/// <param name="moduleId"></param>
/// <param name="tabId"></param>
/// <param name="permissionKey">You can use the constants, but for modules there are only
/// those two</param>
/// <returns></returns>
public static bool canUserAccessModule(UserInfo user, int portalId, int tabId, ModuleInfo moduleInfo, string permissionKey)
{
var retVal = false;
string permissionsString = null;
if (moduleInfo.InheritViewPermissions)
{
var tabPermissionController = new TabPermissionController();
var tabPermissionCollection =
tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId);
permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey);
}
else
{
var modulePermissionController = new ModulePermissionController();
var permissionCollection =
modulePermissionController.GetModulePermissionsCollectionByModuleID(moduleInfo.ModuleID, tabId);
permissionsString = modulePermissionController.GetModulePermissions(permissionCollection, permissionKey);
}
char[] splitter = { ';' };
var roles = permissionsString.Split(splitter);
foreach (var role in roles)
{
if (role.Length > 0)
{
if (user != null && user.IsInRole(role))
retVal = true;
else if (user == null && role.ToLower().Equals("all users"))
retVal = true;
}
}
return retVal;
}
public static bool CanViewModule(ModuleInfo module)
{
bool canView;
if (module.InheritViewPermissions)
{
TabInfo objTab = new TabController().GetTab(module.TabID, module.PortalID, false);
canView = TabPermissionController.CanViewPage(objTab);
}
else
{
canView = Provider.CanViewModule(module);
}
return(canView);
}
/// <summary>
/// Returns a flag indicating whether the current user can view a module
/// </summary>
/// <param name="module">The page</param>
/// <returns>A flag indicating whether the user has permission</returns>
public virtual bool CanViewModule(ModuleInfo module)
{
bool canView;
if (module.InheritViewPermissions)
{
TabInfo objTab = TabController.Instance.GetTab(module.TabID, module.PortalID, false);
canView = TabPermissionController.CanViewPage(objTab);
}
else
{
canView = PortalSecurity.IsInRoles(module.ModulePermissions.ToString(ViewModulePermissionKey));
}
return(canView);
}
/// <remarks>Source/Template from SecurityContext.canUserAccessModule()</remarks>
private static bool CanUserViewTab(UserInfo user, int portalId, int tabId, string permissionKey = "VIEW")
{
//var retVal = false;
var tabPermissionController = new TabPermissionController();
var tabPermissionCollection = tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId);
var permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey);
char[] splitter = { ';' };
var roles = permissionsString.Split(splitter);
foreach (var role in roles.Where(role => role.Length > 0))
{
if (user != null && user.IsInRole(role))
return true;
if (role.ToLower().Equals("all users"))
return true;
}
return false;
}
public void CopyPermissionsToChildren( ArrayList tabs, TabPermissionCollection newPermissions )
{
TabPermissionController objTabPermissionController = new TabPermissionController();
foreach( TabInfo objTab in tabs )
{
TabPermissionCollection objCurrentTabPermissions = objTabPermissionController.GetTabPermissionsCollectionByTabID( objTab.TabID, objTab.PortalID );
if( !( objCurrentTabPermissions.CompareTo( newPermissions ) ) )
{
objTabPermissionController.DeleteTabPermissionsByTabID( objTab.TabID );
foreach( TabPermissionInfo objTabPermission in newPermissions )
{
if( objTabPermission.AllowAccess )
{
objTabPermission.TabID = objTab.TabID;
objTabPermissionController.AddTabPermission( objTabPermission );
}
}
}
}
if( tabs.Count > 0 )
{
DataCache.ClearTabsCache( ( (TabInfo)( tabs[0] ) ).PortalID );
}
}
public void UpdateTab( TabInfo objTab )
{
bool updateChildren = false;
TabInfo objTmpTab = GetTab( objTab.TabID, objTab.PortalID, false );
if( objTmpTab.TabName != objTab.TabName | objTmpTab.ParentId != objTab.ParentId )
{
updateChildren = true;
}
UpdatePortalTabOrder( objTab.PortalID, objTab.TabID, objTab.ParentId, 0, 0, objTab.IsVisible );
DataProvider.Instance().UpdateTab( objTab.TabID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.IsDeleted, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate, objTab.RefreshInterval, objTab.PageHeadText );
TabPermissionController objTabPermissionController = new TabPermissionController();
TabPermissionCollection objTabPermissions = objTab.TabPermissions;
TabPermissionCollection objCurrentTabPermissions = objTabPermissionController.GetTabPermissionsCollectionByTabID( objTab.TabID, objTab.PortalID );
if( !( objCurrentTabPermissions.CompareTo( objTab.TabPermissions ) ) )
{
objTabPermissionController.DeleteTabPermissionsByTabID( objTab.TabID );
foreach( TabPermissionInfo objTabPermission in objTabPermissions )
