public ModuleAction(
int ID,
string Title,
string CmdName,
string CmdArg,
string Icon,
string Url,
string ClientScript,
bool UseActionEvent,
SecurityAccessLevel Secure,
bool Visible,
bool NewWindow)
{
_id = ID;
_title = Title;
_commandName = CmdName;
_commandArgument = CmdArg;
_icon = Icon;
_url = Url;
_clientScript = ClientScript;
_useActionEvent = UseActionEvent;
_secure = Secure;
_visible = Visible;
_newwindow = NewWindow;
}
public ModuleAction(
int ID,
string Title,
string CmdName,
string CmdArg,
string Icon,
string Url,
string ClientScript,
bool UseActionEvent,
SecurityAccessLevel Secure,
bool Visible,
bool NewWindow)
{
_id = ID;
_title = Title;
_commandName = CmdName;
_commandArgument = CmdArg;
_icon = Icon;
_url = Url;
_clientScript = ClientScript;
_useActionEvent = UseActionEvent;
_secure = Secure;
_visible = Visible;
_newwindow = NewWindow;
}
public ModuleAction Add(int ID, string Title, string CmdName, string CmdArg, string Icon, string Url, string ClientScript, bool UseActionEvent, SecurityAccessLevel Secure, bool Visible,
bool NewWindow)
{
ModuleAction ModAction = new ModuleAction(ID, Title, CmdName, CmdArg, Icon, Url, ClientScript, UseActionEvent, Secure, Visible,
NewWindow);
this.Add(ModAction);
return ModAction;
}
public MenuAction(string title, string image, string url, ActionType actionType, SecurityAccessLevel accessLevel = SecurityAccessLevel.EditRights, bool newWindow = false)
{
Title = title;
ActionType = actionType;
Image = image;
Url = url;
AccessLevel = accessLevel;
NewWindow = newWindow;
}
public static bool HasModuleAccess(SecurityAccessLevel AccessLevel, string permissionKey, ModuleInfo ModuleConfiguration)
{
bool blnAuthorized = false;
UserInfo objUser = UserController.GetCurrentUserInfo();
if (objUser != null && objUser.IsSuperUser)
{
blnAuthorized = true;
}
else
{
switch (AccessLevel)
{
case SecurityAccessLevel.Anonymous:
blnAuthorized = true;
break;
case SecurityAccessLevel.View:
if (TabPermissionController.CanViewPage() || CanViewModule(ModuleConfiguration))
{
blnAuthorized = true;
}
break;
case SecurityAccessLevel.Edit:
if (TabPermissionController.CanAddContentToPage())
{
blnAuthorized = true;
}
else
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE";
}
if (ModuleConfiguration != null && CanViewModule(ModuleConfiguration) && (HasModulePermission(ModuleConfiguration.ModulePermissions, permissionKey) || HasModulePermission(ModuleConfiguration.ModulePermissions, "EDIT")))
{
blnAuthorized = true;
}
}
break;
case SecurityAccessLevel.Admin:
if (TabPermissionController.CanAddContentToPage())
{
blnAuthorized = true;
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return(blnAuthorized);
}
protected override string ProcessToken(ModuleActionDto model, UserInfo accessingUser, Scope accessLevel)
{
var title = (!String.IsNullOrEmpty(model.TitleKey) && !String.IsNullOrEmpty(model.LocalResourceFile))
? Localization.GetString(model.TitleKey, model.LocalResourceFile)
: model.Title;
SecurityAccessLevel securityAccessLevel = SecurityAccessLevel.View;
if (!String.IsNullOrEmpty(model.SecurityAccessLevel))
{
switch (model.SecurityAccessLevel)
{
case "Edit":
securityAccessLevel = SecurityAccessLevel.Edit;
break;
case "Admin":
securityAccessLevel = SecurityAccessLevel.Admin;
break;
case "Host":
securityAccessLevel = SecurityAccessLevel.Host;
break;
default:
securityAccessLevel = SecurityAccessLevel.View;
break;
}
}
var moduleAction = new ModuleAction(_moduleContext.GetNextActionID())
{
Title = title,
Icon = model.Icon,
Secure = securityAccessLevel
};
if (string.IsNullOrEmpty(model.Script))
{
moduleAction.Url = _moduleContext.EditUrl(model.ControlKey);
}
else
{
moduleAction.Url = model.Script.StartsWith("javascript:", StringComparison.InvariantCultureIgnoreCase) ?
