/// <param name="moduleId"></param> /// <param name="tabId"></param> /// <param name="permissionKey">You can use the constants, but for modules there are only /// those two</param> /// <returns></returns> public static bool canUserAccessModule(UserInfo user, int portalId, int tabId, ModuleInfo moduleInfo, string permissionKey) { var retVal = false; string permissionsString = null; if (moduleInfo.InheritViewPermissions) { var tabPermissionController = new TabPermissionController(); var tabPermissionCollection = tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId); permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey); } else { var modulePermissionController = new ModulePermissionController(); var permissionCollection = modulePermissionController.GetModulePermissionsCollectionByModuleID(moduleInfo.ModuleID, tabId); permissionsString = modulePermissionController.GetModulePermissions(permissionCollection, permissionKey); } char[] splitter = { ';' }; var roles = permissionsString.Split(splitter); foreach (var role in roles) { if (role.Length > 0) { if (user != null && user.IsInRole(role)) retVal = true; else if (user == null && role.ToLower().Equals("all users")) retVal = true; } } return retVal; }
public static bool CanViewModule(ModuleInfo module) { bool canView; if (module.InheritViewPermissions) { TabInfo objTab = new TabController().GetTab(module.TabID, module.PortalID, false); canView = TabPermissionController.CanViewPage(objTab); } else { canView = Provider.CanViewModule(module); } return(canView); }
/// <summary> /// Returns a flag indicating whether the current user can view a module /// </summary> /// <param name="module">The page</param> /// <returns>A flag indicating whether the user has permission</returns> public virtual bool CanViewModule(ModuleInfo module) { bool canView; if (module.InheritViewPermissions) { TabInfo objTab = TabController.Instance.GetTab(module.TabID, module.PortalID, false); canView = TabPermissionController.CanViewPage(objTab); } else { canView = PortalSecurity.IsInRoles(module.ModulePermissions.ToString(ViewModulePermissionKey)); } return(canView); }
/// <remarks>Source/Template from SecurityContext.canUserAccessModule()</remarks> private static bool CanUserViewTab(UserInfo user, int portalId, int tabId, string permissionKey = "VIEW") { //var retVal = false; var tabPermissionController = new TabPermissionController(); var tabPermissionCollection = tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId); var permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey); char[] splitter = { ';' }; var roles = permissionsString.Split(splitter); foreach (var role in roles.Where(role => role.Length > 0)) { if (user != null && user.IsInRole(role)) return true; if (role.ToLower().Equals("all users")) return true; } return false; }
public void CopyPermissionsToChildren( ArrayList tabs, TabPermissionCollection newPermissions ) { TabPermissionController objTabPermissionController = new TabPermissionController(); foreach( TabInfo objTab in tabs ) { TabPermissionCollection objCurrentTabPermissions = objTabPermissionController.GetTabPermissionsCollectionByTabID( objTab.TabID, objTab.PortalID ); if( !( objCurrentTabPermissions.CompareTo( newPermissions ) ) ) { objTabPermissionController.DeleteTabPermissionsByTabID( objTab.TabID ); foreach( TabPermissionInfo objTabPermission in newPermissions ) { if( objTabPermission.AllowAccess ) { objTabPermission.TabID = objTab.TabID; objTabPermissionController.AddTabPermission( objTabPermission ); } } } } if( tabs.Count > 0 ) { DataCache.ClearTabsCache( ( (TabInfo)( tabs[0] ) ).PortalID ); } }
public void UpdateTab( TabInfo objTab ) { bool updateChildren = false; TabInfo objTmpTab = GetTab( objTab.TabID, objTab.PortalID, false ); if( objTmpTab.TabName != objTab.TabName | objTmpTab.ParentId != objTab.ParentId ) { updateChildren = true; } UpdatePortalTabOrder( objTab.PortalID, objTab.TabID, objTab.ParentId, 0, 0, objTab.IsVisible ); DataProvider.Instance().UpdateTab( objTab.TabID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.IsDeleted, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate, objTab.RefreshInterval, objTab.PageHeadText ); TabPermissionController objTabPermissionController = new TabPermissionController(); TabPermissionCollection objTabPermissions = objTab.TabPermissions; TabPermissionCollection objCurrentTabPermissions = objTabPermissionController.GetTabPermissionsCollectionByTabID( objTab.TabID, objTab.PortalID ); if( !( objCurrentTabPermissions.CompareTo( objTab.TabPermissions ) ) ) { objTabPermissionController.DeleteTabPermissionsByTabID( objTab.TabID ); foreach( TabPermissionInfo objTabPermission in objTabPermissions ) { if( objTabPermission.AllowAccess ) { objTabPermissionController.AddTabPermission( objTabPermission ); } } } if( updateChildren ) { UpdateChildTabPath( objTab.TabID, objTab.PortalID ); } ClearCache( objTab.PortalID ); }