{
if( objTabPermission.AllowAccess )
{
objTabPermissionController.AddTabPermission( objTabPermission );
}
}
}
if( updateChildren )
{
UpdateChildTabPath( objTab.TabID, objTab.PortalID );
}
ClearCache( objTab.PortalID );
}
private static TabInfo FillTabInfo( IDataReader dr, bool CheckForOpenDataReader )
{
TabInfo objTabInfo = new TabInfo();
TabPermissionController objTabPermissionController = new TabPermissionController();
// read datareader
bool canContinue = true;
if( CheckForOpenDataReader )
{
canContinue = false;
if( dr.Read() )
{
canContinue = true;
}
}
if( canContinue )
{
objTabInfo.TabID = Convert.ToInt32( Null.SetNull( dr["TabID"], objTabInfo.TabID ) );
objTabInfo.TabOrder = Convert.ToInt32( Null.SetNull( dr["TabOrder"], objTabInfo.TabOrder ) );
objTabInfo.PortalID = Convert.ToInt32( Null.SetNull( dr["PortalID"], objTabInfo.PortalID ) );
objTabInfo.TabName = Convert.ToString( Null.SetNull( dr["TabName"], objTabInfo.TabName ) );
objTabInfo.IsVisible = Convert.ToBoolean( Null.SetNull( dr["IsVisible"], objTabInfo.IsVisible ) );
objTabInfo.ParentId = Convert.ToInt32( Null.SetNull( dr["ParentId"], objTabInfo.ParentId ) );
objTabInfo.Level = Convert.ToInt32( Null.SetNull( dr["Level"], objTabInfo.Level ) );
objTabInfo.IconFile = Convert.ToString( Null.SetNull( dr["IconFile"], objTabInfo.IconFile ) );
objTabInfo.DisableLink = Convert.ToBoolean( Null.SetNull( dr["DisableLink"], objTabInfo.DisableLink ) );
objTabInfo.Title = Convert.ToString( Null.SetNull( dr["Title"], objTabInfo.Title ) );
objTabInfo.Description = Convert.ToString( Null.SetNull( dr["Description"], objTabInfo.Description ) );
objTabInfo.KeyWords = Convert.ToString( Null.SetNull( dr["KeyWords"], objTabInfo.KeyWords ) );
objTabInfo.IsDeleted = Convert.ToBoolean( Null.SetNull( dr["IsDeleted"], objTabInfo.IsDeleted ) );
objTabInfo.Url = Convert.ToString( Null.SetNull( dr["Url"], objTabInfo.Url ) );
objTabInfo.SkinSrc = Convert.ToString( Null.SetNull( dr["SkinSrc"], objTabInfo.SkinSrc ) );
objTabInfo.ContainerSrc = Convert.ToString( Null.SetNull( dr["ContainerSrc"], objTabInfo.ContainerSrc ) );
objTabInfo.TabPath = Convert.ToString( Null.SetNull( dr["TabPath"], objTabInfo.TabPath ) );
objTabInfo.StartDate = Convert.ToDateTime( Null.SetNull( dr["StartDate"], objTabInfo.StartDate ) );
objTabInfo.EndDate = Convert.ToDateTime( Null.SetNull( dr["EndDate"], objTabInfo.EndDate ) );
objTabInfo.HasChildren = Convert.ToBoolean( Null.SetNull( dr["HasChildren"], objTabInfo.HasChildren ) );
objTabInfo.RefreshInterval = Convert.ToInt32( Null.SetNull( dr["RefreshInterval"], objTabInfo.RefreshInterval ) );
objTabInfo.PageHeadText = Convert.ToString( Null.SetNull( dr["PageHeadText"], objTabInfo.PageHeadText ) );
if( objTabInfo != null )
{
objTabInfo.TabPermissions = objTabPermissionController.GetTabPermissionsCollectionByTabID( objTabInfo.TabID, objTabInfo.PortalID );
objTabInfo.AdministratorRoles = objTabPermissionController.GetTabPermissions( objTabInfo.TabPermissions, "EDIT" );
if( objTabInfo.AdministratorRoles == ";" )
{
// this code is here for legacy support - the AdministratorRoles were stored as a concatenated list of roleids prior to DNN 3.0
try
{
objTabInfo.AdministratorRoles = Convert.ToString( Null.SetNull( dr["AdministratorRoles"], objTabInfo.AdministratorRoles ) );
}
catch
{
// the AdministratorRoles field was removed from the Tabs table in 3.0
}
}
objTabInfo.AuthorizedRoles = objTabPermissionController.GetTabPermissions( objTabInfo.TabPermissions, "VIEW" );
if( objTabInfo.AuthorizedRoles == ";" )
{
// this code is here for legacy support - the AuthorizedRoles were stored as a concatenated list of roleids prior to DNN 3.0
try
{
objTabInfo.AuthorizedRoles = Convert.ToString( Null.SetNull( dr["AuthorizedRoles"], objTabInfo.AuthorizedRoles ) );
}
catch
{
// the AuthorizedRoles field was removed from the Tabs table in 3.0
}
}
}
objTabInfo.BreadCrumbs = null;
objTabInfo.Panes = null;
objTabInfo.Modules = null;
}
else
{
objTabInfo = null;
}
return objTabInfo;
}
public int AddTab( TabInfo objTab, bool AddAllTabsModules )
{
int intTabId;
objTab.TabPath = Globals.GenerateTabPath( objTab.ParentId, objTab.TabName );
intTabId = DataProvider.Instance().AddTab( objTab.PortalID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate, objTab.RefreshInterval, objTab.PageHeadText );
TabPermissionController objTabPermissionController = new TabPermissionController();
if( objTab.TabPermissions != null )
{
TabPermissionCollection objTabPermissions = objTab.TabPermissions;
foreach( TabPermissionInfo objTabPermission in objTabPermissions )
{
objTabPermission.TabID = intTabId;
if( objTabPermission.AllowAccess )
{
objTabPermissionController.AddTabPermission( objTabPermission );
