public EditLoadBackend(EntityApi entityApi, ContentGroupList contentGroupList,
IServiceProvider serviceProvider,
IUiContextBuilder contextBuilder,
IContextResolver ctxResolver,
ITargetTypes mdTargetTypes,
// for prefetch
IValueConverter valueConverter,
EntityPickerApi entityPickerBackend) : base(serviceProvider, "Cms.LoadBk")
{
_entityApi = entityApi;
_contentGroupList = contentGroupList;
_contextBuilder = contextBuilder;
_ctxResolver = ctxResolver;
_mdTargetTypes = mdTargetTypes;
_valueConverter = valueConverter;
_entityPickerBackend = entityPickerBackend;
}
public dynamic GetManyForEditing([FromBody] List <ItemIdentifier> items, int appId)
{
var wrapLog = Log.Call($"get many a#{appId}, items⋮{items.Count}");
// before we start, we have to convert the indexes into something more useful, because
// otherwise in content-list scenarios we don't have the type
var appForSecurityChecks = GetApp.LightWithoutData(new DnnTenant(PortalSettings), SystemRuntime.ZoneIdOfApp(appId), appId, Log);
items = new ContentGroupList(BlockBuilder, Log).ConvertListIndexToId(items, appForSecurityChecks);
// to do full security check, we'll have to see what content-type is requested
var permCheck = new MultiPermissionsTypes(BlockBuilder, appId, items, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception))
{
throw exception;
}
var list = new EntityApi(appId, permCheck.EnsureAny(GrantSets.ReadDraft), Log).GetEntitiesForEditing(appId, items);
// Reformat to the Entity-WithLanguage setup
var listAsEwH = list.Select(p => new BundleWithHeader <EntityWithLanguages>
{
Header = p.Header,
Entity = p.Entity != null
? EntityWithLanguages.Build(appId, p.Entity)
: null
}).ToList();
// 2018-09-26 2dm
// if we're giving items which already exist, then we must verify that edit/read is allowed.
// important, this code is shared/duplicated in the UiController.Load
if (list.Any(set => set.Entity != null))
{
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out exception))
{
throw exception;
}
}
wrapLog($"will return items⋮{list.Count}");
return(listAsEwH);
}
public AllInOne Load([FromBody] List <ItemIdentifier> items, int appId)
{
// Security check
var wraplog = Log.Call($"load many a#{appId}, items⋮{items.Count}");
// do early permission check - but at this time it may be that we don't have the types yet
// because they may be group/id combinations, without type information which we'll look up afterwards
var appIdentity = State.Identity(null, appId);
items = new ContentGroupList(BlockBuilder, Log).ConvertListIndexToId(items, appIdentity);
// now look up the types, and repeat security check with type-names
// todo: 2020-03-20 new feat 11.01, may not check inner type permissions ATM
var permCheck = new MultiPermissionsTypes(BlockBuilder, appId, items, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception))
{
throw exception;
}
// load items - similar
var result = new AllInOne();
var entityApi = new EntityApi(appId, permCheck.EnsureAny(GrantSets.ReadDraft), Log);
var typeRead = entityApi.AppRead.ContentTypes;
var list = entityApi.GetEntitiesForEditing(appId, items);
var jsonSerializer = new JsonSerializer();
result.Items = list.Select(e => new BundleWithHeader <JsonEntity>
{
Header = e.Header,
Entity = GetSerializeAndMdAssignJsonEntity(appId, e, jsonSerializer, typeRead)
}).ToList();
// set published if some data already exists
if (list.Any())
{
result.IsPublished = list.First().Entity?.IsPublished ?? true; // Entity could be null (new), then true
// only set draft-should-branch if this draft already has a published item
if (!result.IsPublished)
{
result.DraftShouldBranch = list.First().Entity?.GetPublished() != null;
}
}
// since we're retrieving data - make sure we're allowed to
// this is to ensure that if public forms only have create permissions, they can't access existing data
// important, this code is shared/duplicated in the EntitiesController.GetManyForEditing
if (list.Any(set => set.Entity != null))
{
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out exception))
{
throw exception;
}
}
// load content-types
var types = UsedTypes(list, typeRead);
result.ContentTypes = types
.Select(ct => JsonSerializer.ToJson(ct, true))
.ToList();
// todo: ensure that sub-properties of the content-types are included
var entList = types.SelectMany(
// in all Content-Type attributes like title, body etc.
t => t.Attributes.SelectMany(
// check all metadata of these attributes - get possible sub-entities attached
a => a.Metadata.SelectMany(m => m.Children())
)
);
result.ContentTypeItems = entList.Select(e => jsonSerializer.ToJson(e, 0, Log)).ToList();
// Fix not-supported input-type names; map to correct name
result.ContentTypes
.ForEach(jt => jt.Attributes
.ForEach(at => at.InputType = InputTypes.MapInputTypeV10(at.InputType)));
// load input-field configurations
result.InputTypes = GetNecessaryInputTypes(result.ContentTypes, typeRead);
// also include UI features
result.Features = SystemController.FeatureListWithPermissionCheck(permCheck).ToList();
// done - return
wraplog($"ready, sending items:{result.Items.Count}, " +
$"types:{result.ContentTypes.Count}, " +
$"inputs:{result.InputTypes.Count}, " +
$"feats:{result.Features.Count}");
return(result);
}
