] as Person;
}
else
{
var principal = actionContext.Request.GetUserPrincipal();
if (principal != null && principal.Identity != null)
{
using (var rockContext = new RockContext())
{
string userName = principal.Identity.Name;
UserLogin userLogin = null;
if (userName.StartsWith("rckipid="))
{
Rock.Model.PersonService personService = new Model.PersonService(rockContext);
Rock.Model.Person impersonatedPerson = personService.GetByImpersonationToken(userName.Substring(8), false, null);
if (impersonatedPerson != null)
{
userLogin = impersonatedPerson.GetImpersonatedUser();
}
}
else
{
var userLoginService = new Rock.Model.UserLoginService(rockContext);
userLogin = userLoginService.GetByUserName(userName);
}
if (userLogin != null)
{
person = userLogin.Person;
actionContext.Request.Properties.Add("Person", person);
}
}
}
}
string action = actionMethod.Equals("GET", StringComparison.OrdinalIgnoreCase) ?
Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT;
if (!item.IsAuthorized(action, person))
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
/// <summary>
/// Loads all of the configured blocks for the current page into the control tree
/// </summary>
/// <param name="e"></param>
protected override void OnInit( EventArgs e )
{
// Add the ScriptManager to each page
ScriptManager sm = ScriptManager.GetCurrent( this.Page );
if ( sm == null )
{
sm = new ScriptManager();
sm.ID = "sManager";
Page.Form.Controls.AddAt( 0, sm );
}
// Recurse the page controls to find the rock page title and zone controls
PageTitles = new List<PageTitle>();
Zones = new Dictionary<string, KeyValuePair<string, Zone>>();
FindRockControls( this.Controls );
// Add a Rock version meta tag
string version = typeof( Rock.Web.UI.RockPage ).Assembly.GetName().Version.ToString();
HtmlMeta rockVersion = new HtmlMeta();
rockVersion.Attributes.Add( "name", "generator" );
rockVersion.Attributes.Add( "content", string.Format( "Rock v{0}", version ) );
AddMetaTag( this.Page, rockVersion );
// If the logout parameter was entered, delete the user's forms authentication cookie and redirect them
// back to the same page.
if ( PageParameter( "logout" ) != string.Empty )
{
FormsAuthentication.SignOut();
CurrentPerson = null;
CurrentUser = null;
Response.Redirect( BuildUrl( new PageReference( CurrentPage.Id, CurrentPage.RouteId ), null ), false);
Context.ApplicationInstance.CompleteRequest();
return;
}
// If the impersonated query key was included then set the current person
string impersonatedPersonKey = PageParameter( "rckipid" );
if ( !String.IsNullOrEmpty( impersonatedPersonKey ) )
{
Rock.Model.PersonService personService = new Model.PersonService();
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( impersonatedPersonKey );
if ( impersonatedPerson != null )
{
Rock.Security.Authorization.SetAuthCookie( "rckipid=" + impersonatedPerson.EncryptedKey, false, true );
CurrentUser = impersonatedPerson.ImpersonatedUser;
}
}
// Get current user/person info
Rock.Model.UserLogin user = CurrentUser;
// If there is a logged in user, see if it has an associated Person Record. If so, set the UserName to
// the person's full name (which is then cached in the Session state for future page requests)
if ( user != null )
{
UserName = user.UserName;
int? personId = user.PersonId;
if ( personId.HasValue )
{
string personNameKey = "PersonName_" + personId.Value.ToString();
if ( Session[personNameKey] != null )
{
UserName = Session[personNameKey].ToString();
}
else
{
Rock.Model.PersonService personService = new Model.PersonService();
Rock.Model.Person person = personService.Get( personId.Value );
if ( person != null )
{
UserName = person.FullName;
CurrentPerson = person;
}
Session[personNameKey] = UserName;
}
}
}
// If a PageInstance exists
if ( CurrentPage != null )
{
// check if page should have been loaded via ssl
if ( !Request.IsSecureConnection && CurrentPage.RequiresEncryption )
{
string redirectUrl = Request.Url.ToString().Replace( "http:", "https:" );
Response.Redirect( redirectUrl, false );
Context.ApplicationInstance.CompleteRequest();
return;
}
// Verify that the current user is allowed to view the page. If not, and
// the user hasn't logged in yet, redirect to the login page
if ( !CurrentPage.IsAuthorized( "View", CurrentPerson ) )