model.Script :
string.Format("javascript:{0}", model.Script);
}
_moduleActions.Add(moduleAction);
return(String.Empty);
}
private bool IsVisible(SecurityAccessLevel security)
{
bool isVisible = false;
if (ModulePermissionController.HasModuleAccess(security, Null.NullString, ModuleControl.ModuleContext.Configuration))
{
if ((RequireEditMode != true || ModuleControl.ModuleContext.PortalSettings.UserMode == PortalSettings.Mode.Edit) || (security == SecurityAccessLevel.Anonymous || security == SecurityAccessLevel.View))
{
isVisible = true;
}
}
return isVisible;
}
/// <Summary>
/// Initializes a new instance of the class using the specified parameters
/// </Summary>
/// <Param name="ID">This is the identifier to use for this action.</Param>
/// <Param name="Title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="CmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="Icon">The URL of the Icon to place next to this action</Param>
/// <Param name="Url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="UseActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="Secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="Visible">Whether this action will be displayed</Param>
public ModuleAction(int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible, bool newWindow)
{
this._id = id;
this._title = title;
this._commandName = cmdName;
this._commandArgument = cmdArg;
this._icon = icon;
this._url = url;
this._clientScript = clientScript;
this._useActionEvent = useActionEvent;
this._secure = secure;
this._visible = visible;
this._newwindow = newWindow;
}
private bool IsAuthorized()
{
bool authorized = false;
if (PageState.EditMode || !_editmode)
{
SecurityAccessLevel security = SecurityAccessLevel.Host;
if (Security == null)
{
string typename = ModuleState.ModuleType.Replace(Utilities.GetTypeNameLastSegment(ModuleState.ModuleType, 0) + ",", Action + ",");
Type moduleType = Type.GetType(typename);
if (moduleType != null)
{
var moduleobject = Activator.CreateInstance(moduleType) as IModuleControl;
security = moduleobject.SecurityAccessLevel;
}
else
{
security = SecurityAccessLevel.Anonymous; // occurs when an action does not have a corresponding module control
}
}
else
{
security = Security.Value;
}
switch (security)
{
case SecurityAccessLevel.Anonymous:
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, ModuleState.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, ModuleState.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
break;
case SecurityAccessLevel.Host:
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.HostRole);
break;
}
}
return(authorized);
}
private bool IsVisible(SecurityAccessLevel security)
{
bool isVisible = false;
if (ModulePermissionController.HasModuleAccess(security, Null.NullString, ModuleControl.ModuleContext.Configuration))
{
if ((RequireEditMode != true || ModuleControl.ModuleContext.PortalSettings.UserMode == PortalSettings.Mode.Edit) || (security == SecurityAccessLevel.Anonymous || security == SecurityAccessLevel.View))
{
isVisible = true;
}
}
return(isVisible);
}
///-----------------------------------------------------------------------------
/// <summary>
/// Initializes a new instance of the <see cref="T:DotNetNuke.ModuleAction"/> class
/// using the specified parameters
/// </summary>
/// <param name="id">This is the identifier to use for this action.</param>
/// <param name="title">This is the title that will be displayed for this action</param>
/// <param name="cmdName">The command name passed to the client when this action is
/// clicked.</param>
/// <param name="cmdArg">The command argument passed to the client when this action is
/// clicked.</param>
/// <param name="icon">The URL of the Icon to place next to this action</param>
/// <param name="url">The destination URL to redirect the client browser when this action is clicked.</param>
/// <param name="clientScript"></param>
/// <param name="useActionEvent">Determines whether client will receive an event notification</param>
/// <param name="secure">The security access level required for access to this action</param>
/// <param name="visible">Whether this action will be displayed</param>
/// <param name="newWindow"></param>
/// <remarks>The moduleaction constructor is used to set the various properties of
/// the <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> class at the time the instance is created.
/// </remarks>
/// <history>
/// [Joe] 10/26/2003 Created
/// [Nik Kalyani] 10/15/2004 Created multiple signatures to eliminate Optional parameters
/// </history>
///-----------------------------------------------------------------------------
public ModuleAction(int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible,
bool newWindow)
{
ID = id;
Title = title;
CommandName = cmdName;
CommandArgument = cmdArg;
Icon = icon;
Url = url;
ClientScript = clientScript;
UseActionEvent = useActionEvent;
Secure = secure;
Visible = visible;
NewWindow = newWindow;
Actions = new ModuleActionCollection();
}
private bool CanAddAction(SecurityAccessLevel access, bool checkAdminControl)
{
bool canAdd;
string userName = Null.NullString;
if (UserInfo != null)
{
userName = UserInfo.Username;
}
canAdd = PortalSecurity.HasNecessaryPermission(access, PortalSettings, ModuleConfiguration, userName);
if (canAdd && checkAdminControl)
{
canAdd = EditMode && !ModuleConfiguration.IsAdmin && !(Globals.IsAdminControl());
}
return(canAdd);
}
public static DotNetNuke.Security.SecurityAccessLevel ToDnnSecurityAccessLevel(this SecurityAccessLevel level)
{
switch (level)
{
case SecurityAccessLevel.View:
return(DotNetNuke.Security.SecurityAccessLevel.View);
case SecurityAccessLevel.EditRights:
return(DotNetNuke.Security.SecurityAccessLevel.Edit);
case SecurityAccessLevel.AdminRights:
return(DotNetNuke.Security.SecurityAccessLevel.Admin);
case SecurityAccessLevel.SuperUserRights:
return(DotNetNuke.Security.SecurityAccessLevel.Host);
default:
string msg = $"unknown SecurityAccessLevel {level}";
App.Services.Logger.Error(msg);
throw new NotImplementedException(msg);
}
}
///-----------------------------------------------------------------------------
/// <summary>
/// Initializes a new instance of the <see cref="T:DotNetNuke.ModuleAction"/> class
/// using the specified parameters
/// </summary>
/// <param name="id">This is the identifier to use for this action.</param>
/// <param name="title">This is the title that will be displayed for this action</param>
/// <param name="cmdName">The command name passed to the client when this action is
/// clicked.</param>
/// <param name="cmdArg">The command argument passed to the client when this action is
/// clicked.</param>
/// <param name="icon">The URL of the Icon to place next to this action</param>
/// <param name="url">The destination URL to redirect the client browser when this action is clicked.</param>
/// <param name="clientScript"></param>
/// <param name="useActionEvent">Determines whether client will receive an event notification</param>
/// <param name="secure">The security access level required for access to this action</param>
/// <param name="visible">Whether this action will be displayed</param>
/// <param name="newWindow"></param>
/// <remarks>The moduleaction constructor is used to set the various properties of
/// the <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> class at the time the instance is created.
