/// <summary> /// Deletes single info object. Handles logging to event log and to deleting page. /// </summary> /// <param name="info">Info which will be deleted</param> /// <param name="errorLog"> Log where errors will be recorded</param> /// <param name="logProgress">Log where progress will be recorded</param> /// <param name="logPermissionError">Log where security errors will be recorded</param> private void DeleteSingleInfo(BaseInfo info, StringBuilder errorLog, LogContext logProgress, LogContext logPermissionError) { var displayableName = String.Empty; try { // Prevent XSS attack displayableName = HTMLHelper.HTMLEncode(info.Generalized.ObjectDisplayName); using (new CMSActionContext { LogEvents = false }) { if (info.CheckPermissions(PermissionsEnum.Delete, CurrentSiteName, CurrentUser, exceptionOnFailure: true)) { info.Delete(); } } AddSuccessLog(logProgress, displayableName); } catch (ThreadAbortException) { // Do not log any exception to event log for ThreadAbortException } catch (Exception exception) { HandleException(errorLog, logPermissionError, displayableName, exception); } }
/// <summary> /// Verifies permissons to modify given BaseInfo and current user. /// Redirects to Information Page with "Object doesn't exist." message /// or Access denied page. /// </summary> /// <param name="info">Info object for which the permissions should be verified.</param> /// <returns></returns> private bool VerifyPermissionsAndObjectAvailability(BaseInfo info) { if (info == null) { CMSPage.RedirectToInformation("editedobject.notexists"); return(false); } if (!info.CheckPermissions(PermissionsEnum.Modify, SiteContext.CurrentSiteName, MembershipContext.AuthenticatedUser)) { CMSPage.RedirectToAccessDenied(ModuleName.SOCIALMARKETING, "Modify"); return(false); } return(true); }
protected override void OnLoad(EventArgs e) { base.OnLoad(e); // Get query string parameters var objectType = QueryHelper.GetString("objecttype", String.Empty); var objectId = QueryHelper.GetInteger("objectid", 0); // Get the object infoToClone = ProviderHelper.GetInfoById(objectType, objectId); if (infoToClone != null) { objTypeName = GetString("objecttype." + TranslationHelper.GetSafeClassName(infoToClone.TypeInfo.ObjectType)); } if (objTypeName.StartsWith("objecttype.", StringComparison.OrdinalIgnoreCase)) { objTypeName = ""; SetTitle(String.Format(GetString("clonning.dialog.title"), HTMLHelper.HTMLEncode(ResHelper.LocalizeString(infoToClone.Generalized.ObjectDisplayName)))); } else { SetTitle(String.Format(GetString("clonning.dialog.title"), objTypeName)); } if (infoToClone == null) { ShowInformation(GetString("clonning.dialog.objectdoesnotexist")); cloneObjectElem.Visible = false; return; } // Check permissions if (!infoToClone.CheckPermissions(PermissionsEnum.Read, CurrentSiteName, CurrentUser)) { RedirectToAccessDenied(infoToClone.TypeInfo.ModuleName, "read"); } cloneObjectElem.InfoToClone = infoToClone; }
protected void Page_Load(object sender, EventArgs e) { // Get query string parameters objectType = QueryHelper.GetString("objecttype", String.Empty); int objectId = QueryHelper.GetInteger("objectid", 0); // Get the object BaseInfo info = ProviderHelper.GetInfoById(objectType, objectId); string objTypeName = ""; if (info != null) { objTypeName = GetString("objecttype." + TranslationHelper.GetSafeClassName(info.TypeInfo.ObjectType)); } if (objTypeName.StartsWithCSafe("objecttype.")) { objTypeName = ""; SetTitle(String.Format(GetString("clonning.dialog.title"), HTMLHelper.HTMLEncode(ResHelper.LocalizeString(info.Generalized.ObjectDisplayName)))); } else { SetTitle(String.Format(GetString("clonning.dialog.title"), objTypeName)); } btnClone.Text = GetString("General.Clone"); btnClone.Click += btnClone_Click; if (info == null) { ShowInformation(GetString("clonning.dialog.objectdoesnotexist")); cloneObjectElem.Visible = false; return; } if (cloneObjectElem.HasNoSettings()) { ShowInformation(String.Format(GetString("clonning.settings.emptyinfobox"), objTypeName, HTMLHelper.HTMLEncode(ResHelper.LocalizeString(info.Generalized.ObjectDisplayName)))); } else { ShowInformation(String.Format(GetString("clonning.settings.infobox"), objTypeName, HTMLHelper.HTMLEncode(ResHelper.LocalizeString(info.Generalized.ObjectDisplayName)))); } // Check permissions if (!info.CheckPermissions(PermissionsEnum.Read, CurrentSiteName, CurrentUser)) { RedirectToAccessDenied(info.TypeInfo.ModuleName, "read"); } cloneObjectElem.InfoToClone = info; // Register refresh script to refresh wopener StringBuilder script = new StringBuilder(); script.Append(@" function RefreshContent() { if (wopener != null) { if (wopener.RefreshWOpener) { window.refreshPageOnClose = true; wopener.RefreshWOpener(window); } else { wopener.window.location.replace(wopener.window.location); } } }"); // Register script ScriptHelper.RegisterWOpenerScript(Page); ScriptHelper.RegisterClientScriptBlock(this, typeof(string), "WOpenerRefresh", ScriptHelper.GetScript(script.ToString())); }