/// <summary>
 ///     Initializes a new instance of the <see cref="ContentPermissionsResourceHandler" /> class.
 /// </summary>
 /// <param name="backOfficeSecurityAccessor">Accessor for back-office security.</param>
 /// <param name="contentPermissions">Helper for content authorization checks.</param>
 public ContentPermissionsResourceHandler(
     IBackOfficeSecurityAccessor backOfficeSecurityAccessor,
     ContentPermissions contentPermissions)
 {
     _backOfficeSecurityAccessor = backOfficeSecurityAccessor;
     _contentPermissions         = contentPermissions;
 }
        /// <summary>
        /// Returns a <see cref="TreeNode"/> for the <see cref="IUmbracoEntity"/> and
        /// attaches some meta data to the node if the user doesn't have start node access to it when in dialog mode
        /// </summary>
        /// <param name="e"></param>
        /// <param name="parentId"></param>
        /// <param name="queryStrings"></param>
        /// <returns></returns>
        internal TreeNode GetSingleTreeNodeWithAccessCheck(IEntitySlim e, string parentId, FormCollection queryStrings,
                                                           int[] startNodeIds, string[] startNodePaths)
        {
            var entityIsAncestorOfStartNodes = ContentPermissions.IsInBranchOfStartNode(e.Path, startNodeIds, startNodePaths, out var hasPathAccess);
            var ignoreUserStartNodes         = IgnoreUserStartNodes(queryStrings);

            if (ignoreUserStartNodes == false && entityIsAncestorOfStartNodes == false)
            {
                return(null);
            }

            var treeNode = GetSingleTreeNode(e, parentId, queryStrings);

            if (treeNode == null)
            {
                //this means that the user has NO access to this node via permissions! They at least need to have browse permissions to see
                //the node so we need to return null;
                return(null);
            }
            if (!ignoreUserStartNodes && !hasPathAccess)
            {
                treeNode.AdditionalData["noAccess"] = true;
            }
            return(treeNode);
        }
Пример #3
0
    public void Access_To_Recycle_Bin_By_Permission()
    {
        // Arrange
        var user = CreateUser();

        var userServiceMock = new Mock <IUserService>();
        var permissions     = new EntityPermissionCollection {
            new(9876, 1234, new[] { "A" })
        };
        var permissionSet = new EntityPermissionSet(-20, permissions);

        userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet);
        var userService        = userServiceMock.Object;
        var entityServiceMock  = new Mock <IEntityService>();
        var entityService      = entityServiceMock.Object;
        var contentServiceMock = new Mock <IContentService>();
        var contentService     = contentServiceMock.Object;
        var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

        // Act
        var result = contentPermissions.CheckPermissions(-20, user, out IContent _, new[] { 'A' });

        // Assert
        Assert.AreEqual(ContentPermissions.ContentAccess.Granted, result);
    }
        private Attempt <string?> AuthorizePath(IUser currentUser, IEnumerable <int>?startContentIds, IEnumerable <int>?startMediaIds)
        {
            if (startContentIds != null)
            {
                foreach (var contentId in startContentIds)
                {
                    if (contentId == Constants.System.Root)
                    {
                        var hasAccess = ContentPermissions.HasPathAccess("-1", currentUser.CalculateContentStartNodeIds(_entityService, _appCaches), Constants.System.RecycleBinContent);
                        if (hasAccess == false)
                        {
                            return(Attempt.Fail("The current user does not have access to the content root"));
                        }
                    }
                    else
                    {
                        var content = _contentService.GetById(contentId);
                        if (content == null)
                        {
                            continue;
                        }
                        var hasAccess = currentUser.HasPathAccess(content, _entityService, _appCaches);
                        if (hasAccess == false)
                        {
                            return(Attempt.Fail("The current user does not have access to the content path " + content.Path));
                        }
                    }
                }
            }