/// </remarks>
/// <history>
/// [Joe] 10/26/2003 Created
/// [Nik Kalyani] 10/15/2004 Created multiple signatures to eliminate Optional parameters
/// </history>
///-----------------------------------------------------------------------------
public ModuleAction(int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible,
bool newWindow)
{
ID = id;
Title = title;
CommandName = cmdName;
CommandArgument = cmdArg;
Icon = icon;
Url = url;
ClientScript = clientScript;
UseActionEvent = useActionEvent;
Secure = secure;
Visible = visible;
NewWindow = newWindow;
Actions = new ModuleActionCollection();
}
public static bool HasModuleAccess(SecurityAccessLevel AccessLevel, string permissionKey, ModuleInfo ModuleConfiguration)
{
bool blnAuthorized = false;
UserInfo objUser = UserController.GetCurrentUserInfo();
if (objUser != null && objUser.IsSuperUser)
{
blnAuthorized = true;
}
else
{
switch (AccessLevel)
{
case SecurityAccessLevel.Anonymous:
blnAuthorized = true;
break;
case SecurityAccessLevel.View:
if (TabPermissionController.CanViewPage() || CanViewModule(ModuleConfiguration))
{
blnAuthorized = true;
}
break;
case SecurityAccessLevel.Edit:
if (TabPermissionController.CanAddContentToPage())
{
blnAuthorized = true;
}
else
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE";
}
if (ModuleConfiguration != null && CanViewModule(ModuleConfiguration) && (HasModulePermission(ModuleConfiguration.ModulePermissions, permissionKey) || HasModulePermission(ModuleConfiguration.ModulePermissions, "EDIT")))
{
blnAuthorized = true;
}
}
break;
case SecurityAccessLevel.Admin:
if (TabPermissionController.CanAddContentToPage())
{
blnAuthorized = true;
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return blnAuthorized;
}
/// <Summary>
/// Add an element of the specified to the end of the collection.
/// </Summary>
/// <Param name="id">This is the identifier to use for this action.</Param>
/// <Param name="title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="cmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="icon">The URL of the icon to place next to this action</Param>
/// <Param name="url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="useActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="visible">Whether this action will be displayed</Param>
/// <Returns>The index of the newly added</Returns>
public ModuleAction Add( int id, string title, string cmdName, string cmdArg, string icon, string url, bool useActionEvent, SecurityAccessLevel secure, bool visible, bool newWindow )
{
return this.Add( id, title, cmdName, cmdArg, icon, url, "", useActionEvent, secure, visible, newWindow );
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public static bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
bool isAuthorized = false;
UserInfo userInfo = UserController.GetCurrentUserInfo();
if (userInfo != null && userInfo.IsSuperUser)
{
isAuthorized = true;
}
else
{
switch (accessLevel)
{
case SecurityAccessLevel.Anonymous:
isAuthorized = true;
break;
case SecurityAccessLevel.View:
if (CanViewModule(moduleConfiguration))
{
isAuthorized = true;
}
break;
case SecurityAccessLevel.ViewPermissions:
isAuthorized = TabPermissionController.CanAddContentToPage();
break;
case SecurityAccessLevel.Edit:
if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) &&
TabPermissionController.CanAddContentToPage()))
{
if (TabPermissionController.CanAddContentToPage())
{
isAuthorized = true;
}
else
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE";
}
if (CanViewModule(moduleConfiguration) &&
(HasModulePermission(moduleConfiguration.ModulePermissions, permissionKey) ||
HasModulePermission(moduleConfiguration.ModulePermissions, "EDIT")))
{
isAuthorized = true;
}
}
}
break;
case SecurityAccessLevel.Admin:
if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) &&
TabPermissionController.CanAddContentToPage()))
{
isAuthorized = TabPermissionController.CanAddContentToPage();
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return(isAuthorized);
}
private bool CanAddAction(SecurityAccessLevel access, bool checkAdminControl)
{
bool canAdd;
string userName = Null.NullString;
if (UserInfo != null)
{
userName = UserInfo.Username;
}
canAdd = PortalSecurity.HasNecessaryPermission(access, PortalSettings, ModuleConfiguration, userName);
if (canAdd && checkAdminControl)
{
canAdd = EditMode && !ModuleConfiguration.IsAdmin && !(Globals.IsAdminControl());
}
return canAdd;
}
public static bool HasNecessaryPermission(SecurityAccessLevel AccessLevel, PortalSettings PortalSettings, ModuleInfo ModuleConfiguration, string UserName)
{
return(ModulePermissionController.HasModuleAccess(AccessLevel, "EDIT", ModuleConfiguration));
}
public MapAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
public DocBrowserAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
/// <Summary>
/// Add an element of the specified to the end of the collection.
/// </Summary>
/// <Param name="id">This is the identifier to use for this action.</Param>
/// <Param name="title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="cmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="icon">The URL of the icon to place next to this action</Param>
/// <Param name="url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="clientScript">
/// Client side script to be run when the this action is clicked.
