Merge pull request #5828 from OrchardCMS/feature/layoutpermission

Adding ManageLayout permission

src/Orchard.Web/Modules/Orchard.Layouts/AdminMenu.cs

@@ -11,9 +11,9 @@ namespace Orchard.Layouts {
             builder
                 .AddImageSet("layouts")
                 .Add(T("Layouts"), "8.5", layouts => layouts
-                    .Action("List", "Admin", new {id = "Layout", area = "Contents"})
+                    .Action("List", "Admin", new {id = "Layout", area = "Contents"}).Permission(Permissions.ManageLayouts)
                     .LinkToFirstChild(false)
-                    .Add(T("Elements"), "1", elements => elements.Action("Index", "BlueprintAdmin", new {area = "Orchard.Layouts"})));
+                    .Add(T("Elements"), "1", elements => elements.Action("Index", "BlueprintAdmin", new {area = "Orchard.Layouts"}).Permission(Permissions.ManageLayouts)));
         }
     }
 }

src/Orchard.Web/Modules/Orchard.Layouts/Controllers/BlueprintAdminController.cs

@@ -34,7 +34,8 @@ namespace Orchard.Layouts.Controllers {
             ICultureAccessor cultureAccessor, 
             IShapeFactory shapeFactory, 
             ITransactionManager transactionManager, 
-            ISignals signals) {
+            ISignals signals,
+            IOrchardServices orchardServices) {
 
             _elementBlueprintService = elementBlueprintService;
             _notifier = notifier;
@@ -43,12 +44,19 @@ namespace Orchard.Layouts.Controllers {
             _shapeFactory = shapeFactory;
             _transactionManager = transactionManager;
             _signals = signals;
+            Services = orchardServices;
+
             T = NullLocalizer.Instance;
         }
 
+        public IOrchardServices Services { get; set; }
         public Localizer T { get; set; }
 
         public ActionResult Index() {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var blueprints = _elementBlueprintService.GetBlueprints().ToArray();
             var viewModel = new BlueprintsIndexViewModel {
                 Blueprints = blueprints
@@ -57,6 +65,10 @@ namespace Orchard.Layouts.Controllers {
         }
 
         public ActionResult Browse() {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var categories = RemoveBlueprints(_elementManager.GetCategories(DescribeElementsContext.Empty)).ToArray();
             var viewModel = new BrowseElementsViewModel {
                 Categories = categories
@@ -65,6 +77,10 @@ namespace Orchard.Layouts.Controllers {
         }
 
         public ActionResult Create(string id) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             if (String.IsNullOrWhiteSpace(id))
                 return RedirectToAction("Browse");
 
@@ -80,6 +96,10 @@ namespace Orchard.Layouts.Controllers {
 
         [HttpPost]
         public ActionResult Create(string id, CreateElementBlueprintViewModel model) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var describeContext = DescribeElementsContext.Empty;
             var descriptor = _elementManager.GetElementDescriptorByTypeName(describeContext, id);
             var baseElement = _elementManager.ActivateElement(descriptor);
@@ -100,7 +120,11 @@ namespace Orchard.Layouts.Controllers {
             return RedirectToAction("Edit", new { id = blueprint.Id });
         }
 
-        public ViewResult Edit(int id) {
+        public ActionResult Edit(int id) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var blueprint = _elementBlueprintService.GetBlueprint(id);
             var describeContext = DescribeElementsContext.Empty;
             var descriptor = _elementManager.GetElementDescriptorByTypeName(describeContext, blueprint.BaseElementTypeName);
@@ -125,6 +149,10 @@ namespace Orchard.Layouts.Controllers {
         [HttpPost]
         [ValidateInput(false)]
         public ActionResult Edit(int id, ElementDataViewModel model) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var blueprint = _elementBlueprintService.GetBlueprint(id);
             var describeContext = DescribeElementsContext.Empty;
             var descriptor = _elementManager.GetElementDescriptorByTypeName(describeContext, blueprint.BaseElementTypeName);
@@ -154,6 +182,10 @@ namespace Orchard.Layouts.Controllers {
         }
 
         public ActionResult Properties(int id) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var blueprint = _elementBlueprintService.GetBlueprint(id);
             var describeContext = DescribeElementsContext.Empty;
             var descriptor = _elementManager.GetElementDescriptorByTypeName(describeContext, blueprint.BaseElementTypeName);
@@ -171,6 +203,10 @@ namespace Orchard.Layouts.Controllers {
 
