/// <param name="moduleId"></param> /// <param name="tabId"></param> /// <param name="permissionKey">You can use the constants, but for modules there are only /// those two</param> /// <returns></returns> public static bool canUserAccessModule(UserInfo user, int portalId, int tabId, ModuleInfo moduleInfo, string permissionKey) { var retVal = false; string permissionsString = null; if (moduleInfo.InheritViewPermissions) { var tabPermissionController = new TabPermissionController(); var tabPermissionCollection = tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId); permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey); } else { var modulePermissionController = new ModulePermissionController(); var permissionCollection = modulePermissionController.GetModulePermissionsCollectionByModuleID(moduleInfo.ModuleID, tabId); permissionsString = modulePermissionController.GetModulePermissions(permissionCollection, permissionKey); } char[] splitter = { ';' }; var roles = permissionsString.Split(splitter); foreach (var role in roles) { if (role.Length > 0) { if (user != null && user.IsInRole(role)) retVal = true; else if (user == null && role.ToLower().Equals("all users")) retVal = true; } } return retVal; }
public int AddModule( ModuleInfo objModule ) { // add module if( Null.IsNull( objModule.ModuleID ) ) { objModule.ModuleID = DataProvider.Instance().AddModule( objModule.PortalID, objModule.ModuleDefID, objModule.ModuleTitle, objModule.AllTabs, objModule.Header, objModule.Footer, objModule.StartDate, objModule.EndDate, objModule.InheritViewPermissions, objModule.IsDeleted ); // set module permissions if( objModule.ModulePermissions != null ) { ModulePermissionController objModulePermissionController = new ModulePermissionController(); ModulePermissionCollection objModulePermissions; objModulePermissions = objModule.ModulePermissions; foreach( ModulePermissionInfo objModulePermission in objModulePermissions ) { objModulePermission.ModuleID = objModule.ModuleID; objModulePermissionController.AddModulePermission( objModulePermission, objModule.TabID ); } } } //This will fail if the page already contains this module try { // add tabmodule DataProvider.Instance().AddTabModule( objModule.TabID, objModule.ModuleID, objModule.ModuleOrder, objModule.PaneName, objModule.CacheTime, objModule.Alignment, objModule.Color, objModule.Border, objModule.IconFile, (int)objModule.Visibility, objModule.ContainerSrc, objModule.DisplayTitle, objModule.DisplayPrint, objModule.DisplaySyndicate ); if( objModule.ModuleOrder == -1 ) { // position module at bottom of pane UpdateModuleOrder( objModule.TabID, objModule.ModuleID, objModule.ModuleOrder, objModule.PaneName ); } else { // position module in pane UpdateTabModuleOrder( objModule.TabID, objModule.PortalID ); } } catch { // module already in the page, ignore error } ClearCache( objModule.TabID ); return objModule.ModuleID; }
private void ParseModulePermissions( XmlNodeList nodeModulePermissions, int PortalId, int ModuleID ) { RoleController objRoleController = new RoleController(); RoleInfo objRole = null; ModulePermissionCollection objModulePermissions = new ModulePermissionCollection(); ModulePermissionController objModulePermissionController = new ModulePermissionController(); PermissionController objPermissionController = new PermissionController(); PermissionInfo objPermission = null; ModulePermissionCollection objModulePermissionCollection = new ModulePermissionCollection(); int PermissionID = 0; ArrayList arrPermissions = null; int i = 0; string PermissionKey = null; string PermissionCode = null; string RoleName = null; int RoleID = 0; bool AllowAccess = false; foreach( XmlNode node in nodeModulePermissions ) { PermissionKey = XmlUtils.GetNodeValue( node, "permissionkey", "" ); PermissionCode = XmlUtils.GetNodeValue( node, "permissioncode", "" ); RoleName = XmlUtils.GetNodeValue( node, "rolename", "" ); AllowAccess = XmlUtils.GetNodeValueBoolean( node, "allowaccess", false ); RoleID = int.MinValue; if( RoleName == Globals.glbRoleAllUsersName ) { RoleID = Convert.ToInt32( Globals.glbRoleAllUsers ); } else if( RoleName == Globals.glbRoleUnauthUserName ) { RoleID = Convert.ToInt32( Globals.glbRoleUnauthUser ); } else { objRole = objRoleController.GetRoleByName( PortalId, RoleName ); if( objRole != null ) { RoleID = objRole.RoleID; } } if( RoleID != int.MinValue ) { PermissionID = -1; arrPermissions = objPermissionController.GetPermissionByCodeAndKey( PermissionCode, PermissionKey ); for( i = 0; i < arrPermissions.Count; i++ ) { objPermission = (PermissionInfo)( arrPermissions[i] ); PermissionID = objPermission.PermissionID; } // if role was found add, otherwise ignore if( PermissionID != -1 ) { ModulePermissionInfo objModulePermission = new ModulePermissionInfo(); objModulePermission.ModuleID = ModuleID; objModulePermission.PermissionID = PermissionID; objModulePermission.RoleID = RoleID; objModulePermission.AllowAccess = Convert.ToBoolean( XmlUtils.GetNodeValue( node, "allowaccess", "false" ) ); objModulePermissionController.AddModulePermission( objModulePermission ); } } } }
