private void showVerificationForm(ApplicationEntry ae, string oauthToken, string sessionId) { TextBox verifyTextBox = new TextBox("verify"); HiddenField oauthTokenHiddenField = new HiddenField("oauth_token"); oauthTokenHiddenField.Value = oauthToken; HiddenField modeHiddenField = new HiddenField("mode"); modeHiddenField.Value = "verify"; SubmitButton submitButton = new SubmitButton("submit", core.Prose.GetString("AUTHORISE")); Button cancelButton = new Button("cancel", core.Prose.GetString("CANCEL"), "cancel"); cancelButton.Script.OnClick = "window.external.notify('cancel'); return false;"; template.SetTemplate("oauth_authorize.html"); template.Parse("U_POST", core.Hyperlink.AppendSid("/oauth/approve", true, sessionId)); template.Parse("VERIFY", "TRUE"); template.Parse("AUTHORISE_APPLICATION", string.Format(core.Prose.GetString("AUTHORISE_APPLICATION"), ae.Title)); template.Parse("APPLICATION_ICON", ae.Icon); template.Parse("S_VERIFY", verifyTextBox); template.Parse("S_OAUTH_TOKEN", oauthTokenHiddenField); template.Parse("S_MODE", modeHiddenField); template.Parse("S_SUBMIT", submitButton); template.Parse("S_CANCEL", cancelButton); EndResponse(); }
public void ParseACL(Template template, Primitive owner, string variable) { Template aclTemplate = new Template("std.acl.html"); aclTemplate.Medium = core.Template.Medium; aclTemplate.SetProse(core.Prose); if (itemPermissions == null) { itemPermissions = GetPermissions(core, item); } if (itemGrants == null) { itemGrants = AccessControlGrant.GetGrants(core, item); } if (unsavedGrants == null) { unsavedGrants = new List<UnsavedAccessControlGrant>(); } if (itemGrants != null) { foreach (AccessControlGrant itemGrant in itemGrants) { core.PrimitiveCache.LoadPrimitiveProfile(itemGrant.PrimitiveKey); } } bool simple = item.IsSimplePermissions; string mode = core.Http["aclmode"]; switch (mode) { case "simple": simple = true; break; case "detailed": simple = false; break; } bool first = true; PermissionTypes lastType = PermissionTypes.View; VariableCollection permissionTypeVariableCollection = null; PermissionGroupSelectBox typeGroupSelectBox = null; List<PrimitivePermissionGroup> ownerGroups = null; if (itemPermissions != null) { foreach (AccessControlPermission itemPermission in itemPermissions) { if (first || itemPermission.PermissionType != lastType) { if (typeGroupSelectBox != null) { permissionTypeVariableCollection.Parse("S_SIMPLE_SELECT", typeGroupSelectBox); } permissionTypeVariableCollection = aclTemplate.CreateChild("permision_types"); typeGroupSelectBox = new PermissionGroupSelectBox(core, "group-select-" + itemPermission.PermissionType.ToString(), item.ItemKey); permissionTypeVariableCollection.Parse("TITLE", AccessControlLists.PermissionTypeToString(itemPermission.PermissionType)); first = false; lastType = itemPermission.PermissionType; } if (simple) { if (ownerGroups == null) { ownerGroups = new List<PrimitivePermissionGroup>(); int itemGroups = 0; Type type = item.GetType(); if (type.GetMethod(type.Name + "_GetItemGroups", new Type[] { typeof(Core) }) != null) { ownerGroups.AddRange((List<PrimitivePermissionGroup>)type.InvokeMember(type.Name + "_GetItemGroups", BindingFlags.Public | BindingFlags.Static | BindingFlags.InvokeMethod, null, null, new object[] { core })); itemGroups = ownerGroups.Count; } ownerGroups.AddRange(core.GetPrimitivePermissionGroups(owner)); } VariableCollection permissionVariableCollection = permissionTypeVariableCollection.CreateChild("permission_desc"); permissionVariableCollection.Parse("ID", itemPermission.Id.ToString()); permissionVariableCollection.Parse("TITLE", itemPermission.Name); permissionVariableCollection.Parse("DESCRIPTION", itemPermission.Description); if (itemGrants != null) { foreach (AccessControlGrant itemGrant in itemGrants) { if (itemGrant.PermissionId == itemPermission.Id) { switch (itemGrant.Allow) { case AccessControlGrants.Allow: PrimitivePermissionGroup ppg = null; ppg = new PrimitivePermissionGroup(itemGrant.PrimitiveKey, string.Empty, string.Empty); foreach (PrimitivePermissionGroup p in ownerGroups) { if (ppg.ItemKey.Equals(p.ItemKey)) { ppg = p; break; } } if (!typeGroupSelectBox.ItemKeys.Contains(ppg)) { typeGroupSelectBox.ItemKeys.Add(ppg); } break; default: break; } } } } } else { VariableCollection permissionVariableCollection = permissionTypeVariableCollection.CreateChild("permission"); permissionVariableCollection.Parse("ID", itemPermission.Id.ToString()); permissionVariableCollection.Parse("TITLE", itemPermission.Name); permissionVariableCollection.Parse("DESCRIPTION", itemPermission.Description); SelectBox groupsSelectBox = BuildGroupsSelectBox(string.Format("new-permission-group[{0}]", itemPermission.Id), owner); if (itemGrants != null) { foreach (AccessControlGrant itemGrant in itemGrants) { if (itemGrant.PermissionId == itemPermission.Id) { string