private static TabInfo FillTabInfo( IDataReader dr, bool CheckForOpenDataReader ) { TabInfo objTabInfo = new TabInfo(); TabPermissionController objTabPermissionController = new TabPermissionController(); // read datareader bool canContinue = true; if( CheckForOpenDataReader ) { canContinue = false; if( dr.Read() ) { canContinue = true; } } if( canContinue ) { objTabInfo.TabID = Convert.ToInt32( Null.SetNull( dr["TabID"], objTabInfo.TabID ) ); objTabInfo.TabOrder = Convert.ToInt32( Null.SetNull( dr["TabOrder"], objTabInfo.TabOrder ) ); objTabInfo.PortalID = Convert.ToInt32( Null.SetNull( dr["PortalID"], objTabInfo.PortalID ) ); objTabInfo.TabName = Convert.ToString( Null.SetNull( dr["TabName"], objTabInfo.TabName ) ); objTabInfo.IsVisible = Convert.ToBoolean( Null.SetNull( dr["IsVisible"], objTabInfo.IsVisible ) ); objTabInfo.ParentId = Convert.ToInt32( Null.SetNull( dr["ParentId"], objTabInfo.ParentId ) ); objTabInfo.Level = Convert.ToInt32( Null.SetNull( dr["Level"], objTabInfo.Level ) ); objTabInfo.IconFile = Convert.ToString( Null.SetNull( dr["IconFile"], objTabInfo.IconFile ) ); objTabInfo.DisableLink = Convert.ToBoolean( Null.SetNull( dr["DisableLink"], objTabInfo.DisableLink ) ); objTabInfo.Title = Convert.ToString( Null.SetNull( dr["Title"], objTabInfo.Title ) ); objTabInfo.Description = Convert.ToString( Null.SetNull( dr["Description"], objTabInfo.Description ) ); objTabInfo.KeyWords = Convert.ToString( Null.SetNull( dr["KeyWords"], objTabInfo.KeyWords ) ); objTabInfo.IsDeleted = Convert.ToBoolean( Null.SetNull( dr["IsDeleted"], objTabInfo.IsDeleted ) ); objTabInfo.Url = Convert.ToString( Null.SetNull( dr["Url"], objTabInfo.Url ) ); objTabInfo.SkinSrc = Convert.ToString( Null.SetNull( dr["SkinSrc"], objTabInfo.SkinSrc ) ); objTabInfo.ContainerSrc = Convert.ToString( Null.SetNull( dr["ContainerSrc"], objTabInfo.ContainerSrc ) ); objTabInfo.TabPath = Convert.ToString( Null.SetNull( dr["TabPath"], objTabInfo.TabPath ) ); objTabInfo.StartDate = Convert.ToDateTime( Null.SetNull( dr["StartDate"], objTabInfo.StartDate ) ); objTabInfo.EndDate = Convert.ToDateTime( Null.SetNull( dr["EndDate"], objTabInfo.EndDate ) ); objTabInfo.HasChildren = Convert.ToBoolean( Null.SetNull( dr["HasChildren"], objTabInfo.HasChildren ) ); objTabInfo.RefreshInterval = Convert.ToInt32( Null.SetNull( dr["RefreshInterval"], objTabInfo.RefreshInterval ) ); objTabInfo.PageHeadText = Convert.ToString( Null.SetNull( dr["PageHeadText"], objTabInfo.PageHeadText ) ); if( objTabInfo != null ) { objTabInfo.TabPermissions = objTabPermissionController.GetTabPermissionsCollectionByTabID( objTabInfo.TabID, objTabInfo.PortalID ); objTabInfo.AdministratorRoles = objTabPermissionController.GetTabPermissions( objTabInfo.TabPermissions, "EDIT" ); if( objTabInfo.AdministratorRoles == ";" ) { // this code is here for legacy support - the AdministratorRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objTabInfo.AdministratorRoles = Convert.ToString( Null.SetNull( dr["AdministratorRoles"], objTabInfo.AdministratorRoles ) ); } catch { // the AdministratorRoles field was removed from the Tabs table in 3.0 } } objTabInfo.AuthorizedRoles = objTabPermissionController.GetTabPermissions( objTabInfo.TabPermissions, "VIEW" ); if( objTabInfo.AuthorizedRoles == ";" ) { // this code is here for legacy support - the AuthorizedRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objTabInfo.AuthorizedRoles = Convert.ToString( Null.SetNull( dr["AuthorizedRoles"], objTabInfo.AuthorizedRoles ) ); } catch { // the AuthorizedRoles field was removed from the Tabs table in 3.0 } } } objTabInfo.BreadCrumbs = null; objTabInfo.Panes = null; objTabInfo.Modules = null; } else { objTabInfo = null; } return objTabInfo; }
public int AddTab( TabInfo objTab, bool AddAllTabsModules ) { int intTabId; objTab.TabPath = Globals.GenerateTabPath( objTab.ParentId, objTab.TabName ); intTabId = DataProvider.Instance().AddTab( objTab.PortalID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate, objTab.RefreshInterval, objTab.PageHeadText ); TabPermissionController objTabPermissionController = new TabPermissionController(); if( objTab.TabPermissions != null ) { TabPermissionCollection objTabPermissions = objTab.TabPermissions; foreach( TabPermissionInfo objTabPermission in objTabPermissions ) { objTabPermission.TabID = intTabId; if( objTabPermission.AllowAccess ) { objTabPermissionController.AddTabPermission( objTabPermission ); } } } if( !( Null.IsNull( objTab.PortalID ) ) ) { UpdatePortalTabOrder( objTab.PortalID, intTabId, objTab.ParentId, 0, 0, objTab.IsVisible, true ); } else // host tab { ArrayList arrTabs = GetTabsByParentId( objTab.ParentId, objTab.PortalID ); UpdateTabOrder( objTab.PortalID, intTabId, ( arrTabs.Count*2 ) - 1, 1, objTab.ParentId ); } if( AddAllTabsModules ) { ModuleController objmodules = new ModuleController(); ArrayList arrMods = objmodules.GetAllTabsModules( objTab.PortalID, true ); foreach( ModuleInfo objModule in arrMods ) { objmodules.CopyModule( objModule.ModuleID, objModule.TabID, intTabId, "", true ); } } ClearCache( objTab.PortalID ); return intTabId; }