            if (startMediaIds != null)
            {
                foreach (var mediaId in startMediaIds)
                {
                    if (mediaId == Constants.System.Root)
                    {
                        var hasAccess = ContentPermissions.HasPathAccess("-1", currentUser.CalculateMediaStartNodeIds(_entityService, _appCaches), Constants.System.RecycleBinMedia);
                        if (hasAccess == false)
                        {
                            return(Attempt.Fail("The current user does not have access to the media root"));
                        }
                    }
                    else
                    {
                        var media = _mediaService.GetById(mediaId);
                        if (media == null)
                        {
                            continue;
                        }
                        var hasAccess = currentUser.HasPathAccess(media, _entityService, _appCaches);
                        if (hasAccess == false)
                        {
                            return(Attempt.Fail("The current user does not have access to the media path " + media.Path));
                        }
                    }
                }
            }

            return(Attempt <string?> .Succeed());
        }
        public void No_Access_To_Recycle_Bin_By_Permission()
        {
            // Arrange
            IUser user = CreateUser(withUserGroup: false);

            var userServiceMock = new Mock <IUserService>();
            var permissions     = new EntityPermissionCollection
            {
                new EntityPermission(9876, 1234, new string[] { "A" })
            };
            var permissionSet = new EntityPermissionSet(1234, permissions);

            userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet);
            IUserService    userService        = userServiceMock.Object;
            var             entityServiceMock  = new Mock <IEntityService>();
            IEntityService  entityService      = entityServiceMock.Object;
            var             contentServiceMock = new Mock <IContentService>();
            IContentService contentService     = contentServiceMock.Object;
            var             contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

            // Act
            ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(-20, user, out IContent foundContent, new[] { 'B' });

            // Assert
            Assert.AreEqual(ContentPermissions.ContentAccess.Denied, result);
        }
Пример #6
0
    public void Access_Allowed_By_Permission()
    {
        // Arrange
        var user        = CreateUser(9);
        var contentMock = new Mock <IContent>();

        contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
        var content            = contentMock.Object;
        var contentServiceMock = new Mock <IContentService>();

        contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
        var contentService = contentServiceMock.Object;
        var permissions    = new EntityPermissionCollection {
            new(9876, 1234, new[] { "A", "F", "C" })
        };
        var permissionSet   = new EntityPermissionSet(1234, permissions);
        var userServiceMock = new Mock <IUserService>();

        userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet);
        var userService        = userServiceMock.Object;
        var entityServiceMock  = new Mock <IEntityService>();
        var entityService      = entityServiceMock.Object;
        var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

        // Act
        var result = contentPermissions.CheckPermissions(1234, user, out IContent _, new[] { 'F' });

        // Assert
        Assert.AreEqual(ContentPermissions.ContentAccess.Granted, result);
    }
        public void No_Content_Found()
        {
            // Arrange
            IUser user        = CreateUser(id: 9);
            var   contentMock = new Mock <IContent>();

            contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
            IContent content            = contentMock.Object;
            var      contentServiceMock = new Mock <IContentService>();

            contentServiceMock.Setup(x => x.GetById(0)).Returns(content);
            IContentService contentService  = contentServiceMock.Object;
            var             userServiceMock = new Mock <IUserService>();
            var             permissions     = new EntityPermissionCollection();
            var             permissionSet   = new EntityPermissionSet(1234, permissions);

            userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet);
            IUserService   userService        = userServiceMock.Object;
            var            entityServiceMock  = new Mock <IEntityService>();
            IEntityService entityService      = entityServiceMock.Object;
            var            contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

            // Act
            ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(1234, user, out IContent foundContent, new[] { 'F' });

            // Assert
            Assert.AreEqual(ContentPermissions.ContentAccess.NotFound, result);
        }
        public void No_Access_By_Path()
        {
            // Arrange
            IUser user        = CreateUser(id: 9, startContentId: 9876);
            var   contentMock = new Mock <IContent>();

            contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
            IContent content            = contentMock.Object;
            var      contentServiceMock = new Mock <IContentService>();

            contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
            IContentService contentService  = contentServiceMock.Object;
            var             userServiceMock = new Mock <IUserService>();
            var             permissions     = new EntityPermissionCollection();
            var             permissionSet   = new EntityPermissionSet(1234, permissions);

            userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234")).Returns(permissionSet);
            IUserService userService       = userServiceMock.Object;
            var          entityServiceMock = new Mock <IEntityService>();

            entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny <UmbracoObjectTypes>(), It.IsAny <int[]>()))
            .Returns(new[] { Mock.Of <TreeEntityPath>(entity => entity.Id == 9876 && entity.Path == "-1,9876") });
            IEntityService entityService      = entityServiceMock.Object;
            var            contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