gsbk = string.Format("{0},{1}", itemGrant.PrimitiveKey.TypeId, itemGrant.PrimitiveKey.Id); if (groupsSelectBox.ContainsKey(gsbk)) { groupsSelectBox[gsbk].Selectable = false; } VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant"); if (groupsSelectBox.ContainsKey(gsbk)) { string text = groupsSelectBox[gsbk].Text; if (text.StartsWith(" -- ", StringComparison.Ordinal)) { text = text.Substring(4); } grantVariableCollection.Parse("DISPLAY_NAME", text); groupsSelectBox[gsbk].Selectable = false; } else { try { grantVariableCollection.Parse("DISPLAY_NAME", core.PrimitiveCache[itemGrant.PrimitiveKey].DisplayName); } catch { grantVariableCollection.Parse("DISPLAY_NAME", "{{ERROR LOADING PRIMITIVE(" + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + ":" + (new ItemType(core, itemGrant.PrimitiveKey.TypeId)).Namespace + ")}}"); } } RadioList allowrl = new RadioList("allow[" + itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"); SelectBox allowsb = new SelectBox("allow[" + itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"); Button deleteButton = new Button("delete", "Delete", itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString()); allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow")); allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny")); allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit")); allowsb.Add(new SelectBoxItem("allow", "Allow")); allowsb.Add(new SelectBoxItem("deny", "Deny")); allowsb.Add(new SelectBoxItem("inherit", "Inherit")); switch (itemGrant.Allow) { case AccessControlGrants.Allow: allowrl.SelectedKey = "allow"; allowsb.SelectedKey = "allow"; break; case AccessControlGrants.Deny: allowrl.SelectedKey = "deny"; allowsb.SelectedKey = "deny"; break; case AccessControlGrants.Inherit: allowrl.SelectedKey = "inherit"; allowsb.SelectedKey = "inherit"; break; } if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"] != null) { allowrl.SelectedKey = core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"]; } grantVariableCollection.Parse("S_GRANT", allowsb); grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]); grantVariableCollection.Parse("S_DENY", allowrl["deny"]); grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]); grantVariableCollection.Parse("S_DELETE", deleteButton); grantVariableCollection.Parse("ID", string.Format("{0},{1}", itemGrant.PrimitiveKey.TypeId, itemGrant.PrimitiveKey.Id)); grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString()); grantVariableCollection.Parse("IS_NEW", "FALSE"); } } foreach (AccessControlGrant itemGrant in itemGrants) { VariableCollection grantsVariableCollection = template.CreateChild("grants"); } } if (core.Http.Form["save"] == null) { foreach (SelectBoxItem gsbi in groupsSelectBox) { if (core.Http.Form[string.Format("new-grant[{0},{1}]", itemPermission.Id, gsbi.Key)] != null) { ItemKey ik = new ItemKey(gsbi.Key); UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit); VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant"); grantVariableCollection.Parse("DISPLAY_NAME", gsbi.Text); RadioList allowrl = new RadioList("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"); SelectBox allowsb = new SelectBox("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"); allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow")); allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny")); allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit")); allowsb.Add(new SelectBoxItem("allow", "Allow")); allowsb.Add(new SelectBoxItem("deny", "Deny")); allowsb.Add(new SelectBoxItem("inherit", "Inherit")); if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"] != null) { allowrl.SelectedKey = core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"]; } else { switch (uacg.Allow) { case AccessControlGrants.Allow: allowrl.SelectedKey = "allow"; allowsb.SelectedKey = "allow"; break; case AccessControlGrants.Deny: allowrl.SelectedKey = "deny"; allowsb.SelectedKey = "deny"; break; case AccessControlGrants.Inherit: allowrl.SelectedKey = "inherit"; allowsb.SelectedKey = "inherit"; break; } } grantVariableCollection.Parse("S_GRANT", allowsb); grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]); grantVariableCollection.Parse("S_DENY", allowrl["deny"]); grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]); grantVariableCollection.Parse("ID", string.Format("{0},{1}", ik.TypeId, ik.Id)); grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString()); grantVariableCollection.Parse("IS_NEW", "TRUE"); gsbi.Selectable = false; } } } if (core.Http.Form[string.Format("add-permission[{0}]", itemPermission.Id)] != null) { string groupSelectBoxId = core.Http.Form[string.Format("new-permission-group[{0}]", itemPermission.Id)]; ItemKey ik = new