private static bool IsAccessibleToEveryone(ISecurable content) { var visitorPrinciple = new System.Security.Principal.GenericPrincipal( new System.Security.Principal.GenericIdentity("visitor"), new[] { "Everyone" }); return(content.GetSecurityDescriptor().HasAccess(visitorPrinciple, AccessLevel.Read)); }
// Note! This broke with CMS 8, but since we're not using the languageselector // from code, we just ignore it //public virtual T Get<T>(ContentReference contentLink) where T : IContentData //{ // // CMS 8 // // LoaderOptions options = new LoaderOptions(); // // options.Add(new LanguageLoaderOption() {FallbackBehaviour = LanguageBehaviour.Fallback}); // return this.Get<T>(contentLink, (LanguageSelector)LanguageSelector.AutoDetect(true)); //} public virtual T Get <T>(ContentReference contentLink) where T : IContentData { T obj = Locate.ContentRepository().Get <T>(contentLink); if ((object)obj == null) { return(default(T)); } AccessLevel access = contentLink.CompareToIgnoreWorkID(this.CurrentContentLink) ? AccessLevel.Read : AccessLevel.Read; ISecurable securable = (object)obj as ISecurable; if (securable != null && !securable.GetSecurityDescriptor().HasAccess(PrincipalInfo.CurrentPrincipal, access)) { if (PrincipalInfo.CurrentPrincipal.Identity.IsAuthenticated) { throw new AccessDeniedException(); } DefaultAccessDeniedHandler.AccessDenied((object)this); } return(obj); }
/// <summary> /// Allows editing. /// </summary> /// <returns><c>true</c> if editing is allowed, <c>false</c> otherwise.</returns> private bool AllowEditable() { PropertyData innerProperty = this.InnerProperty; PropertyContext currentContext = this.CurrentContext; if (innerProperty == null || innerProperty.IsDynamicProperty || currentContext == null) { return(false); } ISecurable securable = currentContext.PropertyContainer as ISecurable ?? currentContext.CurrentContent as ISecurable; bool flag = this.CurrentContent != null && this.CurrentContent.ContentLink.CompareToIgnoreWorkID( currentContext.CurrentContent.ContentLink) && currentContext.IsEditable() && !this.IsContainedInTemplate() && (securable == null || securable.GetSecurityDescriptor() .HasAccess(PrincipalInfo.CurrentPrincipal, AccessLevel.Edit)); return(flag); }
// Note! This broke with CMS 8, but since we're not using the languageselector // from code, we just ignore it //public virtual T Get<T>(ContentReference contentLink) where T : IContentData //{ // // CMS 8 // // LoaderOptions options = new LoaderOptions(); // // options.Add(new LanguageLoaderOption() {FallbackBehaviour = LanguageBehaviour.Fallback}); // return this.Get<T>(contentLink, (LanguageSelector)LanguageSelector.AutoDetect(true)); //} public virtual T Get <T>(ContentReference contentLink) where T : IContentData { T obj = Locate.ContentRepository().Get <T>(contentLink); if ((object)obj == null) { return(default(T)); } AccessLevel access = contentLink.CompareToIgnoreWorkID(this.CurrentContentLink) ? AccessLevel.Read : AccessLevel.Read; ISecurable securable = (object)obj as ISecurable; if (securable != null && !securable.GetSecurityDescriptor().HasAccess(PrincipalInfo.CurrentPrincipal, access)) { if (PrincipalInfo.CurrentPrincipal.Identity.IsAuthenticated) { throw new AccessDeniedException(); } IAccessDeniedHandler handler = ServiceLocator.Current.GetInstance <IAccessDeniedHandler>(); handler.AccessDenied(new HttpContextWrapper(Context)); // Man - we really need to get rid of web forms soon! } return(obj); }
private static bool IsAccessibleToEveryone(ISecurable content) { var visitorPrinciple = new System.Security.Principal.GenericPrincipal( new System.Security.Principal.GenericIdentity("visitor"), new[] { "Everyone" }); return content.GetSecurityDescriptor().HasAccess(visitorPrinciple, AccessLevel.Read); }