public void CanDelete()
{
CmsPageSecurityZoneDb repository = new CmsPageSecurityZoneDb();
CmsPageSecurityZone zone = repository.fetch(1);
repository.delete(zone);
}
/// <summary>
/// Create the default home page zone and zone user role during setup.
/// </summary>
/// <returns></returns>
private void InsertHomePageZone(int HomePageId)
{
CmsPageSecurityZone z = new CmsPageSecurityZone();
z.ZoneName = "Default zone";
z.StartingPage = pagerepository.Get(HomePageId);
if (new CmsPageSecurityZoneDb().insert(z) == false)
{
throw new Exception("Cannot insert Home Page Zone");
}
// anonymous users can read, but not write pages in this zone
CmsPageSecurityZoneUserRole anonZoneRole = new CmsPageSecurityZoneUserRole(z.Id, WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID, true, false);
if (new CmsPageSecurityZoneUserRoleDb().insert(anonZoneRole) == false)
{
throw new Exception("Cannot insert anonymous ZoneUserRole");
}
// authors can write and read all pages in this zone
WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", "Author"));
if (authorRole.RoleID >= 0)
{
CmsPageSecurityZoneUserRole authorZoneRole = new CmsPageSecurityZoneUserRole(z.Id, authorRole.RoleID, true, true);
if (new CmsPageSecurityZoneUserRoleDb().insert(authorZoneRole) == false)
{
throw new Exception("Cannot insert author ZoneUserRole");
}
}
}
/// <summary>
/// Create the table body
/// </summary>
/// <param name="controlId"></param>
/// <returns></returns>
protected string RenderContent(string controlId)
{
List <CmsPageSecurityZone> list = zoneDb.fetchAll();
StringBuilder html = new StringBuilder();
for (int x = 0; x < list.Count; x++)
{
html.Append("<tr>" + EOL);
CmsPageSecurityZone data1 = list[x];
html.Append("<td>" + EOL);
html.Append("<input class=\"" + controlId + "chgButton\" type=\"button\" value=\"Edit\" title=\"" + data1.ZoneId + "\" />" + EOL);
html.Append("<input class=\"" + controlId + "delButton\" type=\"button\" value=\"Delete\" title=\"" + data1.ZoneId + "\" />" + EOL);
html.Append("<input class=\"" + controlId + "chgSaveButton\" type=\"button\" value=\"Save\" title=\"" + data1.ZoneId + "\" />" + EOL);
html.Append("<input class=\"" + controlId + "chgCancelButton\" type=\"button\" value=\"Cancel\" title=\"" + data1.ZoneId + "\" />" + EOL);
html.Append("</td>" + EOL);
string zName = data1.ZoneName;
html.Append("<td><div id=\"" + controlId + "name_" + data1.ZoneId + "\">" + zName + "</div></td>" + EOL);
html.Append("<td>" + EOL);
html.Append("<select title=\"" + Convert.ToInt32(data1.StartingPageId).ToString() + "\" class=\"" + controlId + "chg\" disabled=\"disabled\" id=\"" + controlId + "startingPageId_" + data1.ZoneId + "\" name=\"" + controlId + "startingPageId\">" + EOL);
html.Append(generatePathOption(Convert.ToInt32(data1.StartingPageId).ToString()));
html.Append("</select>" + EOL);
html.Append("</td>" + EOL);
html.Append("</tr>" + EOL);
}
return(html.ToString());
}
private WebPortalUserRole[] getAllAvailableRoles()
{
List <WebPortalUserRole> ret = new List <WebPortalUserRole>();
string adminUserRoleName = CmsConfig.getConfigValue("AdminUserRole", "Administrator");
ret.Add(WebPortalUserRole.Fetch(adminUserRoleName));
string authorUserRoleName = CmsConfig.getConfigValue("AuthorAccessUserRole", "Author");
if (String.Compare(adminUserRoleName, authorUserRoleName, true) != 0)
{