}
}
}
if( !( Null.IsNull( objTab.PortalID ) ) )
{
UpdatePortalTabOrder( objTab.PortalID, intTabId, objTab.ParentId, 0, 0, objTab.IsVisible, true );
}
else // host tab
{
ArrayList arrTabs = GetTabsByParentId( objTab.ParentId, objTab.PortalID );
UpdateTabOrder( objTab.PortalID, intTabId, ( arrTabs.Count*2 ) - 1, 1, objTab.ParentId );
}
if( AddAllTabsModules )
{
ModuleController objmodules = new ModuleController();
ArrayList arrMods = objmodules.GetAllTabsModules( objTab.PortalID, true );
foreach( ModuleInfo objModule in arrMods )
{
objmodules.CopyModule( objModule.ModuleID, objModule.TabID, intTabId, "", true );
}
}
ClearCache( objTab.PortalID );
return intTabId;
}
private static bool CanAddContentToPage(ModuleInfo objModule)
{
TabInfo objTab = new TabController().GetTab(objModule.TabID, objModule.PortalID, false);
return(TabPermissionController.CanAddContentToPage(objTab));
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public static bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
bool isAuthorized = false;
UserInfo userInfo = UserController.GetCurrentUserInfo();
if (userInfo != null && userInfo.IsSuperUser)
{
isAuthorized = true;
}
else
{
switch (accessLevel)
{
case SecurityAccessLevel.Anonymous:
isAuthorized = true;
break;
case SecurityAccessLevel.View:
if (CanViewModule(moduleConfiguration))
{
isAuthorized = true;
}
break;
case SecurityAccessLevel.ViewPermissions:
isAuthorized = TabPermissionController.CanAddContentToPage();
break;
case SecurityAccessLevel.Edit:
if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) &&
TabPermissionController.CanAddContentToPage()))
{
if (TabPermissionController.CanAddContentToPage())
{
isAuthorized = true;
}
else
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EDIT,EXPORT,IMPORT,MANAGE";
}
if (CanViewModule(moduleConfiguration) &&
(HasModulePermission(moduleConfiguration.ModulePermissions, permissionKey) ||
HasModulePermission(moduleConfiguration.ModulePermissions, "EDIT")))
{
isAuthorized = true;
}
}
}
break;
case SecurityAccessLevel.Admin:
if (moduleConfiguration != null && !((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) &&
TabPermissionController.CanAddContentToPage()))
{
isAuthorized = TabPermissionController.CanAddContentToPage();
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return(isAuthorized);
}
///-----------------------------------------------------------------------------
/// <summary>
/// Determines if user has the necessary permissions to access an item with the
/// designated AccessLevel.
/// </summary>
/// <param name="accessLevel">The SecurityAccessLevel required to access a portal module or module action.</param>
/// <param name="permissionKey">If Security Access is Edit the permissionKey is the actual "edit" permisison required.</param>
/// <param name="moduleConfiguration">The ModuleInfo object for the associated module.</param>
/// <returns>A boolean value indicating if the user has the necessary permissions</returns>
/// <remarks>Every module control and module action has an associated permission level. This
/// function determines whether the user represented by UserName has sufficient permissions, as
/// determined by the PortalSettings and ModuleSettings, to access a resource with the
/// designated AccessLevel.</remarks>
///-----------------------------------------------------------------------------
public virtual bool HasModuleAccess(SecurityAccessLevel accessLevel, string permissionKey, ModuleInfo moduleConfiguration)
{
bool isAuthorized = false;
UserInfo userInfo = UserController.Instance.GetCurrentUserInfo();
TabInfo tab = TabController.Instance.GetTab(moduleConfiguration.TabID, moduleConfiguration.PortalID, false);
if (userInfo != null && userInfo.IsSuperUser)
{
isAuthorized = true;
}
else
{
switch (accessLevel)
{
case SecurityAccessLevel.Anonymous:
isAuthorized = true;
break;
case SecurityAccessLevel.View:
if (ModulePermissionController.CanViewModule(moduleConfiguration))
{
isAuthorized = true;
}
break;
case SecurityAccessLevel.ViewPermissions:
isAuthorized = TabPermissionController.CanAddContentToPage(tab);
break;
case SecurityAccessLevel.Edit:
if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab)))
{
if (string.IsNullOrEmpty(permissionKey))
{
permissionKey = "CONTENT,DELETE,EXPORT,IMPORT,MANAGE";
}
if (TabPermissionController.CanAddContentToPage())
{
//Need to check for Deny Edit at the Module Level
if (permissionKey == "CONTENT")
{
isAuthorized = !IsDeniedModulePermission(moduleConfiguration, permissionKey);
}
else
{
isAuthorized = true;
}
}
else
{
// Need to check if it was denied at Tab level
if (IsDeniedTabPermission(tab, "CONTENT,EDIT"))
{
isAuthorized = false;
}
else
{