{
if ( user == null )
{
FormsAuthentication.RedirectToLoginPage();
}
}
else
{
// Set current models (context)
CurrentPage.Context = new Dictionary<string, Data.KeyEntity>();
try
{
foreach ( var pageContext in CurrentPage.PageContexts )
{
int contextId = 0;
if ( Int32.TryParse( PageParameter( pageContext.Value ), out contextId ) )
CurrentPage.Context.Add( pageContext.Key, new Data.KeyEntity( contextId ) );
}
char[] delim = new char[1] { ',' };
foreach ( string param in PageParameter( "context" ).Split( delim, StringSplitOptions.RemoveEmptyEntries ) )
{
string contextItem = Rock.Security.Encryption.DecryptString( param );
string[] parts = contextItem.Split('|');
if (parts.Length == 2)
CurrentPage.Context.Add(parts[0], new Data.KeyEntity(parts[1]));
}
}
catch { }
// set page title
if ( CurrentPage.Title != null && CurrentPage.Title != "" )
SetTitle( CurrentPage.Title );
else
SetTitle( CurrentPage.Name );
// set viewstate on/off
this.EnableViewState = CurrentPage.EnableViewState;
// Cache object used for block output caching
ObjectCache cache = MemoryCache.Default;
bool canAdministratePage = CurrentPage.IsAuthorized( "Administrate", CurrentPerson );
// Create a javascript object to store information about the current page for client side scripts to use
string script = string.Format( @"
var rock = {{
pageId:{0},
layout:'{1}',
baseUrl:'{2}'
}};
",
CurrentPage.Id, CurrentPage.Layout, AppPath );
this.Page.ClientScript.RegisterStartupScript( this.GetType(), "rock-js-object", script, true );
// Add config elements
if ( CurrentPage.IncludeAdminFooter )
{
AddPopupControls();
if ( canAdministratePage )
AddConfigElements();
}
AddKendoScripts();
// Load the blocks and insert them into page zones
foreach ( Rock.Web.Cache.BlockCache block in CurrentPage.Blocks )
{
// Get current user's permissions for the block instance
bool canAdministrate = block.IsAuthorized( "Administrate", CurrentPerson );
bool canEdit = block.IsAuthorized( "Edit", CurrentPerson );
bool canView = block.IsAuthorized( "View", CurrentPerson );
// Make sure user has access to view block instance
if ( canAdministrate || canEdit || canView )
{
// Create block wrapper control (implements INamingContainer so child control IDs are unique for
// each block instance
HtmlGenericContainer blockWrapper = new HtmlGenericContainer( "div" );
blockWrapper.ID = string.Format( "bid_{0}", block.Id );
blockWrapper.Attributes.Add( "zoneloc", block.BlockLocation.ToString() );
blockWrapper.ClientIDMode = ClientIDMode.Static;
FindZone( block.Zone ).Controls.Add( blockWrapper );
blockWrapper.Attributes.Add( "class", "block-instance " +
( canAdministrate || canEdit ? "can-configure " : "" ) +
HtmlHelper.CssClassFormat( block.BlockType.Name ) );
// Check to see if block is configured to use a "Cache Duration'
string blockCacheKey = string.Format( "Rock:BlockInstanceOutput:{0}", block.Id );
if ( block.OutputCacheDuration > 0 && cache.Contains( blockCacheKey ) )
{
// If the current block exists in our custom output cache, add the cached output instead of adding the control
blockWrapper.Controls.Add( new LiteralControl( cache[blockCacheKey] as string ) );
}
else
{
// Load the control and add to the control tree
Control control;
try
{
control = TemplateControl.LoadControl( block.BlockType.Path );
control.ClientIDMode = ClientIDMode.AutoID;
}
catch ( Exception ex )
{
HtmlGenericControl div = new HtmlGenericControl( "div" );
div.Attributes.Add( "class", "alert-message block-message error" );
div.InnerHtml = string.Format( "Error Loading Block:<br/><br/><strong>{0}</strong>", ex.Message );
control = div;
}
RockBlock blockControl = null;
// Check to see if the control was a PartialCachingControl or not
if ( control is RockBlock )
blockControl = control as RockBlock;
else
{
if ( control is PartialCachingControl && ( (PartialCachingControl)control ).CachedControl != null )
blockControl = (RockBlock)( (PartialCachingControl)control ).CachedControl;
}
// If the current control is a block, set it's properties
if ( blockControl != null )
{
blockControl.CurrentPage = CurrentPage;
blockControl.CurrentBlock = block;
blockControl.ReadAdditionalActions();
// If the block's AttributeProperty values have not yet been verified verify them.