ret.Add(WebPortalUserRole.Fetch(authorUserRoleName));
}
string nothing = Guid.NewGuid().ToString();
CmsPageSecurityZone homePageZone = (new CmsPageSecurityZoneDb()).fetchByPage(CmsContext.HomePage);
bool requireAnonLogin = homePageZone.canRead(WebPortalUser.dummyPublicUser);
string loginRole = CmsConfig.getConfigValue("LoginUserRole", nothing);
if (!requireAnonLogin && loginRole != nothing && String.Compare(loginRole, authorUserRoleName, true) != 0 && String.Compare(loginRole, adminUserRoleName, true) != 0)
{
ret.Add(WebPortalUserRole.Fetch(loginRole));
}
return(ret.ToArray());
}
private void InsertAdminAreaZone(int AdminPageId)
{
CmsPageSecurityZone z = new CmsPageSecurityZone();
z.ZoneName = "Internal Author Tools Zone";
z.StartingPageId = AdminPageId;
if (new CmsZoneDb().insert(z) == false)
{
throw new Exception("Cannot insert Zone");
}
// anonymous users cannot read or write in this zone
CmsZoneUserRole anonZoneRole = new CmsZoneUserRole(z.ZoneId, WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID, false, false);
if (new CmsZoneUserRoleDb().insert(anonZoneRole) == false)
{
throw new Exception("Cannot insert anonymous ZoneUserRole");
}
// authors can write and read all pages in this zone
WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", "Author"));
if (authorRole.RoleID >= 0)
{
CmsZoneUserRole authorZoneRole = new CmsZoneUserRole(z.ZoneId, authorRole.RoleID, true, true);
if (new CmsZoneUserRoleDb().insert(authorZoneRole) == false)
{
throw new Exception("Cannot insert author ZoneUserRole");
}
}
}
public List <CmsPageSecurityZoneUserRole> fetchAllByZone(CmsPageSecurityZone z)
{
ICriteria criteria = NHibernateSession.Current.CreateCriteria(typeof(CmsPageSecurityZoneUserRole))
.Add(Expression.Eq("Zone.Id", z.Id));
IList <CmsPageSecurityZoneUserRole> authoritylist = criteria.List <CmsPageSecurityZoneUserRole>();
return(authoritylist as List <CmsPageSecurityZoneUserRole>);
}
/// <summary>
/// Create the Zone entity object for adding record
/// </summary>
/// <param name="controlId"></param>
/// <returns></returns>
protected CmsPageSecurityZone createAddRecord(string controlId)
{
CmsPageSecurityZone data = new CmsPageSecurityZone();
data.StartingPageId = PageUtils.getFromForm(controlId + "addStartingPageId", -999);
data.ZoneName = PageUtils.getFromForm(controlId + "addName", "");
return(data);
}
public void CanFetchByPage()
{
CmsPage page = pagerepository.Get(34);
PageSecurityZoneRepository repository = new PageSecurityZoneRepository();
CmsPageSecurityZone zone = repository.fetchByPage(page, true);
Assert.That(zone.Id, Is.EqualTo(1));
}
public void CanFecthByZoneId()
{
PageSecurityZoneRepository repository = new PageSecurityZoneRepository();
CmsPageSecurityZoneDb dboperation = new CmsPageSecurityZoneDb();
CmsPageSecurityZone zone = dboperation.fetch(2);
Assert.That(zone.StartingPage.Id, Is.EqualTo(3));
}
public void CanDeleteByZone()
{
CmsPageSecurityZoneUserRoleDb dboperation = new CmsPageSecurityZoneUserRoleDb();
CmsPageSecurityZone z = new CmsPageSecurityZone(2);
//z.Id = 2;
dboperation.deleteByZone(z);
Assert.That(dboperation.fetchAllByZone(z).Count, Is.EqualTo(0));
}
/// <summary>
/// Create the Zone entity object for updating record
/// </summary>
/// <param name="controlId"></param>
/// <param name="id"></param>
/// <returns></returns>
protected CmsPageSecurityZone createUpdateRecord(string controlId, int id)
