public ActionResult EditPost(PostEditContentPermissionViewModel inputModel, string returnUrl)
{
if (inputModel == null)
{
inputModel = new PostEditContentPermissionViewModel();
}
EditContentPermissionViewModel model = PostEditContentPermissionViewModel.Convert(inputModel);
var contentManager = this.orchardServices.ContentManager;
var contentItems = contentManager.GetMany <ContentItem>(model.ContentIds, VersionOptions.Published, QueryHints.Empty).ToList();
if (contentItems.Count() == 0)
{
throw new ArgumentNullException("There is no contentItem with the given Ids");
}
if (this.contentOwnershipHelper.IsChangingPermissionsValid(model, contentItems, this.ModelState))
{
this.contentOwnershipHelper.Update(model, contentItems);
foreach (var contentItem in contentItems)
{
if (this.masterDetailPermissionManager.HasChildItems(contentItem) && inputModel.ApplyToChildren)
{
this.masterDetailPermissionManager.GrantPermissionToChildren(model, contentItem);
}
var documentIndex = this.indexProvider.New(contentItem.Id);
contentManager.Index(contentItem, documentIndex);
this.indexProvider.Store(TicketController.SearchIndexName, documentIndex);
}
}
else
{
return(this.View("Edit", this.CreateEditPermissionsModel(model.ContentIds)));
}
if (string.IsNullOrEmpty(returnUrl))
{
if (contentItems.All(c => this.contentOwnershipService.CurrentUserCanChangePermission(c)))
{
return(this.View("Edit", this.CreateEditPermissionsModel(model.ContentIds)));
}
else
{
return(RedirectToAction("Display", "Item", new { area = "Orchard.CRM.Core", id = model.ContentIds.First() }));
}
}
return(this.Redirect(returnUrl));
}
public MilestoneHandler(
IRepository <MilestonePartRecord> repository,
IContentManager contentManager,
IContentOwnershipHelper contentOwnershipHelper)
{
Filters.Add(StorageFilter.For(repository));
this.OnPublishing <AttachToMilestonePart>((context, part) =>
{
if (part.Record.MilestoneId.HasValue)
{
var milestone = contentManager.Get(part.Record.MilestoneId.Value);
ContentItemSetPermissionsViewModel milestonePermissions = new ContentItemSetPermissionsViewModel();
contentOwnershipHelper.FillPermissions(milestonePermissions, new[] { milestone });
ContentItemSetPermissionsViewModel itemPermissions = new ContentItemSetPermissionsViewModel();
contentOwnershipHelper.FillPermissions(itemPermissions, new[] { part.ContentItem });
EditContentPermissionViewModel editContentPermissionViewModel = new EditContentPermissionViewModel();
editContentPermissionViewModel.AccessType = ContentItemPermissionAccessTypes.SharedForView;
editContentPermissionViewModel.RemoveOldPermission = false;
// Grant users who don't have access to item
foreach (var user in milestonePermissions.Users.Where(c => !itemPermissions.Users.Any(d => d.Value == c.Value)))
{
editContentPermissionViewModel.Targets.Add(new TargetContentItemPermissionViewModel {
UserId = int.Parse(user.Value), Checked = true
});
}
// Grant customer who don't have access to item
foreach (var user in milestonePermissions.Customers.Where(c => !itemPermissions.Customers.Any(d => d.Value == c.Value)))
{
editContentPermissionViewModel.Targets.Add(new TargetContentItemPermissionViewModel {
UserId = int.Parse(user.Value), Checked = true
});
}
// Grant businessUnits who don't have access to item
foreach (var bussinesUnit in milestonePermissions.BusinessUnits.Where(c => !itemPermissions.BusinessUnits.Any(d => d.BusinessUnitId == c.BusinessUnitId)))
{
editContentPermissionViewModel.Targets.Add(new TargetContentItemPermissionViewModel {
BusinessUnitId = bussinesUnit.BusinessUnitId, Checked = true
});
}
contentOwnershipHelper.Update(editContentPermissionViewModel, new[] { part.ContentItem }, false);
}
});
}
public bool IsChangingPermissionsValid(EditContentPermissionViewModel model, IList <ContentItem> contentItems, ModelStateDictionary modelState)
{
if (model.AccessType == default(byte))
{
modelState.AddModelError("AccessType", T("AccessType value is not valid").Text);
return(false);
}
foreach (var contentItem in contentItems)
{
AttachToProjectPart attachToProjectPart = contentItem.As <AttachToProjectPart>();
