internal void AddWebPartsFromZone(WebPartZoneBase zone, WebPartCollection webParts)
{
if ((webParts != null) && (webParts.Count != 0))
{
string errorMsg = base.SetCollectionReadOnly(null);
try
{
try
{
string iD = zone.ID;
int zoneIndex = 0;
foreach (WebPart part in webParts)
{
this._manager.Internals.SetIsShared(part, true);
WebPart webPart = part;
if (!this._manager.IsAuthorized(part))
{
webPart = new UnauthorizedWebPart(part);
}
this._manager.Internals.SetIsStatic(webPart, true);
this._manager.Internals.SetIsShared(webPart, true);
this._manager.Internals.SetZoneID(webPart, iD);
this._manager.Internals.SetZoneIndex(webPart, zoneIndex);
this.AddWebPartHelper(webPart);
zoneIndex++;
}
}
finally
{
base.SetCollectionReadOnly(errorMsg);
}
}
catch
{
throw;
}
}
}
internal void AddWebPartsFromZone(WebPartZoneBase zone, WebPartCollection webParts) {
if ((webParts != null) && (webParts.Count != 0)) {
string originalError = SetCollectionReadOnly(null);
// Extra try-catch block to prevent elevation of privilege attack via exception filter
try {
try {
string zoneID = zone.ID;
int index = 0;
foreach (WebPart webPart in webParts) {
// Need to set IsShared before calling IsAuthorized
_manager.Internals.SetIsShared(webPart, true);
WebPart webPartOrProxy = webPart;
if (!_manager.IsAuthorized(webPart)) {
webPartOrProxy = new UnauthorizedWebPart(webPart);
}
_manager.Internals.SetIsStatic(webPartOrProxy, true);
_manager.Internals.SetIsShared(webPartOrProxy, true);
_manager.Internals.SetZoneID(webPartOrProxy, zoneID);
_manager.Internals.SetZoneIndex(webPartOrProxy, index);
AddWebPartHelper(webPartOrProxy);
index++;
}
}
finally {
SetCollectionReadOnly(originalError);
}
} catch {
throw;
}
}
}
private void LoadDynamicWebPart(string id, string typeName, string path, string genericWebPartID, bool isShared)
{
WebPart webPart = null;
Type type = WebPartUtil.DeserializeType(typeName, false);
if (type == null)
{
string str;
if ((this.Context != null) && this.Context.IsCustomErrorEnabled)
{
str = System.Web.SR.GetString("WebPartManager_ErrorLoadingWebPartType");
}
else
{
str = System.Web.SR.GetString("Invalid_type", new object[] { typeName });
}
webPart = this.CreateErrorWebPart(id, typeName, path, genericWebPartID, str);
}
else if (type.IsSubclassOf(typeof(WebPart)))
{
string authorizationFilter = this.Personalization.GetAuthorizationFilter(id);
if (this.IsAuthorized(type, null, authorizationFilter, isShared))
{
try
{
webPart = (WebPart) this.Internals.CreateObjectFromType(type);
webPart.ID = id;
}
catch
{
string str3;
if ((this.Context != null) && this.Context.IsCustomErrorEnabled)
{
str3 = System.Web.SR.GetString("WebPartManager_CantCreateInstance");
}
else
{
str3 = System.Web.SR.GetString("WebPartManager_CantCreateInstanceWithType", new object[] { typeName });
}
webPart = this.CreateErrorWebPart(id, typeName, path, genericWebPartID, str3);
}
}
else
{
webPart = new UnauthorizedWebPart(id, typeName, path, genericWebPartID);
}
}
else if (type.IsSubclassOf(typeof(Control)))
{
string str4 = this.Personalization.GetAuthorizationFilter(genericWebPartID);
if (this.IsAuthorized(type, path, str4, isShared))
{
Control control = null;
try
{
if (!string.IsNullOrEmpty(path))
{
control = this.Page.LoadControl(path);
}
else
{
control = (Control) this.Internals.CreateObjectFromType(type);
}
control.ID = id;
webPart = this.CreateWebPart(control);
webPart.ID = genericWebPartID;
}
catch
{
string str5;
if ((control == null) && string.IsNullOrEmpty(path))
{
if ((this.Context != null) && this.Context.IsCustomErrorEnabled)
{
str5 = System.Web.SR.GetString("WebPartManager_CantCreateInstance");
}
else
{
str5 = System.Web.SR.GetString("WebPartManager_CantCreateInstanceWithType", new object[] { typeName });
}
}
else if (control == null)
{
if ((this.Context != null) && this.Context.IsCustomErrorEnabled)
{
str5 = System.Web.SR.GetString("WebPartManager_InvalidPath");
}
else
{
str5 = System.Web.SR.GetString("WebPartManager_InvalidPathWithPath", new object[] { path });
}
}
else
{
