public ContentApprovalsManagerPageController(
IApprovalDefinitionRepository repoDefinitions,
IContentRepository repoContent,
IApprovalRepository repoApprovals,
IApprovalEngine engine,
UIRoleProvider roles,
UIUserProvider users,
IContentSecurityRepository repoSecurity)
{
this.repoDefinitions = repoDefinitions;
this.repoContent = repoContent;
this.repoApprovals = repoApprovals;
this.engine = engine;
// if the editors role does not exist, create it and assign access rights
if (!roles.RoleExists(editors))
{
roles.CreateRole(editors);
var permissions = repoSecurity.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;
permissions.AddEntry(new AccessControlEntry(editors,
AccessLevel.Create | AccessLevel.Edit | AccessLevel.Delete | AccessLevel.Read | AccessLevel.Publish));
repoSecurity.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
}
// create three users and add them to roles
UIUserCreateStatus status;
IEnumerable <string> errors = Enumerable.Empty <string>();
if (users.GetUser(userName1) == null)
{
users.CreateUser(
userName1, password,
email: userName1.ToLower() + emailBase,
passwordQuestion: null, passwordAnswer: null,
isApproved: true, status: out status, errors: out errors);
roles.AddUserToRoles(userName1, new string[] { admins });
}
if (users.GetUser(userName2) == null)
{
users.CreateUser(
userName2, password, userName2.ToLower() + emailBase,
null, null, true, out status, out errors);
roles.AddUserToRoles(userName2, new string[] { editors });
}
if (users.GetUser(userName3) == null)
{
users.CreateUser(
userName3, password, userName3.ToLower() + emailBase,
null, null, true, out status, out errors);
roles.AddUserToRoles(userName3, new string[] { editors });
}
}
public void Initialize(InitializationEngine context)
{
// Assume that everything is setup if the WebAdmins role has been created
if (UIRoleProvider.RoleExists("WebAdmins"))
{
return;
}
AddUsersAndRoles(context.Locate.Advanced.GetInstance <IContentSecurityRepository>());
}
private void SetFullAccessToRole(string roleName)
{
if (!_UIRoleProvider.RoleExists(roleName))
{
_UIRoleProvider.CreateRole(roleName);
var securityrep = ServiceLocator.Current.GetInstance <IContentSecurityRepository>();
var permissions = securityrep.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;
permissions.AddEntry(new AccessControlEntry(roleName, AccessLevel.FullAccess));
securityrep.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
}
}
private void AddRole(string roleName, AccessLevel accessLevel, IContentSecurityRepository securityRepository)
{
if (!UIRoleProvider.RoleExists(roleName))
{
UIRoleProvider.CreateRole(roleName);
var permissions = (IContentSecurityDescriptor)securityRepository.Get(ContentReference.RootPage).CreateWritableClone();
permissions.AddEntry(new AccessControlEntry(roleName, accessLevel));
securityRepository.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
securityRepository.Save(ContentReference.WasteBasket, permissions, SecuritySaveType.Replace);
}
}
public ActionResult Index(string submit)
{
// Use EPiServer classes to create roles and users
UIUserCreateStatus status;
IEnumerable <string> errors = new List <string>();
if (!roles.RoleExists(Role))
{
roles.CreateRole(Role);
}
users.DeleteUser(Username, true);
var newUser = users.CreateUser(Username, Password, Email,
passwordQuestion: null, passwordAnswer: null,
isApproved: true,
status: out status, errors: out errors);
if (status == UIUserCreateStatus.Success)
{
roles.AddUserToRoles(Username, new[] { Role });
}
// Use EPiServer classes to give access rights to Root
SetSecurity(ContentReference.RootPage, "CmsAdmins", AccessLevel.FullAccess);
SetSecurity(ContentReference.RootPage, "WebAdmins", AccessLevel.NoAccess);
SetSecurity(ContentReference.RootPage, "Administrators", AccessLevel.NoAccess);
ResetAdmin.IsEnabled = false;
ViewData["message"] = $"Reset Admin completed successfully.";
return(View("~/Features/ResetAdmin/ResetAdmin.cshtml"));
}
public ActionResult Index(string submit)
{
int countOfRolesCreated = 0;
int countOfUsersCreated = 0;
#region Use EPiServer classes to create roles and users
UIUserCreateStatus status;
IEnumerable <string> errors = new List <string>();
foreach (string role in rolesToCreate)
{
if (!roles.RoleExists(role))
{
roles.CreateRole(role);
countOfRolesCreated++;
}
}
foreach (var item in Users)
{
if (users.GetUser(item.UserName) == null)
{
var newUser = users.CreateUser(item.UserName, password,
email: $"{item.UserName.ToLower()}{email}",
passwordQuestion: null, passwordAnswer: null,
isApproved: true,
status: out status, errors: out errors);
if (status == UIUserCreateStatus.Success)
{
countOfUsersCreated++;
roles.AddUserToRoles(item.UserName, item.Roles);
}
}
}
#endregion
#region Use EPiServer classes to give access rights to Root, Recycle Bin, and News & Events
SetSecurity(ContentReference.RootPage, adminsRole, AccessLevel.FullAccess);
SetSecurity(ContentReference.RootPage, "WebAdmins", AccessLevel.NoAccess);
SetSecurity(ContentReference.RootPage, "Administrators", AccessLevel.NoAccess);
SetSecurity(ContentReference.RootPage, contentCreatorsRole, AccessLevel.Read | AccessLevel.Create | AccessLevel.Edit | AccessLevel.Delete);
SetSecurity(ContentReference.RootPage, marketersRole, AccessLevel.Create | AccessLevel.Publish);
SetSecurity(ContentReference.WasteBasket, adminsRole, AccessLevel.FullAccess);
SetSecurity(ContentReference.WasteBasket, "Administrators", AccessLevel.NoAccess);
// find the News & Events page
var criteria = new PropertyCriteriaCollection
{
new PropertyCriteria
{
Name = "PageName",
Type = PropertyDataType.LongString,
Condition = CompareCondition.Equal,
Value = "News & Events"
}
};
var pages = pageFinder.FindPagesWithCriteria(ContentReference.StartPage, criteria);
if (pages.Count == 1)
{
// give News Editors full access and remove all access for others
var news = pages[0].ContentLink;
SetSecurity(news, newsEditorsRole, AccessLevel.FullAccess, overrideInherited: true);
SetSecurity(news, contentCreatorsRole, AccessLevel.NoAccess, overrideInherited: true);
SetSecurity(news, marketersRole, AccessLevel.NoAccess, overrideInherited: true);
}
// find the Press Releases page
criteria = new PropertyCriteriaCollection
{
new PropertyCriteria
{
Name = "PageName",
Type = PropertyDataType.LongString,
Condition = CompareCondition.Equal,
Value = "Press Releases"
}
};
pages = pageFinder.FindPagesWithCriteria(ContentReference.StartPage, criteria);
if (pages.Count == 1)
{
// allow Lawyers and C-Level Execs to edit Press Releases
// so they can approve/decline changes
var pressReleases = pages[0].ContentLink;
SetSecurity(pressReleases, lawyersRole, AccessLevel.Edit, overrideInherited: true);
SetSecurity(pressReleases, cLevelExecsRole, AccessLevel.Edit, overrideInherited: true);
}
#endregion
RegisterPersonas.IsEnabled = false;
ViewData["message"] = $"Register personas completed successfully. {countOfRolesCreated} roles created. {countOfUsersCreated} users created and added to roles.";
return(View("~/Features/RegisterPersonas/RegisterPersonas.cshtml"));
}