Exemplo n.º 1
0
        private static bool IsAccessibleToEveryone(ISecurable content)
        {
            var visitorPrinciple = new System.Security.Principal.GenericPrincipal(
                new System.Security.Principal.GenericIdentity("visitor"),
                new[] { "Everyone" });

            return(content.GetSecurityDescriptor().HasAccess(visitorPrinciple, AccessLevel.Read));
        }
Exemplo n.º 2
0
        // Note! This broke with CMS 8, but since we're not using the languageselector
        //       from code, we just ignore it
        //public virtual T Get<T>(ContentReference contentLink) where T : IContentData
        //{
        //    // CMS 8
        //    // LoaderOptions options  = new LoaderOptions();
        //    // options.Add(new LanguageLoaderOption() {FallbackBehaviour = LanguageBehaviour.Fallback});
        //    return this.Get<T>(contentLink, (LanguageSelector)LanguageSelector.AutoDetect(true));
        //}
        public virtual T Get <T>(ContentReference contentLink) where T : IContentData
        {
            T obj = Locate.ContentRepository().Get <T>(contentLink);

            if ((object)obj == null)
            {
                return(default(T));
            }
            AccessLevel access    = contentLink.CompareToIgnoreWorkID(this.CurrentContentLink) ? AccessLevel.Read : AccessLevel.Read;
            ISecurable  securable = (object)obj as ISecurable;

            if (securable != null && !securable.GetSecurityDescriptor().HasAccess(PrincipalInfo.CurrentPrincipal, access))
            {
                if (PrincipalInfo.CurrentPrincipal.Identity.IsAuthenticated)
                {
                    throw new AccessDeniedException();
                }
                DefaultAccessDeniedHandler.AccessDenied((object)this);
            }
            return(obj);
        }
        /// <summary>
        /// Allows editing.
        /// </summary>
        /// <returns><c>true</c> if editing is allowed, <c>false</c> otherwise.</returns>
        private bool AllowEditable()
        {
            PropertyData    innerProperty  = this.InnerProperty;
            PropertyContext currentContext = this.CurrentContext;

            if (innerProperty == null || innerProperty.IsDynamicProperty || currentContext == null)
            {
                return(false);
            }

            ISecurable securable = currentContext.PropertyContainer as ISecurable
                                   ?? currentContext.CurrentContent as ISecurable;
            bool flag = this.CurrentContent != null &&
                        this.CurrentContent.ContentLink.CompareToIgnoreWorkID(
                currentContext.CurrentContent.ContentLink) && currentContext.IsEditable() &&
                        !this.IsContainedInTemplate() &&
                        (securable == null ||
                         securable.GetSecurityDescriptor()
                         .HasAccess(PrincipalInfo.CurrentPrincipal, AccessLevel.Edit));

            return(flag);
        }
Exemplo n.º 4
0
        // Note! This broke with CMS 8, but since we're not using the languageselector
        //       from code, we just ignore it
        //public virtual T Get<T>(ContentReference contentLink) where T : IContentData
        //{
        //    // CMS 8
        //    // LoaderOptions options  = new LoaderOptions();
        //    // options.Add(new LanguageLoaderOption() {FallbackBehaviour = LanguageBehaviour.Fallback});
        //    return this.Get<T>(contentLink, (LanguageSelector)LanguageSelector.AutoDetect(true));
        //}
        public virtual T Get <T>(ContentReference contentLink) where T : IContentData
        {
            T obj = Locate.ContentRepository().Get <T>(contentLink);

            if ((object)obj == null)
            {
                return(default(T));
            }
            AccessLevel access    = contentLink.CompareToIgnoreWorkID(this.CurrentContentLink) ? AccessLevel.Read : AccessLevel.Read;
            ISecurable  securable = (object)obj as ISecurable;

            if (securable != null && !securable.GetSecurityDescriptor().HasAccess(PrincipalInfo.CurrentPrincipal, access))
            {
                if (PrincipalInfo.CurrentPrincipal.Identity.IsAuthenticated)
                {
                    throw new AccessDeniedException();
                }
                IAccessDeniedHandler handler =
                    ServiceLocator.Current.GetInstance <IAccessDeniedHandler>();
                handler.AccessDenied(new HttpContextWrapper(Context)); // Man - we really need to get rid of web forms soon!
            }
            return(obj);
        }
Exemplo n.º 5
0
        private static bool IsAccessibleToEveryone(ISecurable content)
        {
            var visitorPrinciple = new System.Security.Principal.GenericPrincipal(
                new System.Security.Principal.GenericIdentity("visitor"),
                new[] { "Everyone" });

            return content.GetSecurityDescriptor().HasAccess(visitorPrinciple, AccessLevel.Read);
        }