[AllowAnonymous] // will check security internally, so assume no requirements public void Delete(string contentType, Guid guid, [FromUri] string appPath = null) { Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder); var entityApi = new EntityApi(appIdentity.AppId, true, Log); var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid); var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log); if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception)) { throw exception; } entityApi.Delete(itm.Type.Name, guid); }
internal void Delete(IInstanceContext context, IBlock ctxBlock, string contentType, Guid guid, string appPath) { Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock); var entityApi = new EntityApi(appIdentity.AppId, true, Log); var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid); var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log); if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var error)) { throw HttpException.PermissionDenied(error); } entityApi.Delete(itm.Type.Name, guid); }
[AllowAnonymous] // will check security internally, so assume no requirements public void Delete(string contentType, Guid guid, [FromUri] string appPath = null) { Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, SxcInstance); var entityApi = new EntityApi(appIdentity.AppId, Log); var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid); var permCheck = new MultiPermissionsItems(SxcInstance, appIdentity.AppId, itm, Log); if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception)) { throw exception; } //2018-09-15 2dm moved/disabled //var context = GetContext(SxcInstance, Log); //PerformSecurityCheck(appIdentity, itm.Type.Name, Grants.Delete, appPath == null ? context.Dnn.Module : null, itm); entityApi.Delete(itm.Type.Name, guid); }