///----------------------------------------------------------------------------- /// <summary> /// Determines if user has the necessary permissions to access an item with the /// designated AccessLevel. /// </summary> /// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param> /// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param> /// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param> /// <returns>A boolean value indicating if the user has the necessary permissions</returns> /// <remarks>Every module control and module action has an associated permission level. This /// function determines whether the user represented by UserName has sufficient permissions, as /// determined by the PortalSettings and ModuleSettings, to access a resource with the /// designated AccessLevel.</remarks> ///----------------------------------------------------------------------------- public virtual bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration) { bool isAuthorized = false; UserInfo userInfo = UserController.Instance.GetCurrentUserInfo(); TabInfo tab = TabController.Instance.GetTab(moduleConfiguration.TabID, moduleConfiguration.PortalID, false); if (userInfo != null && userInfo.IsSuperUser) { isAuthorized = true; } else { switch (accessLevel) { case SecurityAccessLevel.Anonymous: isAuthorized = true; break; case SecurityAccessLevel.View: if (ModulePermissionController.CanViewModule(moduleConfiguration)) { isAuthorized = true; } break; case SecurityAccessLevel.ViewPermissions: isAuthorized = TabPermissionController.CanAddContentToPage(tab); break; case SecurityAccessLevel.Edit: if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab))) { if (string.IsNullOrEmpty(permissionKey)) { permissionKey = "CONTENT,DELETE,EXPORT,IMPORT,MANAGE"; } if (TabPermissionController.CanAddContentToPage()) { //Need to check for Deny Edit at the Module Level if (permissionKey == "CONTENT") { isAuthorized = !IsDeniedModulePermission(moduleConfiguration, permissionKey); } else { isAuthorized = true; } } else { // Need to check if it was denied at Tab level if (IsDeniedTabPermission(tab, "CONTENT,EDIT")) { isAuthorized = false; } else { isAuthorized = HasModulePermission(moduleConfiguration, permissionKey); } } } break; case SecurityAccessLevel.Admin: if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab))) { isAuthorized = TabPermissionController.CanAddContentToPage(tab); } break; case SecurityAccessLevel.Host: break; } } return(isAuthorized); }
public static bool HasModulePermission( int moduleID, int TabId, string PermissionKey ) { ModulePermissionController objModulePermissionController = new ModulePermissionController(); ModulePermissionCollection objModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID( moduleID, TabId ); return HasModulePermission( objModulePermissions, PermissionKey ); }
private ModuleInfo FillModuleInfo(IDataReader dr, bool CheckForOpenDataReader, bool IncludePermissions) { ModuleInfo objModuleInfo = new ModuleInfo(); ModulePermissionController objModulePermissionController = new ModulePermissionController(); // read datareader bool canContinue = true; if (CheckForOpenDataReader) { canContinue = false; if (dr.Read()) { canContinue = true; } } if (canContinue) { objModuleInfo.PortalID = Convert.ToInt32(Null.SetNull(dr["PortalID"], objModuleInfo.PortalID)); objModuleInfo.TabID = Convert.ToInt32(Null.SetNull(dr["TabID"], objModuleInfo.TabID)); objModuleInfo.TabModuleID = Convert.ToInt32(Null.SetNull(dr["TabModuleID"], objModuleInfo.TabModuleID)); objModuleInfo.ModuleID = Convert.ToInt32(Null.SetNull(dr["ModuleID"], objModuleInfo.ModuleID)); objModuleInfo.ModuleDefID = Convert.ToInt32(Null.SetNull(dr["ModuleDefID"], objModuleInfo.ModuleDefID)); objModuleInfo.ModuleOrder = Convert.ToInt32(Null.SetNull(dr["ModuleOrder"], objModuleInfo.ModuleOrder)); objModuleInfo.PaneName = Convert.ToString(Null.SetNull(dr["PaneName"], objModuleInfo.PaneName)); objModuleInfo.ModuleTitle = Convert.ToString(Null.SetNull(dr["ModuleTitle"], objModuleInfo.ModuleTitle)); objModuleInfo.CacheTime = Convert.ToInt32(Null.SetNull(dr["CacheTime"], objModuleInfo.CacheTime)); objModuleInfo.Alignment = Convert.ToString(Null.SetNull(dr["Alignment"], objModuleInfo.Alignment)); objModuleInfo.Color = Convert.ToString(Null.SetNull(dr["Color"], objModuleInfo.Color)); objModuleInfo.Border = Convert.ToString(Null.SetNull(dr["Border"], objModuleInfo.Border)); objModuleInfo.IconFile = Convert.ToString(Null.SetNull(dr["IconFile"], objModuleInfo.IconFile)); objModuleInfo.AllTabs = Convert.ToBoolean(Null.SetNull(dr["AllTabs"], objModuleInfo.AllTabs)); int intVisibility = 0; if (((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 0) || ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == Null.NullInteger)) { objModuleInfo.Visibility = VisibilityState.Maximized; } else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 1) { objModuleInfo.Visibility = VisibilityState.Minimized; } else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 2) { objModuleInfo.Visibility = VisibilityState.None; } objModuleInfo.IsDeleted = Convert.ToBoolean(Null.SetNull(dr["IsDeleted"], objModuleInfo.IsDeleted)); objModuleInfo.Header = Convert.ToString(Null.SetNull(dr["Header"], objModuleInfo.Header)); objModuleInfo.Footer = Convert.ToString(Null.SetNull(dr["Footer"], objModuleInfo.Footer)); objModuleInfo.StartDate = Convert.ToDateTime(Null.SetNull(dr["StartDate"], objModuleInfo.StartDate)); objModuleInfo.EndDate = Convert.ToDateTime(Null.SetNull(dr["EndDate"], objModuleInfo.EndDate)); objModuleInfo.ContainerSrc = Convert.ToString(Null.SetNull(dr["ContainerSrc"], objModuleInfo.ContainerSrc)); objModuleInfo.DisplayTitle = Convert.ToBoolean(Null.SetNull(dr["DisplayTitle"], objModuleInfo.DisplayTitle)); objModuleInfo.DisplayPrint = Convert.ToBoolean(Null.SetNull(dr["DisplayPrint"], objModuleInfo.DisplayPrint)); objModuleInfo.DisplaySyndicate = Convert.ToBoolean(Null.SetNull(dr["DisplaySyndicate"], objModuleInfo.DisplaySyndicate)); objModuleInfo.InheritViewPermissions = Convert.ToBoolean(Null.SetNull(dr["InheritViewPermissions"], objModuleInfo.InheritViewPermissions)); objModuleInfo.DesktopModuleID = Convert.ToInt32(Null.SetNull(dr["DesktopModuleID"], objModuleInfo.DesktopModuleID)); objModuleInfo.FriendlyName = Convert.ToString(Null.SetNull(dr["FriendlyName"], objModuleInfo.FriendlyName)); objModuleInfo.Description = Convert.ToString(Null.SetNull(dr["Description"], objModuleInfo.Description)); objModuleInfo.Version = Convert.ToString(Null.SetNull(dr["Version"], objModuleInfo.Version)); objModuleInfo.IsPremium = Convert.ToBoolean(Null.SetNull(dr["IsPremium"], objModuleInfo.IsPremium)); objModuleInfo.IsAdmin = Convert.ToBoolean(Null.SetNull(dr["IsAdmin"], objModuleInfo.IsAdmin)); objModuleInfo.BusinessControllerClass = Convert.ToString(Null.SetNull(dr["BusinessControllerClass"], objModuleInfo.BusinessControllerClass)); objModuleInfo.SupportedFeatures = Convert.ToInt32(Null.SetNull(dr["SupportedFeatures"], objModuleInfo.SupportedFeatures)); objModuleInfo.ModuleControlId = Convert.ToInt32(Null.SetNull(dr["ModuleControlId"], objModuleInfo.ModuleControlId)); objModuleInfo.ControlSrc = Convert.ToString(Null.SetNull(dr["ControlSrc"], objModuleInfo.ControlSrc)); int intControlType = 0; if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -3) { objModuleInfo.ControlType = SecurityAccessLevel.ControlPanel; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -2) { objModuleInfo.ControlType = SecurityAccessLevel.SkinObject; } else if (((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -1) || ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == Null.NullInteger)) { objModuleInfo.ControlType = SecurityAccessLevel.Anonymous; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 0) { objModuleInfo.ControlType = SecurityAccessLevel.View; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 1) { objModuleInfo.ControlType = SecurityAccessLevel.Edit; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 2) { objModuleInfo.ControlType = SecurityAccessLevel.Admin; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 3) { objModuleInfo.ControlType = SecurityAccessLevel.Host; } objModuleInfo.ControlTitle = Convert.ToString(Null.SetNull(dr["ControlTitle"], objModuleInfo.ControlTitle)); objModuleInfo.HelpUrl = Convert.ToString(Null.SetNull(dr["HelpUrl"], objModuleInfo.HelpUrl)); if (IncludePermissions) { if (objModuleInfo != null) { //Get the Module permissions first (then we can parse the collection to determine the View/Edit Roles) objModuleInfo.ModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID(objModuleInfo.ModuleID, objModuleInfo.TabID); objModuleInfo.AuthorizedEditRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "EDIT"); if (objModuleInfo.AuthorizedEditRoles == ";") { // this code is here for legacy support - the AuthorizedEditRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objModuleInfo.AuthorizedEditRoles = Convert.ToString(Null.SetNull(dr["AuthorizedEditRoles"], objModuleInfo.AuthorizedEditRoles)); } catch { // the AuthorizedEditRoles field was removed from the Tabs table in 3.0 } } try { if (objModuleInfo.InheritViewPermissions) { TabPermissionController objTabPermissionController = new TabPermissionController(); TabPermissionCollection objTabPermissionCollection = objTabPermissionController.GetTabPermissionsCollectionByTabID(objModuleInfo.TabID, objModuleInfo.PortalID); objModuleInfo.AuthorizedViewRoles = objTabPermissionController.GetTabPermissions(objTabPermissionCollection, "VIEW"); } else { objModuleInfo.AuthorizedViewRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "VIEW"); } if (objModuleInfo.AuthorizedViewRoles == ";") { // this code is here for legacy support - the AuthorizedViewRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objModuleInfo.AuthorizedViewRoles = Convert.ToString(Null.SetNull(dr["AuthorizedViewRoles"], objModuleInfo.AuthorizedViewRoles)); } catch { // the AuthorizedViewRoles field was removed from the Tabs table in 3.0 } } } catch { } } } } else { objModuleInfo = null; } return objModuleInfo; }
public void UpdateModule( ModuleInfo objModule ) { // update module DataProvider.Instance().UpdateModule( objModule.ModuleID, objModule.ModuleTitle, objModule.AllTabs, objModule.Header, objModule.Footer, objModule.StartDate, objModule.EndDate, objModule.InheritViewPermissions, objModule.IsDeleted ); // update module permissions ModulePermissionController objModulePermissionController = new ModulePermissionController(); ModulePermissionCollection objCurrentModulePermissions; objCurrentModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID( objModule.ModuleID, objModule.TabID ); if( !objCurrentModulePermissions.CompareTo( objModule.ModulePermissions ) ) { objModulePermissionController.DeleteModulePermissionsByModuleID(objModule.ModuleID); foreach( ModulePermissionInfo objModulePermission in objModule.ModulePermissions ) { objModulePermission.ModuleID = objModule.ModuleID; if( objModule.InheritViewPermissions && objModulePermission.PermissionKey == "VIEW" ) { objModulePermissionController.DeleteModulePermission( objModulePermission.ModulePermissionID ); } else { if( objModulePermission.AllowAccess ) { objModulePermissionController.AddModulePermission( objModulePermission, objModule.TabID ); } } } } if( !Null.IsNull( objModule.TabID ) ) { // update tabmodule DataProvider.Instance().UpdateTabModule( objModule.TabID, objModule.ModuleID, objModule.ModuleOrder, objModule.PaneName, objModule.CacheTime, objModule.Alignment, objModule.Color, objModule.Border, objModule.IconFile, (int)objModule.Visibility, objModule.ContainerSrc, objModule.DisplayTitle, objModule.DisplayPrint, objModule.DisplaySyndicate ); // update module order in pane UpdateModuleOrder( objModule.TabID, objModule.ModuleID, objModule.ModuleOrder, objModule.PaneName ); // set the default module if( objModule.IsDefaultModule ) { PortalSettings.UpdatePortalSetting( objModule.PortalID, "defaultmoduleid", objModule.ModuleID.ToString() ); PortalSettings.UpdatePortalSetting( objModule.PortalID, "defaulttabid", objModule.TabID.ToString() ); } // apply settings to all desktop modules in portal if (objModule.AllModules) { TabController objTabs = new TabController(); foreach (KeyValuePair<int, TabInfo> tabPair in objTabs.GetTabsByPortal(objModule.PortalID)) { TabInfo objTab = tabPair.Value; if (!objTab.IsAdminTab) { foreach (KeyValuePair<int, ModuleInfo> modulePair in GetTabModules(objTab.TabID)) { ModuleInfo objTargetModule = modulePair.Value; DataProvider.Instance().UpdateTabModule(objTargetModule.TabID, objTargetModule.ModuleID, objTargetModule.ModuleOrder, objTargetModule.PaneName, objModule.CacheTime, objModule.Alignment, objModule.Color, objModule.Border, objModule.IconFile, (int)objModule.Visibility, objModule.ContainerSrc, objModule.DisplayTitle, objModule.DisplayPrint, objModule.DisplaySyndicate); } } } } } ClearCache( objModule.TabID ); }
/// <summary> /// UpgradeApplication - This overload is used for version specific application upgrade operations. /// </summary> /// <remarks> /// This should be used for file system modifications or upgrade operations which /// should only happen once. Database references are not recommended because future /// versions of the application may result in code incompatibilties. /// </remarks> /// <param name="Version">The Version being Upgraded</param> private static string UpgradeApplication(string Version) { string strExceptions = ""; try { switch (Version) { case "02.00.00": IDataReader dr; // change portal upload directory from GUID to ID - this only executes for version 2.0.0 string strServerPath = HttpContext.Current.Request.MapPath(Globals.ApplicationPath); string strPortalsDirMapPath = Globals.ApplicationMapPath + "/Portals/"; dr = DataProvider.Instance().GetPortals(); while (dr.Read()) { // if GUID folder exists if (Directory.Exists(strPortalsDirMapPath + dr["GUID"])) { // if ID folder exists ( this may happen because the 2.x release contains a default ID=0 folder ) if (Directory.Exists(strPortalsDirMapPath + dr["PortalID"])) { // rename the ID folder try { Directory.Move(strPortalsDirMapPath + dr["PortalID"], strServerPath + "\\Portals\\" + dr["PortalID"] + "_old"); } catch (Exception ex) { // error moving the directory - security issue? strExceptions += "Could Not Move Folder " + strPortalsDirMapPath + dr["GUID"] + " To " + strPortalsDirMapPath + dr["PortalID"] + ". Error: " + ex.Message + "\r\n"; } } // move GUID folder to ID folder try { Directory.Move(strPortalsDirMapPath + dr["GUID"], strPortalsDirMapPath + dr["PortalID"]); } catch (Exception ex) { // error moving the directory - security issue? strExceptions += "Could Not Move Folder " + strPortalsDirMapPath + dr["GUID"] + " To " + strPortalsDirMapPath + dr["PortalID"] + ". Error: " + ex.Message + "\r\n"; } } } dr.Close(); // copy the default style sheet to the default portal ( if it does not already exist ) if (File.Exists(strPortalsDirMapPath + "0\\portal.css") == false) { if (File.Exists(Globals.HostMapPath + "portal.css")) { File.Copy(Globals.HostMapPath + "portal.css", strPortalsDirMapPath + "0\\portal.css"); } } break; case "02.02.00": string strProviderPath = PortalSettings.GetProviderPath(); if (strProviderPath.StartsWith("ERROR:")) { strExceptions += strProviderPath; break; } //Optionally Install the memberRoleProvider bool installMemberRole = true; if (Config.GetSetting("InstallMemberRole") != null) { installMemberRole = bool.Parse(Config.GetSetting("InstallMemberRole")); } if (installMemberRole) { HtmlUtils.WriteFeedback(HttpContext.Current.Response, 0, "Installing MemberRole Provider:<br>"); strExceptions += InstallMemberRoleProvider(strProviderPath); } PortalController objPortalController = new PortalController(); ArrayList arrPortals; arrPortals = objPortalController.GetPortals(); int intViewModulePermissionID; int intEditModulePermissionID; int intViewTabPermissionID; int intEditTabPermissionID; int intReadFolderPermissionID; int intWriteFolderPermissionID; PermissionController objPermissionController = new PermissionController(); PermissionInfo objPermission = new PermissionInfo(); objPermission.PermissionCode = "SYSTEM_MODULE_DEFINITION"; objPermission.PermissionKey = "VIEW"; objPermission.PermissionName = "View"; objPermission.ModuleDefID = Null.NullInteger; objPermissionController.AddPermission(objPermission); objPermission.PermissionKey = "EDIT"; objPermission.PermissionName = "Edit"; objPermissionController.AddPermission(objPermission); objPermission.PermissionCode = "SYSTEM_TAB"; objPermission.PermissionKey = "VIEW"; objPermission.PermissionName = "View Tab"; objPermissionController.AddPermission(objPermission); objPermission.PermissionKey = "EDIT"; objPermission.PermissionName = "Edit Tab"; objPermissionController.AddPermission(objPermission); objPermission.PermissionCode = "SYSTEM_FOLDER"; objPermission.PermissionKey = "READ"; objPermission.PermissionName = "View Folder"; intReadFolderPermissionID = objPermissionController.AddPermission(objPermission); objPermission.PermissionKey = "WRITE"; objPermission.PermissionName = "Write to Folder"; intWriteFolderPermissionID = objPermissionController.AddPermission(objPermission); FolderController objFolderController = new FolderController(); FolderPermissionController objFolderPermissionController = new FolderPermissionController(); int PortalCount; for (PortalCount = 0; PortalCount <= arrPortals.Count - 1; PortalCount++) { PortalInfo objPortal = (PortalInfo)arrPortals[PortalCount]; int FolderID = objFolderController.AddFolder(objPortal.PortalID, "", (int)FolderController.StorageLocationTypes.InsecureFileSystem, true, false); FolderPermissionInfo