/// <summary>
/// Verifies the currently logged-on user has permission to specify the <paramref name="mediaObjectPath"/> in this gallery. The
/// path must not be used by any other galleries unless the user is a gallery admin for each of those galleries or a site
/// admin. Returns <c>true</c> if the user has permission; otherwise returns <c>false</c>.
/// </summary>
/// <param name="item">The binding item representing the control being tested.</param>
/// <param name="mediaObjectPath">The relative or full file path the user wishes to use to store media objects, whether they are
/// the original media object files, thumbnails, or optimized image files. Relative paths should be relative
/// to the root of the running application so that, when it is combined with physicalAppPath parameter, it creates a valid path.
/// Examples: "C:\inetpub\wwwroot\galleryserverpro\myimages\", "C:/inetpub/wwwroot/galleryserverpro/myimages",
/// "\myimages\", "\myimages", "myimages\", "myimages", "/myimages/", "/myimages"</param>
/// <returns>
/// Returns <c>true</c> if the user has permission; otherwise returns <c>false</c>.
/// </returns>
private bool ValidateUserHasPermissionToSpecifyPath(GalleryServerPro.WebControls.wwDataBindingItem item, string mediaObjectPath)
{
if (UserCanAdministerSite)
{
return(true); // Site admins always have permission.
}
if (!UserCanAdministerGallery)
{
return(false); // Must be at least a gallery admin. Kind of a redundant test but we include it for extra safety.
}
string fullMediaObjectPath = HelperFunctions.CalculateFullPath(AppSetting.Instance.PhysicalApplicationPath, mediaObjectPath);
bool isValid = true;
// Get a list of galleries the current user is a gallery admin for.
IGalleryCollection adminGalleries = UserController.GetGalleriesCurrentUserCanAdminister();
// Iterate through each gallery and check to see if the path is used in it.
foreach (IGallery gallery in Factory.LoadGalleries())
{
if (gallery.GalleryId == GalleryId)
{
continue; // No need to evaluate the current gallery
}
IGallerySettings gallerySettings = Factory.LoadGallerySetting(gallery.GalleryId);
if ((fullMediaObjectPath.Equals(gallerySettings.FullMediaObjectPath, StringComparison.OrdinalIgnoreCase)) ||
(fullMediaObjectPath.Equals(gallerySettings.FullThumbnailPath, StringComparison.OrdinalIgnoreCase)) ||
(fullMediaObjectPath.Equals(gallerySettings.FullOptimizedPath, StringComparison.OrdinalIgnoreCase)))
{
// We found another gallery that is using this path. This is not valid unless the user is a gallery admin for it.
if (!adminGalleries.Contains(gallery))
{
isValid = false;
item.BindingErrorMessage = String.Format(CultureInfo.CurrentCulture, Resources.GalleryServerPro.Admin_MediaObjects_MO_Path_Used_By_Another_Gallery, mediaObjectPath);
}
}
}
return(isValid);
}