/// </Param>
/// <Param name="useActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="visible">Whether this action will be displayed</Param>
/// <Returns>The index of the newly added</Returns>
public ModuleAction Add( int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible, bool newWindow )
{
ModuleAction moduleAction = new ModuleAction( id, title, cmdName, cmdArg, icon, url, clientScript, useActionEvent, secure, visible, newWindow );
this.Add( moduleAction );
return moduleAction;
}
public ModuleAction(int ID, string Title, string CmdName, string CmdArg, string Icon, string Url, string ClientScript, bool UseActionEvent, SecurityAccessLevel Secure, bool Visible) :
this(ID, Title, CmdName, CmdArg, Icon, Url, ClientScript, UseActionEvent, Secure, Visible, false)
{
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public static bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
bool isAuthorized = false;
UserInfo userInfo = UserController.GetCurrentUserInfo();
if (userInfo != null && userInfo.IsSuperUser)
{
isAuthorized = true;
}
else
{
switch (accessLevel)
{
case SecurityAccessLevel.Anonymous:
isAuthorized = true;
break;
case SecurityAccessLevel.View:
if (CanViewModule(moduleConfiguration))
{
isAuthorized = true;
}
break;
case SecurityAccessLevel.ViewPermissions:
isAuthorized = TabPermissionController.CanAddContentToPage();
break;
case SecurityAccessLevel.Edit:
if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly)
&& TabPermissionController.CanAddContentToPage()))
{
if (TabPermissionController.CanAddContentToPage())
{
isAuthorized = true;
}
else
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE";
}
if (CanViewModule(moduleConfiguration) &&
(HasModulePermission(moduleConfiguration.ModulePermissions, permissionKey)
|| HasModulePermission(moduleConfiguration.ModulePermissions, "EDIT")))
{
isAuthorized = true;
}
}
}
break;
case SecurityAccessLevel.Admin:
if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly)
&& TabPermissionController.CanAddContentToPage()))
{
isAuthorized = TabPermissionController.CanAddContentToPage();
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return isAuthorized;
}
/// -----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions.</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
/// -----------------------------------------------------------------------------
public static bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
return(_provider.HasModuleAccess(accessLevel, permissionKey, moduleConfiguration));
}
/// <Summary>
/// Initializes a new instance of the class using the specified parameters
/// </Summary>
/// <Param name="ID">This is the identifier to use for this action.</Param>
/// <Param name="Title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="CmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="Icon">The URL of the Icon to place next to this action</Param>
/// <Param name="Url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="UseActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="Secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="Visible">Whether this action will be displayed</Param>
public ModuleAction( int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible, bool newWindow )
{
this._id = id;
this._title = title;
this._commandName = cmdName;
this._commandArgument = cmdArg;
this._icon = icon;
this._url = url;
this._clientScript = clientScript;
this._useActionEvent = useActionEvent;
this._secure = secure;
this._visible = visible;
this._newwindow = newWindow;
}
/// <summary>
/// Determines is user has the necessary permissions to access the an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="AccessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="PortalSettings">The PortalSettings for the current portal.</param>
/// <param name="ModuleConfiguration">The ModuleInfo object for the associated module.</param>
/// <param name="UserName">The Context.User.Identity.Name of the currently logged in user.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
public static bool HasNecessaryPermission( SecurityAccessLevel AccessLevel, PortalSettings PortalSettings, ModuleInfo ModuleConfiguration, string UserName )
{
bool blnAuthorized = true;
switch( AccessLevel )
{
case SecurityAccessLevel.Anonymous:
blnAuthorized = true;
break;
case SecurityAccessLevel.View: // view
if( IsInRole( PortalSettings.AdministratorRoleName.ToString() ) == false && IsInRoles( PortalSettings.ActiveTab.AdministratorRoles.ToString() ) == false )
{
if( !IsInRoles( ModuleConfiguration.AuthorizedViewRoles ) )
{
blnAuthorized = false;
}
}
break;
case SecurityAccessLevel.Edit: // edit
if( IsInRole( PortalSettings.AdministratorRoleName.ToString() ) == false && IsInRoles( PortalSettings.ActiveTab.AdministratorRoles.ToString() ) == false )
{
if( !IsInRoles( ModuleConfiguration.AuthorizedViewRoles ) )
{
blnAuthorized = false;
}
else
{
if( !HasEditPermissions( ModuleConfiguration.ModulePermissions ) )
{
blnAuthorized = false;
}
}
}
break;
case SecurityAccessLevel.Admin: // admin
if( IsInRole( PortalSettings.AdministratorRoleName.ToString() ) == false && IsInRoles( PortalSettings.ActiveTab.AdministratorRoles.ToString() ) == false )
{
blnAuthorized = false;
}
break;
case SecurityAccessLevel.Host: // host
// HACK : Modified to not error if object is null.
//if( UserName.Length > 0 )
if (!String.IsNullOrEmpty(UserName))
{
UserInfo objUserInfo = UserController.GetCurrentUserInfo();
if( !objUserInfo.IsSuperUser )
{
blnAuthorized = false;
}
}
else // no longer logged in
{
blnAuthorized = false;
}
break;
}
return blnAuthorized;
}
public ModuleAction( int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible ) : this( id, title, cmdName, cmdArg, icon, url, clientScript, useActionEvent, secure, visible, false )
{
}
public ApiBrowserMvcAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public virtual bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
bool isAuthorized = false;
UserInfo userInfo = UserController.Instance.GetCurrentUserInfo();
TabInfo tab = TabController.Instance.GetTab(moduleConfiguration.TabID, moduleConfiguration.PortalID, false);
if (userInfo != null && userInfo.IsSuperUser)
{
isAuthorized = true;
}
else
{
switch (accessLevel)
{
case SecurityAccessLevel.Anonymous:
isAuthorized = true;
break;
case SecurityAccessLevel.View:
if (ModulePermissionController.CanViewModule(moduleConfiguration))
{
isAuthorized = true;
}
break;
case SecurityAccessLevel.ViewPermissions:
isAuthorized = TabPermissionController.CanAddContentToPage(tab);
break;
case SecurityAccessLevel.Edit:
if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab)))
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EXPORT,IMPORT,MANAGE";
}
if (TabPermissionController.CanAddContentToPage())
{
//Need to check for Deny Edit at the Module Level
if (permissionKey == "CONTENT")
{
isAuthorized = !IsDeniedModulePermission(moduleConfiguration, permissionKey);
}
else
{
isAuthorized = true;
}
}
else
{
// Need to check if it was denied at Tab level
if (IsDeniedTabPermission(tab, "CONTENT,EDIT"))
{
isAuthorized = false;
}
else
{
isAuthorized = HasModulePermission(moduleConfiguration, permissionKey);
}
}
}
break;
case SecurityAccessLevel.Admin:
if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab)))
{
isAuthorized = TabPermissionController.CanAddContentToPage(tab);
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return(isAuthorized);
}
/// <Summary>
/// Add an element of the specified to the end of the collection.
