public static Error.Types InheritPermission(SiteSettings ss) { if (!ss.CanManagePermission()) { return(Error.Types.HasNotPermission); } var inheritPermission = Forms.Long("InheritPermission"); if (ss.SiteId != inheritPermission) { if (!PermissionUtilities.InheritTargetsDataRows(ss.SiteId).Any(o => o["SiteId"].ToLong() == Forms.Long("InheritPermission"))) { return(Error.Types.CanNotInherit); } if (!Permissions.CanRead(inheritPermission)) { return(Error.Types.HasNotPermission); } if (PermissionUtilities.HasInheritedSites(ss.SiteId)) { return(Error.Types.CanNotChangeInheritance); } } return(Error.Types.None); }
private static HtmlBuilder EditorTabs( this HtmlBuilder hb, SiteSettings ss, WikiModel wikiModel) { return(hb.Ul(id: "EditorTabs", action: () => hb .Li(action: () => hb .A( href: "#FieldSetGeneral", text: Displays.Basic())) .Li(_using: wikiModel.MethodType != BaseModel.MethodTypes.New, action: () => hb .A( href: "#FieldSetHistories", text: Displays.ChangeHistoryList())) .Li(_using: ss.CanManagePermission() && wikiModel.MethodType != BaseModel.MethodTypes.New, action: () => hb .A( href: "#FieldSetRecordAccessControl", text: Displays.RecordAccessControl())))); }
/// <summary> /// Fixed: /// </summary> public static Error.Types OnUpdating(SiteSettings ss) { if (!ss.CanManagePermission()) { return(Error.Types.HasNotPermission); } foreach (var controlId in Forms.Keys()) { switch (controlId) { case "InheritPermission": var type = SiteValidators.InheritPermission(ss); if (type != Error.Types.None) { return(type); } break; } } return(Error.Types.None); }
/// <summary> /// Fixed: /// </summary> private static HtmlBuilder Editor( this HtmlBuilder hb, SiteSettings ss, WikiModel wikiModel) { var commentsColumn = ss.GetColumn("Comments"); var commentsColumnPermissionType = commentsColumn.ColumnPermissionType(); var showComments = ss.EditorColumns?.Contains("Comments") == true && commentsColumnPermissionType != Permissions.ColumnPermissionTypes.Deny; var tabsCss = showComments ? null : "max"; return(hb.Div(id: "Editor", action: () => hb .Form( attributes: new HtmlAttributes() .Id("WikiForm") .Class("main-form") .Action(Locations.ItemAction(wikiModel.WikiId != 0 ? wikiModel.WikiId : wikiModel.SiteId)), action: () => hb .RecordHeader( ss: ss, baseModel: wikiModel, tableName: "Wikis") .Div( id: "EditorComments", action: () => hb .Comments( comments: wikiModel.Comments, column: commentsColumn, verType: wikiModel.VerType, columnPermissionType: commentsColumnPermissionType), _using: showComments) .Div(id: "EditorTabsContainer", css: tabsCss, action: () => hb .EditorTabs(wikiModel: wikiModel, ss: ss) .FieldSetGeneral( ss: ss, wikiModel: wikiModel) .FieldSet( attributes: new HtmlAttributes() .Id("FieldSetHistories") .DataAction("Histories") .DataMethod("post"), _using: wikiModel.MethodType != BaseModel.MethodTypes.New) .FieldSet( attributes: new HtmlAttributes() .Id("FieldSetRecordAccessControl") .DataAction("Permissions") .DataMethod("post"), _using: ss.CanManagePermission()) .MainCommands( ss: ss, siteId: wikiModel.SiteId, verType: wikiModel.VerType, referenceType: "items", referenceId: wikiModel.WikiId, updateButton: true, copyButton: false, moveButton: false, mailButton: true, deleteButton: true)) .Hidden(controlId: "BaseUrl", value: Locations.BaseUrl()) .Hidden(controlId: "MethodType", value: "edit") .Hidden( controlId: "Wikis_Timestamp", css: "always-send", value: wikiModel.Timestamp) .Hidden( controlId: "SwitchTargets", css: "always-send", value: wikiModel.WikiId.ToString(), _using: !Request.IsAjax() || Routes.Action() == "create")) .OutgoingMailsForm("Wikis", wikiModel.WikiId, wikiModel.Ver) .CopyDialog("items", wikiModel.WikiId) .MoveDialog() .OutgoingMailDialog())); }
public static Error.Types OnUpdating(SiteSettings ss, SiteModel siteModel) { if (!ss.CanManageSite()) { return(Error.Types.HasNotPermission); } ss.SetColumnAccessControls(siteModel.Mine()); foreach (var controlId in Forms.Keys()) { switch (controlId) { case "Sites_Title": if (siteModel.Title_Updated() && !ss.GetColumn("Title").CanUpdate) { return(Error.Types.HasNotPermission); } break; case "Sites_Body": if (siteModel.Body_Updated() && !ss.GetColumn("Body").CanUpdate) { return(Error.Types.HasNotPermission); } break; case "Sites_ReferenceType": if (siteModel.ReferenceType_Updated() && !ss.GetColumn("ReferenceType").CanUpdate) { return(Error.Types.HasNotPermission); } break; case "Sites_InheritPermission": if (siteModel.InheritPermission_Updated() && !ss.GetColumn("InheritPermission").CanUpdate) { return(Error.Types.HasNotPermission); } break; case "InheritPermission": var type = InheritPermission(ss); if (type != Error.Types.None) { return(type); } break; case "CurrentPermissionsAll": if (!ss.CanManagePermission()) { return(Error.Types.HasNotPermission); } if (!new PermissionCollection( ss.SiteId, Forms.List("CurrentPermissionsAll")).InTenant()) { return(Error.Types.InvalidRequest); } break; case "SearchPermissionElements": case "OpenPermissionsDialog": case "AddPermissions": case "DeletePermissions": if (!ss.CanManagePermission()) { return(Error.Types.HasNotPermission); } break; case "Comments": if (!ss.GetColumn("Comments").CanUpdate) { return(Error.Types.HasNotPermission); } break; } } return(Error.Types.None); }