private static bool CanAddContentToPage(ModuleInfo objModule) { TabInfo objTab = new TabController().GetTab(objModule.TabID, objModule.PortalID, false); return(TabPermissionController.CanAddContentToPage(objTab)); }
///----------------------------------------------------------------------------- /// <summary> /// Determines if user has the necessary permissions to access an item with the /// designated AccessLevel. /// </summary> /// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param> /// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param> /// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param> /// <returns>A boolean value indicating if the user has the necessary permissions</returns> /// <remarks>Every module control and module action has an associated permission level. This /// function determines whether the user represented by UserName has sufficient permissions, as /// determined by the PortalSettings and ModuleSettings, to access a resource with the /// designated AccessLevel.</remarks> ///----------------------------------------------------------------------------- public static bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration) { bool isAuthorized = false; UserInfo userInfo = UserController.GetCurrentUserInfo(); if (userInfo != null && userInfo.IsSuperUser) { isAuthorized = true; } else { switch (accessLevel) { case SecurityAccessLevel.Anonymous: isAuthorized = true; break; case SecurityAccessLevel.View: if (CanViewModule(moduleConfiguration)) { isAuthorized = true; } break; case SecurityAccessLevel.ViewPermissions: isAuthorized = TabPermissionController.CanAddContentToPage(); break; case SecurityAccessLevel.Edit: if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage())) { if (TabPermissionController.CanAddContentToPage()) { isAuthorized = true; } else { if (string.IsNullOrEmpty(permissionKey)) { permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE"; } if (CanViewModule(moduleConfiguration) && (HasModulePermission(moduleConfiguration.ModulePermissions, permissionKey) || HasModulePermission(moduleConfiguration.ModulePermissions, "EDIT"))) { isAuthorized = true; } } } break; case SecurityAccessLevel.Admin: if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage())) { isAuthorized = TabPermissionController.CanAddContentToPage(); } break; case SecurityAccessLevel.Host: break; } } return(isAuthorized); }
///----------------------------------------------------------------------------- /// <summary> /// Determines if user has the necessary permissions to access an item with the /// designated AccessLevel. /// </summary> /// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param> /// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param> /// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param> /// <returns>A boolean value indicating if the user has the necessary permissions</returns> /// <remarks>Every module control and module action has an associated permission level. This /// function determines whether the user represented by UserName has sufficient permissions, as /// determined by the PortalSettings and ModuleSettings, to access a resource with the /// designated AccessLevel.</remarks> ///----------------------------------------------------------------------------- public virtual bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration) { bool isAuthorized = false; UserInfo userInfo = UserController.Instance.GetCurrentUserInfo(); TabInfo tab = TabController.Instance.GetTab(moduleConfiguration.TabID, moduleConfiguration.PortalID, false); if (userInfo != null && userInfo.IsSuperUser) { isAuthorized = true; } else { switch (accessLevel) { case SecurityAccessLevel.Anonymous: isAuthorized = true; break; case SecurityAccessLevel.View: if (ModulePermissionController.CanViewModule(moduleConfiguration)) { isAuthorized = true; } break; case SecurityAccessLevel.ViewPermissions: isAuthorized = TabPermissionController.CanAddContentToPage(tab); break; case SecurityAccessLevel.Edit: if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab))) { if (string.IsNullOrEmpty(permissionKey)) { permissionKey = "CONTENT,DELETE,EXPORT,IMPORT,MANAGE"; } if (TabPermissionController.CanAddContentToPage()) { //Need to check for Deny Edit at the Module Level if (permissionKey == "CONTENT") { isAuthorized = !IsDeniedModulePermission(moduleConfiguration, permissionKey); } else { isAuthorized = true; } } else { // Need to check if it was denied at Tab level if (IsDeniedTabPermission(tab, "CONTENT,EDIT")) { isAuthorized = false; } else { isAuthorized = HasModulePermission(moduleConfiguration, permissionKey); } } } break; case SecurityAccessLevel.Admin: if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab))) { isAuthorized = TabPermissionController.CanAddContentToPage(tab); } break; case SecurityAccessLevel.Host: break; } } return(isAuthorized); }