if (attachToProjectPart != null && attachToProjectPart.Record.Project != null)
{
var project = this.orchardServices.ContentManager.Get(attachToProjectPart.Record.Project.Id);
foreach (var target in model.Targets)
{
if (!this.HasAccessToTheContent(project, target))
{
modelState.AddModelError("Targets", T("The given businessUnit or user doesn't have access to the project").Text);
return(false);
}
}
}
bool currentUserCanChangePermission = this.crmContentOwnershipService.CurrentUserCanChangePermission(contentItem, modelState);
if (!currentUserCanChangePermission)
{
return(false);
}
if (model.Targets.Count(c => c.Checked) > 1 && model.AccessType == ContentItemPermissionAccessTypes.Assignee)
{
modelState.AddModelError("Targets", T("Items atleast must have only one assignee").ToString());
return(false);
}
foreach (var item in model.Targets.Where(c => c.Checked))
{
int?[] temp = new int?[] { item.BusinessUnitId, item.TeamId, item.UserId };
if (temp.Count(c => c.HasValue) != 1)
{
modelState.AddModelError("targetUserId", T("One of the parameters must have a value").ToString());
return(false);
}
}
}
return(true);
}
public void GrantPermissionToDetail(EditContentPermissionViewModel parameters, IContent content)
{
if (!this.HasDetail(content))
{
return;
}
// get all items attached to project
var subItems = this.contentManager
.Query <AttachToProjectPart>()
.Where <AttachToProjectPartRecord>(c => c.Project.Id == content.Id)
.List()
.Where(c => c.ContentItem.As <ContentItemPermissionPart>() != null)
.Select(c => c.ContentItem).ToList();
parameters.ContentIds = subItems.Select(c => c.Id).ToArray();
this.contentOwnershipHelper.Update(parameters, subItems, false);
}
public void GrantPermissionToChildren(EditContentPermissionViewModel parameters, IContent content)
{
EditContentPermissionViewModel temp = new EditContentPermissionViewModel
{
AccessType = parameters.AccessType,
ContentIds = parameters.ContentIds,
RemoveOldPermission = parameters.RemoveOldPermission,
};
temp.Targets.AddRange(parameters.Targets);
foreach (var provider in this.providers)
{
if (provider.HasDetail(content))
{
provider.GrantPermissionToDetail(temp, content);
}
}
}
public ActionResult InvitePost(InviteUserToProjectPostViewModel model)
{
if (model == null)
{
return(HttpNotFound("There is no userId in the request"));
}
if (!ModelState.IsValid)
{
return(View());
}
var user = this.services.ContentManager.Get <IUser>(model.UserId);
if (user == null)
{
return(new HttpNotFoundResult(T("There is no user with the given Id").Text));
}
if (!this.contentOwnershipService.IsCustomer(model.UserId) && !this.contentOwnershipService.IsOperator(model.UserId))
{
return(new HttpUnauthorizedResult(T("The given user doesn't have customer permission").Text));
}
EditContentPermissionViewModel dataModel = new EditContentPermissionViewModel
{
AccessType = ContentItemPermissionAccessTypes.SharedForView,
ContentIds = model.Projects,
RemoveOldPermission = false
};
dataModel.Targets.Add(new TargetContentItemPermissionViewModel {
UserId = model.UserId, Checked = true
});
var contentManager = this.services.ContentManager;
var projects = contentManager.GetMany <ProjectPart>(dataModel.ContentIds, VersionOptions.Published, QueryHints.Empty).ToList();
if (projects.Count() == 0)
{
throw new ArgumentNullException("There is no contentItem with the given Ids");
}
if (projects.Count() != dataModel.ContentIds.Length)
{
throw new ArgumentNullException("There is not a project with the given Id");
}
var projectsAsContentItems = projects.Select(c => c.ContentItem).ToList();
if (this.contentOwnershipHelper.IsChangingPermissionsValid(dataModel, projectsAsContentItems, this.ModelState))
{
this.contentOwnershipHelper.Update(dataModel, projectsAsContentItems);
foreach (var contentItem in projectsAsContentItems)
{
if (this.masterDetailPermissionManager.HasChildItems(contentItem) && this.contentOwnershipService.IsOperator(model.UserId))
{
this.masterDetailPermissionManager.GrantPermissionToChildren(dataModel, contentItem);
}
var documentIndex = this.indexProvider.New(contentItem.Id);