str5 = System.Web.SR.GetString("WebPartManager_CantCreateGeneric");
}
webPart = this.CreateErrorWebPart(id, typeName, path, genericWebPartID, str5);
}
}
else
{
webPart = new UnauthorizedWebPart(id, typeName, path, genericWebPartID);
}
}
else
{
string str6;
if ((this.Context != null) && this.Context.IsCustomErrorEnabled)
{
str6 = System.Web.SR.GetString("WebPartManager_TypeMustDeriveFromControl");
}
else
{
str6 = System.Web.SR.GetString("WebPartManager_TypeMustDeriveFromControlWithType", new object[] { typeName });
}
webPart = this.CreateErrorWebPart(id, typeName, path, genericWebPartID, str6);
}
this.Internals.SetIsStatic(webPart, false);
this.Internals.SetIsShared(webPart, isShared);
this.Internals.AddWebPart(webPart);
}
private void LoadDynamicWebPart(string id, string typeName, string path, string genericWebPartID, bool isShared) {
WebPart dynamicWebPart = null;
Type type = WebPartUtil.DeserializeType(typeName, false);
if (type == null) {
string errorMessage;
if (Context != null && Context.IsCustomErrorEnabled) {
errorMessage = SR.GetString(SR.WebPartManager_ErrorLoadingWebPartType);
}
else {
errorMessage = SR.GetString(SR.Invalid_type, typeName);
}
dynamicWebPart = CreateErrorWebPart(id, typeName, path, genericWebPartID, errorMessage);
}
else if (type.IsSubclassOf(typeof(WebPart))) {
string authorizationFilter = Personalization.GetAuthorizationFilter(id);
if (IsAuthorized(type, null, authorizationFilter, isShared)) {
try {
dynamicWebPart = (WebPart)Internals.CreateObjectFromType(type);
dynamicWebPart.ID = id;
}
catch {
// If custom errors are enabled, we do not want to render the type name to the browser.
// (VSWhidbey 381646)
string errorMessage;
if (Context != null && Context.IsCustomErrorEnabled) {
errorMessage = SR.GetString(SR.WebPartManager_CantCreateInstance);
}
else {
errorMessage = SR.GetString(SR.WebPartManager_CantCreateInstanceWithType, typeName);
}
dynamicWebPart = CreateErrorWebPart(id, typeName, path, genericWebPartID, errorMessage);
}
}
else {
dynamicWebPart = new UnauthorizedWebPart(id, typeName, path, genericWebPartID);
}
}
else if (type.IsSubclassOf(typeof(Control))) {
string authorizationFilter = Personalization.GetAuthorizationFilter(genericWebPartID);
if (IsAuthorized(type, path, authorizationFilter, isShared)) {
Control childControl = null;
try {
if (!String.IsNullOrEmpty(path)) {
Debug.Assert(type == typeof(UserControl));
childControl = Page.LoadControl(path);
}
else {
childControl = (Control)Internals.CreateObjectFromType(type);
}
childControl.ID = id;
dynamicWebPart = CreateWebPart(childControl);
dynamicWebPart.ID = genericWebPartID;
}
catch {
string errorMessage;
if (childControl == null && String.IsNullOrEmpty(path)) {
if (Context != null && Context.IsCustomErrorEnabled) {
errorMessage = SR.GetString(SR.WebPartManager_CantCreateInstance);
}
else {
errorMessage = SR.GetString(SR.WebPartManager_CantCreateInstanceWithType, typeName);
}
}
else if (childControl == null) {
if (Context != null && Context.IsCustomErrorEnabled) {
errorMessage = SR.GetString(SR.WebPartManager_InvalidPath);
}
else {
errorMessage = SR.GetString(SR.WebPartManager_InvalidPathWithPath, path);
}
}
else {
errorMessage = SR.GetString(SR.WebPartManager_CantCreateGeneric);
}
dynamicWebPart = CreateErrorWebPart(id, typeName, path, genericWebPartID, errorMessage);
}
}
else {
dynamicWebPart = new UnauthorizedWebPart(id, typeName, path, genericWebPartID);
}
}
else {
// Type is not a subclass of Control. For security, do not even instantiate
// the type (VSWhidbey 428511).
string errorMessage;
if (Context != null && Context.IsCustomErrorEnabled) {
errorMessage = SR.GetString(SR.WebPartManager_TypeMustDeriveFromControl);
}
else {
errorMessage = SR.GetString(SR.WebPartManager_TypeMustDeriveFromControlWithType, typeName);
}
dynamicWebPart = CreateErrorWebPart(id, typeName, path, genericWebPartID, errorMessage);
}
Debug.Assert(dynamicWebPart != null);
Internals.SetIsStatic(dynamicWebPart, false);
Internals.SetIsShared(dynamicWebPart, isShared);
Internals.AddWebPart(dynamicWebPart);
}