isAuthorized = HasModulePermission(moduleConfiguration, permissionKey);
}
}
}
break;
case SecurityAccessLevel.Admin:
if (!((moduleConfiguration.IsShared && moduleConfiguration.IsShareableViewOnly) && TabPermissionController.CanAddContentToPage(tab)))
{
isAuthorized = TabPermissionController.CanAddContentToPage(tab);
}
break;
case SecurityAccessLevel.Host:
break;
}
}
return(isAuthorized);
}
private ModuleInfo FillModuleInfo(IDataReader dr, bool CheckForOpenDataReader, bool IncludePermissions)
{
ModuleInfo objModuleInfo = new ModuleInfo();
ModulePermissionController objModulePermissionController = new ModulePermissionController();
// read datareader
bool canContinue = true;
if (CheckForOpenDataReader)
{
canContinue = false;
if (dr.Read())
{
canContinue = true;
}
}
if (canContinue)
{
objModuleInfo.PortalID = Convert.ToInt32(Null.SetNull(dr["PortalID"], objModuleInfo.PortalID));
objModuleInfo.TabID = Convert.ToInt32(Null.SetNull(dr["TabID"], objModuleInfo.TabID));
objModuleInfo.TabModuleID = Convert.ToInt32(Null.SetNull(dr["TabModuleID"], objModuleInfo.TabModuleID));
objModuleInfo.ModuleID = Convert.ToInt32(Null.SetNull(dr["ModuleID"], objModuleInfo.ModuleID));
objModuleInfo.ModuleDefID = Convert.ToInt32(Null.SetNull(dr["ModuleDefID"], objModuleInfo.ModuleDefID));
objModuleInfo.ModuleOrder = Convert.ToInt32(Null.SetNull(dr["ModuleOrder"], objModuleInfo.ModuleOrder));
objModuleInfo.PaneName = Convert.ToString(Null.SetNull(dr["PaneName"], objModuleInfo.PaneName));
objModuleInfo.ModuleTitle = Convert.ToString(Null.SetNull(dr["ModuleTitle"], objModuleInfo.ModuleTitle));
objModuleInfo.CacheTime = Convert.ToInt32(Null.SetNull(dr["CacheTime"], objModuleInfo.CacheTime));
objModuleInfo.Alignment = Convert.ToString(Null.SetNull(dr["Alignment"], objModuleInfo.Alignment));
objModuleInfo.Color = Convert.ToString(Null.SetNull(dr["Color"], objModuleInfo.Color));
objModuleInfo.Border = Convert.ToString(Null.SetNull(dr["Border"], objModuleInfo.Border));
objModuleInfo.IconFile = Convert.ToString(Null.SetNull(dr["IconFile"], objModuleInfo.IconFile));
objModuleInfo.AllTabs = Convert.ToBoolean(Null.SetNull(dr["AllTabs"], objModuleInfo.AllTabs));
int intVisibility = 0;
if (((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 0) || ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == Null.NullInteger))
{
objModuleInfo.Visibility = VisibilityState.Maximized;
}
else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 1)
{
objModuleInfo.Visibility = VisibilityState.Minimized;
}
else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 2)
{
objModuleInfo.Visibility = VisibilityState.None;
}
objModuleInfo.IsDeleted = Convert.ToBoolean(Null.SetNull(dr["IsDeleted"], objModuleInfo.IsDeleted));
objModuleInfo.Header = Convert.ToString(Null.SetNull(dr["Header"], objModuleInfo.Header));
objModuleInfo.Footer = Convert.ToString(Null.SetNull(dr["Footer"], objModuleInfo.Footer));
objModuleInfo.StartDate = Convert.ToDateTime(Null.SetNull(dr["StartDate"], objModuleInfo.StartDate));
objModuleInfo.EndDate = Convert.ToDateTime(Null.SetNull(dr["EndDate"], objModuleInfo.EndDate));
objModuleInfo.ContainerSrc = Convert.ToString(Null.SetNull(dr["ContainerSrc"], objModuleInfo.ContainerSrc));
objModuleInfo.DisplayTitle = Convert.ToBoolean(Null.SetNull(dr["DisplayTitle"], objModuleInfo.DisplayTitle));
objModuleInfo.DisplayPrint = Convert.ToBoolean(Null.SetNull(dr["DisplayPrint"], objModuleInfo.DisplayPrint));
objModuleInfo.DisplaySyndicate = Convert.ToBoolean(Null.SetNull(dr["DisplaySyndicate"], objModuleInfo.DisplaySyndicate));
objModuleInfo.InheritViewPermissions = Convert.ToBoolean(Null.SetNull(dr["InheritViewPermissions"], objModuleInfo.InheritViewPermissions));
objModuleInfo.DesktopModuleID = Convert.ToInt32(Null.SetNull(dr["DesktopModuleID"], objModuleInfo.DesktopModuleID));
objModuleInfo.FriendlyName = Convert.ToString(Null.SetNull(dr["FriendlyName"], objModuleInfo.FriendlyName));
objModuleInfo.Description = Convert.ToString(Null.SetNull(dr["Description"], objModuleInfo.Description));
objModuleInfo.Version = Convert.ToString(Null.SetNull(dr["Version"], objModuleInfo.Version));
objModuleInfo.IsPremium = Convert.ToBoolean(Null.SetNull(dr["IsPremium"], objModuleInfo.IsPremium));
objModuleInfo.IsAdmin = Convert.ToBoolean(Null.SetNull(dr["IsAdmin"], objModuleInfo.IsAdmin));
objModuleInfo.BusinessControllerClass = Convert.ToString(Null.SetNull(dr["BusinessControllerClass"], objModuleInfo.BusinessControllerClass));
objModuleInfo.SupportedFeatures = Convert.ToInt32(Null.SetNull(dr["SupportedFeatures"], objModuleInfo.SupportedFeatures));
objModuleInfo.ModuleControlId = Convert.ToInt32(Null.SetNull(dr["ModuleControlId"], objModuleInfo.ModuleControlId));