contentManager.Index(contentItem, documentIndex);
this.indexProvider.Store(TicketController.SearchIndexName, documentIndex);
}
}
return(RedirectToAction("Invite", new { userId = model.UserId }));
}
protected override DriverResult Editor(ProjectItemPermissionsPart part, IUpdateModel updater, dynamic shapeHelper)
{
// only applicable in the Creation mode
if (part.ContentItem.VersionRecord.Published == true || part.ContentItem.Record.Versions.Count > 1)
{
return(null);
}
ProjectPermissionEditPostViewModel model = new ProjectPermissionEditPostViewModel();
updater.TryUpdateModel(model, Prefix, null, null);
if (model.ProjectId == null)
{
updater.AddModelError(Prefix + ".ProjectId", T("ProjectId is a required field"));
return(this.Editor(part, shapeHelper));
}
var project = this.projectService.GetProject(model.ProjectId.Value);
if (project == null)
{
updater.AddModelError(Prefix + ".ProjectId", T("There is no project with the given Id"));
return(this.Editor(part, shapeHelper));
}
bool isOperatorOrCustomer = this.crmContentOwnershipService.IsCurrentUserOperator() || this.crmContentOwnershipService.IsCurrentUserCustomer();
int currentUserId = this.orchardServices.WorkContext.CurrentUser.Id;
EditContentPermissionViewModel editContentPermissionViewModel = null;
if (model.VisibleToAll)
{
var projectContentPermissionPart = project.As <ContentItemPermissionPart>();
if (projectContentPermissionPart == null)
{
throw new System.ArgumentNullException("Project is not associated with ContentItemPermissionPart");
}
editContentPermissionViewModel = new EditContentPermissionViewModel
{
AccessType = ContentItemPermissionAccessTypes.SharedForView,
ContentIds = new[] { part.ContentItem.Id },
RemoveOldPermission = false
};
var items = projectContentPermissionPart.Record.Items;
if (items != null && items.Count > 0)
{
var projectUsers = items.Where(c => c.User != null).Select(c => c.User).ToList();
// if current user is an operator or customer, then he/she will have Owner/edit access,so he/she must be removed from the list
// in order to prevent rewriting his privelege on the item
projectUsers = isOperatorOrCustomer ? projectUsers.Where(c => c.Id != currentUserId).ToList() : projectUsers;
editContentPermissionViewModel.Targets.AddRange(projectUsers.Select(c => new TargetContentItemPermissionViewModel
{
UserId = c.Id,
Checked = true
}));
var projectGroups = items.Where(c => c.BusinessUnit != null).Select(c => c.BusinessUnit).ToList();
editContentPermissionViewModel.Targets.AddRange(projectGroups.Select(c => new TargetContentItemPermissionViewModel
{
BusinessUnitId = c.Id,
Checked = true
}));
}
}
else
{
editContentPermissionViewModel = this.Convert(model, part.ContentItem.Id, ContentItemPermissionAccessTypes.SharedForView);
}
this.contentOwnershipHelper.Update(editContentPermissionViewModel, new List <ContentItem>()
{
part.ContentItem
});
return(null);
}
protected EditContentPermissionViewModel Convert(ProjectPermissionEditPostViewModel inputModel, int contentId, byte accessType)
{
EditContentPermissionViewModel model = new EditContentPermissionViewModel
{
ContentIds = new[] { contentId },
AccessType = accessType,
RemoveOldPermission = false,
};
bool isOperatorOrCustomer = this.crmContentOwnershipService.IsCurrentUserOperator() || this.crmContentOwnershipService.IsCurrentUserCustomer();
int currentUserId = this.orchardServices.WorkContext.CurrentUser.Id;
if (inputModel.Users != null)
{
foreach (var user in inputModel.Users)
{
model.Targets.Add(new TargetContentItemPermissionViewModel {
UserId = user, Checked = true
});
}
}
if (inputModel.Customers != null)
{
foreach (var user in inputModel.Customers)
{
model.Targets.Add(new TargetContentItemPermissionViewModel {
UserId = user, Checked = true
});
}
}
if (inputModel.BusinessUnits != null)
{
foreach (var item in inputModel.BusinessUnits)
{
model.Targets.Add(new TargetContentItemPermissionViewModel {
BusinessUnitId = item, Checked = true
});
}
}
if (inputModel.Teams != null)
{
foreach (var item in inputModel.Teams)
{
model.Targets.Add(new TargetContentItemPermissionViewModel {