objFolderPermission = new FolderPermissionInfo(); objFolderPermission.FolderID = FolderID; objFolderPermission.PermissionID = intReadFolderPermissionID; objFolderPermission.AllowAccess = true; objFolderPermission.RoleID = objPortal.AdministratorRoleId; objFolderPermissionController.AddFolderPermission(objFolderPermission); objFolderPermission.PermissionID = intWriteFolderPermissionID; objFolderPermissionController.AddFolderPermission(objFolderPermission); //TODO: loop through folders recursively here //in case they created any nested folders //and assign priveledges accordingly } //Transfer Users to the Membership Provider MembershipProvider provider = MembershipProvider.Instance(); provider.TransferUsersToMembershipProvider(); ModuleController objModuleController = new ModuleController(); ArrayList arrModules = objModuleController.GetAllModules(); ModulePermissionController objModulePermissionController = new ModulePermissionController(); int ModCount; for (ModCount = 0; ModCount <= arrModules.Count - 1; ModCount++) { ModuleInfo objModule = (ModuleInfo)arrModules[ModCount]; ModulePermissionInfo objModulePermission = new ModulePermissionInfo(); objModulePermission.ModuleID = objModule.ModuleID; int k; string[] roles; if (objModule.AuthorizedViewRoles.IndexOf(";") > 0) { roles = objModule.AuthorizedViewRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intViewModulePermissionID)) { objModulePermission.PermissionID = intViewModulePermissionID; objModulePermission.AllowAccess = true; objModulePermission.RoleID = Convert.ToInt32(roles[k]); objModulePermissionController.AddModulePermission(objModulePermission); } } } if (objModule.AuthorizedEditRoles.IndexOf(";") > 0) { roles = objModule.AuthorizedEditRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intEditModulePermissionID)) { objModulePermission.PermissionID = intEditModulePermissionID; objModulePermission.AllowAccess = true; objModulePermission.RoleID = Convert.ToInt32(roles[k]); objModulePermissionController.AddModulePermission(objModulePermission); } } } } ArrayList arrTabs; TabController objTabController = new TabController(); arrTabs = objTabController.GetAllTabs(); TabPermissionController objTabPermissionController = new TabPermissionController(); for (ModCount = 0; ModCount <= arrTabs.Count - 1; ModCount++) { TabInfo objTab = (TabInfo)arrTabs[ModCount]; TabPermissionInfo objTabPermission = new TabPermissionInfo(); objTabPermission.TabID = objTab.TabID; int k; string[] roles; if (objTab.AuthorizedRoles.IndexOf(";") > 0) { roles = objTab.AuthorizedRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intViewTabPermissionID)) { objTabPermission.PermissionID = intViewTabPermissionID; objTabPermission.AllowAccess = true; objTabPermission.RoleID = Convert.ToInt32(roles[k]); objTabPermissionController.AddTabPermission(objTabPermission); } } } if (objTab.AdministratorRoles.IndexOf(";") > 0) { roles = objTab.AdministratorRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intEditTabPermissionID)) { objTabPermission.PermissionID = intEditTabPermissionID; objTabPermission.AllowAccess = true; objTabPermission.RoleID = Convert.ToInt32(roles[k]); objTabPermissionController.AddTabPermission(objTabPermission); } } } } break; case "03.00.01": objTabController = new TabController(); arrTabs = objTabController.GetAllTabs(); int TabCount; for (TabCount = 0; TabCount <= arrTabs.Count - 1; TabCount++) { TabInfo objTab = (TabInfo)arrTabs[TabCount]; if (objTab != null) { objTab.TabPath = Globals.GenerateTabPath(objTab.ParentId, objTab.TabName); DataProvider.Instance().UpdateTab(objTab.TabID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.IsDeleted, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate); } } break; case "03.00.06": //Need to clear the cache to pick up new HostSettings from the SQLDataProvider script DataCache.RemoveCache("GetHostSettings"); break; case "03.00.11": //Need to convert any Profile Data to use XmlSerialization as Binary Formatting //is not supported under Medium Trust //Get all the Profiles PersonalizationController objPersonalizationController = new PersonalizationController(); dr = DataProvider.Instance().GetAllProfiles(); while (dr.Read()) { //Load Profile Data (using Binary Formatter method) PersonalizationInfo objPersonalization = new PersonalizationInfo(); try { objPersonalization.UserId = Convert.ToInt32(Null.SetNull(dr["UserID"], objPersonalization.UserId)); } catch { } try { objPersonalization.PortalId = Convert.ToInt32(Null.SetNull(dr["PortalId"], objPersonalization.PortalId)); } catch { } objPersonalization.Profile = Globals.DeserializeHashTableBase64(dr["ProfileData"].ToString()); objPersonalization.IsModified = true; //Save Profile Data (using XML Serializer) objPersonalizationController.SaveProfile(objPersonalization); } dr.Close(); break; case "03.00.12": //If we are upgrading from a 3.0.x version then we need to upgrade the MembershipProvider if (upgradeMemberShipProvider) { strProviderPath = PortalSettings.GetProviderPath(); StreamReader objStreamReader; string strScript; //Upgrade provider HtmlUtils.WriteFeedback(HttpContext.Current.Response, 0, "Executing UpgradeMembershipProvider.sql<br>"); objStreamReader = File.OpenText(strProviderPath + "UpgradeMembershipProvider.sql"); strScript = objStreamReader.ReadToEnd(); objStreamReader.Close(); strExceptions += PortalSettings.ExecuteScript(strScript); } break; case "03.01.00": LogController objLogController = new LogController(); XmlDocument xmlDoc = new XmlDocument(); string xmlConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\LogConfig.xml.resources"; try { xmlDoc.Load(xmlConfigFile); } catch (FileNotFoundException) { xmlConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\LogConfigTemplate.xml.resources"; xmlDoc.Load(xmlConfigFile); } XmlNodeList LogType = xmlDoc.SelectNodes("/LogConfig/LogTypes/LogType"); foreach (XmlNode LogTypeInfo in LogType) { LogTypeInfo objLogTypeInfo = new LogTypeInfo(); objLogTypeInfo.LogTypeKey = LogTypeInfo.Attributes["LogTypeKey"].Value; objLogTypeInfo.LogTypeFriendlyName = LogTypeInfo.Attributes["LogTypeFriendlyName"].Value; objLogTypeInfo.LogTypeDescription = LogTypeInfo.Attributes["LogTypeDescription"].Value; objLogTypeInfo.LogTypeCSSClass = LogTypeInfo.Attributes["LogTypeCSSClass"].Value; objLogTypeInfo.LogTypeOwner = LogTypeInfo.Attributes["LogTypeOwner"].Value; objLogController.AddLogType(objLogTypeInfo); } XmlNodeList LogTypeConfig = xmlDoc.SelectNodes("/LogConfig/LogTypeConfig"); foreach (XmlNode LogTypeConfigInfo in LogTypeConfig) { LogTypeConfigInfo objLogTypeConfig = new LogTypeConfigInfo(); objLogTypeConfig.EmailNotificationIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["EmailNotificationStatus"].Value == "On") ? true : false); objLogTypeConfig.KeepMostRecent = LogTypeConfigInfo.Attributes["KeepMostRecent"].Value; objLogTypeConfig.LoggingIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["LoggingStatus"].Value == "On") ? true : false); objLogTypeConfig.LogTypeKey = LogTypeConfigInfo.Attributes["LogTypeKey"].Value; objLogTypeConfig.LogTypePortalID = LogTypeConfigInfo.Attributes["LogTypePortalID"].Value; objLogTypeConfig.MailFromAddress = LogTypeConfigInfo.Attributes["MailFromAddress"].Value; objLogTypeConfig.MailToAddress = LogTypeConfigInfo.Attributes["MailToAddress"].Value; objLogTypeConfig.NotificationThreshold = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThreshold"].Value); objLogTypeConfig.NotificationThresholdTime = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThresholdTime"].Value); objLogTypeConfig.NotificationThresholdTimeType = (LogTypeConfigInfo.NotificationThresholdTimeTypes)Enum.Parse(typeof(LogTypeConfigInfo.NotificationThresholdTimeTypes), LogTypeConfigInfo.Attributes["NotificationThresholdTimeType"].Value); objLogController.AddLogTypeConfigInfo(objLogTypeConfig); } ScheduleItem objScheduleItem = new ScheduleItem(); objScheduleItem.TypeFullName = "DotNetNuke.Services.Cache.PurgeCache, DOTNETNUKE"; objScheduleItem.AttachToEvent = ""; objScheduleItem.CatchUpEnabled = false; if (Globals.WebFarmEnabled) { objScheduleItem.Enabled = true; } else { objScheduleItem.Enabled = false; } objScheduleItem.ObjectDependencies = ""; objScheduleItem.RetainHistoryNum = 10; objScheduleItem.Servers = ""; objScheduleItem.TimeLapse = 2; objScheduleItem.TimeLapseMeasurement = "hz"; objScheduleItem.RetryTimeLapse = 30; objScheduleItem.RetryTimeLapseMeasurement = "m"; SchedulingProvider.Instance().AddSchedule(objScheduleItem); break; case "03.02.03": //add new SecurityException LogController objSecLogController = new LogController(); XmlDocument xmlSecDoc = new XmlDocument(); string xmlSecConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\SecurityExceptionTemplate.xml.resources"; try { xmlSecDoc.Load(xmlSecConfigFile); } catch (FileNotFoundException) { // xmlConfigFile = Common.Globals.HostMapPath + "Logs\LogConfig\LogConfigTemplate.xml.resources" // xmlDoc.Load(xmlConfigFile) } LogType = xmlSecDoc.SelectNodes("/LogConfig/LogTypes/LogType"); foreach (XmlNode LogTypeInfo in LogType) { LogTypeInfo objLogTypeInfo = new LogTypeInfo(); objLogTypeInfo.LogTypeKey = LogTypeInfo.Attributes["LogTypeKey"].Value; objLogTypeInfo.LogTypeFriendlyName = LogTypeInfo.Attributes["LogTypeFriendlyName"].Value; objLogTypeInfo.LogTypeDescription = LogTypeInfo.Attributes["LogTypeDescription"].Value; objLogTypeInfo.LogTypeCSSClass = LogTypeInfo.Attributes["LogTypeCSSClass"].Value; objLogTypeInfo.LogTypeOwner = LogTypeInfo.Attributes["LogTypeOwner"].Value; objSecLogController.AddLogType(objLogTypeInfo); } LogTypeConfig = xmlSecDoc.SelectNodes("/LogConfig/LogTypeConfig"); foreach (XmlNode LogTypeConfigInfo in LogTypeConfig) { LogTypeConfigInfo objLogTypeConfig = new LogTypeConfigInfo(); objLogTypeConfig.EmailNotificationIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["EmailNotificationStatus"].Value == "On") ? true : false); objLogTypeConfig.KeepMostRecent = LogTypeConfigInfo.Attributes["KeepMostRecent"].Value; objLogTypeConfig.LoggingIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["LoggingStatus"].Value == "On") ? true : false); objLogTypeConfig.LogTypeKey = LogTypeConfigInfo.Attributes["LogTypeKey"].Value; objLogTypeConfig.LogTypePortalID = LogTypeConfigInfo.Attributes["LogTypePortalID"].Value; objLogTypeConfig.MailFromAddress = LogTypeConfigInfo.Attributes["MailFromAddress"].Value; objLogTypeConfig.MailToAddress = LogTypeConfigInfo.Attributes["MailToAddress"].Value; objLogTypeConfig.NotificationThreshold = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThreshold"].Value); objLogTypeConfig.NotificationThresholdTime = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThresholdTime"].Value); objLogTypeConfig.NotificationThresholdTimeType = (LogTypeConfigInfo.NotificationThresholdTimeTypes)Enum.Parse(typeof(LogTypeConfigInfo.NotificationThresholdTimeTypes), LogTypeConfigInfo.Attributes["NotificationThresholdTimeType"].Value); objSecLogController.AddLogTypeConfigInfo(objLogTypeConfig); } break; } } catch (Exception ex) { strExceptions += "Error: " + ex.Message + "\r\n"; try { Exceptions.Exceptions.LogException(ex); } catch { // ignore } } return strExceptions; }