{
CmsPageSecurityZone data = new CmsPageSecurityZone();
data.ZoneId = id;
data.StartingPageId = PageUtils.getFromForm(controlId + "startingPageId", -999);
data.ZoneName = PageUtils.getFromForm(controlId + "name", "");
return(data);
}
public void CanQueryByZoneID()
{
PageSecurityZoneUserRoleRepository repository = new PageSecurityZoneUserRoleRepository();
CmsPageSecurityZoneUserRoleDb dboperation = new CmsPageSecurityZoneUserRoleDb();
CmsPageSecurityZone z = new CmsPageSecurityZone(2);
//z.Id = 2;
List <CmsPageSecurityZoneUserRole> resultlist = dboperation.fetchAllByZone(z);
Assert.That(resultlist.Count, Is.EqualTo(2));
}
/// <summary>
/// Create the Zone entity object for adding record
/// </summary>
/// <param name="controlId"></param>
/// <returns></returns>
protected CmsPageSecurityZone createAddRecord(string controlId)
{
CmsPageSecurityZone data = new CmsPageSecurityZone();
int pageid = PageUtils.getFromForm(controlId + "addStartingPageId", -999);
Check.Assert(pageid != -9999);
PageRepository pagerepository = new PageRepository();
data.StartingPage = pagerepository.Get(pageid);
data.ZoneName = PageUtils.getFromForm(controlId + "addName", "");
return(data);
}
/// <summary>
/// Create the Zone entity object for updating record
/// </summary>
/// <param name="controlId"></param>
/// <param name="id"></param>
/// <returns></returns>
protected CmsPageSecurityZone createUpdateRecord(string controlId, int id)
{
CmsPageSecurityZone data = new CmsPageSecurityZone(id);
int formid = PageUtils.getFromForm(controlId + "startingPageId", -999);
Check.Assert(formid != -999);
PageRepository repository = new PageRepository();
data.StartingPage = repository.Get(id);
data.ZoneName = PageUtils.getFromForm(controlId + "name", "");
return(data);
}
public void CanFetchReadAccess()
{
CmsPageSecurityZoneUserRoleDb dboperation = new CmsPageSecurityZoneUserRoleDb();
CmsPageSecurityZone z = new CmsPageSecurityZone(1);
//z.Id = 1;
WebPortalUserRole role1 = new WebPortalUserRole(1, "aa", "despri");
WebPortalUserRole role2 = new WebPortalUserRole(-1, "aa", "despri");
List <WebPortalUserRole> rolelist = new List <WebPortalUserRole>();
rolelist.Add(role1);
rolelist.Add(role2);
Assert.That(dboperation.fetchRoleMatchingCountForRead(z, rolelist.ToArray()), Is.EqualTo(2));
Assert.That(dboperation.fetchRoleMatchingCountForWrite(z, rolelist.ToArray()), Is.EqualTo(1));
}
public int fetchRoleMatchingCountForWrite(CmsPageSecurityZone z, Hatfield.Web.Portal.WebPortalUserRole[] roleArray)
{
List <int> userIdList = new List <int>();
foreach (Hatfield.Web.Portal.WebPortalUserRole webportaluserrole in roleArray)
{
userIdList.Add(webportaluserrole.RoleID);
}
ICriteria criteria = NHibernateSession.Current.CreateCriteria(typeof(CmsPageSecurityZoneUserRole))
.Add(Expression.Eq("Zone.Id", z.Id))
.Add(Expression.Eq("WriteAccess", true))
.Add(Expression.In("UserRoleId", userIdList));
return(criteria.List <CmsPageSecurityZoneUserRole>().Count);
}
/// <summary>
/// Render the table body row
/// </summary>
/// <param name="zone"></param>
/// <param name="roleList"></param>
/// <param name="adminRoleName"></param>
/// <returns></returns>
protected string RenderZoneAuthorityRow(CmsPageSecurityZone zone, List <WebPortalUserRole> roleList, string adminRoleName)
{
int zID = zone.Id;
