/// <summary> /// setup context by creating appropriate objects /// </summary> /// <history> /// /08/10/2007 sCullmann created /// </history> /// <remarks > /// security is not the purpose of the initialization, this is in the responsibility of each property access class /// </remarks> private void InitializePropertySources() { //Cleanup, by default "" is returned for these objects and any property IPropertyAccess DefaultPropertyAccess = new EmptyPropertyAccess(); PropertySource["portal"] = DefaultPropertyAccess; PropertySource["tab"] = DefaultPropertyAccess; PropertySource["host"] = DefaultPropertyAccess; PropertySource["module"] = DefaultPropertyAccess; PropertySource["user"] = DefaultPropertyAccess; PropertySource["membership"] = DefaultPropertyAccess; PropertySource["profile"] = DefaultPropertyAccess; //initialization if (CurrentAccessLevel >= Scope.Configuration) { if (PortalSettings != null) { PropertySource["portal"] = PortalSettings; PropertySource["tab"] = PortalSettings.ActiveTab; } PropertySource["host"] = new HostPropertyAccess(); if (ModuleInfo != null) { PropertySource["module"] = ModuleInfo; } } if (CurrentAccessLevel >= Scope.DefaultSettings && !(User == null || User.UserID == -1)) { PropertySource["user"] = User; PropertySource["membership"] = new MembershipPropertyAccess(User); PropertySource["profile"] = new ProfilePropertyAccess(User); } }
//whether current user has permission to view target user's photo. private bool TryGetPhotoFile(UserInfo targetUser, out IFileInfo photoFile) { bool isVisible = false; photoFile = null; UserInfo user = UserController.Instance.GetCurrentUserInfo(); PortalSettings settings = PortalController.Instance.GetCurrentPortalSettings(); var photoProperty = targetUser.Profile.GetProperty("Photo"); if (photoProperty != null) { isVisible = ProfilePropertyAccess.CheckAccessLevel(settings, photoProperty, user, targetUser); if (!string.IsNullOrEmpty(photoProperty.PropertyValue) && isVisible) { photoFile = FileManager.Instance.GetFile(int.Parse(photoProperty.PropertyValue)); if (photoFile == null) { isVisible = false; } } else { isVisible = false; } } return(isVisible); }
public string GetValue(string tokenText, DataRow row, string sourceColumn, string sourceType) { PropertySource.Clear(); switch (sourceType.ToLowerInvariant()) { case "createdby": case "changedby": case "userlink": var userInfo = ((IUserSource)(ByName(sourceType))).GetUser(sourceColumn, row); if (userInfo == null) { return(""); } PropertySource["user"] = userInfo; PropertySource["profile"] = new ProfilePropertyAccess(userInfo); break; case "download": case "url": case "image": var strFileId = row[sourceColumn + DataTableColumn.Appendix_Original].AsString(); if (strFileId != string.Empty) { PropertySource["file"] = new DownloadPropertyAccess(strFileId, Globals.GetPortalSettings().PortalId, _moduleId); } break; default: if ((ByName(sourceType)) is IEmailAdressSource) { var email = ((IEmailAdressSource)(ByName(sourceType))).GetEmailAddress(sourceColumn, row); if (!string.IsNullOrEmpty(email)) { PropertySource["gravatar"] = new GravatarPropertyAccess(email); } } else { return(""); } break; } return(ReplaceTokens(tokenText)); }
private bool IsPicVisibleToCurrentUser(int profileUserId) { var settings = PortalController.Instance.GetCurrentSettings(); var profileUser = UserController.Instance.GetUser(settings.PortalId, profileUserId); if (profileUser == null) { return(false); } var photoProperty = profileUser.Profile.GetProperty("Photo"); if (photoProperty == null) { return(false); } var currentUser = UserController.Instance.GetCurrentUserInfo(); return(ProfilePropertyAccess.CheckAccessLevel((PortalSettings)settings, photoProperty, currentUser, profileUser)); }
/// <summary> /// whether current user has permission to view target user's photo. /// </summary> /// <param name="photoFile"></param> /// <returns></returns> public bool TryGetPhotoFile(out IFileInfo photoFile) { photoFile = null; var settings = PortalController.Instance.GetCurrentPortalSettings(); var targetUser = UserController.Instance.GetUser(settings.PortalId, this.UserID); if (targetUser == null) { return(false); } var photoProperty = targetUser.Profile.GetProperty("Photo"); if (photoProperty == null) { return(false); } var user = UserController.Instance.GetCurrentUserInfo(); var isVisible = ProfilePropertyAccess.CheckAccessLevel(settings, photoProperty, user, targetUser); if (!string.IsNullOrEmpty(photoProperty.PropertyValue) && isVisible) { photoFile = FileManager.Instance.GetFile(int.Parse(photoProperty.PropertyValue)); if (photoFile == null) { isVisible = false; } } else { isVisible = false; } return(isVisible); }