public static bool HasEditPermissions( int ModuleId ) { ModulePermissionController objModulePermissionController = new ModulePermissionController(); ModulePermissionCollection objModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID( ModuleId ); return HasEditPermissions( objModulePermissions ); }
private void Page_Init( object sender, EventArgs e ) { ModuleController objModules = new ModuleController(); ModuleInfo objModule; Control ctlPane; bool blnLayoutMode = Globals.IsLayoutMode(); bool bSuccess = true; // iterate page controls foreach (Control ctlControl in this.Controls) { // load the skin panes if (ctlControl is HtmlControl) { HtmlControl objHtmlControl = (HtmlControl)ctlControl; if (objHtmlControl.ID != null) { switch (objHtmlControl.TagName.ToUpper()) { case "TD": // content pane if (ctlControl.ID != "ControlPanel") { PortalSettings.ActiveTab.Panes.Add(ctlControl.ID); } break; case "DIV": // content pane if (ctlControl.ID != "ControlPanel") { PortalSettings.ActiveTab.Panes.Add(ctlControl.ID); } break; case "SPAN": // content pane if (ctlControl.ID != "ControlPanel") { PortalSettings.ActiveTab.Panes.Add(ctlControl.ID); } break; case "P": // content pane if (ctlControl.ID != "ControlPanel") { PortalSettings.ActiveTab.Panes.Add(ctlControl.ID); } break; } } } } //if querystring dnnprintmode=true, controlpanel will not be shown if (Request.QueryString["dnnprintmode"] != "true") { // ControlPanel processing if (PortalSecurity.IsInRoles(PortalSettings.AdministratorRoleName.ToString()) || PortalSecurity.IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString())) { UserControl objControlPanel = null; if (Convert.ToString(PortalSettings.HostSettings["ControlPanel"]) != "") { // load custom control panel objControlPanel = (UserControl)LoadControl("~/" + Convert.ToString(PortalSettings.HostSettings["ControlPanel"])); } if (objControlPanel == null) { // load default control panel objControlPanel = (UserControl)LoadControl("~/" + Globals.glbDefaultControlPanel); } // inject ControlPanel control into skin ctlPane = this.FindControl("ControlPanel"); if (ctlPane == null) { HtmlForm objForm = (HtmlForm)this.Parent.FindControl("Form"); objForm.Controls.AddAt(0, objControlPanel); } else { ctlPane.Controls.Add(objControlPanel); } } } if (!Globals.IsAdminControl()) // master module { if (PortalSecurity.IsInRoles(PortalSettings.ActiveTab.AuthorizedRoles)) { // check portal expiry date bool blnExpired = false; if (PortalSettings.ExpiryDate != Null.NullDate) { if (Convert.ToDateTime(PortalSettings.ExpiryDate) < DateTime.Now && PortalSettings.ActiveTab.ParentId != PortalSettings.AdminTabId && PortalSettings.ActiveTab.ParentId != PortalSettings.SuperTabId) { blnExpired = true; } } if (!blnExpired) { if ((PortalSettings.ActiveTab.StartDate < DateTime.Now && PortalSettings.ActiveTab.EndDate > DateTime.Now) || blnLayoutMode) { // process panes if (blnLayoutMode) { foreach (string strPane in PortalSettings.ActiveTab.Panes) { ctlPane = this.FindControl(strPane); ctlPane.Visible = true; // display pane border if (ctlPane is HtmlContainerControl) { ((HtmlContainerControl)ctlPane).Style["border-top"] = "1px #CCCCCC dotted"; ((HtmlContainerControl)ctlPane).Style["border-bottom"] = "1px #CCCCCC dotted"; ((HtmlContainerControl)ctlPane).Style["border-right"] = "1px #CCCCCC dotted"; ((HtmlContainerControl)ctlPane).Style["border-left"] = "1px #CCCCCC dotted"; } // display pane name Label ctlLabel = new Label(); ctlLabel.Text = "<center>" + strPane + "</center><br>"; ctlLabel.CssClass = "SubHead"; ctlPane.Controls.AddAt(0, ctlLabel); } } // dynamically populate the panes with modules if (PortalSettings.ActiveTab.Modules.Count > 0) { // loop through each entry in the configuration system for this tab foreach (ModuleInfo tempLoopVar_objModule in PortalSettings.ActiveTab.Modules) { objModule = tempLoopVar_objModule; // if user is allowed to view module and module is not deleted if (PortalSecurity.IsInRoles(objModule.AuthorizedViewRoles) && objModule.IsDeleted == false) { // if current date is within module display schedule or user is admin if ((objModule.StartDate < DateTime.Now && objModule.EndDate > DateTime.Now) || blnLayoutMode) { // modules which are displayed on all tabs should not be displayed on the Admin or Super tabs if (objModule.AllTabs == false || PortalSettings.ActiveTab.IsAdminTab == false) { Control parent = this.FindControl(objModule.PaneName); if (parent == null) { // the pane specified in the database does not exist for this skin // insert the module into the default pane instead parent = this.FindControl(Globals.glbDefaultPane); } if (parent != null) { // try to localize admin modules if (PortalSettings.ActiveTab.IsAdminTab) { objModule.ModuleTitle = Localization.LocalizeControlTitle(objModule.ModuleTitle, objModule.ControlSrc, ""); } //try to inject the module into the skin try { InjectModule(parent, objModule, PortalSettings); } catch (Exception) { bSuccess = false; } } else // no ContentPane in skin { ModuleLoadException lex; lex = new ModuleLoadException(PANE_LOAD_ERROR); Controls.Add(new ErrorContainer(PortalSettings, MODULELOAD_ERROR, lex).Container); Exceptions.LogException(lex); Information.Err().Clear(); } } } } } } } else { Skin.AddPageMessage(this, "", TABACCESS_ERROR, ModuleMessageType.YellowWarning); } } else { Skin.AddPageMessage(this, "", string.Format(CONTRACTEXPIRED_ERROR, PortalSettings.PortalName, Globals.GetMediumDate(PortalSettings.ExpiryDate.ToString()), PortalSettings.Email), ModuleMessageType.RedError); } } else { Response.Redirect(Globals.AccessDeniedURL(TABACCESS_ERROR), true); } } else // slave module { int ModuleId = -1; string Key = ""; ModuleInfo slaveModule = null; // get ModuleId if (Request.QueryString["mid"] != null) { ModuleId = Int32.Parse(Request.QueryString["mid"]); } // get