public static bool HasEditPermissions(int ModuleId) { return (ModulePermissionController.HasModulePermission( new ModulePermissionCollection(CBO.FillCollection(DataProvider.Instance().GetModulePermissionsByModuleID(ModuleId, -1), typeof(ModulePermissionInfo))), "EDIT")); }
public static bool HasEditPermissions(ModulePermissionCollection objModulePermissions) { return(ModulePermissionController.HasModulePermission(objModulePermissions, "EDIT")); }
protected override void OnLoad(EventArgs e) { base.OnLoad(e); try { cancelHyperLink.NavigateUrl = ReturnURL; if (_moduleId != -1) { ctlAudit.Entity = Module; } if (Page.IsPostBack == false) { ctlIcon.FileFilter = Globals.glbImageFileTypes; dgPermissions.TabId = PortalSettings.ActiveTab.TabID; dgPermissions.ModuleID = _moduleId; var tabsByModule = TabController.Instance.GetTabsByModuleID(_moduleId); tabsByModule.Remove(TabId); dgOnTabs.DataSource = tabsByModule.Values; dgOnTabs.DataBind(); cboTab.DataSource = TabController.GetPortalTabs(PortalId, -1, false, Null.NullString, true, false, true, false, true); cboTab.DataBind(); //if tab is a host tab, then add current tab if (Globals.IsHostTab(PortalSettings.ActiveTab.TabID)) { cboTab.InsertItem(0, PortalSettings.ActiveTab.LocalizedTabName, PortalSettings.ActiveTab.TabID.ToString()); } if (Module != null) { if (cboTab.FindItemByValue(Module.TabID.ToString()) == null) { var objTab = TabController.Instance.GetTab(Module.TabID, Module.PortalID, false); cboTab.AddItem(objTab.LocalizedTabName, objTab.TabID.ToString()); } } //only Portal Administrators can manage the visibility on all Tabs var isAdmin = PermissionProvider.Instance().IsPortalEditor(); rowAllTabs.Visible = isAdmin; chkAllModules.Enabled = isAdmin; if (HideCancelButton) { cancelHyperLink.Visible = false; } //tab administrators can only manage their own tab if (!TabPermissionController.CanAdminPage()) { chkNewTabs.Enabled = false; chkDefault.Enabled = false; chkAllowIndex.Enabled = false; cboTab.Enabled = false; } if (_moduleId != -1) { BindData(); cmdDelete.Visible = (ModulePermissionController.CanDeleteModule(Module) || TabPermissionController.CanAddContentToPage()) && !HideDeleteButton; } else { isShareableCheckBox.Checked = true; isShareableViewOnlyCheckBox.Checked = true; isShareableRow.Visible = true; cboVisibility.SelectedIndex = 0; //maximized chkAllTabs.Checked = false; cmdDelete.Visible = false; } if (Module != null) { cmdUpdate.Visible = ModulePermissionController.HasModulePermission(Module.ModulePermissions, "EDIT,MANAGE") || TabPermissionController.CanAddContentToPage(); permissionsRow.Visible = ModulePermissionController.CanAdminModule(Module) || TabPermissionController.CanAddContentToPage(); } //Set visibility of Specific Settings if (SettingsControl == null == false) { //Get the module settings from the PortalSettings and pass the //two settings hashtables to the sub control to process SettingsControl.LoadSettings(); specificSettingsTab.Visible = true; fsSpecific.Visible = true; } else { specificSettingsTab.Visible = false; fsSpecific.Visible = false; } if (Module != null) { termsSelector.PortalId = Module.PortalID; termsSelector.Terms = Module.Terms; } termsSelector.DataBind(); } if (Module != null) { cultureLanguageLabel.Language = Module.CultureCode; } } catch (Exception exc) { Exceptions.ProcessModuleLoadException(this, exc); } }
/// <summary> /// Page_Load runs when the control is loaded /// </summary> /// <remarks> /// </remarks> /// <history> /// [cnurse] 10/18/2004 documented /// [cnurse] 10/19/2004 modified to support custm module specific settings /// [vmasanas] 11/28/2004 modified to support modules in admin tabs /// </history> protected override void OnLoad(EventArgs e) { base.OnLoad(e); chkAllTabs.CheckedChanged += OnAllTabsCheckChanged; chkInheritPermissions.CheckedChanged += OnInheritPermissionsChanged; chkWebSlice.CheckedChanged += OnWebSliceCheckChanged; cboCacheProvider.TextChanged += OnCacheProviderIndexChanged; cmdDelete.Click += OnDeleteClick; cmdUpdate.Click += OnUpdateClick; dgOnTabs.NeedDataSource += OnPagesGridNeedDataSource; try { cancelHyperLink.NavigateUrl = Globals.NavigateURL(); if (_moduleId != -1) { ctlAudit.Entity = Module; } if (Page.IsPostBack == false) { ctlIcon.FileFilter = Globals.glbImageFileTypes; dgPermissions.TabId = PortalSettings.ActiveTab.TabID; dgPermissions.ModuleID = _moduleId; cboTab.DataSource = TabController.GetPortalTabs(PortalId, -1, false, Null.NullString, true, false, true, false, true); cboTab.DataBind(); //if tab is a host tab, then add current tab if (Globals.IsHostTab(PortalSettings.ActiveTab.TabID)) { cboTab.Items.Insert(0, new ListItem(PortalSettings.ActiveTab.LocalizedTabName, PortalSettings.ActiveTab.TabID.ToString())); } if (Module != null) { //parent tab might not be loaded in cbotab if user does not have edit rights on it if (cboTab.Items.FindByValue(Module.TabID.ToString()) == null) { var objtabs = new TabController(); var