public static bool IsApprover(string username, string ItemId) { bool isApprover = false; if (username == "admin") { isApprover = true; } else { string userId = MembershipManager.GetUserByName(username).Id; IList <Approver> approvers = ApproverManager.GetApproversByItem(ItemId); foreach (Approver approver in approvers) { if ((!string.IsNullOrEmpty(approver.UserId)) && (approver.UserId == userId)) { isApprover = true; } if (string.IsNullOrEmpty(approver.UserId)) { if (!string.IsNullOrEmpty(approver.CategoryId)) { if (SecurityHelper.CanUserEdit(username, approver.CategoryId)) { isApprover = true; } } } } } return(isApprover); }
/// <summary> /// Returns the count of articles in the category. /// </summary> /// <param name="categoryId"></param> /// <param name="pageIdentity"></param> /// <param name="username"></param> /// <returns></returns> public static int CountItems(string categoryId, string pageIdentity, string username) { int itemCount = 0; Category cat = DocoManager.GetCategory(categoryId); if (SecurityHelper.CanUserEdit(pageIdentity, categoryId)) { itemCount = DocoManager.GetArticles(cat, ArticleStatus.All, false).Count; } else if (SecurityHelper.CanUserContribute(pageIdentity, categoryId)) { IList <Article> allAritcles = DocoManager.GetArticles(cat, ArticleStatus.All, false); foreach (Article article in allAritcles) { if (article.Owner.Equals(pageIdentity)) { itemCount++; } } } else if (SecurityHelper.CanUserView(pageIdentity, categoryId)) { //change this in future to see only the published ones!. itemCount = itemCount + DocoManager.GetArticles(cat, ArticleStatus.Approved, false).Count; } return(itemCount); }
protected void listRepeater_ItemDataBound(object sender, RepeaterItemEventArgs e) { if (e.Item.ItemType != ListItemType.Header && e.Item.ItemType != ListItemType.Footer) { var item = e.Item.DataItem as Article; (e.Item.FindControl("imgType") as Image).ImageUrl = Utility.GetImageUrlType(item.FileName.Substring(item.FileName.IndexOf('.') + 1), item.IsUpload); (e.Item.FindControl("imgBtnEdit") as LinkButton).PostBackUrl = GetEditArticleUrl(item.Name, item.Category.Id); if (!SecurityHelper.CanUserEdit(Page.User.Identity.Name, item.Category.Id)) { // Disable the Edit and Delete functionality. var editButton = e.Item.FindControl("imgBtnEdit") as LinkButton; var deleteButton = e.Item.FindControl("imgBtnDel") as LinkButton; if (editButton != null) { editButton.Visible = false; } if (deleteButton != null) { deleteButton.Visible = false; } } } }
private static bool UserCanView(Item item, string username) { bool canView = false; if (SecurityHelper.CanUserEdit(username, item.Category.Id)) { canView = true; } else { if (SecurityHelper.CanUserContribute(username, item.Category.Id)) { if (item.Owner.Equals(username)) { canView = true; } else if (SecurityHelper.CanUserView(username, item.Category.Id)) { if (item.ApprovalStatus.Name.Equals("Published")) { canView = true; } } } else if (SecurityHelper.CanUserView(username, item.Category.Id)) { if (item.ApprovalStatus.Name.Equals("Published")) { canView = true; } } } return(canView); }
protected void RadGrid1_ItemDataBound(object sender, GridItemEventArgs e) { if (e.Item is GridDataItem) { var item = e.Item.DataItem as Article; var gridItem = (GridDataItem)e.Item; //Category var lnkCategory = (HyperLink)gridItem.FindControl("lnkCategory"); lnkCategory.NavigateUrl = Navigation.Doco_ViewCategory(item.Category.Id).GetServerUrl(true); //Ack images. var imgAck = (Image)gridItem["View"].FindControl("imgAck"); imgAck.ImageUrl = Utility.GetTrafficLight(item); //Type images. var imgType = (Image)gridItem["Type"].FindControl("imgType"); imgType.ImageUrl = Utility.GetImageUrlType(item.FileName.Substring(item.FileName.IndexOf('.') + 1), item.IsUpload); //Actions var editButton = (LinkButton)gridItem["Actions"].FindControl("imgBtnEdit"); var deleteButton = (LinkButton)gridItem["Actions"].FindControl("imgBtnDel"); DateTime modifiedDate = DateTime.Parse(gridItem["Date"].Text); gridItem["Date"].Text = modifiedDate.ToString("dd/MM/yy - HH:mm"); gridItem["Author"].Text = Utilities.GetDisplayUserName(item.Author); editButton.CommandArgument = item.Name; editButton.Attributes.Add("catid", item.Category.Id); bool hideActionButtons = false; if (!SecurityHelper.CanUserEdit(Page.User.Identity.Name, item.Category.Id)) { bool canContrib = SecurityHelper.CanUserContribute(Page.User.Identity.Name, item.Category.Id); if (!canContrib) { hideActionButtons = true; } else { if (item.Owner.Equals(Utilities.GetUserName(Page.User.Identity.Name)) == false) { hideActionButtons = true; } } } if (hideActionButtons) { editButton.Visible = false; deleteButton.Visible = false; } } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { ViewState["RefUrl"] = Request.UrlReferrer.ToString(); } //check previous page's URL for the id if Id hasn't been brought forward. //if (Request.UrlReferrer.Query.Contains("id")) // CategoryId = Request.UrlReferrer.Query.Substring(Request.UrlReferrer.Query.IndexOf("id") + 3); //else CategoryId = Request["id"]; //check for id in URL if (!string.IsNullOrEmpty(CategoryId)) { Category category = null; if (!string.IsNullOrEmpty(CategoryId)) { category = NewsManager.GetCategory(CategoryId); } if (!SecurityHelper.CanUserView(User.Identity.Name, category.Id)) { // If the user cannot view the category, then return silently. object refUrl = ViewState["RefUrl"]; if (refUrl != null) { Response.Redirect((string)refUrl); } } lblDisplayName.InnerText = category.Name; var link = new HtmlLink(); link.Href = Navigation.Doco_CategoryRss(CategoryId).GetServerUrl(true); link.Attributes.Add("rel", "alternate"); link.Attributes.Add("type", "application/rss+xml"); link.Attributes.Add("title", "Category " + category.Name + " Announcements"); Header.Controls.Add(link); string url = Navigation.Communication_NewsNewItem(category).GetAbsoluteClientUrl(true); bool access = SecurityHelper.CanUserEdit(Page.User.Identity.Name, category.Id); newLink = new Navigation.NavigateNewItem(url, access); if (category.ParentCategory != null) { lblParentCategoryName.Text = category.ParentCategory.Name; } LoadPermissionsView(); LoadList(category); } }
protected List <RepeaterItem> GetAccessibleList(List <NewsGridItem> gridItems) { List <RepeaterItem> repeaterItemList = new List <RepeaterItem>(); foreach (NewsGridItem gridItem in gridItems) { if (gridItem.NewsItem != null) { if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, gridItem.NewsItem.Category.Id)) { repeaterItemList.Add(new RepeaterItem { NewsGridItem = gridItem, TrafficLightUrl = GetUserStatus(gridItem.NewsItem, gridItem.Draft.GroupId) }); } else { if (SecurityHelper.CanUserContribute(Page.User.Identity.Name, gridItem.NewsItem.Category.Id)) { //only add if the user is the owner if (gridItem.NewsItem.Owner.Equals(Utilities.GetUserName(Page.User.Identity.Name))) { repeaterItemList.Add(new RepeaterItem { NewsGridItem = gridItem, TrafficLightUrl = GetUserStatus(gridItem.NewsItem, gridItem.Draft.GroupId) }); } else if (SecurityHelper.CanUserView(Page.User.Identity.Name, gridItem.NewsItem.Category.Id)) { if (gridItem.NewsItem.ApprovalStatus.Name.Equals("Published")) { repeaterItemList.Add(new RepeaterItem { NewsGridItem = gridItem, TrafficLightUrl = GetUserStatus(gridItem.NewsItem, gridItem.Draft.GroupId) }); } } } else if (SecurityHelper.CanUserView(Page.User.Identity.Name, gridItem.NewsItem.Category.Id)) { if (gridItem.NewsItem.ApprovalStatus.Name.Equals("Published")) { repeaterItemList.Add(new RepeaterItem { NewsGridItem = gridItem, TrafficLightUrl = GetUserStatus(gridItem.NewsItem, gridItem.Draft.GroupId) }); } } } } } return(repeaterItemList); }
private List <HtmlAnchor> CreateContextMenuContent(string categoryId, string categoryName) { List <HtmlAnchor> menu = new List <HtmlAnchor>(); if (MenuMode != TreeMenuMode.Off) { if (MenuMode == TreeMenuMode.Browse) { if (SecurityHelper.CanUserEdit(Username, categoryId) || SecurityHelper.CanUserContribute(Username, categoryId)) { string addNewsItemUrl = Navigation.Communication_NewsNewItem(NewsManager.GetCategory(categoryId)).GetAbsoluteClientUrl(false); HtmlAnchor createAnnItem = new HtmlAnchor { InnerText = "Create Announcement", HRef = addNewsItemUrl }; createAnnItem.Attributes.Add("class", "newAnnounce"); menu.Add(createAnnItem); } } else