            // Act
            ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(1234, user, out IContent foundContent, new[] { 'F' });

            // Assert
            Assert.AreEqual(ContentPermissions.ContentAccess.Denied, result);
        }
        private ContentPermissionsResourceHandler CreateHandler(int nodeId, string[] permissionsForPath)
        {
            Mock <IBackOfficeSecurityAccessor> mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor();
            ContentPermissions contentPermissions = CreateContentPermissions(nodeId, permissionsForPath);

            return(new ContentPermissionsResourceHandler(mockBackOfficeSecurityAccessor.Object, contentPermissions));
        }
Пример #10
0
 public static bool HasMediaPathAccess(this IUser user, IUmbracoEntity entity, IEntityService entityService, AppCaches appCaches)
 {
     if (entity == null)
     {
         throw new ArgumentNullException(nameof(entity));
     }
     return(ContentPermissions.HasPathAccess(entity.Path, user.CalculateMediaStartNodeIds(entityService, appCaches), Constants.System.RecycleBinMedia));
 }
Пример #11
0
 public static bool HasPathAccess(this IUser user, IContent content, IEntityService entityService, AppCaches appCaches)
 {
     if (content == null)
     {
         throw new ArgumentNullException(nameof(content));
     }
     return(ContentPermissions.HasPathAccess(content.Path, user.CalculateContentStartNodeIds(entityService, appCaches), Constants.System.RecycleBinContent));
 }
Пример #12
0
        private ContentPermissionsQueryStringHandler CreateHandler(IHttpContextAccessor httpContextAccessor, int nodeId, string[] permissionsForPath)
        {
            Mock <IBackOfficeSecurityAccessor> mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor();
            Mock <IEntityService> mockEntityService  = CreateMockEntityService();
            ContentPermissions    contentPermissions = CreateContentPermissions(mockEntityService.Object, nodeId, permissionsForPath);

            return(new ContentPermissionsQueryStringHandler(mockBackOfficeSecurityAccessor.Object, httpContextAccessor, mockEntityService.Object, contentPermissions));
        }
        private ContentPermissionsPublishBranchHandler CreateHandler(IUserService userService, int nodeId)
        {
            Mock <IEntityService> mockEntityService  = CreateMockEntityService();
            ContentPermissions    contentPermissions = CreateContentPermissions(mockEntityService.Object, userService, nodeId);
            Mock <IBackOfficeSecurityAccessor> mockBackOfficeSecurityAccessor = CreateMockBackOfficeSecurityAccessor();

            return(new ContentPermissionsPublishBranchHandler(mockEntityService.Object, contentPermissions, mockBackOfficeSecurityAccessor.Object));
        }
Пример #14
0
 /// <summary>
 ///     Initializes a new instance of the <see cref="ContentPermissionsPublishBranchHandler" /> class.
 /// </summary>
 /// <param name="entityService">Service for entity operations.</param>
 /// <param name="contentPermissions">per for user content authorization checks.</param>
 /// <param name="backOfficeSecurityAccessor">Accessor for back-office security.</param>
 public ContentPermissionsPublishBranchHandler(
     IEntityService entityService,
     ContentPermissions contentPermissions,
     IBackOfficeSecurityAccessor backOfficeSecurityAccessor)
 {
     _entityService = entityService;
     _contentPermissions = contentPermissions;
     _backOfficeSecurityAccessor = backOfficeSecurityAccessor;
 }
Пример #15
0
        internal void FilterBasedOnStartNode(IList items, IUser user)
        {
            var toRemove = new List <dynamic>();

            foreach (dynamic item in items)
            {
                var hasPathAccess = (item != null && ContentPermissions.HasPathAccess(item?.Path, GetUserStartNodes(user), RecycleBinId));
                if (hasPathAccess == false)
                {
                    toRemove.Add(item);
                }
            }

