private void InsertAdminAreaZone(int AdminPageId)
        {
            CmsPageSecurityZone z = new CmsPageSecurityZone();

            z.ZoneName       = "Internal Author Tools Zone";
            z.StartingPageId = AdminPageId;
            if (new CmsZoneDb().insert(z) == false)
            {
                throw new Exception("Cannot insert Zone");
            }

            // anonymous users cannot read or write in this zone
            CmsZoneUserRole anonZoneRole = new CmsZoneUserRole(z.ZoneId, WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID, false, false);

            if (new CmsZoneUserRoleDb().insert(anonZoneRole) == false)
            {
                throw new Exception("Cannot insert anonymous ZoneUserRole");
            }

            // authors can write and read all pages in this zone
            WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", "Author"));

            if (authorRole.RoleID >= 0)
            {
                CmsZoneUserRole authorZoneRole = new CmsZoneUserRole(z.ZoneId, authorRole.RoleID, true, true);
                if (new CmsZoneUserRoleDb().insert(authorZoneRole) == false)
                {
                    throw new Exception("Cannot insert author ZoneUserRole");
                }
            }
        }
Exemple #2
0
        private WebPortalUserRole[] getAllAvailableRoles()
        {
            List <WebPortalUserRole> ret = new List <WebPortalUserRole>();
            string adminUserRoleName     = CmsConfig.getConfigValue("AdminUserRole", "Administrator");

            ret.Add(WebPortalUserRole.Fetch(adminUserRoleName));
            string authorUserRoleName = CmsConfig.getConfigValue("AuthorAccessUserRole", "Author");

            if (String.Compare(adminUserRoleName, authorUserRoleName, true) != 0)
            {
                ret.Add(WebPortalUserRole.Fetch(authorUserRoleName));
            }

            string nothing = Guid.NewGuid().ToString();
            CmsPageSecurityZone homePageZone = (new CmsPageSecurityZoneDb()).fetchByPage(CmsContext.HomePage);

            bool requireAnonLogin = homePageZone.canRead(WebPortalUser.dummyPublicUser);

            string loginRole = CmsConfig.getConfigValue("LoginUserRole", nothing);

            if (!requireAnonLogin && loginRole != nothing && String.Compare(loginRole, authorUserRoleName, true) != 0 && String.Compare(loginRole, adminUserRoleName, true) != 0)
            {
                ret.Add(WebPortalUserRole.Fetch(loginRole));
            }
            return(ret.ToArray());
        }
Exemple #3
0
        /// <summary>
        /// Create the default home page zone and zone user role during setup.
        /// </summary>
        /// <returns></returns>
        private void InsertHomePageZone(int HomePageId)
        {
            CmsPageSecurityZone z = new CmsPageSecurityZone();

            z.ZoneName = "Default zone";

            z.StartingPage = pagerepository.Get(HomePageId);
            if (new CmsPageSecurityZoneDb().insert(z) == false)
            {
                throw new Exception("Cannot insert Home Page Zone");
            }

            // anonymous users can read, but not write pages in this zone
            CmsPageSecurityZoneUserRole anonZoneRole = new CmsPageSecurityZoneUserRole(z.Id, WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID, true, false);

            if (new CmsPageSecurityZoneUserRoleDb().insert(anonZoneRole) == false)
            {
                throw new Exception("Cannot insert anonymous ZoneUserRole");
            }

            // authors can write and read all pages in this zone
            WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", "Author"));

            if (authorRole.RoleID >= 0)
            {
                CmsPageSecurityZoneUserRole authorZoneRole = new CmsPageSecurityZoneUserRole(z.Id, authorRole.RoleID, true, true);
                if (new CmsPageSecurityZoneUserRoleDb().insert(authorZoneRole) == false)
                {
                    throw new Exception("Cannot insert author ZoneUserRole");
                }
            }
        }
Exemple #4
0
        private string getEditUserDisplay(int userId, CmsPage page)
        {
            string _errorMessage   = "";
            string _successMessage = "";

            bool          isEditingExisting = false;
            WebPortalUser user = WebPortalUser.FetchUser(userId, CmsPortalApplication.GetInstance());

            if (user != null)
            {
                isEditingExisting = true;
            }
            else
            {
                user = new WebPortalUser();
            }

            string userRole = "";

            if (user.userRoles.Length > 0)
            {
                userRole = getBestMatchingUserRoleName(getAllAvailableRoles(), user.userRoles);
            }

            string formaction = PageUtils.getFromForm("formaction", "");

            if (string.Compare(formaction, "saveupdates", true) == 0)
            {
                string un = PageUtils.getFromForm("username", user.UserName);
                if (un.Trim() == "")
                {
                    _errorMessage = "Please specify a username";
                }

                if (_errorMessage == "" && !isEditingExisting && WebPortalUser.FetchUser(un, CmsPortalApplication.GetInstance()) != null)
                {
                    _errorMessage = "A user with the username '" + un + "' already exists. Please use another username.";
                }

                string pw = PageUtils.getFromForm("password", user.Password);
                if (_errorMessage == "" && pw.Trim() == "")
                {
                    _errorMessage = "Blank passwords are not allowed.";
                }