/// </Summary>
/// <Param name="id">This is the identifier to use for this action.</Param>
/// <Param name="title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="cmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="icon">The URL of the icon to place next to this action</Param>
/// <Param name="url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="useActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="visible">Whether this action will be displayed</Param>
/// <Returns>The index of the newly added</Returns>
public ModuleAction Add( int id, string title, string cmdName, string cmdArg, string icon, string url, bool useActionEvent, SecurityAccessLevel secure, bool visible )
{
return Add( id, title, cmdName, cmdArg, icon, url, useActionEvent, secure, visible, false );
}
/// -----------------------------------------------------------------------------
/// <summary>
/// AddModuleControl adds a new Module Control to the system
/// </summary>
/// <remarks>
/// </remarks>
/// <param name="ModuleDefId">The Module Definition Id</param>
/// <param name="ControlKey">The key for this control in the Definition</param>
/// <param name="ControlTitle">The title of this control</param>
/// <param name="ControlSrc">Te source of ths control</param>
/// <param name="IconFile">The icon file</param>
/// <param name="ControlType">The type of control</param>
/// <param name="ViewOrder">The vieworder for this module</param>
/// <history>
/// [cnurse] 11/08/2004 documented
/// </history>
/// -----------------------------------------------------------------------------
public static void AddModuleControl(int ModuleDefId, string ControlKey, string ControlTitle, string ControlSrc, string IconFile, SecurityAccessLevel ControlType, int ViewOrder)
{
//Call Overload with HelpUrl = Null.NullString
AddModuleControl(ModuleDefId, ControlKey, ControlTitle, ControlSrc, IconFile, ControlType, ViewOrder, Null.NullString);
}
public < %= props.projectName %> AuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
public ModuleAction(int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible)
: this(id, title, cmdName, cmdArg, icon, url, clientScript, useActionEvent, secure, visible, false)
{
}
/// -----------------------------------------------------------------------------
/// <summary>
/// Initializes a new instance of the <see cref="ModuleAction"/> class
/// using the specified parameters.
/// </summary>
/// <param name="id">This is the identifier to use for this action.</param>
/// <param name="title">This is the title that will be displayed for this action.</param>
/// <param name="cmdName">The command name passed to the client when this action is
/// clicked.</param>
/// <param name="cmdArg">The command argument passed to the client when this action is
/// clicked.</param>
/// <param name="icon">The URL of the Icon to place next to this action.</param>
/// <param name="url">The destination URL to redirect the client browser when this action is clicked.</param>
/// <param name="clientScript"></param>
/// <param name="useActionEvent">Determines whether client will receive an event notification.</param>
/// <param name="secure">The security access level required for access to this action.</param>
/// <param name="visible">Whether this action will be displayed.</param>
/// <param name="newWindow"></param>
/// <remarks>The moduleaction constructor is used to set the various properties of
/// the <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> class at the time the instance is created.
/// </remarks>
/// -----------------------------------------------------------------------------
public ModuleAction(int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible,
bool newWindow)
{
this.ID = id;
this.Title = title;
this.CommandName = cmdName;
this.CommandArgument = cmdArg;
this.Icon = icon;
this.Url = url;
this.ClientScript = clientScript;
this.UseActionEvent = useActionEvent;
this.Secure = secure;
this.Visible = visible;
this.NewWindow = newWindow;
this.Actions = new ModuleActionCollection();
}
/// <Summary>
/// Add an element of the specified to the end of the collection.
/// </Summary>
/// <Param name="id">This is the identifier to use for this action.</Param>
/// <Param name="title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="cmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="icon">The URL of the icon to place next to this action</Param>
/// <Param name="url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="useActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="visible">Whether this action will be displayed</Param>
/// <Returns>The index of the newly added</Returns>
public ModuleAction Add(int id, string title, string cmdName, string cmdArg, string icon, string url, bool useActionEvent, SecurityAccessLevel secure, bool visible, bool newWindow)
{
return(this.Add(id, title, cmdName, cmdArg, icon, url, "", useActionEvent, secure, visible, newWindow));
}
private static void AddModuleControl(int ModuleDefId, string ControlKey, string ControlTitle, string ControlSrc, string IconFile, SecurityAccessLevel ControlType, int ViewOrder, string HelpURL, bool SupportsPartialRendering)
{
// check if module control exists
ModuleControlInfo objModuleControl = ModuleControlController.GetModuleControlByControlKey(ControlKey, ModuleDefId);
if (objModuleControl == null)
{
objModuleControl = new ModuleControlInfo();
objModuleControl.ModuleControlID = Null.NullInteger;
objModuleControl.ModuleDefID = ModuleDefId;
objModuleControl.ControlKey = ControlKey;
objModuleControl.ControlTitle = ControlTitle;
objModuleControl.ControlSrc = ControlSrc;
objModuleControl.ControlType = ControlType;
objModuleControl.ViewOrder = ViewOrder;
objModuleControl.IconFile = IconFile;
objModuleControl.SupportsPartialRendering = SupportsPartialRendering;
ModuleControlController.AddModuleControl(objModuleControl);
}
}
/// <summary>
/// AddModuleControl adds a new Module Control to the system
/// </summary>
/// <remarks>
/// </remarks>
/// <param name="ModuleDefId">The Module Definition Id</param>
/// <param name="ControlKey">The key for this control in the Definition</param>
/// <param name="ControlTitle">The title of this control</param>
/// <param name="ControlSrc">Te source of ths control</param>
/// <param name="IconFile">The icon file</param>
/// <param name="ControlType">The type of control</param>
/// <param name="ViewOrder">The vieworder for this module</param>
/// <param name="HelpURL">The Help Url</param>
private static void AddModuleControl(int ModuleDefId, string ControlKey, string ControlTitle, string ControlSrc, string IconFile, SecurityAccessLevel ControlType, int ViewOrder, string HelpURL)
{
ModuleControlController objModuleControls = new ModuleControlController();
// check if module control exists
ModuleControlInfo objModuleControl = objModuleControls.GetModuleControlByKeyAndSrc(ModuleDefId, ControlKey, ControlSrc);
if (objModuleControl == null)
{
objModuleControl = new ModuleControlInfo();
objModuleControl.ModuleControlID = Null.NullInteger;
objModuleControl.ModuleDefID = ModuleDefId;
objModuleControl.ControlKey = ControlKey;
objModuleControl.ControlTitle = ControlTitle;
objModuleControl.ControlSrc = ControlSrc;
objModuleControl.ControlType = ControlType;
objModuleControl.ViewOrder = ViewOrder;
objModuleControl.IconFile = IconFile;
objModuleControl.HelpURL = HelpURL;
objModuleControls.AddModuleControl(objModuleControl);
}
}
/// <Summary>
/// Add an element of the specified to the end of the collection.
