/// <summary> /// Preprocess security / context, then get the item based on an passed in method, /// ...then process/finish /// </summary> /// <returns></returns> internal Dictionary <string, object> GetOne(IInstanceContext context, IBlock ctxBlock, string contentType, Func <EntityApi, IEntity> getOne, string appPath) { Log.Add($"get and serialize after security check type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock); var entityApi = new EntityApi(appIdentity.AppId, true, Log); var itm = getOne(entityApi); var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log); if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var error)) { throw HttpException.PermissionDenied(error); } // in case draft wasn't allow, get again with more restricted permissions if (!permCheck.EnsureAny(GrantSets.ReadDraft)) { entityApi = new EntityApi(appIdentity.AppId, false, Log); itm = getOne(entityApi); } return(InitEavAndSerializer(appIdentity.AppId, ctxBlock?.EditAllowed ?? false).Convert(itm)); }
/// <summary> /// Preprocess security / context, then get the item based on an passed in method, /// ...then process/finish /// </summary> /// <param name="contentType"></param> /// <param name="getOne"></param> /// <param name="appPath"></param> /// <returns></returns> private Dictionary <string, object> GetAndSerializeOneAfterSecurityChecks(string contentType, Func <EntityApi, IEntity> getOne, string appPath) { Log.Add($"get and serialie after security check type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder); var entityApi = new EntityApi(appIdentity.AppId, true, Log); var itm = getOne(entityApi); var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log); if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception)) { throw exception; } // in case draft wasn't allow, get again with more restricted permissions if (!permCheck.EnsureAny(GrantSets.ReadDraft)) { entityApi = new EntityApi(appIdentity.AppId, false, Log); itm = getOne(entityApi); } return(InitEavAndSerializer(appIdentity.AppId).Convert(itm)); }
internal void Delete(IInstanceContext context, IBlock ctxBlock, string contentType, Guid guid, string appPath) { Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock); var entityApi = new EntityApi(appIdentity.AppId, true, Log); var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid); var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log); if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var error)) { throw HttpException.PermissionDenied(error); } entityApi.Delete(itm.Type.Name, guid); }
[AllowAnonymous] // will check security internally, so assume no requirements public void Delete(string contentType, Guid guid, [FromUri] string appPath = null) { Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder); var entityApi = new EntityApi(appIdentity.AppId, true, Log); var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid); var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log); if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception)) { throw exception; } entityApi.Delete(itm.Type.Name, guid); }
/// <summary> /// Preprocess security / context, then get the item based on an passed in method, /// ...then process/finish /// </summary> /// <param name="contentType"></param> /// <param name="getOne"></param> /// <param name="appPath"></param> /// <returns></returns> private Dictionary <string, object> GetAndSerializeOneAfterSecurityChecks(string contentType, Func <int, IEntity> getOne, string appPath) { Log.Add($"get and serialie after security check type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, SxcInstance); var itm = getOne(appIdentity.AppId); var permCheck = new MultiPermissionsItems(SxcInstance, appIdentity.AppId, itm, Log); if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception)) { throw exception; } //2018-09-15 2dm moved/disabled //var context = GetContext(SxcInstance, Log); //PerformSecurityCheck(appIdentity, contentType, Grants.Read, appPath == null ? context.Dnn.Module : null, itm); return(InitEavAndSerializer(appIdentity.AppId).Prepare(itm)); }
[AllowAnonymous] // will check security internally, so assume no requirements public void Delete(string contentType, Guid guid, [FromUri] string appPath = null) { Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}"); // if app-path specified, use that app, otherwise use from context var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, SxcInstance); var entityApi = new EntityApi(appIdentity.AppId, Log); var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid); var permCheck = new MultiPermissionsItems(SxcInstance, appIdentity.AppId, itm, Log); if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception)) { throw exception; } //2018-09-15 2dm moved/disabled //var context = GetContext(SxcInstance, Log); //PerformSecurityCheck(appIdentity, itm.Type.Name, Grants.Delete, appPath == null ? context.Dnn.Module : null, itm); entityApi.Delete(itm.Type.Name, guid); }