List <CmsPageSecurityZoneUserRole> authority = roleDb.fetchAllByZone(zone);
Set rSet = new Set();
Set wSet = new Set();
foreach (CmsPageSecurityZoneUserRole z in authority)
{
if (z.ReadAccess)
{
rSet.Add(z.UserRoleId);
}
if (z.WriteAccess)
{
wSet.Add(z.UserRoleId);
}
}
StringBuilder html = new StringBuilder();
html.Append("<td>" + zone.ZoneName + "</td>" + EOL);
foreach (WebPortalUserRole r in roleList)
{
string rID = r.RoleID.ToString();
bool checkR = rSet.Contains(r.RoleID);
bool checkW = wSet.Contains(r.RoleID);
bool disabled = false;
if (r.Name == adminRoleName)
{
checkR = true;
checkW = true;
disabled = true;
}
string htmlInputName = "z" + zID + "r" + rID;
string checkboxR = PageUtils.getCheckboxHtml("", htmlInputName, htmlInputName, "r", checkR, "", disabled);
html.Append("<td style=\"width: 3em;\" align=\"center\">" + checkboxR + "</td>" + EOL);
if (r.RoleID != WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID) // non-public user, show 'update' column
{
string checkboxW = PageUtils.getCheckboxHtml("", htmlInputName, htmlInputName, "w", checkW, "", disabled);
html.Append("<td style=\"width: 3em;\" align=\"center\">" + checkboxW + "</td>" + EOL);
}
}
return(html.ToString());
}
public bool deleteByZone(CmsPageSecurityZone z)
{
List <CmsPageSecurityZoneUserRole> listfetchedbyzone = this.fetchAllByZone(z);
foreach (CmsPageSecurityZoneUserRole entity in listfetchedbyzone)
{
try
{
this.Delete(entity);
}
catch (Exception)
{
return(false);
}
}
return(true);
}
/// <summary>
/// For the default zone, it must start from home page.
/// (i.e. only name can be updated)
/// </summary>
/// <param name="controlId"></param>
/// <param name="id"></param>
/// <returns></returns>
protected bool validateUpdateDefaultZone(string controlId, int id)
{
CmsPageSecurityZone z = zoneDb.fetch(id);
if (z.ZoneId < 0)
{
return(true);
}
if (z.StartingPageId == CmsContext.HomePage.ID && PageUtils.getFromForm(controlId + "startingPageId", -999) != CmsContext.HomePage.ID)
{
return(false);
}
else
{
return(true);
}
}
/// <summary>
/// For the default zone which starting page is
/// the home page, delete is not allowed.
/// </summary>
/// <param name="controlId"></param>
/// <param name="id"></param>
/// <returns></returns>
protected bool validateDeleteDefaultZone(string controlId, int id)
{
CmsPageSecurityZone z = zoneDb.fetch(id);
if (z.ZoneId < 0)
{
return(true);
}
if (z.StartingPageId == CmsContext.HomePage.ID)
{
return(false);
}
else
{
return(true);
}
}
/// <summary>
/// Create the role entity object by reading the html form params
/// </summary>
/// <param name="z"></param>
/// <param name="r"></param>
/// <param name="accessMode"></param>
/// <returns></returns>
protected CmsPageSecurityZoneUserRole createUserRoleEntity(CmsPageSecurityZone z, WebPortalUserRole r, string[] accessMode)
{
CmsPageSecurityZoneUserRole entity = new CmsPageSecurityZoneUserRole(z.Id, r.RoleID);
foreach (string s in accessMode)
{
if (s.ToLower() == "r")
{
entity.ReadAccess = true;
}
if (s.ToLower() == "w")
{
entity.WriteAccess = true;
}
}
if (r.RoleID == WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID)
{
entity.WriteAccess = false;
}
return(entity);
}
public void CanFetchByPage()
{
CmsPage page = pagerepository.Get(1);
PageSecurityZoneRepository repository = new PageSecurityZoneRepository();
CmsPageSecurityZone zone = repository.fetchByPage(page, false);
}
