public AllInOne Load([FromBody] List <ItemIdentifier> items, int appId) { // Security check var wraplog = Log.Call("Load", $"load many a#{appId}, items⋮{items.Count}"); // do early permission check - but at this time it may be that we don't have the types yet // because they may be group/id combinations, without type information which we'll look up afterwards var appForSecurityChecks = App.LightWithoutData(new DnnTenant(PortalSettings), appId, Log); items = new SaveHelpers.ContentGroupList(SxcInstance, Log).ConvertListIndexToId(items, appForSecurityChecks); // now look up the types, and repeat security check with type-names var permCheck = new MultiPermissionsTypes(SxcInstance, appId, items, Log); if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception)) { throw exception; } // load items - similar var result = new AllInOne(); var entityApi = new EntityApi(appId, Log); var typeRead = entityApi.AppManager.Read.ContentTypes; var list = entityApi.GetEntitiesForEditing(appId, items); var jsonSerializer = new JsonSerializer(); result.Items = list.Select(e => new BundleWithHeader <JsonEntity> { Header = e.Header, Entity = jsonSerializer.ToJson(e.Entity ?? ConstructEmptyEntity(appId, e.Header, typeRead)) }).ToList(); // set published if some data already exists if (list.Any()) { result.IsPublished = list.First().Entity?.IsPublished ?? true; // Entity could be null (new), then true } // load content-types var types = UsedTypes(list, typeRead); result.ContentTypes = types.Select(ct => JsonSerializer.ToJson(ct, true)).ToList(); // load input-field configurations result.InputTypes = GetNecessaryInputTypes(types, typeRead); // also deliver features result.Features = SystemController.FeatureListWithPermissionCheck(appId, permCheck).ToList(); // done - return wraplog($"ready, sending items:{result.Items.Count}, " + $"types:{result.ContentTypes.Count}, " + $"inputs:{result.InputTypes.Count}, " + $"feats:{result.Features.Count}"); return(result); }
public dynamic GetManyForEditing([FromBody] List <ItemIdentifier> items, int appId) { var wrapLog = Log.Call("GetManyForEditing", $"get many a#{appId}, items⋮{items.Count}"); // before we start, we have to convert the indexes into something more useful, because // otherwise in content-list scenarios we don't have the type var appForSecurityChecks = App.LightWithoutData(new DnnTenant(PortalSettings), SystemRuntime.ZoneIdOfApp(appId), appId, Log); items = new SaveHelpers.ContentGroupList(SxcInstance, Log).ConvertListIndexToId(items, appForSecurityChecks); // to do full security check, we'll have to see what content-type is requested var permCheck = new MultiPermissionsTypes(SxcInstance, appId, items, Log); if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception)) { throw exception; } var list = new EntityApi(appId, Log).GetEntitiesForEditing(appId, items); // Reformat to the Entity-WithLanguage setup var listAsEwH = list.Select(p => new BundleWithHeader <EntityWithLanguages> { Header = p.Header, Entity = p.Entity != null ? EntityWithLanguages.Build(appId, p.Entity) : null }).ToList(); // 2018-09-26 2dm // if we're giving items which already exist, then we must verify that edit/read is allowed. // important, this code is shared/duplicated in the UiController.Load if (list.Any(set => set.Entity != null)) { if (!permCheck.EnsureAll(GrantSets.ReadSomething, out exception)) { throw exception; } } wrapLog($"will return items⋮{list.Count}"); return(listAsEwH); }
public AllInOne Load([FromBody] List <ItemIdentifier> items, int appId) { // Security check var wraplog = Log.Call("Load", $"load many a#{appId}, items⋮{items.Count}"); // do early permission check - but at this time it may be that we don't have the types yet // because they may be group/id combinations, without type information which we'll look up afterwards var appForSecurityChecks = App.LightWithoutData(new DnnTenant(PortalSettings), appId, Log); items = new SaveHelpers.ContentGroupList(SxcInstance, Log).ConvertListIndexToId(items, appForSecurityChecks); // now look up the types, and repeat security check with type-names var permCheck = new MultiPermissionsTypes(SxcInstance, appId, items, Log); if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception)) { throw exception; } // load items - similar var result = new AllInOne(); var entityApi = new EntityApi(appId, Log); var typeRead = entityApi.AppManager.Read.ContentTypes; var list = entityApi.GetEntitiesForEditing(appId, items); var jsonSerializer = new JsonSerializer(); result.Items = list.Select(e => new BundleWithHeader <JsonEntity> { Header = e.Header, Entity = GetSerializeAndMdAssignJsonEntity(appId, e, jsonSerializer, typeRead) }).ToList(); // set published if some data already exists if (list.Any()) { result.IsPublished = list.First().Entity?.IsPublished ?? true; // Entity could be null (new), then true // only set draft-should-branch if this draft already has a published item if (!result.IsPublished) { result.DraftShouldBranch = list.First().Entity?.GetPublished() != null; } } // since we're retrieving data - make sure we're allowed to // this is to ensure that if public forms only have create permissions, they can't access existing data // important, this code is shared/duplicated in the EntitiesController.GetManyForEditing if (list.Any(set => set.Entity != null)) { if (!permCheck.EnsureAll(GrantSets.ReadSomething, out exception)) { throw exception; } } // load content-types var types = UsedTypes(list, typeRead); result.ContentTypes = types .Select(ct => JsonSerializer.ToJson(ct, true)) .ToList(); // Fix not-supported input-type names; map to correct name result.ContentTypes .ForEach(jt => jt.Attributes .ForEach(at => at.InputType = InputTypes.MapInputTypeV10(at.InputType))); // load input-field configurations result.InputTypes = GetNecessaryInputTypes(result.ContentTypes /*types*/, typeRead); // also include UI features result.Features = SystemController.FeatureListWithPermissionCheck(appId, permCheck).ToList(); // done - return wraplog($"ready, sending items:{result.Items.Count}, " + $"types:{result.ContentTypes.Count}, " + $"inputs:{result.InputTypes.Count}, " + $"feats:{result.Features.Count}"); return(result); }