/// <summary>
/// Create the default home page zone and zone user role during setup.
/// </summary>
/// <returns></returns>
private void InsertHomePageZone(int HomePageId)
{
CmsPageSecurityZone z = new CmsPageSecurityZone();
z.ZoneName = "Default zone";
z.StartingPage = pagerepository.Get(HomePageId);
if (new CmsPageSecurityZoneDb().insert(z) == false)
{
throw new Exception("Cannot insert Home Page Zone");
}
// anonymous users can read, but not write pages in this zone
CmsPageSecurityZoneUserRole anonZoneRole = new CmsPageSecurityZoneUserRole(z.Id, WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID, true, false);
if (new CmsPageSecurityZoneUserRoleDb().insert(anonZoneRole) == false)
{
throw new Exception("Cannot insert anonymous ZoneUserRole");
}
// authors can write and read all pages in this zone
WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", "Author"));
if (authorRole.RoleID >= 0)
{
CmsPageSecurityZoneUserRole authorZoneRole = new CmsPageSecurityZoneUserRole(z.Id, authorRole.RoleID, true, true);
if (new CmsPageSecurityZoneUserRoleDb().insert(authorZoneRole) == false)
{
throw new Exception("Cannot insert author ZoneUserRole");
}
}
}
private void InsertAdminAreaZone(int AdminPageId)
{
CmsPageSecurityZone z = new CmsPageSecurityZone();
z.ZoneName = "Internal Author Tools Zone";
z.StartingPageId = AdminPageId;
if (new CmsZoneDb().insert(z) == false)
{
throw new Exception("Cannot insert Zone");
}
// anonymous users cannot read or write in this zone
CmsZoneUserRole anonZoneRole = new CmsZoneUserRole(z.ZoneId, WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID, false, false);
if (new CmsZoneUserRoleDb().insert(anonZoneRole) == false)
{
throw new Exception("Cannot insert anonymous ZoneUserRole");
}
// authors can write and read all pages in this zone
WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", "Author"));
if (authorRole.RoleID >= 0)
{
CmsZoneUserRole authorZoneRole = new CmsZoneUserRole(z.ZoneId, authorRole.RoleID, true, true);
if (new CmsZoneUserRoleDb().insert(authorZoneRole) == false)
{
throw new Exception("Cannot insert author ZoneUserRole");
}
}
}
private WebPortalUserRole[] getAllAvailableRoles()
{
List <WebPortalUserRole> ret = new List <WebPortalUserRole>();
string adminUserRoleName = CmsConfig.getConfigValue("AdminUserRole", "Administrator");
ret.Add(WebPortalUserRole.Fetch(adminUserRoleName));
string authorUserRoleName = CmsConfig.getConfigValue("AuthorAccessUserRole", "Author");
if (String.Compare(adminUserRoleName, authorUserRoleName, true) != 0)
{
ret.Add(WebPortalUserRole.Fetch(authorUserRoleName));
}
string nothing = Guid.NewGuid().ToString();
CmsPageSecurityZone homePageZone = (new CmsPageSecurityZoneDb()).fetchByPage(CmsContext.HomePage);
bool requireAnonLogin = homePageZone.canRead(WebPortalUser.dummyPublicUser);
string loginRole = CmsConfig.getConfigValue("LoginUserRole", nothing);
if (!requireAnonLogin && loginRole != nothing && String.Compare(loginRole, authorUserRoleName, true) != 0 && String.Compare(loginRole, adminUserRoleName, true) != 0)
{
ret.Add(WebPortalUserRole.Fetch(loginRole));
}
return(ret.ToArray());
}
public void CanFetchReadAccess()
{
CmsPageSecurityZoneUserRoleDb dboperation = new CmsPageSecurityZoneUserRoleDb();
CmsPageSecurityZone z = new CmsPageSecurityZone(1);
//z.Id = 1;
WebPortalUserRole role1 = new WebPortalUserRole(1, "aa", "despri");
WebPortalUserRole role2 = new WebPortalUserRole(-1, "aa", "despri");
List <WebPortalUserRole> rolelist = new List <WebPortalUserRole>();
rolelist.Add(role1);
rolelist.Add(role2);
Assert.That(dboperation.fetchRoleMatchingCountForRead(z, rolelist.ToArray()), Is.EqualTo(2));
Assert.That(dboperation.fetchRoleMatchingCountForWrite(z, rolelist.ToArray()), Is.EqualTo(1));
}
/// <summary>
/// Checks whether a user has write access in this zone.