/// </Summary>
/// <Param name="id">This is the identifier to use for this action.</Param>
/// <Param name="title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="cmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="icon">The URL of the icon to place next to this action</Param>
/// <Param name="url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="useActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="visible">Whether this action will be displayed</Param>
/// <Returns>The index of the newly added</Returns>
public ModuleAction Add(int id, string title, string cmdName, string cmdArg, string icon, string url, bool useActionEvent, SecurityAccessLevel secure, bool visible)
{
return(Add(id, title, cmdName, cmdArg, icon, url, useActionEvent, secure, visible, false));
}
public HitchARideAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
/// <Summary>
/// Add an element of the specified to the end of the collection.
/// </Summary>
/// <Param name="id">This is the identifier to use for this action.</Param>
/// <Param name="title">
/// This is the title that will be displayed for this action
/// </Param>
/// <Param name="cmdName">
/// The command name passed to the client when this action is clicked.
/// </Param>
/// <Param name="cmdArg">
/// The command argument passed to the client when this action is clicked.
/// </Param>
/// <Param name="icon">The URL of the icon to place next to this action</Param>
/// <Param name="url">
/// The destination URL to redirect the client browser when this action is clicked.
/// </Param>
/// <Param name="clientScript">
/// Client side script to be run when the this action is clicked.
/// </Param>
/// <Param name="useActionEvent">
/// Determines whether client will receive an event notification
/// </Param>
/// <Param name="secure">
/// The security access level required for access to this action
/// </Param>
/// <Param name="visible">Whether this action will be displayed</Param>
/// <Returns>The index of the newly added</Returns>
public ModuleAction Add(int id, string title, string cmdName, string cmdArg, string icon, string url, string clientScript, bool useActionEvent, SecurityAccessLevel secure, bool visible, bool newWindow)
{
ModuleAction moduleAction = new ModuleAction(id, title, cmdName, cmdArg, icon, url, clientScript, useActionEvent, secure, visible, newWindow);
this.Add(moduleAction);
return(moduleAction);
}
public void AddAction(string Title, string CmdName, string CmdArg, string Icon, string Url, bool UseActionEvent, SecurityAccessLevel Secure)
{
this.AddAction(Title, CmdName, CmdArg, Icon, Url, UseActionEvent, Secure, false, false);
}
public static bool HasNecessaryPermission(SecurityAccessLevel AccessLevel, PortalSettings PortalSettings, ModuleInfo ModuleConfiguration)
{
return ModulePermissionController.HasModuleAccess(AccessLevel, "EDIT", ModuleConfiguration);
}
public ModuleAction Add(int ID, string Title, string CmdName, string CmdArg, string Icon, string Url, bool UseActionEvent, SecurityAccessLevel Secure, bool Visible, bool NewWindow)
{
return this.Add(ID, Title, CmdName, CmdArg, Icon, Url, "", UseActionEvent, Secure, Visible,
NewWindow);
}
public ConferenceAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
/// -----------------------------------------------------------------------------
/// <summary>
/// Add an element of the specified <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> to the end of the collection.
/// </summary>
/// <param name="ID">This is the identifier to use for this action.</param>
/// <param name="Title">This is the title that will be displayed for this action.</param>
/// <param name="CmdName">The command name passed to the client when this action is
/// clicked.</param>
/// <param name="CmdArg">The command argument passed to the client when this action is
/// clicked.</param>
/// <param name="Icon">The URL of the Icon to place next to this action.</param>
/// <param name="Url">The destination URL to redirect the client browser when this
/// action is clicked.</param>
/// <param name="ClientScript">Client side script to be run when the this action is
/// clicked.</param>
/// <param name="UseActionEvent">Determines whether client will receive an event
/// notification.</param>
/// <param name="Secure">The security access level required for access to this action.</param>
/// <param name="Visible">Whether this action will be displayed.</param>
/// <param name="NewWindow">Whether open in new window.</param>
/// <returns>The index of the newly added <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" />.</returns>
/// <remarks>This method creates a new <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> with the specified
/// values, adds it to the collection and returns the index of the newly created ModuleAction.</remarks>
///
/// -----------------------------------------------------------------------------
public ModuleAction Add(int ID, string Title, string CmdName, string CmdArg, string Icon, string Url, string ClientScript, bool UseActionEvent, SecurityAccessLevel Secure, bool Visible,
bool NewWindow)
{
var ModAction = new ModuleAction(ID, Title, CmdName, CmdArg, Icon, Url, ClientScript, UseActionEvent, Secure, Visible, NewWindow);
this.Add(ModAction);
return(ModAction);
}
/// <summary>
/// Determines is user has the necessary permissions to access the an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="AccessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="PortalSettings">The PortalSettings for the current portal.</param>
/// <param name="ModuleConfiguration">The ModuleInfo object for the associated module.</param>
/// <param name="UserName">The Context.User.Identity.Name of the currently logged in user.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
public static bool HasNecessaryPermission(SecurityAccessLevel AccessLevel, PortalSettings PortalSettings, ModuleInfo ModuleConfiguration, string UserName)
{
bool blnAuthorized = true;
switch (AccessLevel)
{
case SecurityAccessLevel.Anonymous:
blnAuthorized = true;
break;
case SecurityAccessLevel.View: // view
if (IsInRole(PortalSettings.AdministratorRoleName.ToString()) == false && IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()) == false)
{
if (!IsInRoles(ModuleConfiguration.AuthorizedViewRoles))
{
blnAuthorized = false;
}
}
break;
case SecurityAccessLevel.Edit: // edit
if (IsInRole(PortalSettings.AdministratorRoleName.ToString()) == false && IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()) == false)
{
if (!IsInRoles(ModuleConfiguration.AuthorizedViewRoles))
{
blnAuthorized = false;
}
else
{
if (!HasEditPermissions(ModuleConfiguration.ModulePermissions))
{
blnAuthorized = false;
}
}
}
break;
case SecurityAccessLevel.Admin: // admin
if (IsInRole(PortalSettings.AdministratorRoleName.ToString()) == false && IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()) == false)
{
blnAuthorized = false;
}
break;
case SecurityAccessLevel.Host: // host
// HACK : Modified to not error if object is null.