if (MenuMode == TreeMenuMode.Administration) { if (SecurityHelper.CanUserEdit(Username, categoryId)) { if (categoryName != "All Announcements") { string editNewsCategoryUrl = Navigation.Communication_NewsCategoryEditItem(categoryId).GetClientUrl(this, false); HtmlAnchor editItem = new HtmlAnchor { InnerText = "Edit", HRef = editNewsCategoryUrl }; editItem.Attributes.Add("class", "edit"); menu.Add(editItem); string deleteNewsCategoryHref = String.Format("javascript:deleteNewsCategory(\"{0}\", \"{1}\");", categoryId, categoryName); HtmlAnchor deleteItem = new HtmlAnchor { InnerText = "Delete", HRef = deleteNewsCategoryHref }; deleteItem.Attributes.Add("class", "deleteitem"); menu.Add(deleteItem); } string addNewsCategoryHref = String.Format("javascript:addNewsCategory(\"{0}\", \"{1}\");", categoryId, categoryName); HtmlAnchor addCategory = new HtmlAnchor { InnerText = "Add Category", HRef = addNewsCategoryHref }; addCategory.Attributes.Add("class", "addCategory"); menu.Add(addCategory); } } } return(menu); }
public static int CountItems(IList <Item> items, string username) { if (items != null && items.Count > 0) { IList <VersionItem> vItems = new List <VersionItem>(); foreach (Item item1 in items) { VersionItem v = VersionManager.GetVersionByItemId(item1.Id); if (v != null) { VersionItem latest = new VersionItem(); IList <VersionItem> versions = VersionManager.GetAllVersions(v.GroupId); foreach (VersionItem version in versions) { if (VersionManager.IsLatestVersion(version.Id)) { latest = version; } } if (latest == null) { if (SecurityHelper.CanUserEdit(username, item1.Category.Id) || SecurityHelper.CanUserContribute(username, item1.Category.Id)) { vItems.Add(v); } } else { Item item2 = NewsManager.GetItem(latest.ItemId); if ((SecurityHelper.CanUserView(username, item2.Category.Id) && item2.ApprovalStatus.Name == "Published") || (SecurityHelper.CanUserContribute(username, item2.Category.Id) && item2.Owner.ToLower() == username.ToLower()) || (SecurityHelper.CanUserEdit(username, item2.Category.Id))) { if (item1.Category.Id == item2.Category.Id) { vItems.Add(v); } } } } } IEnumerable <VersionItem> disItems = vItems.Distinct(new KeyEqualityComparer <VersionItem>(x => x.GroupId)); return(disItems.Count()); } return(0); }
public static Navigation.NavigateNewItem wmCheckEditAccess() { bool access = false; string URL = string.Empty; string categoryId = HttpContext.Current.Request.QueryString["id"]; string userName = HttpContext.Current.User.Identity.Name; if (!string.IsNullOrEmpty(categoryId) && (SecurityHelper.CanUserEdit(userName, categoryId))) { Category category = NewsManager.GetCategory(categoryId); URL = Navigation.Communication_NewsNewItem(category).GetAbsoluteClientUrl(true); access = true; } return(new Navigation.NavigateNewItem(URL, access)); }
protected string DeleteDocument(string docId) { try { Article article = DocoManager.GetArticle(docId); if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, article.Category.Id)) { return(DocoManager.DeleteArticle(article)); } else { throw new InvalidPermissionException("delete article"); } } catch (Exception ex) { throw ex; } }
private bool UserHasPermission(string categoryId) { Category cat = NewsManager.GetCategory(categoryId); bool UserCanView = (cat.Name.Equals("All Announcements")) ? true : SecurityHelper.CanUserView(Username, categoryId); bool UserCanEdit = (cat.Name.Equals("All Announcements")) ? true : SecurityHelper.CanUserEdit(Username, categoryId); bool UserCanContribute = (cat.Name.Equals("All Announcements")) ? true : SecurityHelper.CanUserContribute(Username, categoryId); bool permission = false; if (PermissionMode == TreePermissionMode.View) { permission = (UserCanView || UserCanEdit || UserCanContribute); } else if (PermissionMode == TreePermissionMode.Edit) { permission = (UserCanEdit || UserCanContribute); } return(permission); }