                /*
                 * if (pw1 != pw2)
                 * {
                 *  errorMessage = "Passwords do not match.";
                 *  return;
                 * }*/

                string selRole = PageUtils.getFromForm("roles", userRole);
                if (selRole.Trim() == "")
                {
                    _errorMessage = "Please select the user's access level";
                }

                if (_errorMessage == "" && WebPortalUserRole.Fetch(selRole) == null)
                {
                    _errorMessage = "Invalid security group '" + selRole + "' (does not exist)";
                }


                if (_errorMessage == "")
                {
                    user.UserName = un;
                    user.Password = pw;

                    bool b = false;

                    user.ClearAllUserRoles();
                    user.AddUserRole(WebPortalUserRole.Fetch(selRole));
                    b = user.SaveToDatabase();
                    if (!b)
                    {
                        _errorMessage = "Fatal Error: could not save user to database.";
                    }
                    else
                    {
                        _successMessage = "User '" + un + "' has been saved.";
                    }
                }
            } // if saveUpdates

            StringBuilder html   = new StringBuilder();
            string        formId = "EditUsers";

            html.Append(page.getFormStartHtml(formId));
            if (_errorMessage != "")
            {
                html.Append("<p style=\"color: red;\">" + _errorMessage + "</p>");
            }
            if (_successMessage != "")
            {
                html.Append("<p style=\"color: green;\">" + _successMessage + "  - <a href=\"" + getPageDisplayUrl(new WebPortalUser(), page, PageDisplayMode.ListUsers) + "\">back to user list</a></p>");
            }
            html.Append("<table>");
            // -- User name
            html.Append("<tr><td>Username: </td><td>" + Environment.NewLine);
            if (!isEditingExisting)
            {
                html.Append(PageUtils.getInputTextHtml("username", "username", user.UserName, 30, 255));
            }
            else
            {
                html.Append(user.UserName);
            }
            html.Append("</td></tr>" + Environment.NewLine);

            // -- Password
            html.Append("<tr><td>Password: </td><td>");
            html.Append(PageUtils.getInputTextHtml("password", "password", user.Password, 30, 255));
            html.Append("</td></tr>" + Environment.NewLine);



            NameValueCollection roleOpts = new NameValueCollection();

            foreach (WebPortalUserRole role in getAllAvailableRoles())
            {
                roleOpts.Add(role.Name, role.Name + " - " + role.Description);
            }
            html.Append("<tr><td>Access Level: </td><td>");
            html.Append(PageUtils.getRadioListHtml("roles", "role", roleOpts, userRole, "", "<br />"));
            html.Append("</td></tr>" + Environment.NewLine);

            html.Append("</table>");

            html.Append(PageUtils.getHiddenInputHtml("formaction", "saveupdates"));
            html.Append(PageUtils.getHiddenInputHtml("uid", userId.ToString()));
            html.Append(PageUtils.getHiddenInputHtml("display", Enum.GetName(typeof(PageDisplayMode), PageDisplayMode.EditSelectedUser)));

            html.Append("<input type=\"submit\" value=\"save\">");
            html.Append(" <input type=\"button\" value=\"cancel\" onclick=\"window.location = '" + page.Url + "'\">");
            html.Append(page.getFormCloseHtml(formId));

            if (isEditingExisting)
            {
                formId = "delUser";
                html.Append(page.getFormStartHtml(formId));
                html.Append(PageUtils.getHiddenInputHtml("formaction", "deleteuser"));
                html.Append(PageUtils.getHiddenInputHtml("uid", userId.ToString()));
                html.Append(PageUtils.getHiddenInputHtml("display", Enum.GetName(typeof(PageDisplayMode), PageDisplayMode.EditSelectedUser)));

                html.Append("<p align=\"right\"><input type=\"submit\" value=\"delete user\"></p>");
                html.Append(page.getFormCloseHtml(formId));
            }

            return(html.ToString());
        }
Exemple #5
0
        protected void b_CreatePages_Click(object sender, EventArgs e)
        {
            // ensure that the connection to hatPortal is ok.
            try
            {
                WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", Guid.NewGuid().ToString()));
                WebPortalUserRole loginRole  = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("LoginUserRole", Guid.NewGuid().ToString()));
                WebPortalUserRole adminRole  = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AdminUserRole", Guid.NewGuid().ToString()));

                if (adminRole == null || adminRole.RoleID < 0)
                {
                    l_msg.Text = "Error: Standard Pages could not all be added. The AdminUserRole could not be found.";
                    return;
                }
            }
            catch (Exception ex)
            {
                l_msg.Text = "Error: Standard Pages could not all be added. The hatWebPortalConnectionString may be set incorrectly.";
                return;
            }

            try
            {
                // home page
                int HomePageId = InsertPage("", "Home Page", "Home Page", "", "HomePage", -1, 0, true);
                // create the home page security zones
                InsertHomePageZone(HomePageId);

                //# /_Login Page (not visible in menu)
                InsertPage("_Login", "Login", "Login", "", "_login", HomePageId, 0, false);