TeamId = item, Checked = true
});
}
}
// if current user is an operator or customer, then he/she will have Owner/edit access,so he/she must be removed from the list
// in order to prevent rewriting his privelege on the item
if (isOperatorOrCustomer)
{
var toDelete = model.Targets.Where(c => c.UserId != null && c.UserId == currentUserId);
foreach (var item in toDelete)
{
model.Targets.Remove(item);
}
}
return(model);
}
public void Update(EditContentPermissionViewModel model, IList <ContentItem> contentItems, bool writeToActivityStream)
{
foreach (var contentItem in contentItems)
{
var snapshot = this.activityStreamService.TakeSnapshot(contentItem);
var contentPermissionPart = contentItem.As <ContentItemPermissionPart>();
if (contentPermissionPart.Record.Items == null)
{
contentPermissionPart.Record.Items = new List <ContentItemPermissionDetailRecord>();
}
var allPermissionRecords = contentPermissionPart.Record.Items;
bool isAdmin = this.orchardServices.Authorizer.Authorize(Permissions.AdvancedOperatorPermission);
int userId = this.orchardServices.WorkContext.CurrentUser.Id;
var currentUserPermissions = isAdmin ? allPermissionRecords.ToList() : this.GetUserPermissionRecordsForItem(contentItem, userId).ToList();
var targets = model.Targets.Where(c => c.Checked).ToList();
bool hasAssignee = allPermissionRecords.Any(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee);
// if item has assignee and there are some permissions for the item, but none of them belongs to the user, then the user doesn't have access to the item
if (allPermissionRecords.Count > 0 && hasAssignee)
{
if (!isAdmin && currentUserPermissions.Count(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee ||
c.AccessType == ContentItemPermissionAccessTypes.SharedForEdit) == 0)
{
throw new Security.OrchardSecurityException(T("You don't have permission to change access to the contentItem"));
}
// only assignee can change the assignee
if (!isAdmin && currentUserPermissions.Count(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee) == 0 &&
model.AccessType == ContentItemPermissionAccessTypes.Assignee)
{
throw new Security.OrchardSecurityException(T("You don't have permission to change access to the contentItem"));
}
}
else
{
// if there is no permission for current user, then he/she must have a EditShare permission
if (model.Targets.Count(c => c.UserId == userId) == 0 &&
!allPermissionRecords.Any(c => c.User != null && c.User.Id == userId))
{
ContentItemPermissionDetailRecord newPermission = new ContentItemPermissionDetailRecord
{
AccessType = ContentItemPermissionAccessTypes.SharedForEdit,
ContentItemPermissionPartRecord = contentPermissionPart.Record,
User = new Users.Models.UserPartRecord {
Id = userId
}
};
contentPermissionPart.Record.Items.Add(newPermission);
this.Create(newPermission, contentItem, false);
}
}
foreach (var item in targets)
{
int?[] temp = new int?[] { item.BusinessUnitId, item.TeamId, item.UserId };
if (temp.Count(c => c.HasValue) != 1)
{
throw new Security.OrchardSecurityException(T("You don't have permission to change access to the contentItem"));
}
// try to find a permission with the same user, team and business values, if there is such permission, we
// must not create a new permission and we just have to change the AccessType of the exsiting one
var existingPermission = allPermissionRecords.FirstOrDefault(d =>
((item.TeamId == null && d.Team == null) || (item.TeamId.HasValue && d.Team != null && item.TeamId.Value == d.Team.Id)) &&
((item.BusinessUnitId == null && d.BusinessUnit == null) || (item.BusinessUnitId.HasValue && d.BusinessUnit != null && item.BusinessUnitId.Value == d.BusinessUnit.Id)) &&
((item.UserId == null && d.User == null) || (item.UserId.HasValue && d.User != null && item.UserId.Value == d.User.Id))
);
if (existingPermission != null)
{
existingPermission.AccessType = model.AccessType;
// we should remove the permission from currentUserPermissions in order to prevent it to be deleted
currentUserPermissions.Remove(existingPermission);
continue;
}
// setting the parent doesn't have been done.