private ModuleInfo FillModuleInfo(IDataReader dr, bool CheckForOpenDataReader, bool IncludePermissions) { ModuleInfo objModuleInfo = new ModuleInfo(); ModulePermissionController objModulePermissionController = new ModulePermissionController(); // read datareader bool canContinue = true; if (CheckForOpenDataReader) { canContinue = false; if (dr.Read()) { canContinue = true; } } if (canContinue) { objModuleInfo.PortalID = Convert.ToInt32(Null.SetNull(dr["PortalID"], objModuleInfo.PortalID)); objModuleInfo.TabID = Convert.ToInt32(Null.SetNull(dr["TabID"], objModuleInfo.TabID)); objModuleInfo.TabModuleID = Convert.ToInt32(Null.SetNull(dr["TabModuleID"], objModuleInfo.TabModuleID)); objModuleInfo.ModuleID = Convert.ToInt32(Null.SetNull(dr["ModuleID"], objModuleInfo.ModuleID)); objModuleInfo.ModuleDefID = Convert.ToInt32(Null.SetNull(dr["ModuleDefID"], objModuleInfo.ModuleDefID)); objModuleInfo.ModuleOrder = Convert.ToInt32(Null.SetNull(dr["ModuleOrder"], objModuleInfo.ModuleOrder)); objModuleInfo.PaneName = Convert.ToString(Null.SetNull(dr["PaneName"], objModuleInfo.PaneName)); objModuleInfo.ModuleTitle = Convert.ToString(Null.SetNull(dr["ModuleTitle"], objModuleInfo.ModuleTitle)); objModuleInfo.CacheTime = Convert.ToInt32(Null.SetNull(dr["CacheTime"], objModuleInfo.CacheTime)); objModuleInfo.Alignment = Convert.ToString(Null.SetNull(dr["Alignment"], objModuleInfo.Alignment)); objModuleInfo.Color = Convert.ToString(Null.SetNull(dr["Color"], objModuleInfo.Color)); objModuleInfo.Border = Convert.ToString(Null.SetNull(dr["Border"], objModuleInfo.Border)); objModuleInfo.IconFile = Convert.ToString(Null.SetNull(dr["IconFile"], objModuleInfo.IconFile)); objModuleInfo.AllTabs = Convert.ToBoolean(Null.SetNull(dr["AllTabs"], objModuleInfo.AllTabs)); int intVisibility = 0; if (((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 0) || ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == Null.NullInteger)) { objModuleInfo.Visibility = VisibilityState.Maximized; } else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 1) { objModuleInfo.Visibility = VisibilityState.Minimized; } else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 2) { objModuleInfo.Visibility = VisibilityState.None; } objModuleInfo.IsDeleted = Convert.ToBoolean(Null.SetNull(dr["IsDeleted"], objModuleInfo.IsDeleted)); objModuleInfo.Header = Convert.ToString(Null.SetNull(dr["Header"], objModuleInfo.Header)); objModuleInfo.Footer = Convert.ToString(Null.SetNull(dr["Footer"], objModuleInfo.Footer)); objModuleInfo.StartDate = Convert.ToDateTime(Null.SetNull(dr["StartDate"], objModuleInfo.StartDate)); objModuleInfo.EndDate = Convert.ToDateTime(Null.SetNull(dr["EndDate"], objModuleInfo.EndDate)); objModuleInfo.ContainerSrc = Convert.ToString(Null.SetNull(dr["ContainerSrc"], objModuleInfo.ContainerSrc)); objModuleInfo.DisplayTitle = Convert.ToBoolean(Null.SetNull(dr["DisplayTitle"], objModuleInfo.DisplayTitle)); objModuleInfo.DisplayPrint = Convert.ToBoolean(Null.SetNull(dr["DisplayPrint"], objModuleInfo.DisplayPrint)); objModuleInfo.DisplaySyndicate = Convert.ToBoolean(Null.SetNull(dr["DisplaySyndicate"], objModuleInfo.DisplaySyndicate)); objModuleInfo.InheritViewPermissions = Convert.ToBoolean(Null.SetNull(dr["InheritViewPermissions"], objModuleInfo.InheritViewPermissions)); objModuleInfo.DesktopModuleID = Convert.ToInt32(Null.SetNull(dr["DesktopModuleID"], objModuleInfo.DesktopModuleID)); objModuleInfo.FriendlyName = Convert.ToString(Null.SetNull(dr["FriendlyName"], objModuleInfo.FriendlyName)); objModuleInfo.Description = Convert.ToString(Null.SetNull(dr["Description"], objModuleInfo.Description)); objModuleInfo.Version = Convert.ToString(Null.SetNull(dr["Version"], objModuleInfo.Version)); objModuleInfo.IsPremium = Convert.ToBoolean(Null.SetNull(dr["IsPremium"], objModuleInfo.IsPremium)); objModuleInfo.IsAdmin = Convert.ToBoolean(Null.SetNull(dr["IsAdmin"], objModuleInfo.IsAdmin)); objModuleInfo.BusinessControllerClass = Convert.ToString(Null.SetNull(dr["BusinessControllerClass"], objModuleInfo.BusinessControllerClass)); objModuleInfo.SupportedFeatures = Convert.ToInt32(Null.SetNull(dr["SupportedFeatures"], objModuleInfo.SupportedFeatures)); objModuleInfo.ModuleControlId = Convert.ToInt32(Null.SetNull(dr["ModuleControlId"], objModuleInfo.ModuleControlId)); objModuleInfo.ControlSrc = Convert.ToString(Null.SetNull(dr["ControlSrc"], objModuleInfo.ControlSrc)); int intControlType = 0; if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -3) { objModuleInfo.ControlType = SecurityAccessLevel.ControlPanel; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -2) { objModuleInfo.ControlType = SecurityAccessLevel.SkinObject; } else if (((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -1) || ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == Null.NullInteger)) { objModuleInfo.ControlType = SecurityAccessLevel.Anonymous; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 0) { objModuleInfo.ControlType = SecurityAccessLevel.View; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 1) { objModuleInfo.ControlType = SecurityAccessLevel.Edit; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 2) { objModuleInfo.ControlType = SecurityAccessLevel.Admin; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 3) { objModuleInfo.ControlType = SecurityAccessLevel.Host; } objModuleInfo.ControlTitle = Convert.ToString(Null.SetNull(dr["ControlTitle"], objModuleInfo.ControlTitle)); objModuleInfo.HelpUrl = Convert.ToString(Null.SetNull(dr["HelpUrl"], objModuleInfo.HelpUrl)); if (IncludePermissions) { if (objModuleInfo != null) { //Get the Module permissions first (then we can parse the collection to determine the View/Edit Roles) objModuleInfo.ModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID(objModuleInfo.ModuleID, objModuleInfo.TabID); objModuleInfo.AuthorizedEditRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "EDIT"); if (objModuleInfo.AuthorizedEditRoles == ";") { // this code is here for legacy support - the AuthorizedEditRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objModuleInfo.AuthorizedEditRoles = Convert.ToString(Null.SetNull(dr["AuthorizedEditRoles"], objModuleInfo.AuthorizedEditRoles)); } catch { // the AuthorizedEditRoles field was removed from the Tabs table in 3.0 } } try { if (objModuleInfo.InheritViewPermissions) { TabPermissionController objTabPermissionController = new TabPermissionController(); TabPermissionCollection objTabPermissionCollection = objTabPermissionController.GetTabPermissionsCollectionByTabID(objModuleInfo.TabID, objModuleInfo.PortalID); objModuleInfo.AuthorizedViewRoles = objTabPermissionController.GetTabPermissions(objTabPermissionCollection, "VIEW"); } else { objModuleInfo.AuthorizedViewRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "VIEW"); } if (objModuleInfo.AuthorizedViewRoles == ";") { // this code is here for legacy support - the AuthorizedViewRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objModuleInfo.AuthorizedViewRoles = Convert.ToString(Null.SetNull(dr["AuthorizedViewRoles"], objModuleInfo.AuthorizedViewRoles)); } catch { // the AuthorizedViewRoles field was removed from the Tabs table in 3.0 } } } catch { } } } } else { objModuleInfo = null; } return objModuleInfo; }
/// <summary> /// UpgradeApplication - This overload is used for version specific application upgrade operations. /// </summary> /// <remarks> /// This should be used for file system modifications or upgrade operations which /// should only happen once. Database references are not recommended because future /// versions of the application may result in code incompatibilties. /// </remarks> /// <param name="Version">The Version being Upgraded</param> private static string UpgradeApplication(string Version) { string strExceptions = ""; try { switch (Version) { case "02.00.00": IDataReader dr; // change portal upload directory from GUID to ID - this only executes for version 2.0.0 string strServerPath = HttpContext.Current.Request.MapPath(Globals.ApplicationPath); string strPortalsDirMapPath = Globals.ApplicationMapPath + "/Portals/"; dr = DataProvider.Instance().GetPortals(); while (dr.Read()) { // if GUID folder exists if (Directory.Exists(strPortalsDirMapPath + dr["GUID"])) { // if ID folder exists ( this may happen because the 2.x release contains a default ID=0 folder ) if (Directory.Exists(strPortalsDirMapPath + dr["PortalID"])) { // rename the ID folder try { Directory.Move(strPortalsDirMapPath + dr["PortalID"], strServerPath + "\\Portals\\" + dr["PortalID"] + "_old"); } catch (Exception ex) { // error moving the directory - security issue? strExceptions += "Could Not Move Folder " + strPortalsDirMapPath + dr["GUID"] + " To " + strPortalsDirMapPath + dr["PortalID"] + ". Error: " + ex.Message + "\r\n"; } } // move GUID folder to ID folder try { Directory.Move(strPortalsDirMapPath + dr["GUID"], strPortalsDirMapPath + dr["PortalID"]); } catch (Exception