ControlKey if (Request.QueryString["ctl"] != null) { Key = Request.QueryString["ctl"]; } // initialize moduleid for modulesettings if (Request.QueryString["moduleid"] != null & (Key.ToLower() == "module" | Key.ToLower() == "help")) { ModuleId = Int32.Parse(Request.QueryString["moduleid"]); } if (ModuleId != -1) { // get master module security settings objModule = objModules.GetModule(ModuleId, PortalSettings.ActiveTab.TabID, false); if (objModule != null) { //Clone the Master Module as we do not want to modify the cached module slaveModule = objModule.Clone(); if (slaveModule.InheritViewPermissions) { slaveModule.AuthorizedViewRoles = PortalSettings.ActiveTab.AuthorizedRoles; } } } if (slaveModule == null) { // initialize object not related to a module slaveModule = new ModuleInfo(); slaveModule.ModuleID = ModuleId; slaveModule.ModuleDefID = -1; slaveModule.TabID = PortalSettings.ActiveTab.TabID; slaveModule.AuthorizedEditRoles = ""; slaveModule.AuthorizedViewRoles = ""; ModulePermissionController objModulePermissionController = new ModulePermissionController(); slaveModule.ModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID(slaveModule.ModuleID, slaveModule.TabID); } // initialize moduledefid for modulesettings if (Request.QueryString["moduleid"] != null & (Key.ToLower() == "module" | Key.ToLower() == "help")) { slaveModule.ModuleDefID = -1; } // override slave module settings if (Request.QueryString["dnnprintmode"] != "true") { slaveModule.ModuleTitle = ""; } slaveModule.Header = ""; slaveModule.Footer = ""; slaveModule.StartDate = DateTime.MinValue; slaveModule.EndDate = DateTime.MaxValue; slaveModule.PaneName = Globals.glbDefaultPane; slaveModule.Visibility = VisibilityState.None; slaveModule.Color = ""; if (Request.QueryString["dnnprintmode"] != "true") { slaveModule.Alignment = "center"; } slaveModule.Border = ""; slaveModule.DisplayTitle = true; slaveModule.DisplayPrint = false; slaveModule.DisplaySyndicate = false; // get portal container for slave module if (PortalSettings.PortalContainer != null) { slaveModule.ContainerSrc = PortalSettings.PortalContainer.SkinSrc; } if (string.IsNullOrEmpty(slaveModule.ContainerSrc)) { slaveModule.ContainerSrc = "[G]" + SkinInfo.RootContainer + Globals.glbDefaultContainerFolder + Globals.glbDefaultContainer; } slaveModule.ContainerSrc = SkinController.FormatSkinSrc(slaveModule.ContainerSrc, PortalSettings); slaveModule.ContainerPath = SkinController.FormatSkinPath(slaveModule.ContainerSrc); // get the pane Control parent = this.FindControl(slaveModule.PaneName); // load the controls ModuleControlController objModuleControls = new ModuleControlController(); ArrayList arrModuleControls = objModuleControls.GetModuleControlsByKey(Key, slaveModule.ModuleDefID); for (int intCounter = 0; intCounter < arrModuleControls.Count; intCounter++) { ModuleControlInfo objModuleControl = (ModuleControlInfo)(arrModuleControls[intCounter]); // initialize control values slaveModule.ModuleControlId = objModuleControl.ModuleControlID; slaveModule.ControlSrc = objModuleControl.ControlSrc; slaveModule.ControlType = objModuleControl.ControlType; slaveModule.IconFile = objModuleControl.IconFile; slaveModule.HelpUrl = objModuleControl.HelpURL; if (!(Null.IsNull(objModuleControl.ControlTitle))) { // try to localize control title slaveModule.ModuleTitle = Localization.LocalizeControlTitle(objModuleControl.ControlTitle, slaveModule.ControlSrc, Key); } // verify that the current user has access to this control bool blnAuthorized = true; if (slaveModule.ControlType == SecurityAccessLevel.Anonymous) // anonymous { } else if (slaveModule.ControlType == SecurityAccessLevel.View) // view { if (PortalSecurity.IsInRole(PortalSettings.AdministratorRoleName) == false & PortalSecurity.IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()) == false) { if (!(PortalSecurity.IsInRoles(slaveModule.AuthorizedViewRoles))) { blnAuthorized = false; } } } else if (slaveModule.ControlType == SecurityAccessLevel.Edit) // edit { if (PortalSecurity.IsInRole(PortalSettings.AdministratorRoleName) == false & PortalSecurity.IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()) == false) { if (!(PortalSecurity.IsInRoles(slaveModule.AuthorizedViewRoles))) { blnAuthorized = false; } else { if (!(PortalSecurity.HasEditPermissions(slaveModule.ModulePermissions))) { blnAuthorized = false; } } } } else if (slaveModule.ControlType == SecurityAccessLevel.Admin) // admin { if (PortalSecurity.IsInRole(PortalSettings.AdministratorRoleName) == false & PortalSecurity.IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()) == false) { blnAuthorized = false; } } else if (slaveModule.ControlType == SecurityAccessLevel.Host) // host { UserInfo objUserInfo = UserController.GetCurrentUserInfo(); if (!objUserInfo.IsSuperUser) { blnAuthorized = false; } } if (blnAuthorized) { //try to inject the module into the skin try { InjectModule(parent, slaveModule, PortalSettings); } catch (Exception) { bSuccess = false; } } else { Response.Redirect(Globals.AccessDeniedURL(MODULEACCESS_ERROR), true); } } } if (!blnLayoutMode) { CollapseUnusedPanes(); } if (Request.QueryString["error"] != null) { Skin.AddPageMessage(this, CRITICAL_ERROR, Server.HtmlEncode(Request.QueryString["error"]), ModuleMessageType.RedError); } if (!(PortalSecurity.IsInRoles(PortalSettings.AdministratorRoleName) | PortalSecurity.IsInRoles(PortalSettings.ActiveTab.AdministratorRoles.ToString()))) { // only display the warning to non-administrators (adminsitrators will see the errors) if (!bSuccess) { Skin.AddPageMessage(this, MODULELOAD_WARNING, string.Format(MODULELOAD_WARNINGTEXT, PortalSettings.Email), ModuleMessageType.YellowWarning); } } }