objTab = objtabs.GetTab(Module.TabID, Module.PortalID, false); cboTab.Items.Add(new ListItem(objTab.LocalizedTabName, objTab.TabID.ToString())); } } //only Portal Administrators can manage the visibility on all Tabs rowAllTabs.Visible = PortalSecurity.IsInRole("Administrators"); //tab administrators can only manage their own tab if (!TabPermissionController.CanAdminPage()) { chkNewTabs.Enabled = false; chkDefault.Enabled = false; chkAllModules.Enabled = false; chkSearchOnce.Enabled = false; cboTab.Enabled = false; } if (_moduleId != -1) { BindData(); cmdDelete.Visible = ModulePermissionController.CanDeleteModule(Module) || TabPermissionController.CanAddContentToPage(); } else { cboVisibility.SelectedIndex = 0; //maximized chkAllTabs.Checked = false; chkSearchOnce.Checked = false; cmdDelete.Visible = false; } cmdUpdate.Visible = ModulePermissionController.HasModulePermission(Module.ModulePermissions, "EDIT,MANAGE") || TabPermissionController.CanAddContentToPage(); permissionsRow.Visible = ModulePermissionController.CanAdminModule(Module) || TabPermissionController.CanAddContentToPage(); //Set visibility of Specific Settings if (SettingsControl == null == false) { //Get the module settings from the PortalSettings and pass the //two settings hashtables to the sub control to process SettingsControl.LoadSettings(); specificSettingsTab.Visible = true; fsSpecific.Visible = true; } else { specificSettingsTab.Visible = false; fsSpecific.Visible = false; } termsSelector.PortalId = Module.PortalID; termsSelector.Terms = Module.Terms; termsSelector.DataBind(); } cultureLanguageLabel.Language = Module.CultureCode; } catch (Exception exc) { Exceptions.ProcessModuleLoadException(this, exc); } }
/// <summary> /// Determines whether the user has the permission to the module. /// </summary> /// <param name="moduleInfo">The module.</param> /// <param name="permissionKey">The permission's key</param> /// <returns> /// <c>true</c> if the user has the permission to the module; otherwise, <c>false</c>. /// </returns> private static bool HasModulePermission(ModuleInfo moduleInfo, string permissionKey) { return(ModulePermissionController.CanAdminModule(moduleInfo) || ModulePermissionController.HasModulePermission(ModulePermissionController.GetModulePermissions(moduleInfo.ModuleID, moduleInfo.TabID), permissionKey)); }
private void Create_Click(object sender, EventArgs e) { var ps = Security.PortalSecurity.Instance; this.txtGroupName.Text = ps.InputFilter(this.txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoScripting); this.txtGroupName.Text = ps.InputFilter(this.txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoMarkup); this.txtDescription.Text = ps.InputFilter(this.txtDescription.Text, Security.PortalSecurity.FilterFlag.NoScripting); this.txtDescription.Text = ps.InputFilter(this.txtDescription.Text, Security.PortalSecurity.FilterFlag.NoMarkup); if (RoleController.Instance.GetRoleByName(this.PortalId, this.txtGroupName.Text) != null) { this.lblInvalidGroupName.Visible = true; return; } var modRoles = new List <RoleInfo>(); var modUsers = new List <UserInfo>(); foreach (ModulePermissionInfo modulePermissionInfo in ModulePermissionController.GetModulePermissions(this.ModuleId, this.TabId)) { if (modulePermissionInfo.PermissionKey == "MODGROUP" && modulePermissionInfo.AllowAccess) { if (modulePermissionInfo.RoleID > int.Parse(Globals.glbRoleNothing)) { modRoles.Add(RoleController.Instance.GetRoleById(this.PortalId, modulePermissionInfo.RoleID)); } else if (modulePermissionInfo.UserID > Null.NullInteger) { modUsers.Add(UserController.GetUserById(this.PortalId, modulePermissionInfo.UserID)); } } } var roleInfo = new RoleInfo() { PortalID = this.PortalId, RoleName = this.txtGroupName.Text, Description = this.txtDescription.Text, SecurityMode = SecurityMode.SocialGroup, Status = RoleStatus.Approved, IsPublic = this.rdAccessTypePublic.Checked, }; var userRoleStatus = RoleStatus.Pending; if (this.GroupModerationEnabled) { roleInfo.Status = RoleStatus.Pending; userRoleStatus = RoleStatus.Pending; } else { userRoleStatus = RoleStatus.Approved; } var objModulePermissions = new ModulePermissionCollection(CBO.FillCollection(DataProvider.Instance().GetModulePermissionsByModuleID(this.ModuleId, -1), typeof(ModulePermissionInfo))); if (ModulePermissionController.HasModulePermission(objModulePermissions, "MODGROUP")) { roleInfo.Status = RoleStatus.Approved; userRoleStatus = RoleStatus.Approved; } var roleGroupId = this.DefaultRoleGroupId; if (roleGroupId < Null.NullInteger) { roleGroupId = Null.NullInteger; } roleInfo.RoleGroupID = roleGroupId; roleInfo.RoleID = RoleController.Instance.AddRole(roleInfo); roleInfo = RoleController.Instance.GetRoleById(this.PortalId, roleInfo.RoleID); var groupUrl = this._navigationManager.NavigateURL(this.GroupViewTabId, string.Empty, new string[] { "groupid=" + roleInfo.RoleID.ToString() }); if (groupUrl.StartsWith("http://") || groupUrl.StartsWith("https://")) { const int startIndex = 8; // length of https:// groupUrl = groupUrl.Substring(groupUrl.IndexOf("/", startIndex, StringComparison.InvariantCultureIgnoreCase)); } roleInfo.Settings.Add("URL", groupUrl); roleInfo.Settings.Add("GroupCreatorName", this.UserInfo.DisplayName); roleInfo.Settings.Add("ReviewMembers", this.chkMemberApproved.Checked.ToString()); RoleController.Instance.UpdateRoleSettings(roleInfo, true); if (this.inpFile.PostedFile != null && this.inpFile.PostedFile.ContentLength > 0) { IFileManager _fileManager = FileManager.Instance; IFolderManager _folderManager = FolderManager.Instance; var rootFolderPath = PathUtils.Instance.FormatFolderPath(this.PortalSettings.HomeDirectory); IFolderInfo groupFolder = _folderManager.GetFolder(this.PortalSettings.PortalId, "Groups/" + roleInfo.RoleID); if (groupFolder == null) { groupFolder = _folderManager.AddFolder(this.PortalSettings.PortalId, "Groups/" + roleInfo.RoleID); } if (groupFolder != null) { var fileName = Path.GetFileName(this.inpFile.PostedFile.FileName); var fileInfo = _fileManager.AddFile(groupFolder, fileName, this.inpFile.PostedFile.InputStream, true); roleInfo.IconFile = "FileID=" + fileInfo.FileId; RoleController.Instance.UpdateRole(roleInfo); } } var notifications = new Notifications(); RoleController.Instance.AddUserRole(this.PortalId, this.UserId, roleInfo.RoleID, userRoleStatus, true, Null.NullDate, Null.NullDate); if (roleInfo.Status == RoleStatus.Pending) { // Send notification to Group Moderators to approve/reject group. notifications.AddGroupNotification(Constants.GroupPendingNotification, this.GroupViewTabId, this.ModuleId, roleInfo, this.UserInfo, modRoles, modUsers); } else { // Send notification to Group Moderators informing of new group. notifications.AddGroupNotification(Constants.GroupCreatedNotification, this.GroupViewTabId, this.ModuleId, roleInfo, this.UserInfo, modRoles, modUsers); // Add entry to journal. GroupUtilities.CreateJournalEntry(roleInfo, this.UserInfo); } this.Response.Redirect(this.ModuleContext.NavigateUrl(this.TabId, string.Empty, false, null)); }
public ModuleSecurity(ModuleInfo moduleInfo) { ModulePermissionCollection permCollection = moduleInfo.ModulePermissions; _permissionRead = ModulePermissionController.HasModulePermission(permCollection, PermissionRead); }
private bool HasManageUsersModulePermission() { return(ModulePermissionController.HasModulePermission(this.ModuleConfiguration.ModulePermissions, "MANAGEUSER")); }
/// <summary> /// 验证用户有无模块权限 /// </summary> /// <param name="AccessLevel"></param> /// <param name="permissionKey"></param> /// <param name="__ModuleConfiguration"></param> /// <param name="objUser"></param> /// <returns></returns> public static bool HasModuleAccess(SecurityAccessLevel AccessLevel, string permissionKey, ModuleInfo __ModuleConfiguration, UserInfo objUser) { bool blnAuthorized = false; if (objUser != null && objUser.IsSuperUser) { blnAuthorized = true; } else { switch (AccessLevel) { case SecurityAccessLevel.Anonymous: blnAuthorized = true; break; case SecurityAccessLevel.View: if (TabPermissionController.CanViewPage() || ModulePermissionController.CanViewModule(__ModuleConfiguration)) { blnAuthorized = true; } break; case SecurityAccessLevel.Edit: if (TabPermissionController.CanAddContentToPage()) { blnAuthorized = true; } else { if (string.IsNullOrEmpty(permissionKey)) { permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE"; } if (__ModuleConfiguration != null && ModulePermissionController.CanViewModule(__ModuleConfiguration) && (ModulePermissionController.HasModulePermission(__ModuleConfiguration.ModulePermissions, permissionKey) || ModulePermissionController.HasModulePermission(__ModuleConfiguration.ModulePermissions, "EDIT"))) { blnAuthorized = true; } } break; case SecurityAccessLevel.Admin: if (TabPermissionController.CanAddContentToPage()) { blnAuthorized = true; } break; case SecurityAccessLevel.Host: break; } } return(blnAuthorized); }
private void GetPermissions(object sender, EventArgs e) { View.Model.CanEdit = PortalSecurity.HasNecessaryPermission(SecurityAccessLevel.Edit, ModuleContext.PortalSettings, ModuleInfo, ModuleContext.PortalSettings.UserInfo); View.Model.EditEnabled = (ModuleContext.PortalSettings.UserMode != PortalSettings.Mode.View) && View.Model.CanEdit; View.Model.CanSubscribe = ModulePermissionController.HasModulePermission(ModuleInfo.ModulePermissions, PermissionName.HasSubscribePermission); }