/// </summary>
/// <param name="u"></param>
/// <returns></returns>
public bool canWrite(WebPortalUser u)
{
if (u != null && u.inRole(CmsConfig.getConfigValue("AdminUserRole", "Administrator")))
{
return(true);
}
WebPortalUserRole[] roleArray = new WebPortalUserRole[] { WebPortalUserRole.dummyPublicUserRole };
if (u != null)
{
u.AddUserRole(WebPortalUserRole.dummyPublicUserRole); // users are always part of the "public" user role.
roleArray = u.userRoles;
}
CmsZoneUserRoleDb db = new CmsZoneUserRoleDb();
return(db.fetchRoleMatchingCountForWrite(this, roleArray) > 0);
}
public void loadGroupsAndCookie(HttpContext context, int cookieTimeoutMinutes, bool persistCookie, PortalApplication portalApp)
{
// -- Retrieve the user's groups
WebPortalUser user = WebPortalUser.FetchUser(_un, portalApp);
WebPortalUserRole[] Roles = user.userRoles;
string groups = "";
for (int i = 0; i < Roles.Length; i++)
{
WebPortalUserRole role = Roles[i];
groups = groups + role.Name;
if (i < Roles.Length - 1)
{
groups = groups + groupDelimiter;
}
} // for
// -- Create the authetication ticket
FormsAuthenticationTicket authTicket =
new FormsAuthenticationTicket(1, // version
_un,
DateTime.Now,
DateTime.Now.AddMinutes(cookieTimeoutMinutes),
persistCookie, groups);
// Now encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the
// cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if (authTicket.IsPersistent)
{
authCookie.Expires = authTicket.Expiration;
}
Console.Write(authCookie.Path);
Console.Write(authCookie.Domain);
// Add the cookie to the outgoing cookies collection.
context.Response.Cookies.Add(authCookie);
} // loadGroupsAndCookie
/// <summary>
/// Create the role entity object by reading the html form params
/// </summary>
/// <param name="z"></param>
/// <param name="r"></param>
/// <param name="accessMode"></param>
/// <returns></returns>
protected CmsPageSecurityZoneUserRole createUserRoleEntity(CmsPageSecurityZone z, WebPortalUserRole r, string[] accessMode)
{
CmsPageSecurityZoneUserRole entity = new CmsPageSecurityZoneUserRole(z.Id, r.RoleID);
foreach (string s in accessMode)
{
if (s.ToLower() == "r")
{
entity.ReadAccess = true;
}
if (s.ToLower() == "w")
{
entity.WriteAccess = true;
}
}
if (r.RoleID == WebPortalUserRole.DUMMY_PUBLIC_ROLE_ID)
{
entity.WriteAccess = false;
}
return(entity);
}
private string getEditUserDisplay(int userId, CmsPage page)
{
string _errorMessage = "";
string _successMessage = "";
bool isEditingExisting = false;
WebPortalUser user = WebPortalUser.FetchUser(userId, CmsPortalApplication.GetInstance());
if (user != null)
{
isEditingExisting = true;
}
else
{
user = new WebPortalUser();
}
string userRole = "";
if (user.userRoles.Length > 0)
{
userRole = getBestMatchingUserRoleName(getAllAvailableRoles(), user.userRoles);
}
string formaction = PageUtils.getFromForm("formaction", "");
if (string.Compare(formaction, "saveupdates", true) == 0)
{
string un = PageUtils.getFromForm("username", user.UserName);
if (un.Trim() == "")
{
_errorMessage = "Please specify a username";
}
if (_errorMessage == "" && !isEditingExisting && WebPortalUser.FetchUser(un, CmsPortalApplication.GetInstance()) != null)
{
_errorMessage = "A user with the username '" + un + "' already exists. Please use another username.";
}
string pw = PageUtils.getFromForm("password", user.Password);
if (_errorMessage == "" && pw.Trim() == "")
{
_errorMessage = "Blank passwords are not allowed.";
}
/*
* if (pw1 != pw2)
* {
* errorMessage = "Passwords do not match.";
* return;
* }*/
string selRole = PageUtils.getFromForm("roles", userRole);
if (selRole.Trim() == "")
{
_errorMessage = "Please select the user's access level";
}
if (_errorMessage == "" && WebPortalUserRole.Fetch(selRole) == null)
{
_errorMessage = "Invalid security group '" + selRole + "' (does not exist)";
}
if (_errorMessage == "")
{
user.UserName = un;
user.Password = pw;
bool b = false;
user.ClearAllUserRoles();