                // _Admin Page (hidden)
                int AdminPageId = InsertPage("_admin", "HatCMS Administration", "Admin", "", RedirectTemplateName, HomePageId, 0, false);
                // create the admin area security zones
                InsertAdminAreaZone(AdminPageId);

                // -- redirect the admin page to the home page.
                InsertRedirectPlaceholder(CmsContext.getPageById(AdminPageId), 1, "~/");


                //# Admin Actions Page

                int AdminActionsPageId = InsertPage("actions", "Admin Actions", "Admin Actions", "", RedirectTemplateName, AdminPageId, -1, false);

                // -- redirect the admin actions page to the home page.
                InsertRedirectPlaceholder(CmsContext.getPageById(AdminActionsPageId), 1, "~/");


                //# Toggle Edit Admin Action Page
                InsertPage("gotoEdit", "Goto Edit Mode", "Goto Edit Mode", "", "_gotoEditMode", AdminActionsPageId, -1, false);

                InsertPage("gotoView", "Goto View Mode", "Goto View Mode", "", "_gotoViewMode", AdminActionsPageId, -1, false);


                //# /_admin/actions/createPage
                InsertPage("createPage", "Create Page", "Create Page", "", "_CreateNewPagePopup", AdminActionsPageId, -1, false);


                // # Delete Page Admin Action Page
                InsertPage("deletePage", "Delete Page", "Delete Page", "", "_DeletePagePopup", AdminActionsPageId, -1, false);


                //# Sort Sub Pages Admin Action Page
                InsertPage("sortSubPages", "Sort Sub Pages", "Sort Sub Pages", "", "_SortSubPagesPopup", AdminActionsPageId, -1, false);

                //# Change Menu Visibiity (Show In Menu indicator) Admin Action Page
                InsertPage("MenuVisibilityPopup", "Change Menu Visibility", "Change Menu Visibility", "", "_MenuVisibilityPopup", AdminActionsPageId, -1, false);

                // /_admin/actions/movePage
                InsertPage("movePage", "Move Page", "Move Page", "", "_MovePagePopup", AdminActionsPageId, -1, false);


                // /_admin/actions/renamePage
                InsertPage("renamePage", "Rename Page", "Rename Page", "", "_RenamePagePopup", AdminActionsPageId, -1, false);

                // /_admin/actions/killLock
                InsertPage("killLock", "Kill Edit Page Lock", "Kill Edit Page Lock", "", "_KillLockPopup", AdminActionsPageId, -1, false);


                // /_admin/actions/changeTemplate
                InsertPage("changeTemplate", "Change Page's Template", "Change Page's Template", "", "_ChangePageTemplatePopup", AdminActionsPageId, -1, false);


                // /_admin/actions/deleteFileLibrary
                InsertPage("deleteFileLibrary", "Delete a file library", "Delete a file library", "", "_DeleteFileLibraryPopup", AdminActionsPageId, -1, false);


                //# Admin Tools page (/_admin/Audit)
                InsertPage("Audit", "Administration Tools", "Admin Tools", "", "_AdminMenuPopup", AdminPageId, -1, false);

                //# view revisions page (/_admin/ViewRevisions)
                InsertPage("ViewRevisions", "View Page Revisions", "View Page Revisions", "", "_PageRevisionsPopup", AdminPageId, -1, false);

                //# EditUsers page (/_admin/EditUsers)
                InsertPage("EditUsers", "Edit Users", "Edit Users", "", "_EditUsersPopup", AdminPageId, -1, false);

                // edit job location page
                InsertPage("JobLocation", "Job Location", "Job Location", "", "_JobLocationPopup", AdminPageId, -1, false);

                // edit event calendar category page
                InsertPage("EventCalendarCategory", "Event Calendar Category", "Event Calendar Category", "", "_EventCalendarCategoryPopup", AdminPageId, -1, false);

                // edit File Library category page
                InsertPage("FileLibraryCategory", "File Library Category", "File Library Category", "", "_FileLibraryCategoryPopup", AdminPageId, -1, false);

                // delete File Library page
                InsertPage("deleteFileLibrary", "Delete File Library", "Delete File Library", "", "_DeleteFileLibraryPopup", AdminPageId, -1, false);

                // --------------------------------
                // /_Internal Page
                int InternalPageId = InsertPage("_internal", "Internal CMS Functions", "Internal CMS Functions", "", RedirectTemplateName, HomePageId, -1, false);

                // -- redirect the /_internal page to the home page.
                InsertRedirectPlaceholder(CmsContext.getPageById(InternalPageId), 1, "~/");

                //# Show Single Image page (/_internal/showImage)
                InsertPage("showImage", "Show Image", "Show Image", "", "_SingleImageDisplay", InternalPageId, -1, false);

                l_msg.Text = "All standard pages have been added successfully.";
            }
            catch (Exception ex)
            {
                l_msg.Text = "Error: Standard Pages could not all be added. The state of the database is currently unknown. Please manually delete the database and start again.";
            }
        } // b_db_Click