ex) { // error moving the directory - security issue? strExceptions += "Could Not Move Folder " + strPortalsDirMapPath + dr["GUID"] + " To " + strPortalsDirMapPath + dr["PortalID"] + ". Error: " + ex.Message + "\r\n"; } } } dr.Close(); // copy the default style sheet to the default portal ( if it does not already exist ) if (File.Exists(strPortalsDirMapPath + "0\\portal.css") == false) { if (File.Exists(Globals.HostMapPath + "portal.css")) { File.Copy(Globals.HostMapPath + "portal.css", strPortalsDirMapPath + "0\\portal.css"); } } break; case "02.02.00": string strProviderPath = PortalSettings.GetProviderPath(); if (strProviderPath.StartsWith("ERROR:")) { strExceptions += strProviderPath; break; } //Optionally Install the memberRoleProvider bool installMemberRole = true; if (Config.GetSetting("InstallMemberRole") != null) { installMemberRole = bool.Parse(Config.GetSetting("InstallMemberRole")); } if (installMemberRole) { HtmlUtils.WriteFeedback(HttpContext.Current.Response, 0, "Installing MemberRole Provider:<br>"); strExceptions += InstallMemberRoleProvider(strProviderPath); } PortalController objPortalController = new PortalController(); ArrayList arrPortals; arrPortals = objPortalController.GetPortals(); int intViewModulePermissionID; int intEditModulePermissionID; int intViewTabPermissionID; int intEditTabPermissionID; int intReadFolderPermissionID; int intWriteFolderPermissionID; PermissionController objPermissionController = new PermissionController(); PermissionInfo objPermission = new PermissionInfo(); objPermission.PermissionCode = "SYSTEM_MODULE_DEFINITION"; objPermission.PermissionKey = "VIEW"; objPermission.PermissionName = "View"; objPermission.ModuleDefID = Null.NullInteger; objPermissionController.AddPermission(objPermission); objPermission.PermissionKey = "EDIT"; objPermission.PermissionName = "Edit"; objPermissionController.AddPermission(objPermission); objPermission.PermissionCode = "SYSTEM_TAB"; objPermission.PermissionKey = "VIEW"; objPermission.PermissionName = "View Tab"; objPermissionController.AddPermission(objPermission); objPermission.PermissionKey = "EDIT"; objPermission.PermissionName = "Edit Tab"; objPermissionController.AddPermission(objPermission); objPermission.PermissionCode = "SYSTEM_FOLDER"; objPermission.PermissionKey = "READ"; objPermission.PermissionName = "View Folder"; intReadFolderPermissionID = objPermissionController.AddPermission(objPermission); objPermission.PermissionKey = "WRITE"; objPermission.PermissionName = "Write to Folder"; intWriteFolderPermissionID = objPermissionController.AddPermission(objPermission); FolderController objFolderController = new FolderController(); FolderPermissionController objFolderPermissionController = new FolderPermissionController(); int PortalCount; for (PortalCount = 0; PortalCount <= arrPortals.Count - 1; PortalCount++) { PortalInfo objPortal = (PortalInfo)arrPortals[PortalCount]; int FolderID = objFolderController.AddFolder(objPortal.PortalID, "", (int)FolderController.StorageLocationTypes.InsecureFileSystem, true, false); FolderPermissionInfo objFolderPermission = new FolderPermissionInfo(); objFolderPermission.FolderID = FolderID; objFolderPermission.PermissionID = intReadFolderPermissionID; objFolderPermission.AllowAccess = true; objFolderPermission.RoleID = objPortal.AdministratorRoleId; objFolderPermissionController.AddFolderPermission(objFolderPermission); objFolderPermission.PermissionID = intWriteFolderPermissionID; objFolderPermissionController.AddFolderPermission(objFolderPermission); //TODO: loop through folders recursively here //in case they created any nested folders //and assign priveledges accordingly } //Transfer Users to the Membership Provider MembershipProvider provider = MembershipProvider.Instance(); provider.TransferUsersToMembershipProvider(); ModuleController objModuleController = new ModuleController(); ArrayList arrModules = objModuleController.GetAllModules(); ModulePermissionController objModulePermissionController = new ModulePermissionController(); int ModCount; for (ModCount = 0; ModCount <= arrModules.Count - 1; ModCount++) { ModuleInfo objModule = (ModuleInfo)arrModules[ModCount]; ModulePermissionInfo objModulePermission = new ModulePermissionInfo(); objModulePermission.ModuleID = objModule.ModuleID; int k; string[] roles; if (objModule.AuthorizedViewRoles.IndexOf(";") > 0) { roles = objModule.AuthorizedViewRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intViewModulePermissionID)) { objModulePermission.PermissionID = intViewModulePermissionID; objModulePermission.AllowAccess = true; objModulePermission.RoleID = Convert.ToInt32(roles[k]); objModulePermissionController.AddModulePermission(objModulePermission); } } } if (objModule.AuthorizedEditRoles.IndexOf(";") > 