//if( UserName.Length > 0 )
if (!String.IsNullOrEmpty(UserName))
{
UserInfo objUserInfo = UserController.GetCurrentUserInfo();
if (!objUserInfo.IsSuperUser)
{
blnAuthorized = false;
}
}
else // no longer logged in
{
blnAuthorized = false;
}
break;
}
return(blnAuthorized);
}
private static void AddModuleControl(int moduleDefId, string controlKey, string controlTitle, string controlSrc, string iconFile, SecurityAccessLevel controlType, int viewOrder, string helpURL, bool supportsPartialRendering)
{
DnnInstallLogger.InstallLogInfo(Localization.Localization.GetString("LogStart", Localization.Localization.GlobalResourceFile) + "AddModuleControl:" + moduleDefId);
// check if module control exists
var moduleControl = ModuleControlController.GetModuleControlByControlKey(controlKey, moduleDefId);
if (moduleControl == null)
{
moduleControl = new ModuleControlInfo
{
ModuleControlID = Null.NullInteger,
ModuleDefID = moduleDefId,
ControlKey = controlKey,
ControlTitle = controlTitle,
ControlSrc = controlSrc,
ControlType = controlType,
ViewOrder = viewOrder,
IconFile = iconFile,
HelpURL = helpURL,
SupportsPartialRendering = supportsPartialRendering
};
ModuleControlController.AddModuleControl(moduleControl);
}
}
public void AddAction(string Title, string CmdName, string CmdArg, string Icon, string Url, bool UseActionEvent, SecurityAccessLevel Secure, bool visible, bool NewWindow)
{
this.MenuActions.Add(this.GetNextActionID(), Title, CmdName, CmdArg, Icon, Url, UseActionEvent, Secure, visible, NewWindow);
}
public BalisesAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public virtual bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
bool isAuthorized = false;
UserInfo userInfo = UserController.Instance.GetCurrentUserInfo();
TabInfo tab = TabController.Instance.GetTab(moduleConfiguration.TabID, moduleConfiguration.PortalID, false);
if (userInfo != null && userInfo.IsSuperUser)
{
isAuthorized = true;
}
else
{
switch (accessLevel)
{
case SecurityAccessLevel.Anonymous:
isAuthorized = true;
break;
case SecurityAccessLevel.View:
if (ModulePermissionController.CanViewModule(moduleConfiguration))
{
isAuthorized = true;
}
break;
case SecurityAccessLevel.ViewPermissions:
isAuthorized = TabPermissionController.CanAddContentToPage(tab);
break;
case SecurityAccessLevel.Edit:
if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab)))
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EXPORT,IMPORT,MANAGE";
}
if (TabPermissionController.CanAddContentToPage())
{
//Need to check for Deny Edit at the Module Level
if (permissionKey == "CONTENT")
{
isAuthorized = !IsDeniedModulePermission(moduleConfiguration, permissionKey);
}
else
{
isAuthorized = true;
}
}
else
{
// Need to check if it was denied at Tab level
if (IsDeniedTabPermission(tab, "CONTENT,EDIT"))
{
isAuthorized = false;
}
else
{
isAuthorized = HasModulePermission(moduleConfiguration, permissionKey);
}
}
}
break;
case SecurityAccessLevel.Admin:
if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab)))
{
isAuthorized = TabPermissionController.CanAddContentToPage(tab);
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return isAuthorized;
}
public ConferenceAuthorizeAttribute(SecurityAccessLevel accessLevel)
{
SecurityLevel = accessLevel;
}
public void Initialize(int PortalId)
{
_PortalID = PortalId;
_TabID = -1;
_ModuleID = -1;
_ModuleDefID = -1;
_ModuleOrder = -1;
_PaneName = "";
_ModuleTitle = "";
_AuthorizedEditRoles = "";
_CacheTime = -1;
_AuthorizedViewRoles = "";
_Alignment = "";
_Color = "";
_Border = "";
_IconFile = "";
_AllTabs = false;
_Visibility = VisibilityState.Maximized;
_IsDeleted = false;
_Header = "";
_Footer = "";
_StartDate = Null.NullDate;
_EndDate = Null.NullDate;
_DisplayTitle = true;
_DisplayPrint = true;
_DisplaySyndicate = false;
_InheritViewPermissions = false;
_ContainerSrc = "";
_DesktopModuleID = -1;
_FriendlyName = "";
_Description = "";
_Version = "";
_IsPremium = false;
_IsAdmin = false;
_SupportedFeatures = 0;
_BusinessControllerClass = "";
_ModuleControlId = -1;
_ControlSrc = "";
_ControlType = SecurityAccessLevel.Anonymous;
_ControlTitle = "";
_HelpUrl = "";
_ContainerPath = "";
_PaneModuleIndex = 0;
_PaneModuleCount = 0;
_IsDefaultModule = false;
_AllModules = false;
// get default module settings
Hashtable settings = PortalSettings.GetSiteSettings(PortalId);
if (Convert.ToString(settings["defaultmoduleid"]) != "" && Convert.ToString(settings["defaulttabid"]) != "")
{
ModuleController objModules = new ModuleController();
ModuleInfo objModule = objModules.GetModule(int.Parse(Convert.ToString(settings["defaultmoduleid"])), int.Parse(Convert.ToString(settings["defaulttabid"])), true);
if (objModule != null)
{
_CacheTime = objModule.CacheTime;
_Alignment = objModule.Alignment;
_Color = objModule.Color;
_Border = objModule.Border;
_IconFile = objModule.IconFile;
_Visibility = objModule.Visibility;
_ContainerSrc = objModule.ContainerSrc;
_DisplayTitle = objModule.DisplayTitle;
_DisplayPrint = objModule.DisplayPrint;
_DisplaySyndicate = objModule.DisplaySyndicate;
}
}
}
public void AddAction( string Title, string CmdName, string CmdArg, string Icon, string Url, bool UseActionEvent, SecurityAccessLevel Secure, bool visible, bool NewWindow )
{
this.MenuActions.Add( this.GetNextActionID(), Title, CmdName, CmdArg, Icon, Url, UseActionEvent, Secure, visible, NewWindow );
}
/// -----------------------------------------------------------------------------
/// <summary>
/// Add an element of the specified <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> to the end of the collection.