// (This provides a mechanism for block developers to define the needed block
// attributes in code and have them automatically added to the database)
if ( !block.BlockType.IsInstancePropertiesVerified )
{
blockControl.CreateAttributes();
block.BlockType.IsInstancePropertiesVerified = true;
}
// Add the block configuration scripts and icons if user is authorized
if ( CurrentPage.IncludeAdminFooter )
AddBlockConfig( blockWrapper, blockControl, block, canAdministrate, canEdit );
}
HtmlGenericContainer blockContent = new HtmlGenericContainer( "div" );
blockContent.Attributes.Add( "class", "block-content" );
blockWrapper.Controls.Add( blockContent );
// Add the block
blockContent.Controls.Add( control );
}
}
}
// Add favicon and apple touch icons to page
if ( CurrentPage.Site.FaviconUrl != null )
{
System.Web.UI.HtmlControls.HtmlLink faviconLink = new System.Web.UI.HtmlControls.HtmlLink();
faviconLink.Attributes.Add( "rel", "shortcut icon" );
faviconLink.Attributes.Add( "href", ResolveUrl( "~/" + CurrentPage.Site.FaviconUrl ) );
CurrentPage.AddHtmlLink( this.Page, faviconLink );
}
if ( CurrentPage.Site.AppleTouchIconUrl != null )
{
System.Web.UI.HtmlControls.HtmlLink touchLink = new System.Web.UI.HtmlControls.HtmlLink();
touchLink.Attributes.Add( "rel", "apple-touch-icon" );
touchLink.Attributes.Add( "href", ResolveUrl( "~/" + CurrentPage.Site.AppleTouchIconUrl ) );
CurrentPage.AddHtmlLink( this.Page, touchLink );
}
// Add the page admin footer if the user is authorized to edit the page
if ( CurrentPage.IncludeAdminFooter && canAdministratePage )
{
HtmlGenericControl adminFooter = new HtmlGenericControl( "div" );
adminFooter.ID = "cms-admin-footer";
adminFooter.ClientIDMode = System.Web.UI.ClientIDMode.Static;
this.Form.Controls.Add( adminFooter );
phLoadTime = new PlaceHolder();
adminFooter.Controls.Add( phLoadTime );
HtmlGenericControl buttonBar = new HtmlGenericControl( "div" );
adminFooter.Controls.Add( buttonBar );
buttonBar.Attributes.Add( "class", "button-bar" );
// RockBlock Config
HtmlGenericControl aBlockConfig = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aBlockConfig );
aBlockConfig.Attributes.Add( "class", "btn block-config" );
aBlockConfig.Attributes.Add( "href", "#" );
aBlockConfig.Attributes.Add( "Title", "Block Configuration" );
HtmlGenericControl iBlockConfig = new HtmlGenericControl( "i" );
aBlockConfig.Controls.Add( iBlockConfig );
iBlockConfig.Attributes.Add( "class", "icon-th-large" );
// RockPage Properties
HtmlGenericControl aAttributes = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aAttributes );
aAttributes.Attributes.Add( "class", "btn properties show-modal-iframe" );
aAttributes.Attributes.Add( "height", "500px" );
aAttributes.Attributes.Add( "href", ResolveUrl( string.Format( "~/PageProperties/{0}?t=Page Properties", CurrentPage.Id ) ) );
aAttributes.Attributes.Add( "Title", "Page Properties" );
HtmlGenericControl iAttributes = new HtmlGenericControl( "i" );
aAttributes.Controls.Add( iAttributes );
iAttributes.Attributes.Add( "class", "icon-cog" );
// Child Pages
HtmlGenericControl aChildPages = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aChildPages );
aChildPages.Attributes.Add( "class", "btn page-child-pages show-modal-iframe" );
aChildPages.Attributes.Add( "height", "500px" );
aChildPages.Attributes.Add( "href", ResolveUrl( string.Format( "~/pages/{0}?t=Child Pages&pb=&sb=Done", CurrentPage.Id ) ) );
aChildPages.Attributes.Add( "Title", "Child Pages" );
HtmlGenericControl iChildPages = new HtmlGenericControl( "i" );
aChildPages.Controls.Add( iChildPages );
iChildPages.Attributes.Add( "class", "icon-sitemap" );
// RockPage Zones
HtmlGenericControl aPageZones = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aPageZones );