user.AddUserRole(WebPortalUserRole.Fetch(selRole));
b = user.SaveToDatabase();
if (!b)
{
_errorMessage = "Fatal Error: could not save user to database.";
}
else
{
_successMessage = "User '" + un + "' has been saved.";
}
}
} // if saveUpdates
StringBuilder html = new StringBuilder();
string formId = "EditUsers";
html.Append(page.getFormStartHtml(formId));
if (_errorMessage != "")
{
html.Append("<p style=\"color: red;\">" + _errorMessage + "</p>");
}
if (_successMessage != "")
{
html.Append("<p style=\"color: green;\">" + _successMessage + " - <a href=\"" + getPageDisplayUrl(new WebPortalUser(), page, PageDisplayMode.ListUsers) + "\">back to user list</a></p>");
}
html.Append("<table>");
// -- User name
html.Append("<tr><td>Username: </td><td>" + Environment.NewLine);
if (!isEditingExisting)
{
html.Append(PageUtils.getInputTextHtml("username", "username", user.UserName, 30, 255));
}
else
{
html.Append(user.UserName);
}
html.Append("</td></tr>" + Environment.NewLine);
// -- Password
html.Append("<tr><td>Password: </td><td>");
html.Append(PageUtils.getInputTextHtml("password", "password", user.Password, 30, 255));
html.Append("</td></tr>" + Environment.NewLine);
NameValueCollection roleOpts = new NameValueCollection();
foreach (WebPortalUserRole role in getAllAvailableRoles())
{
roleOpts.Add(role.Name, role.Name + " - " + role.Description);
}
html.Append("<tr><td>Access Level: </td><td>");
html.Append(PageUtils.getRadioListHtml("roles", "role", roleOpts, userRole, "", "<br />"));
html.Append("</td></tr>" + Environment.NewLine);
html.Append("</table>");
html.Append(PageUtils.getHiddenInputHtml("formaction", "saveupdates"));
html.Append(PageUtils.getHiddenInputHtml("uid", userId.ToString()));
html.Append(PageUtils.getHiddenInputHtml("display", Enum.GetName(typeof(PageDisplayMode), PageDisplayMode.EditSelectedUser)));
html.Append("<input type=\"submit\" value=\"save\">");
html.Append(" <input type=\"button\" value=\"cancel\" onclick=\"window.location = '" + page.Url + "'\">");
html.Append(page.getFormCloseHtml(formId));
if (isEditingExisting)
{
formId = "delUser";
html.Append(page.getFormStartHtml(formId));
html.Append(PageUtils.getHiddenInputHtml("formaction", "deleteuser"));
html.Append(PageUtils.getHiddenInputHtml("uid", userId.ToString()));
html.Append(PageUtils.getHiddenInputHtml("display", Enum.GetName(typeof(PageDisplayMode), PageDisplayMode.EditSelectedUser)));
html.Append("<p align=\"right\"><input type=\"submit\" value=\"delete user\"></p>");
html.Append(page.getFormCloseHtml(formId));
}
return(html.ToString());
}
protected void b_CreatePages_Click(object sender, EventArgs e)
{
// ensure that the connection to hatPortal is ok.
try
{
WebPortalUserRole authorRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AuthorAccessUserRole", Guid.NewGuid().ToString()));
WebPortalUserRole loginRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("LoginUserRole", Guid.NewGuid().ToString()));
WebPortalUserRole adminRole = WebPortalUserRole.Fetch(CmsConfig.getConfigValue("AdminUserRole", Guid.NewGuid().ToString()));
if (adminRole == null || adminRole.RoleID < 0)
{
l_msg.Text = "Error: Standard Pages could not all be added. The AdminUserRole could not be found.";
return;
}
}
catch (Exception ex)
{
l_msg.Text = "Error: Standard Pages could not all be added. The hatWebPortalConnectionString may be set incorrectly.";
return;
}
try
{
// home page
int HomePageId = InsertPage("", "Home Page", "Home Page", "", "HomePage", -1, 0, true);
// create the home page security zones
InsertHomePageZone(HomePageId);
//# /_Login Page (not visible in menu)
InsertPage("_Login", "Login", "Login", "", "_login", HomePageId, 0, false);
// _Admin Page (hidden)
int AdminPageId = InsertPage("_admin", "HatCMS Administration", "Admin", "", RedirectTemplateName, HomePageId, 0, false);
// create the admin area security zones
InsertAdminAreaZone(AdminPageId);
// -- redirect the admin page to the home page.