/// <summary> /// Page_Load runs when the control is loaded /// </summary> /// <remarks> /// </remarks> protected override void OnLoad(EventArgs e) { base.OnLoad(e); try { if (Null.IsNull(ProfileUserId)) { Visible = false; return; } var template = Convert.ToString(ModuleContext.Settings["ProfileTemplate"]); if (string.IsNullOrEmpty(template)) { template = Localization.GetString("DefaultTemplate", LocalResourceFile); } var editUrl = Globals.NavigateURL(ModuleContext.PortalSettings.ActiveTab.TabID, "Profile", "userId=" + ProfileUserId, "pageno=1"); var profileUrl = Globals.NavigateURL(ModuleContext.PortalSettings.ActiveTab.TabID, "Profile", "userId=" + ProfileUserId, "pageno=2"); if (template.Contains("[BUTTON:EDITPROFILE]")) { if (IncludeButton && IsUser) { string editHyperLink = String.Format("<a href=\"{0}\" class=\"dnnPrimaryAction\">{1}</a>", profileUrl, LocalizeString("Edit")); template = template.Replace("[BUTTON:EDITPROFILE]", editHyperLink); } buttonPanel.Visible = false; } else { buttonPanel.Visible = IncludeButton; editLink.NavigateUrl = editUrl; } if (template.Contains("[HYPERLINK:EDITPROFILE]")) { if (IsUser) { string editHyperLink = String.Format("<a href=\"{0}\" class=\"dnnSecondaryAction\">{1}</a>", profileUrl, LocalizeString("Edit")); template = template.Replace("[HYPERLINK:EDITPROFILE]", editHyperLink); } } if (template.Contains("[HYPERLINK:MYACCOUNT]")) { if (IsUser) { string editHyperLink = String.Format("<a href=\"{0}\" class=\"dnnSecondaryAction\">{1}</a>", editUrl, LocalizeString("MyAccount")); template = template.Replace("[HYPERLINK:MYACCOUNT]", editHyperLink); } buttonPanel.Visible = false; } if (!IsUser && buttonPanel.Visible) { buttonPanel.Visible = false; } if (ProfileUser.Profile.ProfileProperties.Cast <ProfilePropertyDefinition>().Count(profProperty => profProperty.Visible) == 0) { noPropertiesLabel.Visible = true; profileOutput.Visible = false; } else { var token = new TokenReplace { User = ProfileUser, AccessingUser = ModuleContext.PortalSettings.UserInfo }; profileOutput.InnerHtml = token.ReplaceEnvironmentTokens(template); noPropertiesLabel.Visible = false; profileOutput.Visible = true; } var propertyAccess = new ProfilePropertyAccess(ProfileUser); var profileResourceFile = "~/DesktopModules/Admin/Security/App_LocalResources/Profile.ascx"; StringBuilder sb = new StringBuilder(); bool propertyNotFound = false; foreach (ProfilePropertyDefinition property in ProfileUser.Profile.ProfileProperties) { string value = propertyAccess.GetProperty(property.PropertyName, String.Empty, Thread.CurrentThread.CurrentUICulture, ModuleContext.PortalSettings.UserInfo, Scope.DefaultSettings, ref propertyNotFound); var clientName = Localization.GetSafeJSString(property.PropertyName); sb.Append("self['" + clientName + "'] = ko.observable("); sb.Append("\""); if (!string.IsNullOrEmpty(value)) { value = Localization.GetSafeJSString(Server.HtmlDecode(value)); value = value.Replace("\r", string.Empty).Replace("\n", " "); value = value.Replace(";", string.Empty).Replace("//", string.Empty); } sb.Append(value + "\"" + ");"); sb.Append('\n'); sb.Append("self['" + clientName + "Text'] = '"); sb.Append(clientName + "';"); sb.Append('\n'); } string email = (ProfileUserId == ModuleContext.PortalSettings.UserId || ModuleContext.PortalSettings.UserInfo.IsInRole(ModuleContext.PortalSettings.AdministratorRoleName)) ? ProfileUser.Email : String.Empty; sb.Append("self.Email = ko.observable('"); email = Localization.GetSafeJSString(Server.HtmlDecode(email)); email = email.Replace(";", string.Empty).Replace("//", string.Empty); sb.Append(email + "');"); sb.Append('\n'); sb.Append("self.EmailText = '"); sb.Append(LocalizeString("Email") + "';"); sb.Append('\n'); ProfileProperties = sb.ToString(); } catch (Exception exc) { //Module failed to load Exceptions.ProcessModuleLoadException(this, exc); } }
