Esempio n. 1
0
        public string ResolveHyperlink(string hyperlink, int appId, string contentType, Guid guid, string field)
        {
            try
            {
                // different security checks depending on the link-type
                var lookupPage = hyperlink.Trim().StartsWith("page", StringComparison.OrdinalIgnoreCase);

                // look it up first, because we need to know if the result is in ADAM or not (different security scenario)
                var conv     = new DnnValueConverter();
                var resolved = conv.Convert(ConversionScenario.GetFriendlyValue, "Hyperlink", hyperlink);

                if (lookupPage)
                {
                    // page link - only resolve if the user has edit-permissions
                    // only people who have some full edit permissions may actually look up pages
                    var permCheckPage = new MultiPermissionsApp(SxcInstance, appId, Log);
                    return(permCheckPage.UserMayOnAll(GrantSets.WritePublished)
                        ? resolved
                        : hyperlink);
                }

                // for file, we need guid & field - otherwise return the original unmodified
                if (guid == default(Guid) || string.IsNullOrEmpty(field) || string.IsNullOrEmpty(contentType))
                {
                    return(hyperlink);
                }

                var isOutsideOfAdam = !(resolved.IndexOf("/adam/", StringComparison.Ordinal) > 0);

                // file-check, more abilities to allow
                // this will already do a ensure-or-throw inside it if outside of adam
                var adamCheck = new AdamSecureState(SxcInstance, appId, contentType, field, guid, isOutsideOfAdam, Log);
                if (!adamCheck.SuperUserOrAccessingItemFolder(resolved, out var exp))
                {
                    throw exp;
                }
                if (!adamCheck.UserIsPermittedOnField(GrantSets.ReadSomething, out exp))
                {
                    throw exp;
                }

                // if everythig worked till now, it's ok to return the result
                return(resolved);
            }
            catch
            {
                return(hyperlink);
            }
        }
Esempio n. 2
0
        public string ResolveHyperlink(string hyperlink)
        {
            var set = GetAppRequiringPermissionsOrThrow(App.AppId, GrantSets.WriteSomething);

            var conv     = new DnnValueConverter();
            var fullLink = conv.Convert(ConversionScenario.GetFriendlyValue, "Hyperlink", hyperlink);

            // if the user may only create drafts, then he/she may only see stuff from the adam folder
            var permCheck = set.Item2;

            if (permCheck.UserMay(GrantSets.WritePublished))
            {
                return(fullLink);
            }

            return(!(fullLink.IndexOf("/adam/", StringComparison.Ordinal) > 0)
                ? hyperlink
                : fullLink);
        }
Esempio n. 3
0
        public string ResolveHyperlink(string hyperlink)
        {
            var conv = new DnnValueConverter();

            return(conv.Convert(ConversionScenario.GetFriendlyValue, "Hyperlink", hyperlink));
        }