objModuleInfo.ControlSrc = Convert.ToString(Null.SetNull(dr["ControlSrc"], objModuleInfo.ControlSrc));
int intControlType = 0;
if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -3)
{
objModuleInfo.ControlType = SecurityAccessLevel.ControlPanel;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -2)
{
objModuleInfo.ControlType = SecurityAccessLevel.SkinObject;
}
else if (((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -1) || ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == Null.NullInteger))
{
objModuleInfo.ControlType = SecurityAccessLevel.Anonymous;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 0)
{
objModuleInfo.ControlType = SecurityAccessLevel.View;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 1)
{
objModuleInfo.ControlType = SecurityAccessLevel.Edit;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 2)
{
objModuleInfo.ControlType = SecurityAccessLevel.Admin;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 3)
{
objModuleInfo.ControlType = SecurityAccessLevel.Host;
}
objModuleInfo.ControlTitle = Convert.ToString(Null.SetNull(dr["ControlTitle"], objModuleInfo.ControlTitle));
objModuleInfo.HelpUrl = Convert.ToString(Null.SetNull(dr["HelpUrl"], objModuleInfo.HelpUrl));
if (IncludePermissions)
{
if (objModuleInfo != null)
{
//Get the Module permissions first (then we can parse the collection to determine the View/Edit Roles)
objModuleInfo.ModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID(objModuleInfo.ModuleID, objModuleInfo.TabID);
objModuleInfo.AuthorizedEditRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "EDIT");
if (objModuleInfo.AuthorizedEditRoles == ";")
{
// this code is here for legacy support - the AuthorizedEditRoles were stored as a concatenated list of roleids prior to DNN 3.0
try
{
objModuleInfo.AuthorizedEditRoles = Convert.ToString(Null.SetNull(dr["AuthorizedEditRoles"], objModuleInfo.AuthorizedEditRoles));
}
catch
{
// the AuthorizedEditRoles field was removed from the Tabs table in 3.0
}
}
try
{
if (objModuleInfo.InheritViewPermissions)
{
TabPermissionController objTabPermissionController = new TabPermissionController();
TabPermissionCollection objTabPermissionCollection = objTabPermissionController.GetTabPermissionsCollectionByTabID(objModuleInfo.TabID, objModuleInfo.PortalID);
objModuleInfo.AuthorizedViewRoles = objTabPermissionController.GetTabPermissions(objTabPermissionCollection, "VIEW");
}
else
{
objModuleInfo.AuthorizedViewRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "VIEW");
}
if (objModuleInfo.AuthorizedViewRoles == ";")
{
// this code is here for legacy support - the AuthorizedViewRoles were stored as a concatenated list of roleids prior to DNN 3.0
try
{
objModuleInfo.AuthorizedViewRoles = Convert.ToString(Null.SetNull(dr["AuthorizedViewRoles"], objModuleInfo.AuthorizedViewRoles));
}
catch
{
// the AuthorizedViewRoles field was removed from the Tabs table in 3.0
}
}
}
catch
{
}
}
}
}
else
{
objModuleInfo = null;
}
return objModuleInfo;
}
/// <summary>
/// UpgradeApplication - This overload is used for version specific application upgrade operations.
/// </summary>
/// <remarks>
/// This should be used for file system modifications or upgrade operations which
/// should only happen once. Database references are not recommended because future
/// versions of the application may result in code incompatibilties.
/// </remarks>
/// <param name="Version">The Version being Upgraded</param>
private static string UpgradeApplication(string Version)
{
string strExceptions = "";
try
{
switch (Version)
{
case "02.00.00":
IDataReader dr;
// change portal upload directory from GUID to ID - this only executes for version 2.0.0
string strServerPath = HttpContext.Current.Request.MapPath(Globals.ApplicationPath);
string strPortalsDirMapPath = Globals.ApplicationMapPath + "/Portals/";
dr = DataProvider.Instance().GetPortals();
while (dr.Read())
{
// if GUID folder exists
if (Directory.Exists(strPortalsDirMapPath + dr["GUID"]))
{
// if ID folder exists ( this may happen because the 2.x release contains a default ID=0 folder )
if (Directory.Exists(strPortalsDirMapPath + dr["PortalID"]))
{
// rename the ID folder
try
{
Directory.Move(strPortalsDirMapPath + dr["PortalID"], strServerPath + "\\Portals\\" + dr["PortalID"] + "_old");
}
catch (Exception ex)
{
// error moving the directory - security issue?
strExceptions += "Could Not Move Folder " + strPortalsDirMapPath + dr["GUID"] + " To " + strPortalsDirMapPath + dr["PortalID"] + ". Error: " + ex.Message + "\r\n";
}
}
// move GUID folder to ID folder
try
{
Directory.Move(strPortalsDirMapPath + dr["GUID"], strPortalsDirMapPath + dr["PortalID"]);
}
catch (Exception ex)
{
// error moving the directory - security issue?