/// ----------------------------------------------------------------------------- /// <summary> /// LoadActions loads the Actions collections /// </summary> /// <remarks> /// </remarks> /// <history> /// [cnurse] 01/19/2006 created /// </history> /// ----------------------------------------------------------------------------- private void LoadActions(HttpRequest request) { _actions = new ModuleActionCollection(); _moduleGenericActions = new ModuleAction(GetNextActionID(), Localization.GetString("ModuleGenericActions.Action", Localization.GlobalResourceFile), string.Empty, string.Empty, string.Empty); int maxActionId = Null.NullInteger; //check if module Implements Entities.Modules.IActionable interface var actionable = _moduleControl as IActionable; if (actionable != null) { _moduleSpecificActions = new ModuleAction(GetNextActionID(), Localization.GetString("ModuleSpecificActions.Action", Localization.GlobalResourceFile), string.Empty, string.Empty, string.Empty); ModuleActionCollection moduleActions = actionable.ModuleActions; foreach (ModuleAction action in moduleActions) { if (ModulePermissionController.HasModuleAccess(action.Secure, "CONTENT", Configuration)) { if (String.IsNullOrEmpty(action.Icon)) { action.Icon = "edit.gif"; } if (action.ID > maxActionId) { maxActionId = action.ID; } _moduleSpecificActions.Actions.Add(action); if (!UIUtilities.IsLegacyUI(ModuleId, action.ControlKey, PortalId) && action.Url.Contains("ctl")) { action.ClientScript = UrlUtils.PopUpUrl(action.Url, _moduleControl as Control, PortalSettings, true, false); } } } if (_moduleSpecificActions.Actions.Count > 0) { _actions.Add(_moduleSpecificActions); } } //Make sure the Next Action Id counter is correct int actionCount = GetActionsCount(_actions.Count, _actions); if (_nextActionId < maxActionId) { _nextActionId = maxActionId; } if (_nextActionId < actionCount) { _nextActionId = actionCount; } if (!string.IsNullOrEmpty(Configuration.DesktopModule.BusinessControllerClass)) { //check if module implements IPortable interface, and user has Admin permissions if (Configuration.DesktopModule.IsPortable) { if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "EXPORT", Configuration)) { _moduleGenericActions.Actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ExportModule, Localization.GlobalResourceFile), "", "", "action_export.gif", NavigateUrl(PortalSettings.ActiveTab.TabID, "ExportModule", false, "moduleid=" + ModuleId), "", false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "IMPORT", Configuration)) { _moduleGenericActions.Actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ImportModule, Localization.GlobalResourceFile), "", "", "action_import.gif", NavigateUrl(PortalSettings.ActiveTab.TabID, "ImportModule", false, "moduleid=" + ModuleId), "", false, SecurityAccessLevel.View, true, false); } } if (Configuration.DesktopModule.IsSearchable && Configuration.DisplaySyndicate) { AddSyndicateAction(); } } //help module actions available to content editors and administrators const string permisisonList = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE"; if (Configuration.ModuleID > Null.NullInteger && ModulePermissionController.HasModulePermission(Configuration.ModulePermissions, permisisonList) && request.QueryString["ctl"] != "Help") { AddHelpActions(); } //Add Print Action if (Configuration.DisplayPrint) { //print module action available to everyone AddPrintAction(); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Host, "MANAGE", Configuration)) { _moduleGenericActions.Actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ViewSource, Localization.GlobalResourceFile), ModuleActionType.ViewSource, "", "action_source.gif", NavigateUrl(TabId, "ViewSource", false, "ctlid=" + Configuration.ModuleControlId), false, SecurityAccessLevel.Host, true, false); } if (!Globals.IsAdminControl() && ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE,MANAGE", Configuration)) { if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", Configuration)) { _moduleGenericActions.Actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ModuleSettings, Localization.GlobalResourceFile), ModuleActionType.ModuleSettings, "", "action_settings.gif", NavigateUrl(TabId, "Module", false, "ModuleId=" + ModuleId), false, SecurityAccessLevel.Edit, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE", Configuration)) { _moduleGenericActions.Actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.DeleteModule, Localization.GlobalResourceFile), ModuleActionType.DeleteModule, Configuration.ModuleID.ToString(), "action_delete.gif", "", "confirm('" + ClientAPI.GetSafeJSString(Localization.GetString("DeleteModule.Confirm")) + "')", false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", Configuration)) { _moduleGenericActions.Actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ClearCache, Localization.GlobalResourceFile), ModuleActionType.ClearCache, Configuration.ModuleID.ToString(), "action_refresh.gif", "", false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", Configuration)) { //module movement AddMenuMoveActions(); } } if (_moduleGenericActions.Actions.Count > 0) { _actions.Add(_moduleGenericActions); } if (_moduleMoveActions != null && _moduleMoveActions.Actions.Count > 0) { _actions.Add(_moduleMoveActions); } foreach (ModuleAction action in _moduleGenericActions.Actions) { if (!UIUtilities.IsLegacyUI(ModuleId, action.ControlKey, PortalId) && action.Url.Contains("ctl")) { action.ClientScript = UrlUtils.PopUpUrl(action.Url, _moduleControl as Control, PortalSettings, true, false); } } }
