/// <summary>
/// Initializes the object and performs all the initial security checks
/// </summary>
protected AdamState(IBlock block, int appId, string contentType, string field, Guid guid, bool usePortalRoot, ILog log)
: base("Adm.State", log)
{
var callLog = Log.Call($"field:{field}, guid:{guid}");
App = Factory.Resolve <Apps.App>().Init(appId, log, block);
Permissions = new MultiPermissionsTypes()
.Init(block.Context, App, contentType, Log);
Block = block;
// only do checks on field/guid if it's actually accessing that, if it's on the portal root, don't.
UseTenantRoot = usePortalRoot;
if (!usePortalRoot)
{
ItemField = field;
ItemGuid = guid;
}
Security = Factory.Resolve <SecurityChecksBase>().Init(this, usePortalRoot, Log);
SecurityCheckHelpers.ThrowIfAccessingRootButNotAllowed(usePortalRoot, Security.UserIsRestricted);
Log.Add("check if feature enabled");
if (Security.UserIsRestricted && !ToSic.Eav.Configuration.Features.Enabled(FeaturesForRestrictedUsers))
{
throw HttpException.PermissionDenied(
$"low-permission users may not access this - {ToSic.Eav.Configuration.Features.MsgMissingSome(FeaturesForRestrictedUsers)}");
}
PrepCore(App, guid, field, usePortalRoot);
if (string.IsNullOrEmpty(contentType) || string.IsNullOrEmpty(field))
{
return;
}
Attribute = Definition(appId, contentType, field);
if (!Security.FileTypeIsOkForThisField(out var exp))
{
throw exp;
}
callLog(null);
}
public AdamItemDtoMaker(SecurityChecksBase security)
{
_security = security;
}