InsertRedirectPlaceholder(CmsContext.getPageById(AdminPageId), 1, "~/");
//# Admin Actions Page
int AdminActionsPageId = InsertPage("actions", "Admin Actions", "Admin Actions", "", RedirectTemplateName, AdminPageId, -1, false);
// -- redirect the admin actions page to the home page.
InsertRedirectPlaceholder(CmsContext.getPageById(AdminActionsPageId), 1, "~/");
//# Toggle Edit Admin Action Page
InsertPage("gotoEdit", "Goto Edit Mode", "Goto Edit Mode", "", "_gotoEditMode", AdminActionsPageId, -1, false);
InsertPage("gotoView", "Goto View Mode", "Goto View Mode", "", "_gotoViewMode", AdminActionsPageId, -1, false);
//# /_admin/actions/createPage
InsertPage("createPage", "Create Page", "Create Page", "", "_CreateNewPagePopup", AdminActionsPageId, -1, false);
// # Delete Page Admin Action Page
InsertPage("deletePage", "Delete Page", "Delete Page", "", "_DeletePagePopup", AdminActionsPageId, -1, false);
//# Sort Sub Pages Admin Action Page
InsertPage("sortSubPages", "Sort Sub Pages", "Sort Sub Pages", "", "_SortSubPagesPopup", AdminActionsPageId, -1, false);
//# Change Menu Visibiity (Show In Menu indicator) Admin Action Page
InsertPage("MenuVisibilityPopup", "Change Menu Visibility", "Change Menu Visibility", "", "_MenuVisibilityPopup", AdminActionsPageId, -1, false);
// /_admin/actions/movePage
InsertPage("movePage", "Move Page", "Move Page", "", "_MovePagePopup", AdminActionsPageId, -1, false);
// /_admin/actions/renamePage
InsertPage("renamePage", "Rename Page", "Rename Page", "", "_RenamePagePopup", AdminActionsPageId, -1, false);
// /_admin/actions/killLock
InsertPage("killLock", "Kill Edit Page Lock", "Kill Edit Page Lock", "", "_KillLockPopup", AdminActionsPageId, -1, false);
// /_admin/actions/changeTemplate
InsertPage("changeTemplate", "Change Page's Template", "Change Page's Template", "", "_ChangePageTemplatePopup", AdminActionsPageId, -1, false);
// /_admin/actions/deleteFileLibrary
InsertPage("deleteFileLibrary", "Delete a file library", "Delete a file library", "", "_DeleteFileLibraryPopup", AdminActionsPageId, -1, false);
//# Admin Tools page (/_admin/Audit)
InsertPage("Audit", "Administration Tools", "Admin Tools", "", "_AdminMenuPopup", AdminPageId, -1, false);
//# view revisions page (/_admin/ViewRevisions)
InsertPage("ViewRevisions", "View Page Revisions", "View Page Revisions", "", "_PageRevisionsPopup", AdminPageId, -1, false);
//# EditUsers page (/_admin/EditUsers)
InsertPage("EditUsers", "Edit Users", "Edit Users", "", "_EditUsersPopup", AdminPageId, -1, false);
// edit job location page
InsertPage("JobLocation", "Job Location", "Job Location", "", "_JobLocationPopup", AdminPageId, -1, false);
// edit event calendar category page
InsertPage("EventCalendarCategory", "Event Calendar Category", "Event Calendar Category", "", "_EventCalendarCategoryPopup", AdminPageId, -1, false);
// edit File Library category page
InsertPage("FileLibraryCategory", "File Library Category", "File Library Category", "", "_FileLibraryCategoryPopup", AdminPageId, -1, false);
// delete File Library page
InsertPage("deleteFileLibrary", "Delete File Library", "Delete File Library", "", "_DeleteFileLibraryPopup", AdminPageId, -1, false);
// --------------------------------
// /_Internal Page
int InternalPageId = InsertPage("_internal", "Internal CMS Functions", "Internal CMS Functions", "", RedirectTemplateName, HomePageId, -1, false);
// -- redirect the /_internal page to the home page.
InsertRedirectPlaceholder(CmsContext.getPageById(InternalPageId), 1, "~/");
//# Show Single Image page (/_internal/showImage)
InsertPage("showImage", "Show Image", "Show Image", "", "_SingleImageDisplay", InternalPageId, -1, false);
l_msg.Text = "All standard pages have been added successfully.";
}
catch (Exception ex)
{
l_msg.Text = "Error: Standard Pages could not all be added. The state of the database is currently unknown. Please manually delete the database and start again.";
}
} // b_db_Click