            foreach (var item in toRemove)
            {
                items.Remove(item);
            }
        }
        public void Access_To_Recycle_Bin_By_Path()
        {
            // Arrange
            IUser           user = CreateUser();
            var             contentServiceMock = new Mock <IContentService>();
            IContentService contentService     = contentServiceMock.Object;
            var             userServiceMock    = new Mock <IUserService>();
            IUserService    userService        = userServiceMock.Object;
            var             entityServiceMock  = new Mock <IEntityService>();
            IEntityService  entityService      = entityServiceMock.Object;
            var             contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

            // Act
            ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(-20, user, out IContent _);

            // Assert
            Assert.AreEqual(ContentPermissions.ContentAccess.Granted, result);
        }
Пример #17
0
 public PublicContent(String MemberID, ContentPermissions ContentPermissions, List<String> InterestID, ContentType ContentType)
 {
     this.MemberID = MemberID;
     this.Creater = new Creater.Creater(MemberID);
     this.ContentPermissions = ContentPermissions;
     this.MyFriends = ContentProvider.getMyFriends(MemberID);
     this.City = this.Creater.City.Split('|')[this.Creater.City.Split('|').Length - 1];
     this.Sex = this.Creater.Sex == 1 ? BiZ.Content.SexType.Boy : BiZ.Content.SexType.Girl;
     this.InterestID = InterestID;
     this.ContentType = ContentType;
     this.CreatedTime = DateTime.Now;
     this.UpdateTime = DateTime.Now;
     this.AnswerCount = 0;
     this.AnswerList = new List<Comment.Comment>();
     this.LikeCount = 0;
     this.LikeList = new List<BiZ.Like.LikeMember>();
     this.DeleteFlag = Comm.DeletedFlag.No;
 }
Пример #18
0
 public InterViewContent(String MemberID, ContentPermissions ContentPermissions, List<String> InterestID, IList<InterView.InterView> InterviewList)
 {
     PublicContent obj = new PublicContent(MemberID, ContentPermissions, InterestID, ContentType.InterView);
     this.MemberID = obj.MemberID;
     this.Creater = obj.Creater;
     this.ContentPermissions = obj.ContentPermissions;
     this.MyFriends = obj.MyFriends;
     this.City = obj.City;
     this.Sex = obj.Sex;
     this.InterestID = obj.InterestID;
     this.ContentType = obj.ContentType;
     this.CreatedTime = obj.CreatedTime;
     this.UpdateTime = obj.UpdateTime;
     this.AnswerCount = obj.AnswerCount;
     this.AnswerList = obj.AnswerList;
     this.LikeCount = obj.LikeCount;
     this.LikeList = obj.LikeList;
     this.DeleteFlag = obj.DeleteFlag;
     this.InterviewList = InterviewList;
 }
        public void No_Access_To_Recycle_Bin_By_Path()
        {
            // Arrange
            IUser           user = CreateUser(startContentId: 1234);
            var             contentServiceMock = new Mock <IContentService>();
            IContentService contentService     = contentServiceMock.Object;
            var             userServiceMock    = new Mock <IUserService>();
            IUserService    userService        = userServiceMock.Object;
            var             entityServiceMock  = new Mock <IEntityService>();

            entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny <UmbracoObjectTypes>(), It.IsAny <int[]>()))
            .Returns(new[] { Mock.Of <TreeEntityPath>(entity => entity.Id == 1234 && entity.Path == "-1,1234") });
            IEntityService entityService      = entityServiceMock.Object;
            var            contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

            // Act
            ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(-20, user, out IContent foundContent);