aPageZones.Attributes.Add( "class", "btn page-zones" );
aPageZones.Attributes.Add( "href", "#" );
aPageZones.Attributes.Add( "Title", "Page Zones" );
HtmlGenericControl iPageZones = new HtmlGenericControl( "i" );
aPageZones.Controls.Add( iPageZones );
iPageZones.Attributes.Add( "class", "icon-columns" );
// RockPage Security
HtmlGenericControl aPageSecurity = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aPageSecurity );
aPageSecurity.Attributes.Add( "class", "btn page-security show-modal-iframe" );
aPageSecurity.Attributes.Add( "height", "500px" );
aPageSecurity.Attributes.Add( "href", ResolveUrl( string.Format( "~/Secure/{0}/{1}?t=Page Security&pb=&sb=Done",
Security.Authorization.EncodeEntityTypeName( CurrentPage.GetType() ), CurrentPage.Id ) ) );
aPageSecurity.Attributes.Add( "Title", "Page Security" );
HtmlGenericControl iPageSecurity = new HtmlGenericControl( "i" );
aPageSecurity.Controls.Add( iPageSecurity );
iPageSecurity.Attributes.Add( "class", "icon-lock" );
// System Info
HtmlGenericControl aSystemInfo = new HtmlGenericControl( "a" );
buttonBar.Controls.Add( aSystemInfo );
aSystemInfo.Attributes.Add( "class", "btn system-info show-modal-iframe" );
aSystemInfo.Attributes.Add( "height", "500px" );
aSystemInfo.Attributes.Add( "href", ResolveUrl( "~/SystemInfo?t=System Information&pb=&sb=Done" ) );
aSystemInfo.Attributes.Add( "Title", "Rock Information" );
HtmlGenericControl iSystemInfo = new HtmlGenericControl( "i" );
aSystemInfo.Controls.Add( iSystemInfo );
iSystemInfo.Attributes.Add( "class", "icon-info-sign" );
}
// Check to see if page output should be cached. The RockRouteHandler
// saves the PageCacheData information for the current page to memorycache
// so it should always exist
if ( CurrentPage.OutputCacheDuration > 0 )
{
Response.Cache.SetCacheability( System.Web.HttpCacheability.Public );
Response.Cache.SetExpires( DateTime.Now.AddSeconds( CurrentPage.OutputCacheDuration ) );
Response.Cache.SetValidUntilExpires( true );
}
}
}
}
/// <summary>
/// Returns the <see cref="Rock.Model.UserLogin"/>
/// </summary>
/// <param name="userIsOnline">A <see cref="System.Boolean"/> value that returns the logged in user if <c>true</c>; otherwise can return the impersonated user</param>
/// <returns>The current <see cref="Rock.Model.UserLogin"/></returns>
public static UserLogin GetCurrentUser( bool userIsOnline )
{
string userName = UserLogin.GetCurrentUserName();
if ( userName != string.Empty )
{
if ( userName.StartsWith( "rckipid=" ) )
{
Rock.Model.PersonService personService = new Model.PersonService();
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( userName.Substring( 8 ) );
if ( impersonatedPerson != null )
return impersonatedPerson.ImpersonatedUser;
}
else
{
var userLoginService = new UserLoginService();
UserLogin user = userLoginService.GetByUserName( userName );
if ( user != null && userIsOnline )
{
// Save last activity date
var transaction = new Rock.Transactions.UserLastActivityTransaction();
transaction.UserId = user.Id;
transaction.LastActivityDate = DateTime.Now;
Rock.Transactions.RockQueue.TransactionQueue.Enqueue( transaction );
}
return user;
}
}
return null;
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
var controller = actionContext.ActionDescriptor.ControllerDescriptor;
string controllerClassName = controller.ControllerType.FullName;
string actionMethod = actionContext.Request.Method.Method;
string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate.Replace("{controller}", controller.ControllerName);
ISecured item = Rock.Web.Cache.RestActionCache.Read(actionMethod + actionPath);
if (item == null)
{
item = Rock.Web.Cache.RestControllerCache.Read(controllerClassName);
