void SetEditLinksAndVisibilityBasedOnPermissions(DataSet ds)
{
if (User != null && TabId != Null.NullInteger)
{
//Provide a permission aware EditLink as an additional column to the dataset
var security = new ModuleSecurity(ModuleId, TabId, Settings);
var createdByColumnName = ColumnNameByDataType(ds, DataTypeNames.UDT_DataType_CreatedBy);
ds.Tables[DataSetTableName.Data].Columns.Add(DataTableColumn.EditLink, typeof (string));
var urlPattern = EditUrlPattern ?? Globals.NavigateURL(TabId, "edit", "mid=" + ModuleId, DataTableColumn.RowId + "={0}");
foreach (DataRow row in ds.Tables[DataSetTableName.Data].Rows)
{
var rowCreatorUserName = row[createdByColumnName].ToString();
var isRowOwner =
Convert.ToBoolean((rowCreatorUserName == User.Username) &&
rowCreatorUserName != Definition.NameOfAnonymousUser);
if (security.IsAllowedToEditRow(isRowOwner))
{
row[DataTableColumn.EditLink] = string.Format(urlPattern, row[DataTableColumn.RowId]);
}
}
//Adjust visibility to actual permissions
foreach (DataRow row in ds.Tables[DataSetTableName.Fields].Rows)
{
row[FieldsTableColumn.Visible] = Convert.ToBoolean(row[FieldsTableColumn.Visible]) ||
(security.IsAllowedToSeeAllUserDefinedColumns() &&
(DataType.ByName(row[FieldsTableColumn.Type].ToString()).
IsUserDefinedField ||
Settings.ShowSystemColumns));
}
}
}
public EditControls(ModuleInstanceContext moduleContext)
{
_moduleContext = moduleContext;
var isAdmin = ModuleSecurity.IsAdministrator();
var isAnonymous = Convert.ToBoolean(moduleContext.PortalSettings.UserId == -1);
_inputFilterScript =
Convert.ToBoolean(
!(isAdmin && !moduleContext.Settings[SettingName.ForceInputFiltering].AsBoolean()));
_inputFilterTags =
Convert.ToBoolean(!isAdmin &&
(isAnonymous ||
moduleContext.Settings[SettingName.ForceInputFiltering].AsBoolean()));
}
void InitViews()
{
var sec = new ModuleSecurity(ModuleId, TabId, new Components.Settings(Settings));
switch (ModuleContext.Settings[SettingName.ListOrForm].AsString("Unknown"))
{
case "List":
LoadControlByKey("List");
break;
case "Form":
if (Request.QueryString["show"].AsString() == "records" && sec.IsAllowedToViewList())
{
LoadControlByKey("List");
}
else
{
LoadControlByKey("Edit");
}
break;
case "FormAndList":
LoadControlByKey("Edit");
if (sec.IsAllowedToViewList())
{
LoadControlByKey("List");
}
break;
case "ListAndForm":
if (sec.IsAllowedToViewList())
{
LoadControlByKey("List");
}
LoadControlByKey("Edit");
break;
default:
LoadControlByKey(IsNewModuleInstance() ? "TemplateList" : "List");
break;
}
}
public void EnsureActionButton()
{
var useButtons = Settings.UseButtonsInForm;
var sec = new ModuleSecurity(ModuleId, TabId, Settings );
if (sec.IsAllowedToViewList() && Settings.OnlyFormIsShown )
{
var url = Globals.NavigateURL(TabId, "", "show=records");
var title = Localization.GetString("List.Action", LocalResourceFile);
cmdShowRecords.NavigateUrl = url;
cmdShowRecords.Text = title;
cmdShowRecords.Visible = useButtons;
}
}
void BuildEditForm()
{
var fieldSettingsTable = FieldSettingsController.GetFieldSettingsTable(ModuleId);
var editForm = new List<FormColumnInfo>();
FormColumnInfo currentField;
var security = new ModuleSecurity(ModuleContext);
_editControls = new EditControls(ModuleContext);
foreach (DataRow dr in Data.Tables[DataSetTableName.Fields].Rows)
{
var fieldTitle = dr[FieldsTableColumn.Title].AsString();
var dataTypeName = dr[FieldsTableColumn.Type].AsString();
var dataType = DataType.ByName(dataTypeName);
var isColumnEditable =
Convert.ToBoolean((! dataType.SupportsHideOnEdit ||
Convert.ToBoolean(dr[FieldsTableColumn.ShowOnEdit])) &&
(! Convert.ToBoolean(dr[FieldsTableColumn.IsPrivate]) ||
security.IsAllowedToEditAllColumns()));
//If Column is hidden, the Fieldtype falls back to "String" as the related EditControl works perfect even if it is not visibile
//EditControls of other user defined datatypes may use core controls (e.g. UrlControl or RTE) which are not rock solid regarding viewstate.
