/// <summary>
/// Preprocess security / context, then get the item based on an passed in method,
/// ...then process/finish
/// </summary>
/// <returns></returns>
internal Dictionary <string, object> GetOne(IInstanceContext context, IBlock ctxBlock, string contentType, Func <EntityApi, IEntity> getOne, string appPath)
{
Log.Add($"get and serialize after security check type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = getOne(entityApi);
var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var error))
{
throw HttpException.PermissionDenied(error);
}
// in case draft wasn't allow, get again with more restricted permissions
if (!permCheck.EnsureAny(GrantSets.ReadDraft))
{
entityApi = new EntityApi(appIdentity.AppId, false, Log);
itm = getOne(entityApi);
}
return(InitEavAndSerializer(appIdentity.AppId, ctxBlock?.EditAllowed ?? false).Convert(itm));
}
/// <summary>
/// Preprocess security / context, then get the item based on an passed in method,
/// ...then process/finish
/// </summary>
/// <param name="contentType"></param>
/// <param name="getOne"></param>
/// <param name="appPath"></param>
/// <returns></returns>
private Dictionary <string, object> GetAndSerializeOneAfterSecurityChecks(string contentType, Func <EntityApi, IEntity> getOne, string appPath)
{
Log.Add($"get and serialie after security check type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = getOne(entityApi);
var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception))
{
throw exception;
}
// in case draft wasn't allow, get again with more restricted permissions
if (!permCheck.EnsureAny(GrantSets.ReadDraft))
{
entityApi = new EntityApi(appIdentity.AppId, false, Log);
itm = getOne(entityApi);
}
return(InitEavAndSerializer(appIdentity.AppId).Convert(itm));
}
internal void Delete(IInstanceContext context, IBlock ctxBlock, string contentType, Guid guid, string appPath)
{
Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid);
var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log);
if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var error))
{
throw HttpException.PermissionDenied(error);
}
entityApi.Delete(itm.Type.Name, guid);
}
[AllowAnonymous] // will check security internally, so assume no requirements
public void Delete(string contentType, Guid guid, [FromUri] string appPath = null)
{
Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid);
var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception))
{
throw exception;
}
entityApi.Delete(itm.Type.Name, guid);
}
/// <summary>
/// Preprocess security / context, then get the item based on an passed in method,
/// ...then process/finish
/// </summary>
/// <param name="contentType"></param>
/// <param name="getOne"></param>
/// <param name="appPath"></param>
/// <returns></returns>
private Dictionary <string, object> GetAndSerializeOneAfterSecurityChecks(string contentType, Func <int, IEntity> getOne, string appPath)
{
Log.Add($"get and serialie after security check type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, SxcInstance);
var itm = getOne(appIdentity.AppId);
var permCheck = new MultiPermissionsItems(SxcInstance, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception))
{
throw exception;
}
//2018-09-15 2dm moved/disabled
//var context = GetContext(SxcInstance, Log);
//PerformSecurityCheck(appIdentity, contentType, Grants.Read, appPath == null ? context.Dnn.Module : null, itm);
return(InitEavAndSerializer(appIdentity.AppId).Prepare(itm));
}
[AllowAnonymous] // will check security internally, so assume no requirements
public void Delete(string contentType, Guid guid, [FromUri] string appPath = null)
{
Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, SxcInstance);
var entityApi = new EntityApi(appIdentity.AppId, Log);
var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid);
var permCheck = new MultiPermissionsItems(SxcInstance, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception))
{
throw exception;
}
//2018-09-15 2dm moved/disabled
//var context = GetContext(SxcInstance, Log);
//PerformSecurityCheck(appIdentity, itm.Type.Name, Grants.Delete, appPath == null ? context.Dnn.Module : null, itm);
entityApi.Delete(itm.Type.Name, guid);
}