private void LoadActions(HttpRequest Request) { _actions = new ModuleActionCollection(); int maxActionId = Null.NullInteger; IActionable actionable = _moduleControl as IActionable; if (actionable != null) { ModuleActionCollection ModuleActions = actionable.ModuleActions; foreach (ModuleAction action in ModuleActions) { if (ModulePermissionController.HasModuleAccess(action.Secure, "CONTENT", Configuration)) { if (String.IsNullOrEmpty(action.Icon)) { action.Icon = "edit.gif"; } if (action.ID > maxActionId) { maxActionId = action.ID; } _actions.Add(action); } } } int actionCount = GetActionsCount(_actions.Count, _actions); if (_nextActionId < maxActionId) { _nextActionId = maxActionId; } if (_nextActionId < actionCount) { _nextActionId = actionCount; } if (!string.IsNullOrEmpty(Configuration.DesktopModule.BusinessControllerClass)) { if (Configuration.DesktopModule.IsPortable) { if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "EXPORT", Configuration)) { _actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ExportModule, Localization.GlobalResourceFile), "", "", "action_export.gif", Globals.NavigateURL(PortalSettings.ActiveTab.TabID, "ExportModule", "moduleid=" + ModuleId.ToString()), "", false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "IMPORT", Configuration)) { _actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ImportModule, Localization.GlobalResourceFile), "", "", "action_import.gif", Globals.NavigateURL(PortalSettings.ActiveTab.TabID, "ImportModule", "moduleid=" + ModuleId.ToString()), "", false, SecurityAccessLevel.View, true, false); } } if (Configuration.DesktopModule.IsSearchable && Configuration.DisplaySyndicate) { AddSyndicateAction(); } } string permisisonList = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE"; if (Configuration.ModuleID > Null.NullInteger && ModulePermissionController.HasModulePermission(Configuration.ModulePermissions, permisisonList) && Request.QueryString["ctl"] != "Help") { AddHelpActions(); } if (Configuration.DisplayPrint) { AddPrintAction(); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Host, "MANAGE", Configuration)) { _actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ViewSource, Localization.GlobalResourceFile), ModuleActionType.ViewSource, "", "action_source.gif", Globals.NavigateURL(TabId, "ViewSource", "ctlid=" + Configuration.ModuleControlId.ToString()), false, SecurityAccessLevel.Host, true, false); } if (!Globals.IsAdminControl() && ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE,MANAGE", Configuration)) { _actions.Add(GetNextActionID(), "~", "", "", "", "", false, SecurityAccessLevel.Anonymous, true, false); if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", Configuration)) { _actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ModuleSettings, Localization.GlobalResourceFile), ModuleActionType.ModuleSettings, "", "action_settings.gif", Globals.NavigateURL(TabId, "Module", "ModuleId=" + ModuleId.ToString()), false, SecurityAccessLevel.Edit, true, false); } //if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE", Configuration)) //{ // _actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.DeleteModule, Localization.GlobalResourceFile), ModuleActionType.DeleteModule, Configuration.ModuleID.ToString(), "action_delete.gif", "", "confirm('" + CommonLibrary.UI.Utilities.ClientAPI.GetSafeJSString(Localization.GetString("DeleteModule.Confirm")) + "')", false, SecurityAccessLevel.View, true, false); //} if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", Configuration)) { _actions.Add(GetNextActionID(), Localization.GetString(ModuleActionType.ClearCache, Localization.GlobalResourceFile), ModuleActionType.ClearCache, Configuration.ModuleID.ToString(), "action_refresh.gif", "", false, SecurityAccessLevel.View, true, false); AddMenuMoveActions(); } } }
public HttpResponseMessage UserCanEditExample() { ServiceResponse <string> response = null; if (UserInfo.IsSuperUser || UserInfo.IsInRole(PortalSettings.AdministratorRoleName) || ModulePermissionController.HasModulePermission(ActiveModule.ModulePermissions, "Edit")) { response = new ServiceResponse <string>() { Content = Globals.RESPONSE_SUCCESS }; } else { response = new ServiceResponse <string>() { Content = Globals.RESPONSE_FAILURE }; } return(Request.CreateResponse(HttpStatusCode.OK, response.ObjectToJson())); }
public static bool HasEditPermissions(int ModuleId, int Tabid) { return(ModulePermissionController.HasModulePermission(ModulePermissionController.GetModulePermissions(ModuleId, Tabid), "EDIT")); }