strExceptions += "Could Not Move Folder " + strPortalsDirMapPath + dr["GUID"] + " To " + strPortalsDirMapPath + dr["PortalID"] + ". Error: " + ex.Message + "\r\n";
}
}
}
dr.Close();
// copy the default style sheet to the default portal ( if it does not already exist )
if (File.Exists(strPortalsDirMapPath + "0\\portal.css") == false)
{
if (File.Exists(Globals.HostMapPath + "portal.css"))
{
File.Copy(Globals.HostMapPath + "portal.css", strPortalsDirMapPath + "0\\portal.css");
}
}
break;
case "02.02.00":
string strProviderPath = PortalSettings.GetProviderPath();
if (strProviderPath.StartsWith("ERROR:"))
{
strExceptions += strProviderPath;
break;
}
//Optionally Install the memberRoleProvider
bool installMemberRole = true;
if (Config.GetSetting("InstallMemberRole") != null)
{
installMemberRole = bool.Parse(Config.GetSetting("InstallMemberRole"));
}
if (installMemberRole)
{
HtmlUtils.WriteFeedback(HttpContext.Current.Response, 0, "Installing MemberRole Provider:<br>");
strExceptions += InstallMemberRoleProvider(strProviderPath);
}
PortalController objPortalController = new PortalController();
ArrayList arrPortals;
arrPortals = objPortalController.GetPortals();
int intViewModulePermissionID;
int intEditModulePermissionID;
int intViewTabPermissionID;
int intEditTabPermissionID;
int intReadFolderPermissionID;
int intWriteFolderPermissionID;
PermissionController objPermissionController = new PermissionController();
PermissionInfo objPermission = new PermissionInfo();
objPermission.PermissionCode = "SYSTEM_MODULE_DEFINITION";
objPermission.PermissionKey = "VIEW";
objPermission.PermissionName = "View";
objPermission.ModuleDefID = Null.NullInteger;
objPermissionController.AddPermission(objPermission);
objPermission.PermissionKey = "EDIT";
objPermission.PermissionName = "Edit";
objPermissionController.AddPermission(objPermission);
objPermission.PermissionCode = "SYSTEM_TAB";
objPermission.PermissionKey = "VIEW";
objPermission.PermissionName = "View Tab";
objPermissionController.AddPermission(objPermission);
objPermission.PermissionKey = "EDIT";
objPermission.PermissionName = "Edit Tab";
objPermissionController.AddPermission(objPermission);
objPermission.PermissionCode = "SYSTEM_FOLDER";
objPermission.PermissionKey = "READ";
objPermission.PermissionName = "View Folder";
intReadFolderPermissionID = objPermissionController.AddPermission(objPermission);
objPermission.PermissionKey = "WRITE";
objPermission.PermissionName = "Write to Folder";
intWriteFolderPermissionID = objPermissionController.AddPermission(objPermission);
FolderController objFolderController = new FolderController();
FolderPermissionController objFolderPermissionController = new FolderPermissionController();
int PortalCount;
for (PortalCount = 0; PortalCount <= arrPortals.Count - 1; PortalCount++)
{
PortalInfo objPortal = (PortalInfo)arrPortals[PortalCount];
int FolderID = objFolderController.AddFolder(objPortal.PortalID, "", (int)FolderController.StorageLocationTypes.InsecureFileSystem, true, false);
FolderPermissionInfo objFolderPermission = new FolderPermissionInfo();
objFolderPermission.FolderID = FolderID;
objFolderPermission.PermissionID = intReadFolderPermissionID;
objFolderPermission.AllowAccess = true;
objFolderPermission.RoleID = objPortal.AdministratorRoleId;
objFolderPermissionController.AddFolderPermission(objFolderPermission);
objFolderPermission.PermissionID = intWriteFolderPermissionID;
objFolderPermissionController.AddFolderPermission(objFolderPermission);
//TODO: loop through folders recursively here
//in case they created any nested folders
//and assign priveledges accordingly
}
//Transfer Users to the Membership Provider
MembershipProvider provider = MembershipProvider.Instance();
provider.TransferUsersToMembershipProvider();
ModuleController objModuleController = new ModuleController();
ArrayList arrModules = objModuleController.GetAllModules();
ModulePermissionController objModulePermissionController = new ModulePermissionController();
int ModCount;
for (ModCount = 0; ModCount <= arrModules.Count - 1; ModCount++)
{
ModuleInfo objModule = (ModuleInfo)arrModules[ModCount];
ModulePermissionInfo objModulePermission = new ModulePermissionInfo();
objModulePermission.ModuleID = objModule.ModuleID;
int k;
string[] roles;
if (objModule.AuthorizedViewRoles.IndexOf(";") > 0)
{
roles = objModule.AuthorizedViewRoles.Split(';');
for (k = 0; k <= roles.Length - 1; k++)
{
if (Int32.TryParse(roles[k], out intViewModulePermissionID))
{
objModulePermission.PermissionID = intViewModulePermissionID;
objModulePermission.AllowAccess = true;
objModulePermission.RoleID = Convert.ToInt32(roles[k]);
objModulePermissionController.AddModulePermission(objModulePermission);
}
}
}
if (objModule.AuthorizedEditRoles.IndexOf(";") > 0)
{
roles = objModule.AuthorizedEditRoles.Split(';');
for (k = 0; k <= roles.Length - 1; k++)