0) { roles = objModule.AuthorizedEditRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intEditModulePermissionID)) { objModulePermission.PermissionID = intEditModulePermissionID; objModulePermission.AllowAccess = true; objModulePermission.RoleID = Convert.ToInt32(roles[k]); objModulePermissionController.AddModulePermission(objModulePermission); } } } } ArrayList arrTabs; TabController objTabController = new TabController(); arrTabs = objTabController.GetAllTabs(); TabPermissionController objTabPermissionController = new TabPermissionController(); for (ModCount = 0; ModCount <= arrTabs.Count - 1; ModCount++) { TabInfo objTab = (TabInfo)arrTabs[ModCount]; TabPermissionInfo objTabPermission = new TabPermissionInfo(); objTabPermission.TabID = objTab.TabID; int k; string[] roles; if (objTab.AuthorizedRoles.IndexOf(";") > 0) { roles = objTab.AuthorizedRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intViewTabPermissionID)) { objTabPermission.PermissionID = intViewTabPermissionID; objTabPermission.AllowAccess = true; objTabPermission.RoleID = Convert.ToInt32(roles[k]); objTabPermissionController.AddTabPermission(objTabPermission); } } } if (objTab.AdministratorRoles.IndexOf(";") > 0) { roles = objTab.AdministratorRoles.Split(';'); for (k = 0; k <= roles.Length - 1; k++) { if (Int32.TryParse(roles[k], out intEditTabPermissionID)) { objTabPermission.PermissionID = intEditTabPermissionID; objTabPermission.AllowAccess = true; objTabPermission.RoleID = Convert.ToInt32(roles[k]); objTabPermissionController.AddTabPermission(objTabPermission); } } } } break; case "03.00.01": objTabController = new TabController(); arrTabs = objTabController.GetAllTabs(); int TabCount; for (TabCount = 0; TabCount <= arrTabs.Count - 1; TabCount++) { TabInfo objTab = (TabInfo)arrTabs[TabCount]; if (objTab != null) { objTab.TabPath = Globals.GenerateTabPath(objTab.ParentId, objTab.TabName); DataProvider.Instance().UpdateTab(objTab.TabID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.IsDeleted, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate); } } break; case "03.00.06": //Need to clear the cache to pick up new HostSettings from the SQLDataProvider script DataCache.RemoveCache("GetHostSettings"); break; case "03.00.11": //Need to convert any Profile Data to use XmlSerialization as Binary Formatting //is not supported under Medium Trust //Get all the Profiles PersonalizationController objPersonalizationController = new PersonalizationController(); dr = DataProvider.Instance().GetAllProfiles(); while (dr.Read()) { //Load Profile Data (using Binary Formatter method) PersonalizationInfo objPersonalization = new PersonalizationInfo(); try { objPersonalization.UserId = Convert.ToInt32(Null.SetNull(dr["UserID"], objPersonalization.UserId)); } catch { } try { objPersonalization.PortalId = Convert.ToInt32(Null.SetNull(dr["PortalId"], objPersonalization.PortalId)); } catch { } objPersonalization.Profile = Globals.DeserializeHashTableBase64(dr["ProfileData"].ToString()); objPersonalization.IsModified = true; //Save Profile Data (using XML Serializer) objPersonalizationController.SaveProfile(objPersonalization); } dr.Close(); break; case "03.00.12": //If we are upgrading from a 3.0.x version then we need to upgrade the MembershipProvider if (upgradeMemberShipProvider) { strProviderPath = PortalSettings.GetProviderPath(); StreamReader objStreamReader; string strScript; //Upgrade provider HtmlUtils.WriteFeedback(HttpContext.Current.Response, 0, "Executing UpgradeMembershipProvider.sql<br>"); objStreamReader = File.OpenText(strProviderPath + "UpgradeMembershipProvider.sql"); strScript = objStreamReader.ReadToEnd(); objStreamReader.Close(); strExceptions += PortalSettings.ExecuteScript(strScript); } break; case "03.01.00": LogController objLogController = new LogController(); XmlDocument xmlDoc = new XmlDocument(); string xmlConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\LogConfig.xml.resources"; try { xmlDoc.Load(xmlConfigFile); } catch (FileNotFoundException) { xmlConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\LogConfigTemplate.xml.resources"; xmlDoc.Load(xmlConfigFile); } XmlNodeList LogType = xmlDoc.SelectNodes("/LogConfig/LogTypes/LogType"); foreach (XmlNode LogTypeInfo in LogType) { LogTypeInfo objLogTypeInfo = new LogTypeInfo(); objLogTypeInfo.LogTypeKey = LogTypeInfo.Attributes["LogTypeKey"].Value; objLogTypeInfo.LogTypeFriendlyName = LogTypeInfo.Attributes["LogTypeFriendlyName"].Value; objLogTypeInfo.LogTypeDescription = LogTypeInfo.Attributes["LogTypeDescription"].Value; objLogTypeInfo.LogTypeCSSClass = LogTypeInfo.Attributes["LogTypeCSSClass"].Value; objLogTypeInfo.LogTypeOwner = LogTypeInfo.Attributes["LogTypeOwner"].Value; objLogController.AddLogType(objLogTypeInfo); } XmlNodeList