            // Assert
            Assert.AreEqual(ContentPermissions.ContentAccess.Denied, result);
        }
Пример #20
0
 public MemberContent(String MemberID, ContentPermissions ContentPermissions, List<String> InterestID, Double Lat, Double Lng, String Type)
 {
     PublicContent obj = new PublicContent(MemberID, ContentPermissions, InterestID, ContentType.Member);
     this.MemberID = obj.MemberID;
     this.Creater = obj.Creater;
     this.ContentPermissions = obj.ContentPermissions;
     this.MyFriends = obj.MyFriends;
     this.City = obj.City;
     this.Sex = obj.Sex;
     this.InterestID = obj.InterestID;
     this.ContentType = obj.ContentType;
     this.CreatedTime = obj.CreatedTime;
     this.UpdateTime = obj.UpdateTime;
     this.AnswerCount = obj.AnswerCount;
     this.AnswerList = obj.AnswerList;
     this.LikeCount = obj.LikeCount;
     this.LikeList = obj.LikeList;
     this.DeleteFlag = obj.DeleteFlag;
     this.Lat = Lat;
     this.Lng = Lng;
     this.Type = Type;
 }
Пример #21
0
 public SuiSuiNianContent(String MemberID, ContentPermissions ContentPermissions, List<String> InterestID, String Content, List<Image> ImageList, ImageLayoutType LayOutType, String Type)
 {
     PublicContent obj = new PublicContent(MemberID, ContentPermissions, InterestID, ContentType.SuiSuiNian);
     this.MemberID = obj.MemberID;
     this.Creater = obj.Creater;
     this.ContentPermissions = obj.ContentPermissions;
     this.MyFriends = obj.MyFriends;
     this.City = obj.City;
     this.Sex = obj.Sex;
     this.InterestID = obj.InterestID;
     this.ContentType = obj.ContentType;
     this.CreatedTime = obj.CreatedTime;
     this.UpdateTime = obj.UpdateTime;
     this.AnswerCount = obj.AnswerCount;
     this.AnswerList = obj.AnswerList;
     this.LikeCount = obj.LikeCount;
     this.LikeList = obj.LikeList;
     this.DeleteFlag = obj.DeleteFlag;
     this.Content = Content;
     this.ImageList = ImageList;
     this.LayOutType = LayOutType;
     this.Type = Type;
 }
        public void Access_Allowed_By_Path()
        {
            // Arrange
            IUser user        = CreateUser(id: 9);
            var   contentMock = new Mock <IContent>();

            contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
            IContent content            = contentMock.Object;
            var      contentServiceMock = new Mock <IContentService>();

            contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
            IContentService contentService     = contentServiceMock.Object;
            var             entityServiceMock  = new Mock <IEntityService>();
            IEntityService  entityService      = entityServiceMock.Object;
            var             userServiceMock    = new Mock <IUserService>();
            IUserService    userService        = userServiceMock.Object;
            var             contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled);

            // Act
            ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(1234, user, out IContent foundContent);

            // Assert
            Assert.AreEqual(ContentPermissions.ContentAccess.Granted, result);
        }
Пример #23
0
 internal static bool HasContentBinAccess(this IUser user, IEntityService entityService, AppCaches appCaches)
 {
     return(ContentPermissions.HasPathAccess(Constants.System.RecycleBinContentString, user.CalculateContentStartNodeIds(entityService, appCaches), Constants.System.RecycleBinContent));
 }
Пример #24
0
 internal static bool HasMediaBinAccess(this IUser user, IEntityService entityService, AppCaches appCaches) =>
 ContentPermissions.HasPathAccess(
     Constants.System.RecycleBinMediaString,
     user.CalculateMediaStartNodeIds(entityService, appCaches),
     Constants.System.RecycleBinMedia);
Пример #25
0
 /// <summary>
 ///     Initializes a new instance of the <see cref="ContentPermissionsQueryStringHandler" /> class.
 /// </summary>
 /// <param name="backOfficeSecurityAccessor">Accessor for back-office security.</param>
 /// <param name="httpContextAccessor">Accessor for the HTTP context of the current request.</param>
 /// <param name="entityService">Service for entity operations.</param>
 /// <param name="contentPermissions">Helper for content authorization checks.</param>
 public ContentPermissionsQueryStringHandler(
     IBackOfficeSecurityAccessor backOfficeSecurityAccessor,
     IHttpContextAccessor httpContextAccessor,
     IEntityService entityService,
     ContentPermissions contentPermissions)
     : base(backOfficeSecurityAccessor, httpContextAccessor, entityService) =>