{
if (Int32.TryParse(roles[k], out intEditModulePermissionID))
{
objModulePermission.PermissionID = intEditModulePermissionID;
objModulePermission.AllowAccess = true;
objModulePermission.RoleID = Convert.ToInt32(roles[k]);
objModulePermissionController.AddModulePermission(objModulePermission);
}
}
}
}
ArrayList arrTabs;
TabController objTabController = new TabController();
arrTabs = objTabController.GetAllTabs();
TabPermissionController objTabPermissionController = new TabPermissionController();
for (ModCount = 0; ModCount <= arrTabs.Count - 1; ModCount++)
{
TabInfo objTab = (TabInfo)arrTabs[ModCount];
TabPermissionInfo objTabPermission = new TabPermissionInfo();
objTabPermission.TabID = objTab.TabID;
int k;
string[] roles;
if (objTab.AuthorizedRoles.IndexOf(";") > 0)
{
roles = objTab.AuthorizedRoles.Split(';');
for (k = 0; k <= roles.Length - 1; k++)
{
if (Int32.TryParse(roles[k], out intViewTabPermissionID))
{
objTabPermission.PermissionID = intViewTabPermissionID;
objTabPermission.AllowAccess = true;
objTabPermission.RoleID = Convert.ToInt32(roles[k]);
objTabPermissionController.AddTabPermission(objTabPermission);
}
}
}
if (objTab.AdministratorRoles.IndexOf(";") > 0)
{
roles = objTab.AdministratorRoles.Split(';');
for (k = 0; k <= roles.Length - 1; k++)
{
if (Int32.TryParse(roles[k], out intEditTabPermissionID))
{
objTabPermission.PermissionID = intEditTabPermissionID;
objTabPermission.AllowAccess = true;
objTabPermission.RoleID = Convert.ToInt32(roles[k]);
objTabPermissionController.AddTabPermission(objTabPermission);
}
}
}
}
break;
case "03.00.01":
objTabController = new TabController();
arrTabs = objTabController.GetAllTabs();
int TabCount;
for (TabCount = 0; TabCount <= arrTabs.Count - 1; TabCount++)
{
TabInfo objTab = (TabInfo)arrTabs[TabCount];
if (objTab != null)
{
objTab.TabPath = Globals.GenerateTabPath(objTab.ParentId, objTab.TabName);
DataProvider.Instance().UpdateTab(objTab.TabID, objTab.TabName, objTab.IsVisible, objTab.DisableLink, objTab.ParentId, objTab.IconFile, objTab.Title, objTab.Description, objTab.KeyWords, objTab.IsDeleted, objTab.Url, objTab.SkinSrc, objTab.ContainerSrc, objTab.TabPath, objTab.StartDate, objTab.EndDate);
}
}
break;
case "03.00.06":
//Need to clear the cache to pick up new HostSettings from the SQLDataProvider script
DataCache.RemoveCache("GetHostSettings");
break;
case "03.00.11":
//Need to convert any Profile Data to use XmlSerialization as Binary Formatting
//is not supported under Medium Trust
//Get all the Profiles
PersonalizationController objPersonalizationController = new PersonalizationController();
dr = DataProvider.Instance().GetAllProfiles();
while (dr.Read())
{
//Load Profile Data (using Binary Formatter method)
PersonalizationInfo objPersonalization = new PersonalizationInfo();
try
{
objPersonalization.UserId = Convert.ToInt32(Null.SetNull(dr["UserID"], objPersonalization.UserId));
}
catch
{
}
try
{
objPersonalization.PortalId = Convert.ToInt32(Null.SetNull(dr["PortalId"], objPersonalization.PortalId));
}
catch
{
}
objPersonalization.Profile = Globals.DeserializeHashTableBase64(dr["ProfileData"].ToString());
objPersonalization.IsModified = true;
//Save Profile Data (using XML Serializer)
objPersonalizationController.SaveProfile(objPersonalization);
}
dr.Close();
break;
case "03.00.12":
//If we are upgrading from a 3.0.x version then we need to upgrade the MembershipProvider
if (upgradeMemberShipProvider)
{
strProviderPath = PortalSettings.GetProviderPath();
StreamReader objStreamReader;
string strScript;
//Upgrade provider
HtmlUtils.WriteFeedback(HttpContext.Current.Response, 0, "Executing UpgradeMembershipProvider.sql<br>");
objStreamReader = File.OpenText(strProviderPath + "UpgradeMembershipProvider.sql");
strScript = objStreamReader.ReadToEnd();
objStreamReader.Close();
strExceptions += PortalSettings.ExecuteScript(strScript);
}
break;
case "03.01.00":
LogController objLogController = new LogController();
XmlDocument xmlDoc = new XmlDocument();
string xmlConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\LogConfig.xml.resources";
try
{
xmlDoc.Load(xmlConfigFile);
}
catch (FileNotFoundException)
{
xmlConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\LogConfigTemplate.xml.resources";
xmlDoc.Load(xmlConfigFile);
}
XmlNodeList LogType = xmlDoc.SelectNodes("/LogConfig/LogTypes/LogType");
foreach (XmlNode LogTypeInfo in LogType)
{
LogTypeInfo objLogTypeInfo = new LogTypeInfo();
objLogTypeInfo.LogTypeKey = LogTypeInfo.Attributes["LogTypeKey"].Value;
objLogTypeInfo.LogTypeFriendlyName = LogTypeInfo.Attributes["LogTypeFriendlyName"].Value;
objLogTypeInfo.LogTypeDescription = LogTypeInfo.Attributes["LogTypeDescription"].Value;
objLogTypeInfo.LogTypeCSSClass = LogTypeInfo.Attributes["LogTypeCSSClass"].Value;
objLogTypeInfo.LogTypeOwner = LogTypeInfo.Attributes["LogTypeOwner"].Value;