LogTypeConfig = xmlDoc.SelectNodes("/LogConfig/LogTypeConfig"); foreach (XmlNode LogTypeConfigInfo in LogTypeConfig) { LogTypeConfigInfo objLogTypeConfig = new LogTypeConfigInfo(); objLogTypeConfig.EmailNotificationIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["EmailNotificationStatus"].Value == "On") ? true : false); objLogTypeConfig.KeepMostRecent = LogTypeConfigInfo.Attributes["KeepMostRecent"].Value; objLogTypeConfig.LoggingIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["LoggingStatus"].Value == "On") ? true : false); objLogTypeConfig.LogTypeKey = LogTypeConfigInfo.Attributes["LogTypeKey"].Value; objLogTypeConfig.LogTypePortalID = LogTypeConfigInfo.Attributes["LogTypePortalID"].Value; objLogTypeConfig.MailFromAddress = LogTypeConfigInfo.Attributes["MailFromAddress"].Value; objLogTypeConfig.MailToAddress = LogTypeConfigInfo.Attributes["MailToAddress"].Value; objLogTypeConfig.NotificationThreshold = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThreshold"].Value); objLogTypeConfig.NotificationThresholdTime = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThresholdTime"].Value); objLogTypeConfig.NotificationThresholdTimeType = (LogTypeConfigInfo.NotificationThresholdTimeTypes)Enum.Parse(typeof(LogTypeConfigInfo.NotificationThresholdTimeTypes), LogTypeConfigInfo.Attributes["NotificationThresholdTimeType"].Value); objLogController.AddLogTypeConfigInfo(objLogTypeConfig); } ScheduleItem objScheduleItem = new ScheduleItem(); objScheduleItem.TypeFullName = "DotNetNuke.Services.Cache.PurgeCache, DOTNETNUKE"; objScheduleItem.AttachToEvent = ""; objScheduleItem.CatchUpEnabled = false; if (Globals.WebFarmEnabled) { objScheduleItem.Enabled = true; } else { objScheduleItem.Enabled = false; } objScheduleItem.ObjectDependencies = ""; objScheduleItem.RetainHistoryNum = 10; objScheduleItem.Servers = ""; objScheduleItem.TimeLapse = 2; objScheduleItem.TimeLapseMeasurement = "hz"; objScheduleItem.RetryTimeLapse = 30; objScheduleItem.RetryTimeLapseMeasurement = "m"; SchedulingProvider.Instance().AddSchedule(objScheduleItem); break; case "03.02.03": //add new SecurityException LogController objSecLogController = new LogController(); XmlDocument xmlSecDoc = new XmlDocument(); string xmlSecConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\SecurityExceptionTemplate.xml.resources"; try { xmlSecDoc.Load(xmlSecConfigFile); } catch (FileNotFoundException) { // xmlConfigFile = Common.Globals.HostMapPath + "Logs\LogConfig\LogConfigTemplate.xml.resources" // xmlDoc.Load(xmlConfigFile) } LogType = xmlSecDoc.SelectNodes("/LogConfig/LogTypes/LogType"); foreach (XmlNode LogTypeInfo in LogType) { LogTypeInfo objLogTypeInfo = new LogTypeInfo(); objLogTypeInfo.LogTypeKey = LogTypeInfo.Attributes["LogTypeKey"].Value; objLogTypeInfo.LogTypeFriendlyName = LogTypeInfo.Attributes["LogTypeFriendlyName"].Value; objLogTypeInfo.LogTypeDescription = LogTypeInfo.Attributes["LogTypeDescription"].Value; objLogTypeInfo.LogTypeCSSClass = LogTypeInfo.Attributes["LogTypeCSSClass"].Value; objLogTypeInfo.LogTypeOwner = LogTypeInfo.Attributes["LogTypeOwner"].Value; objSecLogController.AddLogType(objLogTypeInfo); } LogTypeConfig = xmlSecDoc.SelectNodes("/LogConfig/LogTypeConfig"); foreach (XmlNode LogTypeConfigInfo in LogTypeConfig) { LogTypeConfigInfo objLogTypeConfig = new LogTypeConfigInfo(); objLogTypeConfig.EmailNotificationIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["EmailNotificationStatus"].Value == "On") ? true : false); objLogTypeConfig.KeepMostRecent = LogTypeConfigInfo.Attributes["KeepMostRecent"].Value; objLogTypeConfig.LoggingIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["LoggingStatus"].Value == "On") ? true : false); objLogTypeConfig.LogTypeKey = LogTypeConfigInfo.Attributes["LogTypeKey"].Value; objLogTypeConfig.LogTypePortalID = LogTypeConfigInfo.Attributes["LogTypePortalID"].Value; objLogTypeConfig.MailFromAddress = LogTypeConfigInfo.Attributes["MailFromAddress"].Value; objLogTypeConfig.MailToAddress = LogTypeConfigInfo.Attributes["MailToAddress"].Value; objLogTypeConfig.NotificationThreshold = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThreshold"].Value); objLogTypeConfig.NotificationThresholdTime = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThresholdTime"].Value); objLogTypeConfig.NotificationThresholdTimeType = (LogTypeConfigInfo.NotificationThresholdTimeTypes)Enum.Parse(typeof(LogTypeConfigInfo.NotificationThresholdTimeTypes), LogTypeConfigInfo.Attributes["NotificationThresholdTimeType"].Value); objSecLogController.AddLogTypeConfigInfo(objLogTypeConfig); } break; } } catch (Exception ex) { strExceptions += "Error: " + ex.Message + "\r\n"; try { Exceptions.Exceptions.LogException(ex); } catch { // ignore } } return strExceptions; }