protected override void OnInit(EventArgs e) { base.OnInit(e); cmdSearch.Click += OnSearchClick; deleteUnAuthorizedButton.Click += DeleteUnAuthorizedButtonClick; removeDeletedButton.Click += RemoveDeletedButtonClick; grdUsers.ItemDataBound += GrdUsersOnItemDataBound; grdUsers.ItemCommand += GrdUsersOnItemCommand; grdUsers.PreRender += GrdUsersOnPreRender; addUserButton.NavigateUrl = EditUrl("Edit"); if (ModulePermissionController.CanAdminModule(this.ModuleConfiguration)) { addUserButton.Visible = true; removeDeletedButton.Visible = true; deleteUnAuthorizedButton.Visible = true; } InitializeGrid(); if (!IsPostBack) { SetInitialPageSize(); } if (Request.QueryString["filter"] != null) { Filter = Request.QueryString["filter"]; } if (Request.QueryString["filterproperty"] != null) { FilterProperty = Request.QueryString["filterproperty"]; } if (String.IsNullOrEmpty(Filter)) { //Get Default View var setting = UserModuleBase.GetSetting(UsersPortalId, "Display_Mode"); var mode = (DisplayMode)setting; switch (mode) { case DisplayMode.All: Filter = Localization.GetString("All"); break; case DisplayMode.FirstLetter: Filter = Localization.GetString("Filter.Text", LocalResourceFile).Substring(0, 1); break; case DisplayMode.None: Filter = "None"; break; } } foreach (GridColumn column in grdUsers.Columns) { bool isVisible; var header = column.HeaderText; if (String.IsNullOrEmpty(header) || header.ToLower() == "username") { isVisible = true; } else { var settingKey = "Column_" + header; var setting = UserModuleBase.GetSetting(UsersPortalId, settingKey); isVisible = Convert.ToBoolean(setting); } if (ReferenceEquals(column.GetType(), typeof(DnnGridTemplateColumn)) && column.UniqueName == "DeleteActions") { isVisible = ModulePermissionController.HasModulePermission(ModuleConfiguration.ModulePermissions, "EDIT"); } else if (ReferenceEquals(column.GetType(), typeof(DnnGridImageCommandColumn))) { isVisible = ModulePermissionController.HasModulePermission(ModuleConfiguration.ModulePermissions, "EDIT"); var imageColumn = (DnnGridImageCommandColumn)column; //Manage Edit Column NavigateURLFormatString if (imageColumn.CommandName == "Edit") { //so first create the format string with a dummy value and then //replace the dummy value with the FormatString place holder var formatString = EditUrl("UserId", "KEYFIELD", "Edit", UserFilter(false)); formatString = formatString.Replace("KEYFIELD", "{0}"); imageColumn.NavigateURLFormatString = formatString; } //Manage Roles Column NavigateURLFormatString if (imageColumn.CommandName == "UserRoles") { if (IsHostMenu) { isVisible = false; } else { //The Friendly URL parser does not like non-alphanumeric characters //so first create the format string with a dummy value and then //replace the dummy value with the FormatString place holder var formatString = EditUrl("UserId", "KEYFIELD", "User Roles", UserFilter(false)); formatString = formatString.Replace("KEYFIELD", "{0}"); imageColumn.NavigateURLFormatString = formatString; } } //Localize Image Column Text if (!String.IsNullOrEmpty(imageColumn.CommandName)) { imageColumn.Text = Localization.GetString(imageColumn.CommandName, LocalResourceFile); } } column.Visible = isVisible; } }
private bool IsMod() { var objModulePermissions = new ModulePermissionCollection(CBO.FillCollection(DataProvider.Instance().GetModulePermissionsByModuleID(this._moduleId, -1), typeof(ModulePermissionInfo))); return(ModulePermissionController.HasModulePermission(objModulePermissions, "MODGROUP")); }
/// ----------------------------------------------------------------------------- /// <summary> /// LoadActions loads the Actions collections. /// </summary> /// <remarks> /// </remarks> /// ----------------------------------------------------------------------------- private void LoadActions(HttpRequest request) { this._actions = new ModuleActionCollection(); if (this.PortalSettings.IsLocked) { return; } this._moduleGenericActions = new ModuleAction(this.GetNextActionID(), Localization.GetString("ModuleGenericActions.Action", Localization.GlobalResourceFile), string.Empty, string.Empty, string.Empty); int maxActionId = Null.NullInteger; // check if module Implements Entities.Modules.IActionable interface var actionable = this._moduleControl as IActionable; if (actionable != null) { this._moduleSpecificActions = new ModuleAction(this.GetNextActionID(), Localization.GetString("ModuleSpecificActions.Action", Localization.GlobalResourceFile), string.Empty, string.Empty, string.Empty); ModuleActionCollection moduleActions = actionable.ModuleActions; foreach (ModuleAction action in moduleActions) { if (ModulePermissionController.HasModuleAccess(action.Secure, "CONTENT", this.Configuration)) { if (string.IsNullOrEmpty(action.Icon)) { action.Icon = "edit.gif"; } if (action.ID > maxActionId) { maxActionId = action.ID; } this._moduleSpecificActions.Actions.Add(action); if (!UIUtilities.IsLegacyUI(this.ModuleId, action.ControlKey, this.PortalId) && action.Url.Contains("ctl")) { action.ClientScript = UrlUtils.PopUpUrl(action.Url, this._moduleControl as Control, this.PortalSettings, true, false); } } } if (this._moduleSpecificActions.Actions.Count > 0) { this._actions.Add(this._moduleSpecificActions); } } // Make sure the Next Action Id counter is correct int actionCount = GetActionsCount(this._actions.Count, this._actions); if (this._nextActionId < maxActionId) { this._nextActionId = maxActionId; } if (this._nextActionId < actionCount) { this._nextActionId = actionCount; } // Custom injection of Module Settings when shared as ViewOnly if (this.Configuration != null && (this.Configuration.IsShared && this.Configuration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage()) { this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString("ModulePermissions.Action", Localization.GlobalResourceFile), "ModulePermissions", string.Empty, "action_settings.gif", this.NavigateUrl(this.TabId, "ModulePermissions", false, "ModuleId=" + this.ModuleId, "ReturnURL=" + FilterUrl(request)), false, SecurityAccessLevel.ViewPermissions, true, false); } else { if (!Globals.IsAdminControl() && ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE,MANAGE", this.Configuration)) { if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", this.Configuration)) { this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString(ModuleActionType.ModuleSettings, Localization.GlobalResourceFile), ModuleActionType.ModuleSettings, string.Empty, "action_settings.gif", this.NavigateUrl(this.TabId, "Module", false, "ModuleId=" + this.ModuleId, "ReturnURL=" + FilterUrl(request)), false, SecurityAccessLevel.Edit, true, false); } } } if (!string.IsNullOrEmpty(this.Configuration.DesktopModule.BusinessControllerClass)) { // check if module implements IPortable interface, and user has Admin permissions if (this.Configuration.DesktopModule.IsPortable) { if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "EXPORT", this.Configuration)) { this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString(ModuleActionType.ExportModule, Localization.GlobalResourceFile), ModuleActionType.ExportModule, string.Empty, "action_export.gif", this.NavigateUrl(this.PortalSettings.ActiveTab.TabID, "ExportModule", false, "moduleid=" + this.ModuleId, "ReturnURL=" + FilterUrl(request)), string.Empty, false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "IMPORT", this.Configuration)) { this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString(ModuleActionType.ImportModule, Localization.GlobalResourceFile), ModuleActionType.ImportModule, string.Empty, "action_import.gif", this.NavigateUrl(this.PortalSettings.ActiveTab.TabID, "ImportModule", false, "moduleid=" + this.ModuleId, "ReturnURL=" + FilterUrl(request)), string.Empty, false, SecurityAccessLevel.View, true, false); } } if (this.Configuration.DesktopModule.IsSearchable && this.Configuration.DisplaySyndicate) { this.AddSyndicateAction(); } } // help module actions available to content editors and administrators const string permisisonList = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE"; if (ModulePermissionController.HasModulePermission(this.Configuration.ModulePermissions, permisisonList) && request.QueryString["ctl"] != "Help" && !Globals.IsAdminControl()) { this.AddHelpActions(); } // Add Print Action if (this.Configuration.DisplayPrint) { // print module action available to everyone this.AddPrintAction(); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Host, "MANAGE", this.Configuration) && !Globals.IsAdminControl()) { this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString(ModuleActionType.ViewSource, Localization.GlobalResourceFile), ModuleActionType.ViewSource, string.Empty, "action_source.gif", this.NavigateUrl(this.TabId, "ViewSource", false, "ModuleId=" + this.ModuleId, "ctlid=" + this.Configuration.ModuleControlId, "ReturnURL=" + FilterUrl(request)), false, SecurityAccessLevel.Host, true, false); } if (!Globals.IsAdminControl() && ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE,MANAGE", this.Configuration)) { if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "DELETE", this.Configuration)) { // Check if this is the owner instance of a shared module. string confirmText = "confirm('" + ClientAPI.GetSafeJSString(Localization.GetString("DeleteModule.Confirm")) + "')"; if (!this.Configuration.IsShared) { var portal = PortalController.Instance.GetPortal(this.PortalSettings.PortalId); if (PortalGroupController.Instance.IsModuleShared(this.Configuration.ModuleID, portal)) { confirmText = "confirm('" + ClientAPI.GetSafeJSString(Localization.GetString("DeleteSharedModule.Confirm")) + "')"; } } this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString(ModuleActionType.DeleteModule, Localization.GlobalResourceFile), ModuleActionType.DeleteModule, this.Configuration.ModuleID.ToString(), "action_delete.gif", string.Empty, confirmText, false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", this.Configuration)) { this._moduleGenericActions.Actions.Add( this.GetNextActionID(), Localization.GetString(ModuleActionType.ClearCache, Localization.GlobalResourceFile), ModuleActionType.ClearCache, this.Configuration.ModuleID.ToString(), "action_refresh.gif", string.Empty, false, SecurityAccessLevel.View, true, false); } if (ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Admin, "MANAGE", this.Configuration)) { // module movement this.AddMenuMoveActions(); } } if (this._moduleGenericActions.Actions.Count > 0) { this._actions.Add(this._moduleGenericActions); } if (this._moduleMoveActions != null && this._moduleMoveActions.Actions.Count > 0) { this._actions.Add(this._moduleMoveActions); } foreach (ModuleAction action in this._moduleGenericActions.Actions) { if (!UIUtilities.IsLegacyUI(this.ModuleId, action.ControlKey, this.PortalId) && action.Url.Contains("ctl")) { action.ClientScript = UrlUtils.PopUpUrl(action.Url, this._moduleControl as Control, this.PortalSettings, true, false); } } }
public bool HasModulePermission(string PermissionKey) { return(ModulePermissionController.HasModulePermission(ModuleConfiguration.ModulePermissions, PermissionKey)); }
private void Create_Click(object sender, EventArgs e) { RoleController roleController = new RoleController(); Security.PortalSecurity ps = new Security.PortalSecurity(); txtGroupName.Text = ps.InputFilter(txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoScripting); txtGroupName.Text = ps.InputFilter(txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoMarkup); txtDescription.Text = ps.InputFilter(txtDescription.Text, Security.PortalSecurity.FilterFlag.NoScripting); txtDescription.Text = ps.InputFilter(txtDescription.Text, Security.PortalSecurity.FilterFlag.NoMarkup); if (roleController.GetRoleByName(PortalId, txtGroupName.Text) != null) { reqGroupName.Visible = true; return; } List <RoleInfo> modRoles = new List <RoleInfo>(); foreach (ModulePermissionInfo modulePermissionInfo in ModulePermissionController.GetModulePermissions(ModuleId, TabId)) { if (modulePermissionInfo.PermissionKey == "MODGROUP" && modulePermissionInfo.AllowAccess) { modRoles.Add(roleController.GetRole(modulePermissionInfo.RoleID, PortalId)); } } RoleInfo roleInfo = new RoleInfo() { PortalID = PortalId, RoleName = txtGroupName.Text, Description = txtDescription.Text, SecurityMode = SecurityMode.SocialGroup, Status = RoleStatus.Approved, IsPublic = rdAccessTypePublic.Checked }; var userRoleStatus = RoleStatus.Pending; if (GroupModerationEnabled) { roleInfo.Status = RoleStatus.Pending; userRoleStatus = RoleStatus.Pending; } else { userRoleStatus = RoleStatus.Approved; } var objModulePermissions = new ModulePermissionCollection(CBO.FillCollection(DataProvider.Instance().GetModulePermissionsByModuleID(ModuleId, -1), typeof(ModulePermissionInfo))); if (ModulePermissionController.HasModulePermission(objModulePermissions, "MODGROUP")) { roleInfo.Status = RoleStatus.Approved; userRoleStatus = RoleStatus.Approved; } roleInfo.RoleGroupID = DefaultRoleGroupId; roleInfo.RoleID = roleController.AddRole(roleInfo); roleInfo = roleController.GetRole(roleInfo.RoleID, PortalId); roleInfo.Settings.Add("URL", Globals.NavigateURL(GroupViewTabId, "", new String[] { "groupid=" + roleInfo.RoleID.ToString() })); roleInfo.Settings.Add("GroupCreatorName", UserInfo.DisplayName); roleInfo.Settings.Add("ReviewMembers", chkMemberApproved.Checked.ToString()); TestableRoleController.Instance.UpdateRoleSettings(roleInfo, true); if (inpFile.PostedFile.ContentLength > 0) { IFileManager _fileManager = FileManager.Instance; IFolderManager _folderManager = FolderManager.Instance; var rootFolderPath = PathUtils.Instance.FormatFolderPath(PortalSettings.HomeDirectory); IFolderInfo groupFolder = _folderManager.GetFolder(PortalSettings.PortalId, "Groups/" + roleInfo.RoleID); if (groupFolder == null) { groupFolder = _folderManager.AddFolder(PortalSettings.PortalId, "Groups/" + roleInfo.RoleID); } if (groupFolder != null) { var fileName = Path.GetFileName(inpFile.PostedFile.FileName); var fileInfo = _fileManager.AddFile(groupFolder, fileName, inpFile.PostedFile.InputStream, true); roleInfo.IconFile = "FileID=" + fileInfo.FileId; roleController.UpdateRole(roleInfo); } } Components.Notifications notifications = new Components.Notifications(); roleController.AddUserRole(PortalId, UserId, roleInfo.RoleID, userRoleStatus, true, Null.NullDate, Null.NullDate); if (roleInfo.Status == RoleStatus.Pending) { //Send notification to Group Moderators to approve/reject group. notifications.AddGroupNotification(Constants.GroupPendingNotification, GroupViewTabId, ModuleId, roleInfo, UserInfo, modRoles); } else { //Send notification to Group Moderators informing of new group. notifications.AddGroupNotification(Constants.GroupCreatedNotification, GroupViewTabId, ModuleId, roleInfo, UserInfo, modRoles); //Add entry to journal. GroupUtilities.CreateJournalEntry(roleInfo, UserInfo); } Response.Redirect(Globals.NavigateURL(GroupViewTabId, "", new String[] { "groupid=" + roleInfo.RoleID.ToString() })); }