/// <summary> /// Page_Load runs when the control is loaded. /// </summary> /// <remarks> /// </remarks> protected override void OnLoad(EventArgs e) { base.OnLoad(e); try { if (Null.IsNull(this.ProfileUserId)) { this.Visible = false; return; } var template = Convert.ToString(this.ModuleContext.Settings["ProfileTemplate"]); if (string.IsNullOrEmpty(template)) { template = Localization.GetString("DefaultTemplate", this.LocalResourceFile); } var editUrl = this._navigationManager.NavigateURL(this.ModuleContext.PortalSettings.ActiveTab.TabID, "Profile", "userId=" + this.ProfileUserId, "pageno=1"); var profileUrl = this._navigationManager.NavigateURL(this.ModuleContext.PortalSettings.ActiveTab.TabID, "Profile", "userId=" + this.ProfileUserId, "pageno=2"); if (template.Contains("[BUTTON:EDITPROFILE]")) { if (this.IncludeButton && this.IsUser) { string editHyperLink = string.Format("<a href=\"{0}\" class=\"dnnPrimaryAction\">{1}</a>", profileUrl, this.LocalizeString("Edit")); template = template.Replace("[BUTTON:EDITPROFILE]", editHyperLink); } this.buttonPanel.Visible = false; } else { this.buttonPanel.Visible = this.IncludeButton; this.editLink.NavigateUrl = editUrl; } if (template.Contains("[HYPERLINK:EDITPROFILE]")) { if (this.IsUser) { string editHyperLink = string.Format("<a href=\"{0}\" class=\"dnnSecondaryAction\">{1}</a>", profileUrl, this.LocalizeString("Edit")); template = template.Replace("[HYPERLINK:EDITPROFILE]", editHyperLink); } } if (template.Contains("[HYPERLINK:MYACCOUNT]")) { if (this.IsUser) { string editHyperLink = string.Format("<a href=\"{0}\" class=\"dnnSecondaryAction\">{1}</a>", editUrl, this.LocalizeString("MyAccount")); template = template.Replace("[HYPERLINK:MYACCOUNT]", editHyperLink); } this.buttonPanel.Visible = false; } if (!this.IsUser && this.buttonPanel.Visible) { this.buttonPanel.Visible = false; } if (this.ProfileUser.Profile.ProfileProperties.Cast <ProfilePropertyDefinition>().Count(profProperty => profProperty.Visible) == 0) { this.noPropertiesLabel.Visible = true; this.profileOutput.Visible = false; this.pnlScripts.Visible = false; } else { if (template.IndexOf("[PROFILE:PHOTO]") > -1) { var profileImageHandlerBasedURL = UserController.Instance?.GetUserProfilePictureUrl(this.ProfileUserId, 120, 120); template = template.Replace("[PROFILE:PHOTO]", profileImageHandlerBasedURL); } var token = new TokenReplace { User = this.ProfileUser, AccessingUser = this.ModuleContext.PortalSettings.UserInfo }; this.profileOutput.InnerHtml = token.ReplaceEnvironmentTokens(template); this.noPropertiesLabel.Visible = false; this.profileOutput.Visible = true; } var propertyAccess = new ProfilePropertyAccess(this.ProfileUser); StringBuilder sb = new StringBuilder(); bool propertyNotFound = false; foreach (ProfilePropertyDefinition property in this.ProfileUser.Profile.ProfileProperties) { var displayDataType = ProfilePropertyAccess.DisplayDataType(property).ToLowerInvariant(); string value = propertyAccess.GetProperty( property.PropertyName, string.Empty, Thread.CurrentThread.CurrentUICulture, this.ModuleContext.PortalSettings.UserInfo, Scope.DefaultSettings, ref propertyNotFound); var clientName = Localization.GetSafeJSString(property.PropertyName); sb.Append("self['" + clientName + "'] = ko.observable("); sb.Append("\""); if (!string.IsNullOrEmpty(value)) { value = Localization.GetSafeJSString(displayDataType == "richtext" ? value : this.Server.HtmlDecode(value)); value = value .Replace("\r", string.Empty) .Replace("\n", " ") .Replace(";", string.Empty) .Replace("://", ":||") // protect http protocols won't be replaced in next step .Replace("//", string.Empty) .Replace(":||", "://"); // restore http protocols } sb.Append(value + "\"" + ");"); sb.Append('\n'); sb.Append("self['" + clientName + "Text'] = '"); sb.Append(clientName + "';"); sb.Append('\n'); } string email = (this.ProfileUserId == this.ModuleContext.PortalSettings.UserId || this.ModuleContext.PortalSettings.UserInfo.IsInRole(this.ModuleContext.PortalSettings.AdministratorRoleName)) ? this.ProfileUser.Email : string.Empty; sb.Append("self.Email = ko.observable('"); email = Localization.GetSafeJSString(this.Server.HtmlDecode(email)); email = email.Replace(";", string.Empty).Replace("//", string.Empty); sb.Append(email + "');"); sb.Append('\n'); sb.Append("self.EmailText = '"); sb.Append(this.LocalizeString("Email") + "';"); sb.Append('\n'); this.ProfileProperties = sb.ToString(); } catch (Exception exc) { // Module failed to load Exceptions.ProcessModuleLoadException(this, exc); } }