ContentItemPermissionDetailRecord newPermission = new ContentItemPermissionDetailRecord {
AccessType = model.AccessType, ContentItemPermissionPartRecord = contentPermissionPart.Record
};
if (item.BusinessUnitId.HasValue)
{
var businessUnitRecord = this.basicDataService.GetBusinessUnits().Select(c => c.As <BusinessUnitPart>()).FirstOrDefault(c => c.Id == item.BusinessUnitId.Value);
if (businessUnitRecord != null)
{
newPermission.BusinessUnit = new BusinessUnitPartRecord {
Id = item.BusinessUnitId.Value, Name = businessUnitRecord.Name
};
}
}
if (item.TeamId.HasValue)
{
var teamRecord = this.basicDataService.GetTeams().Select(c => c.As <TeamPart>()).FirstOrDefault(c => c.Id == item.TeamId.Value);
if (teamRecord != null)
{
newPermission.Team = new TeamPartRecord {
Id = item.TeamId.Value, Name = teamRecord.Name
};
}
}
if (item.UserId.HasValue)
{
var userRecord = this.userRepository.Table.FirstOrDefault(c => c.Id == item.UserId.Value);
if (userRecord != null)
{
newPermission.User = new Users.Models.UserPartRecord {
Id = item.UserId.Value, UserName = userRecord.UserName, Email = userRecord.Email
};
}
}
contentPermissionPart.Record.Items.Add(newPermission);
this.Create(newPermission, contentItem, true);
}
if (model.AccessType == ContentItemPermissionAccessTypes.Assignee)
{
if (model.RemoveOldPermission)
{
// remove previous assignee and sharedForEdit permissions
foreach (var permission in currentUserPermissions.Where(c => c.AccessType != ContentItemPermissionAccessTypes.SharedForView))
{
contentPermissionPart.Record.Items.Remove(permission);
this.permissionDetailRecordRepository.Delete(permission);
}
}
else
{
foreach (var permission in currentUserPermissions.Where(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee))
{
permission.AccessType = ContentItemPermissionAccessTypes.SharedForEdit;
}
}
}
contentPermissionPart.Record.HasOwner = contentPermissionPart
.Record
.Items
.Count(d =>
d.AccessType == ContentItemPermissionAccessTypes.Assignee &&
(d.User != null || d.Team != null || d.BusinessUnit != null)) > 0;
this.permissionDetailRecordRepository.Flush();
if (writeToActivityStream)
{
this.activityStreamService.WriteChangesToStreamActivity(contentItem, snapshot, StreamWriters.ContentItemPermissionStreamWriter);
}
}
}
public void Update(EditContentPermissionViewModel model, IList <ContentItem> contentItems)
{
this.Update(model, contentItems, true);
}
protected void EditOwner(ContentItem contentItem, PostedEditOwnerViewModel model, bool createMode, bool writeToActivityStream)
{
EditContentPermissionViewModel editContentPermissionViewModel = new EditContentPermissionViewModel();
editContentPermissionViewModel.AccessType = ContentItemPermissionAccessTypes.Assignee;
editContentPermissionViewModel.RemoveOldPermission = false;
if (model.UserId.HasValue)
{
editContentPermissionViewModel.Targets.Add(new TargetContentItemPermissionViewModel {
UserId = model.UserId.Value, Checked = true
});
}
else if (!string.IsNullOrEmpty(model.GroupId))
{
var targetContentItemPermissionViewModel = Converter.DecodeGroupId(model.GroupId);
if (targetContentItemPermissionViewModel != null)
{
editContentPermissionViewModel.Targets.Add(targetContentItemPermissionViewModel);
}
}
// try to check that the owner is changed in the model or not
bool ownerIsChanged = false;
var contentItemPermissionPart = contentItem.As <ContentItemPermissionPart>();
if (contentItemPermissionPart.Record.Items == null)
{
contentItemPermissionPart.Record.Items = new List <ContentItemPermissionDetailRecord>();
}
var currentPermissionItems = contentItemPermissionPart.Record.Items.Where(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee).ToList();
foreach (var target in editContentPermissionViewModel.Targets)
{
// user of the model doesn't exist in the current items
if (target.UserId.HasValue && currentPermissionItems.Count(c => c.User != null && c.User.Id == target.UserId.Value) == 0)
{
ownerIsChanged = true;
break;
}
// team of the model doesn't exist in the current items
if (target.TeamId.HasValue && currentPermissionItems.Count(c => c.Team != null && c.Team.Id == target.TeamId.Value) == 0)
{
ownerIsChanged = true;
break;
}
// businessUnit of the model doesn't exist in the current items
if (target.BusinessUnitId.HasValue && currentPermissionItems.Count(c => c.BusinessUnit != null && c.BusinessUnit.Id == target.BusinessUnitId.Value) == 0)
{
ownerIsChanged = true;
break;
}
}
// owner is set to null
if (currentPermissionItems.Count > 0 && editContentPermissionViewModel.Targets.Count == 0)
{
ownerIsChanged = true;
}
// return in case owner doesn't change
if (!ownerIsChanged)
{
return;
}
if (createMode || this.contentOwnershipHelper.IsChangingPermissionsValid(editContentPermissionViewModel, new[] { contentItem }, ModelState))
{
this.contentOwnershipHelper.Update(editContentPermissionViewModel, new[] { contentItem }, writeToActivityStream);
}
}