objLogController.AddLogType(objLogTypeInfo);
}
XmlNodeList LogTypeConfig = xmlDoc.SelectNodes("/LogConfig/LogTypeConfig");
foreach (XmlNode LogTypeConfigInfo in LogTypeConfig)
{
LogTypeConfigInfo objLogTypeConfig = new LogTypeConfigInfo();
objLogTypeConfig.EmailNotificationIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["EmailNotificationStatus"].Value == "On") ? true : false);
objLogTypeConfig.KeepMostRecent = LogTypeConfigInfo.Attributes["KeepMostRecent"].Value;
objLogTypeConfig.LoggingIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["LoggingStatus"].Value == "On") ? true : false);
objLogTypeConfig.LogTypeKey = LogTypeConfigInfo.Attributes["LogTypeKey"].Value;
objLogTypeConfig.LogTypePortalID = LogTypeConfigInfo.Attributes["LogTypePortalID"].Value;
objLogTypeConfig.MailFromAddress = LogTypeConfigInfo.Attributes["MailFromAddress"].Value;
objLogTypeConfig.MailToAddress = LogTypeConfigInfo.Attributes["MailToAddress"].Value;
objLogTypeConfig.NotificationThreshold = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThreshold"].Value);
objLogTypeConfig.NotificationThresholdTime = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThresholdTime"].Value);
objLogTypeConfig.NotificationThresholdTimeType = (LogTypeConfigInfo.NotificationThresholdTimeTypes)Enum.Parse(typeof(LogTypeConfigInfo.NotificationThresholdTimeTypes), LogTypeConfigInfo.Attributes["NotificationThresholdTimeType"].Value);
objLogController.AddLogTypeConfigInfo(objLogTypeConfig);
}
ScheduleItem objScheduleItem = new ScheduleItem();
objScheduleItem.TypeFullName = "DotNetNuke.Services.Cache.PurgeCache, DOTNETNUKE";
objScheduleItem.AttachToEvent = "";
objScheduleItem.CatchUpEnabled = false;
if (Globals.WebFarmEnabled)
{
objScheduleItem.Enabled = true;
}
else
{
objScheduleItem.Enabled = false;
}
objScheduleItem.ObjectDependencies = "";
objScheduleItem.RetainHistoryNum = 10;
objScheduleItem.Servers = "";
objScheduleItem.TimeLapse = 2;
objScheduleItem.TimeLapseMeasurement = "hz";
objScheduleItem.RetryTimeLapse = 30;
objScheduleItem.RetryTimeLapseMeasurement = "m";
SchedulingProvider.Instance().AddSchedule(objScheduleItem);
break;
case "03.02.03":
//add new SecurityException
LogController objSecLogController = new LogController();
XmlDocument xmlSecDoc = new XmlDocument();
string xmlSecConfigFile = Globals.HostMapPath + "Logs\\LogConfig\\SecurityExceptionTemplate.xml.resources";
try
{
xmlSecDoc.Load(xmlSecConfigFile);
}
catch (FileNotFoundException)
{
// xmlConfigFile = Common.Globals.HostMapPath + "Logs\LogConfig\LogConfigTemplate.xml.resources"
// xmlDoc.Load(xmlConfigFile)
}
LogType = xmlSecDoc.SelectNodes("/LogConfig/LogTypes/LogType");
foreach (XmlNode LogTypeInfo in LogType)
{
LogTypeInfo objLogTypeInfo = new LogTypeInfo();
objLogTypeInfo.LogTypeKey = LogTypeInfo.Attributes["LogTypeKey"].Value;
objLogTypeInfo.LogTypeFriendlyName = LogTypeInfo.Attributes["LogTypeFriendlyName"].Value;
objLogTypeInfo.LogTypeDescription = LogTypeInfo.Attributes["LogTypeDescription"].Value;
objLogTypeInfo.LogTypeCSSClass = LogTypeInfo.Attributes["LogTypeCSSClass"].Value;
objLogTypeInfo.LogTypeOwner = LogTypeInfo.Attributes["LogTypeOwner"].Value;
objSecLogController.AddLogType(objLogTypeInfo);
}
LogTypeConfig = xmlSecDoc.SelectNodes("/LogConfig/LogTypeConfig");
foreach (XmlNode LogTypeConfigInfo in LogTypeConfig)
{
LogTypeConfigInfo objLogTypeConfig = new LogTypeConfigInfo();
objLogTypeConfig.EmailNotificationIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["EmailNotificationStatus"].Value == "On") ? true : false);
objLogTypeConfig.KeepMostRecent = LogTypeConfigInfo.Attributes["KeepMostRecent"].Value;
objLogTypeConfig.LoggingIsActive = Convert.ToBoolean((LogTypeConfigInfo.Attributes["LoggingStatus"].Value == "On") ? true : false);
objLogTypeConfig.LogTypeKey = LogTypeConfigInfo.Attributes["LogTypeKey"].Value;
objLogTypeConfig.LogTypePortalID = LogTypeConfigInfo.Attributes["LogTypePortalID"].Value;
objLogTypeConfig.MailFromAddress = LogTypeConfigInfo.Attributes["MailFromAddress"].Value;
objLogTypeConfig.MailToAddress = LogTypeConfigInfo.Attributes["MailToAddress"].Value;
objLogTypeConfig.NotificationThreshold = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThreshold"].Value);
objLogTypeConfig.NotificationThresholdTime = Convert.ToInt32(LogTypeConfigInfo.Attributes["NotificationThresholdTime"].Value);
objLogTypeConfig.NotificationThresholdTimeType = (LogTypeConfigInfo.NotificationThresholdTimeTypes)Enum.Parse(typeof(LogTypeConfigInfo.NotificationThresholdTimeTypes), LogTypeConfigInfo.Attributes["NotificationThresholdTimeType"].Value);
objSecLogController.AddLogTypeConfigInfo(objLogTypeConfig);
}
break;
}
}
catch (Exception ex)
{
strExceptions += "Error: " + ex.Message + "\r\n";
try
{
Exceptions.Exceptions.LogException(ex);
}
catch
{
// ignore
}
}
return strExceptions;
}