protected List <Article> GetAccessibleList(List <Article> articles) { List <Article> accesibleArticlesList = new List <Article>(); foreach (Article article in articles) { if (article != null) { if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, article.Category.Id)) { accesibleArticlesList.Add(article); } else { if (SecurityHelper.CanUserContribute(Page.User.Identity.Name, article.Category.Id)) { //only add if the user is the owner if (article.Owner.Equals(Utilities.GetUserName(Page.User.Identity.Name))) { accesibleArticlesList.Add(article); } else if (SecurityHelper.CanUserView(Page.User.Identity.Name, article.Category.Id)) { //if (article.ApprovalStatus.Name.Equals("Published")) --NEEDS TO BE UN COMMENTED WHEN APPROVAL STATUS IS DONE FOR DOCO BLOCK accesibleArticlesList.Add(article); } } else if (SecurityHelper.CanUserView(Page.User.Identity.Name, article.Category.Id)) { //if (article.ApprovalStatus.Name.Equals("Published")) accesibleArticlesList.Add(article); } } } } return(accesibleArticlesList); }
private void BindApprovers() { //get the groups under the category //get the users in that group //bind the users to the drop down //clear the dropdown list ddlApprovers.Items.Clear(); ddlApprovers.Enabled = false; ddlOwner.Items.Clear(); ddlOwner.Enabled = true; if (!string.IsNullOrEmpty(currentSelectedNode)) { IList <Access> accessList = AccessManager.GetItemEdittables(currentSelectedNode); bool canEdit = false; if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, currentSelectedNode)) { canEdit = true; } else if (SecurityHelper.CanUserContribute(Page.User.Identity.Name, currentSelectedNode)) { User currentUser = MembershipManager.GetUserByName(Page.User.Identity.Name); ddlOwner.Items.Add(new ListItem(currentUser.Name, currentUser.Id)); } if (canEdit) { foreach (Access access in accessList) { IList <Person> persons = PersonManager.GetAllPersons(); foreach (Person person in persons) { User user = MembershipManager.GetUserByPerson(person); if (!string.IsNullOrEmpty(user.Name)) { if (ddlOwner.Items.FindByText(user.Name) == null) { if (SecurityHelper.CanUserEdit(user.Name, currentSelectedNode)) { ddlOwner.Items.Add(new ListItem(user.Name, user.Id)); } } //APPROVERS NOT REQUIRED AT THIS RELEASE - 19/06/2012 //if (ddlApprovers.Items.FindByText(user.Name) == null) //{ // ddlApprovers.Items.Add(new ListItem(user.Name, user.Id)); //} } } } } //ddlApprovers.Items.Insert(0, new ListItem("--All Approvers--", "")); if (ddlOwner.Items.FindByText("admin") == null) { User admin = MembershipManager.GetUserByName("admin"); ddlOwner.Items.Insert(0, new ListItem(admin.Name, admin.Id)); } if ((Item != null) && (Item.Owner != null) && (ddlOwner.Items.FindByValue(Item.Owner) == null)) { User currentUser = MembershipManager.GetUserByName(Item.Owner); ddlOwner.Items.Insert(0, new ListItem(currentUser.Name, currentUser.Id)); ddlOwner.SelectedIndex = ddlOwner.Items.IndexOf(ddlOwner.Items.FindByText(Item.Owner)); } } }
public void Bind(IList <Category> categories) { var items = new List <Item>(); List <NewsGridItem> gridItems = new List <NewsGridItem>(); //change this to include ItemTypeId(news,Doco,Forum) so it only search selected versions. List <VersionItem> latestDrafts = VersionManager.GetAllLatestDrafts(); //Binding all Published news with their corresponding latest version. foreach (VersionItem draft in latestDrafts) { List <Item> newsItems = new List <Item>(); //get all versions by groupID IList <VersionItem> versionedItems = VersionManager.GetAllVersions(draft.GroupId); foreach (VersionItem item in versionedItems) { //add all published ones to newsItems list string pubId = ItemApprovalStatusManager.GetStatusByName("Published").Id; Item itemX = NewsManager.GetItem(item.ItemId); if (itemX != null) { if (itemX.ApprovalStatus != null) { if (itemX.ApprovalStatus.Id.Equals(pubId) && item.Deleted == false) { newsItems.Add(itemX); } } } } //sort them by date inserted- DESC and get the first one. if (newsItems.Count > 0) { Item newsItem = newsItems.OrderByDescending(x => x.InsertDate).First <Item>(); gridItems.Add(new NewsGridItem() { Draft = draft, NewsItem = newsItem }); } else//no published item found - get the latest draft and its corresponding newsItem { VersionItem latestDraft = VersionManager.GetVersionByGroupId(draft.GroupId); Item newsItem = NewsManager.GetItem(latestDraft.ItemId); gridItems.Add(new NewsGridItem() { Draft = draft, NewsItem = newsItem }); } } //do a 1-1 news & draft comparison to check whether all news have corresponding draft or not if not then add it to the grid. Pressing edit will create its first version. foreach (Category category in categories) { IList <Item> childItems = NewsManager.GetItems(category, false); foreach (Item newsItem in childItems) { VersionItem versionItem = VersionManager.GetVersionByItemId(newsItem.Id); if (versionItem == null && newsItem.ApprovalStatus == null) { versionItem = new VersionItem(); versionItem.ItemId = newsItem.Id; versionItem.GroupId = newsItem.Id; gridItems.Add(new NewsGridItem() { Draft = versionItem, NewsItem = newsItem }); } } } List <NewsGridItem> gridItemsPermission = new List <NewsGridItem>(); foreach (var gi in gridItems) { if (gi.NewsItem != null) { if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, gi.NewsItem.Category.Id) || SecurityHelper.CanUserContribute(Page.User.Identity.Name, gi.NewsItem.Category.Id)) { gridItemsPermission.Add(gi); } } } RadGridManage.DataSource = gridItemsPermission; }
protected void RadGrid1_ItemDataBound(object sender, GridItemEventArgs e) { if (e.Item.ItemType != GridItemType.Footer && e.Item.ItemType != GridItemType.Header) { if (e.Item is GridDataItem) { GridDataItem item = (GridDataItem)e.Item; LinkButton latestVersionId = (LinkButton)item.FindControl("lnkEditItem"); LinkButton lnkBtnDelete = (LinkButton)item.FindControl("lnkDeleteClient"); LinkButton lnkBtnCheckIn = (LinkButton)item.FindControl("lnkBtnCheckIn"); Label lblCheckedOut = (Label)item.FindControl("lblCheckedOut"); VersionItem versionByItem = VersionManager.GetVersionByItemId(latestVersionId.CommandArgument.ToString()); lnkBtnCheckIn.Visible = false; //if the Version/item is not checked out - check using the groupId of those versions and return user who has checkedout. if (versionByItem != null) { Item NewsItem = NewsManager.GetItem(versionByItem.ItemId); string checkedOutUsername = VersionManager.GetCheckedOutUser(versionByItem.GroupId); //username for comparison puposes string checkedOutName = (!string.IsNullOrEmpty(checkedOutUsername)) ? Utilities.GetDisplayUserName(checkedOutUsername) : string.Empty;; //full name for display purpose. HyperLink lnkVersion = (HyperLink)item["Version"].Controls[0]; //accessing link lnkVersion.Text = versionByItem.VersionNumber; //add version number here //display check out to string to other users if item is checked out by the user. string username = Page.User.Identity.Name; if (!string.IsNullOrEmpty(checkedOutUsername) && (username.ToLower() != checkedOutUsername.ToLower() && username != "admin")) { latestVersionId.Visible = false; lnkBtnDelete.Visible = false; lblCheckedOut.Text = CheckOutString + checkedOutName + ")"; lnkVersion.NavigateUrl = null; } else { latestVersionId.Visible = true; lnkBtnDelete.Visible = true; lnkVersion.NavigateUrl = Navigation.Communication_NewsVersionHistory(versionByItem.GroupId).GetServerUrl(true); //link to version history page //if user is same as owner and item is not checked out. if (!string.IsNullOrEmpty(checkedOutUsername)) { lnkBtnCheckIn.Visible = true; if (checkedOutUsername.ToLower() != "admin" && username == "admin") { latestVersionId.Visible = false; lnkBtnDelete.Visible = false; lblCheckedOut.Text = CheckOutString + checkedOutName + ")"; } } } // todo fix this defect if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, item["CategoryId"].Text) == true) { if (string.IsNullOrEmpty(checkedOutUsername)) { AddApproverButton(versionByItem.Id, versionByItem.ItemId, item); } } else if (SecurityHelper.CanUserContribute(Page.User.Identity.Name, item["CategoryId"].Text) == true) { if (Page.User.Identity.Name.ToLower().Equals(item["Owner"].Text.ToLower())) { if (string.IsNullOrEmpty(checkedOutUsername)) { AddApproverButton(versionByItem.Id, versionByItem.ItemId, item); } } else { latestVersionId.Visible = false; lnkBtnDelete.Visible = false; } } else { latestVersionId.Visible = false; lnkBtnDelete.Visible = false; } } //disabling the view link and columns text to empty if the item hasn't been published once. if (item["PubStatus"].Text != "Published") { CheckPublished(item); } } } }