ItemKey(groupSelectBoxId); UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit); VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant"); grantVariableCollection.Parse("DISPLAY_NAME", groupsSelectBox[groupSelectBoxId].Text); RadioList allowrl = new RadioList("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"); SelectBox allowsb = new SelectBox("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"); allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow")); allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny")); allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit")); allowsb.Add(new SelectBoxItem("allow", "Allow")); allowsb.Add(new SelectBoxItem("deny", "Deny")); allowsb.Add(new SelectBoxItem("inherit", "Inherit")); switch (uacg.Allow) { case AccessControlGrants.Allow: allowrl.SelectedKey = "allow"; allowsb.SelectedKey = "allow"; break; case AccessControlGrants.Deny: allowrl.SelectedKey = "deny"; allowsb.SelectedKey = "deny"; break; case AccessControlGrants.Inherit: allowrl.SelectedKey = "inherit"; allowsb.SelectedKey = "inherit"; break; } grantVariableCollection.Parse("S_GRANT", allowsb); grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]); grantVariableCollection.Parse("S_DENY", allowrl["deny"]); grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]); grantVariableCollection.Parse("ID", string.Format("{0},{1}", ik.TypeId, ik.Id)); grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString()); grantVariableCollection.Parse("IS_NEW", "TRUE"); groupsSelectBox[groupSelectBoxId].Selectable = false; } permissionVariableCollection.Parse("S_PERMISSION_GROUPS", groupsSelectBox); RadioList allowNewrl = new RadioList("new-permission-group-allow"); SelectBox allowNewsb = new SelectBox("new-permission-group-allow"); allowNewrl.Add(new RadioListItem(allowNewrl.Name, "allow", "Allow")); allowNewrl.Add(new RadioListItem(allowNewrl.Name, "deny", "Deny")); allowNewrl.Add(new RadioListItem(allowNewrl.Name, "inherit", "Inherit")); allowNewsb.Add(new SelectBoxItem("allow", "Allow")); allowNewsb.Add(new SelectBoxItem("deny", "Deny")); allowNewsb.Add(new SelectBoxItem("inherit", "Inherit")); allowNewrl.SelectedKey = "inherit"; allowNewsb.SelectedKey = "inherit"; permissionVariableCollection.Parse("S_GRANT", allowNewsb); permissionVariableCollection.Parse("S_ALLOW", allowNewrl["allow"].ToString()); permissionVariableCollection.Parse("S_DENY", allowNewrl["deny"].ToString()); permissionVariableCollection.Parse("S_INHERIT", allowNewrl["inherit"].ToString()); } } if (typeGroupSelectBox != null) { permissionTypeVariableCollection.Parse("S_SIMPLE_SELECT", typeGroupSelectBox); } } if (string.IsNullOrEmpty(variable)) { variable = "S_PERMISSIONS"; } /*PermissionGroupSelectBox groupSelectBox = new PermissionGroupSelectBox(core, "group-select", item.ItemKey); groupSelectBox.SelectMultiple = true; aclTemplate.Parse("S_SIMPLE_SELECT", groupSelectBox);*/ if (simple) { aclTemplate.Parse("IS_SIMPLE", "TRUE"); } aclTemplate.Parse("U_DETAILED", Access.BuildAclUri(core, item, false)); aclTemplate.Parse("U_SIMPLE", Access.BuildAclUri(core, item, true)); HiddenField modeField = new HiddenField("aclmode"); if (simple) { modeField.Value = "simple"; } else { modeField.Value = "detailed"; } aclTemplate.Parse("S_ACLMODE", modeField); template.ParseRaw(variable, aclTemplate.ToString()); }
private void OAuthAuthorize(bool fail) { bool forceLogin = (core.Http.Query["force_login"] == "true"); string oauthToken = core.Http["oauth_token"]; try { OAuthToken token = new OAuthToken(core, oauthToken); ApplicationEntry ae = token.Application; TextBox usernameTextBox = new TextBox("username"); TextBox passwordTextBox = new TextBox("password", InputType.Password); HiddenField oauthTokenHiddenField = new HiddenField("oauth_token"); oauthTokenHiddenField.Value = oauthToken; SubmitButton submitButton = new SubmitButton("submit", core.Prose.GetString("AUTHORISE")); Button cancelButton = new Button("cancel", core.Prose.GetString("CANCEL"), "cancel"); cancelButton.Script.OnClick = "window.external.notify('cancel'); return false;"; if (token.TokenExpired) { core.Functions.Generate403(); EndResponse(); return; } template.SetTemplate("oauth_authorize.html"); template.Parse("U_POST", core.Hyperlink.AppendSid("/oauth/approve", true)); template.Parse("REQUIRE_LOGIN", ((forceLogin || (!core.Session.SignedIn)) ? "TRUE" : "FALSE")); template.Parse("AUTHORISE_APPLICATION", string.Format(core.Prose.GetString("AUTHORISE_APPLICATION"), ae.Title)); template.Parse("APPLICATION_ICON", ae.Icon); template.Parse("S_USERNAME", usernameTextBox); template.Parse("S_PASSWORD", passwordTextBox); template.Parse("S_OAUTH_TOKEN", oauthTokenHiddenField); template.Parse("S_SUBMIT", submitButton); template.Parse("S_CANCEL", cancelButton); } catch (InvalidOAuthTokenException) { core.Functions.Generate403(); } catch (InvalidApplicationException) { core.Functions.Generate403(); } EndResponse(); }