if (item == null)
{
item = new RestController();
}
}
Person person = null;
if (actionContext.Request.Properties.Keys.Contains("Person"))
{
person = actionContext.Request.Properties["Person"] as Person;
}
else
{
var principal = actionContext.Request.GetUserPrincipal();
if (principal != null && principal.Identity != null)
{
using (var rockContext = new RockContext())
{
string userName = principal.Identity.Name;
UserLogin userLogin = null;
if (userName.StartsWith("rckipid="))
{
Rock.Model.PersonService personService = new Model.PersonService(rockContext);
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey(userName.Substring(8));
if (impersonatedPerson != null)
{
userLogin = impersonatedPerson.GetImpersonatedUser();
}
}
else
{
var userLoginService = new Rock.Model.UserLoginService(rockContext);
userLogin = userLoginService.GetByUserName(userName);
}
if (userLogin != null)
{
person = userLogin.Person;
actionContext.Request.Properties.Add("Person", person);
}
}
}
}
string action = actionMethod.Equals("GET", StringComparison.OrdinalIgnoreCase) ?
Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT;
if (!item.IsAuthorized(action, person))
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting( HttpActionContext actionContext )
{
var controller = actionContext.ActionDescriptor.ControllerDescriptor;
string controllerClassName = controller.ControllerType.FullName;
string actionMethod = actionContext.Request.Method.Method;
string actionPath = actionContext.Request.GetRouteData().Route.RouteTemplate.Replace( "{controller}", controller.ControllerName );
//// find any additional arguments that aren't part of the RouteTemplate that qualified the action method
//// for example: ~/person/search?name={name}&includeHtml={includeHtml}&includeDetails={includeDetails}&includeBusinesses={includeBusinesses}
//// is a different action method than ~/person/search?name={name}
var routeQueryParams = actionContext.ActionArguments.Where(a => !actionPath.Contains("{" + a.Key + "}"));
if ( routeQueryParams.Any())
{
var actionPathQueryString = routeQueryParams.Select( a => string.Format( "{0}={{{0}}}", a.Key ) ).ToList().AsDelimited( "&" );
actionPath += "?" + actionPathQueryString;
}
ISecured item = Rock.Web.Cache.RestActionCache.Read( actionMethod + actionPath );
if ( item == null )
{
item = Rock.Web.Cache.RestControllerCache.Read( controllerClassName );
if ( item == null )
{
item = new RestController();
}
}
Person person = null;
if ( actionContext.Request.Properties.Keys.Contains( "Person" ) )
{
person = actionContext.Request.Properties["Person"] as Person;
}
else
{
var principal = actionContext.Request.GetUserPrincipal();
if ( principal != null && principal.Identity != null )
{
using ( var rockContext = new RockContext() )
{
string userName = principal.Identity.Name;
UserLogin userLogin = null;
if ( userName.StartsWith( "rckipid=" ) )
{
Rock.Model.PersonService personService = new Model.PersonService( rockContext );
Rock.Model.Person impersonatedPerson = personService.GetByEncryptedKey( userName.Substring( 8 ) );
if ( impersonatedPerson != null )
{
userLogin = impersonatedPerson.GetImpersonatedUser();
}
}
else
{
var userLoginService = new Rock.Model.UserLoginService( rockContext );
userLogin = userLoginService.GetByUserName( userName );
}
if ( userLogin != null )
{
person = userLogin.Person;
actionContext.Request.Properties.Add( "Person", person );
}
}
}
}
string action = actionMethod.Equals( "GET", StringComparison.OrdinalIgnoreCase ) ?
Rock.Security.Authorization.VIEW : Rock.Security.Authorization.EDIT;
if ( !item.IsAuthorized( action, person ) )
{
actionContext.Response = new HttpResponseMessage( HttpStatusCode.Unauthorized );
}
}