/// <summary> /// Initializes the object and performs all the initial security checks /// </summary> protected AdamState(IBlock block, int appId, string contentType, string field, Guid guid, bool usePortalRoot, ILog log) : base("Adm.State", log) { var callLog = Log.Call($"field:{field}, guid:{guid}"); App = Factory.Resolve <Apps.App>().Init(appId, log, block); Permissions = new MultiPermissionsTypes() .Init(block.Context, App, contentType, Log); Block = block; // only do checks on field/guid if it's actually accessing that, if it's on the portal root, don't. UseTenantRoot = usePortalRoot; if (!usePortalRoot) { ItemField = field; ItemGuid = guid; } Security = Factory.Resolve <SecurityChecksBase>().Init(this, usePortalRoot, Log); SecurityCheckHelpers.ThrowIfAccessingRootButNotAllowed(usePortalRoot, Security.UserIsRestricted); Log.Add("check if feature enabled"); if (Security.UserIsRestricted && !ToSic.Eav.Configuration.Features.Enabled(FeaturesForRestrictedUsers)) { throw HttpException.PermissionDenied( $"low-permission users may not access this - {ToSic.Eav.Configuration.Features.MsgMissingSome(FeaturesForRestrictedUsers)}"); } PrepCore(App, guid, field, usePortalRoot); if (string.IsNullOrEmpty(contentType) || string.IsNullOrEmpty(field)) { return; } Attribute = Definition(appId, contentType, field); if (!Security.FileTypeIsOkForThisField(out var exp)) { throw exp; } callLog(null); }
protected abstract void PrepCore(IApp app, Guid entityGuid, string fieldName, bool usePortalRoot);
public ListsBackendBase Init(IApp app, ILog parentLog) { Log.LinkTo(parentLog); _app = app; return(this); }