if (! isColumnEditable && dataType.IsUserDefinedField)
{
dataTypeName = "String";
}
currentField = new FormColumnInfo {IsUserDefinedField = dataType.IsUserDefinedField};
if (dataType.IsSeparator)
{
var fieldId = (int)dr[FieldsTableColumn.Id];
currentField.IsCollapsible = Data.Tables[DataSetTableName.FieldSettings].GetFieldSetting("IsCollapsible", fieldId).AsBoolean();
currentField.IsSeparator = true;
if (dr[FieldsTableColumn.Visible].AsBoolean())
{
currentField.Title = fieldTitle;
}
currentField.Visible = isColumnEditable;
}
else
{
currentField.Help = dr[FieldsTableColumn.HelpText].AsString();
currentField.Title = dr[FieldsTableColumn.Title].AsString();
currentField.Required =
Convert.ToBoolean(dr[FieldsTableColumn.Required].AsBoolean() &&
dataType.IsUserDefinedField);
//advanced Settings: Dynamic control
currentField.EditControl = _editControls.Add(dr[FieldsTableColumn.Title].AsString(),
dataTypeName, Convert.ToInt32(dr[FieldsTableColumn.Id]),
dr[FieldsTableColumn.HelpText].AsString(),
dr[FieldsTableColumn.Default].AsString(),
dr[FieldsTableColumn.Required].AsBoolean(),
dr[FieldsTableColumn.ValidationRule].AsString(),
dr[FieldsTableColumn.ValidationMessage].AsString(),
dr[FieldsTableColumn.EditStyle].AsString(),
dr[FieldsTableColumn.InputSettings].AsString(),
dr[FieldsTableColumn.OutputSettings].AsString(),
dr[FieldsTableColumn.NormalizeFlag].AsBoolean(),
dr[FieldsTableColumn.MultipleValues].AsBoolean(),
fieldSettingsTable,
this );
currentField.Visible = isColumnEditable;
}
editForm.Add(currentField);
}
if (CaptchaNeeded())
{
_ctlCaptcha = new CaptchaControl
{
ID = "Captcha",
CaptchaWidth = Unit.Pixel(130),
CaptchaHeight = Unit.Pixel(40),
ToolTip = Localization.GetString("CaptchaToolTip", LocalResourceFile),
ErrorMessage = Localization.GetString("CaptchaError", LocalResourceFile)
};
currentField = new FormColumnInfo
{
Title = Localization.GetString("Captcha", LocalResourceFile),
EditControl = _ctlCaptcha,
Visible = true,
IsUserDefinedField = false
};
editForm.Add(currentField);
}
BuildCssForm(editForm);
//Change captions of buttons in Form mode
if (IsNewRow && Settings.ListOrForm.Contains("Form"))
{
cmdUpdate.Attributes["resourcekey"] = "cmdSend.Text";
}
}
void CheckPermission(bool isUsersOwnItem = true)
{
var security = new ModuleSecurity(ModuleContext);
if (
!((! IsNewRow && security.IsAllowedToEditRow(isUsersOwnItem)) ||
(IsNewRow && security.IsAllowedToAddRow() && (security.IsAllowedToAdministrateModule() || HasAddPermissonByQuota() ))))
{
if (IsNested())
{
cmdUpdate.Enabled = false;
divForm.Visible = true;
}
else
{
Response.Redirect(Globals.NavigateURL(ModuleContext.TabId), true);
}
}
else
{
_hasUpdatePermission = true;
}
_hasDeletePermission = Convert.ToBoolean(security.IsAllowedToDeleteRow(isUsersOwnItem) && ! IsNewRow);
cmdDelete.Visible = _hasDeletePermission;
}
public void EnsureActionButton()
{
var modSecurity = new ModuleSecurity(ModuleContext);
var useButtons = Settings.UseButtonsInForm ;
if (Settings.OnlyFormIsShown )
{
var url = Globals.NavigateURL(ModuleContext.TabId);
var title = Localization.GetString("BackToForm.Action", LocalResourceFile);
ActionLink.NavigateUrl = url;
ActionLink.Text = title;
placeholderActions.Visible = useButtons;
}
else if (Settings.OnlyListIsShown && modSecurity.IsAllowedToAddRow() && SchemaIsDefined() &&
(modSecurity.IsAllowedToAdministrateModule() || HasAddPermissonByQuota()))
{
var url = ModuleContext.EditUrl();
var title = Localization.GetString(ModuleActionType.AddContent, LocalResourceFile);
ActionLink.NavigateUrl = url;
ActionLink.Text = title;
placeholderActions.Visible = useButtons;
}
}
void ShowModuleMessage(string message)
{
var moduleControl = GetModuleControl();
var modSecurity = new ModuleSecurity(ModuleContext);
if (modSecurity.IsAllowedToAdministrateModule())
{
UI.Skins.Skin.AddModuleMessage(moduleControl, message,ModuleMessage.ModuleMessageType.YellowWarning);
}
}
public void RaisePostBackEvent(string eventArgument)
{
var modSecurity = new ModuleSecurity(ModuleContext);
if (eventArgument == "DeleteAll" && modSecurity.IsAllowedToAdministrateModule())
{
UdtController.DeleteRows();
Response.Redirect(Globals.NavigateURL(ModuleContext.TabId), true);
}
}