/// </summary>
/// <param name="ID">This is the identifier to use for this action.</param>
/// <param name="Title">This is the title that will be displayed for this action.</param>
/// <param name="CmdName">The command name passed to the client when this action is
/// clicked.</param>
/// <param name="CmdArg">The command argument passed to the client when this action is
/// clicked.</param>
/// <param name="Icon">The URL of the Icon to place next to this action.</param>
/// <param name="Url">The destination URL to redirect the client browser when this
/// action is clicked.</param>
/// <param name="UseActionEvent">Determines whether client will receive an event
/// notification.</param>
/// <param name="Secure">The security access level required for access to this action.</param>
/// <param name="Visible">Whether this action will be displayed.</param>
/// <param name="NewWindow">Whether open in new window.</param>
/// <returns>The index of the newly added <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" />.</returns>
/// <remarks>This method creates a new <see cref="T:DotNetNuke.Entities.Modules.Actions.ModuleAction" /> with the specified
/// values, adds it to the collection and returns the index of the newly created ModuleAction.</remarks>
/// -----------------------------------------------------------------------------
public ModuleAction Add(int ID, string Title, string CmdName, string CmdArg, string Icon, string Url, bool UseActionEvent, SecurityAccessLevel Secure, bool Visible, bool NewWindow)
{
return(this.Add(ID, Title, CmdName, CmdArg, Icon, Url, string.Empty, UseActionEvent, Secure, Visible, NewWindow));
}
public void AddAction( string Title, string CmdName, string CmdArg, string Icon, string Url, bool UseActionEvent, SecurityAccessLevel Secure )
{
this.AddAction( Title, CmdName, CmdArg, Icon, Url, UseActionEvent, Secure, false, false );
}
/// -----------------------------------------------------------------------------
/// <summary>
/// AddModuleControl adds a new Module Control to the system
/// </summary>
/// <remarks>
/// </remarks>
/// <param name="moduleDefId">The Module Definition Id</param>
/// <param name="controlKey">The key for this control in the Definition</param>
/// <param name="controlTitle">The title of this control</param>
/// <param name="controlSrc">Te source of ths control</param>
/// <param name="iconFile">The icon file</param>
/// <param name="controlType">The type of control</param>
/// <param name="viewOrder">The vieworder for this module</param>
/// <param name="helpURL">The Help Url</param>
/// <history>
/// [cnurse] 11/08/2004 documented
/// </history>
/// -----------------------------------------------------------------------------
private static void AddModuleControl(int moduleDefId, string controlKey, string controlTitle, string controlSrc, string iconFile, SecurityAccessLevel controlType, int viewOrder, string helpURL)
{
AddModuleControl(moduleDefId, controlKey, controlTitle, controlSrc, iconFile, controlType, viewOrder, helpURL, false);
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public static bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
return _provider.HasModuleAccess(accessLevel, permissionKey, moduleConfiguration);
}
///-----------------------------------------------------------------------------
///<summary>
/// AddModuleControl adds a new Module Control to the system
///</summary>
///<remarks>
///</remarks>
///<param name = "moduleDefId">The Module Definition Id</param>
///<param name = "controlKey">The key for this control in the Definition</param>
///<param name = "controlTitle">The title of this control</param>
///<param name = "controlSrc">Te source of ths control</param>
///<param name = "iconFile">The icon file</param>
///<param name = "controlType">The type of control</param>
///<param name = "viewOrder">The vieworder for this module</param>
///<history>
/// [cnurse] 11/08/2004 documented
///</history>
///-----------------------------------------------------------------------------
public static void AddModuleControl(int moduleDefId, string controlKey, string controlTitle, string controlSrc, string iconFile, SecurityAccessLevel controlType, int viewOrder)
{
//Call Overload with HelpUrl = Null.NullString
AddModuleControl(moduleDefId, controlKey, controlTitle, controlSrc, iconFile, controlType, viewOrder, Null.NullString);
}
private static void AddModuleControl(int moduleDefId, string controlKey, string controlTitle, string controlSrc, string iconFile, SecurityAccessLevel controlType, int viewOrder, string helpURL, bool supportsPartialRendering)
{
// check if module control exists
var moduleControl = ModuleControlController.GetModuleControlByControlKey(controlKey, moduleDefId);
if (moduleControl == null)
{
moduleControl = new ModuleControlInfo
{
ModuleControlID = Null.NullInteger,
ModuleDefID = moduleDefId,
ControlKey = controlKey,
ControlTitle = controlTitle,
ControlSrc = controlSrc,
ControlType = controlType,
ViewOrder = viewOrder,
IconFile = iconFile,
HelpURL = helpURL,
SupportsPartialRendering = supportsPartialRendering
};
ModuleControlController.AddModuleControl(moduleControl);
}
}