         [HttpPost]
         public ActionResult Properties(int id, ElementBlueprintPropertiesViewModel model) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var blueprint = _elementBlueprintService.GetBlueprint(id);
             var describeContext = DescribeElementsContext.Empty;
             var descriptor = _elementManager.GetElementDescriptorByTypeName(describeContext, blueprint.BaseElementTypeName);
@@ -191,7 +227,12 @@ namespace Orchard.Layouts.Controllers {
             return RedirectToAction("Index");
         }
 
+        [HttpPost]
         public ActionResult Delete(int id) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             var blueprint = _elementBlueprintService.GetBlueprint(id);
 
             if (blueprint == null)
@@ -204,7 +245,12 @@ namespace Orchard.Layouts.Controllers {
 
         [FormValueRequired("submit.BulkEdit")]
         [ActionName("Index")]
+        [HttpPost]
         public ActionResult BulkDelete(IEnumerable<int> blueprintIds) {
+            if (!Services.Authorizer.Authorize(Permissions.ManageLayouts, T("Not authorized to manage layouts."))) {
+                return new HttpUnauthorizedResult();
+            }
+
             if (blueprintIds == null || !blueprintIds.Any()) {
                 _notifier.Error(T("Please select the blueprints to delete."));
             }

src/Orchard.Web/Modules/Orchard.Layouts/Controllers/ElementController.cs

@@ -142,18 +142,7 @@ namespace Orchard.Layouts.Controllers {
             _objectStore.Set(session, state);
             return RedirectToAction("Edit", new {session = session});
         }
-
+        
-        public RedirectToRouteResult Add(string session, string typeName, int? contentId = null, string contentType = null) {
-            var state = new ElementSessionState {
-                TypeName = typeName,
-                ContentId = contentId,
-                ContentType = contentType
-            };
-
-            _objectStore.Set(session, state);
-            return RedirectToAction("Edit", new { session = session });
-        }
-
         public ViewResult Edit(string session) {
             var sessionState = _objectStore.Get<ElementSessionState>(session);
             var contentId = sessionState.ContentId;

src/Orchard.Web/Modules/Orchard.Layouts/Controllers/LayoutController.cs

@@ -6,6 +6,7 @@ using Orchard.ContentManagement;
 using Orchard.Layouts.Elements;
 using Orchard.Layouts.Framework.Elements;
 using Orchard.Layouts.Services;
+using Orchard.Localization;
 using Orchard.UI.Admin;
 
 namespace Orchard.Layouts.Controllers {
@@ -15,15 +16,25 @@ namespace Orchard.Layouts.Controllers {
         private readonly ILayoutManager _layoutManager;
         private readonly ILayoutModelMapper _mapper;
 
-        public LayoutController(IContentManager contentManager, ILayoutManager layoutManager, ILayoutModelMapper mapper) {
+        public LayoutController(
+            IContentManager contentManager, 
+            ILayoutManager layoutManager, 
+            ILayoutModelMapper mapper,
+            IOrchardServices orchardServices) {
 
             _contentManager = contentManager;
             _layoutManager = layoutManager;
             _mapper = mapper;
+            Services = orchardServices;
+
+            T = NullLocalizer.Instance;
         }
 
+        public IOrchardServices Services { get; set; }
+        public Localizer T { get; set; }
+
         [HttpPost, ValidateInput(enableValidation: false)]
-        public ContentResult ApplyTemplate(int? templateId = null, string layoutData = null, int? contentId = null, string contentType = null) {
+        public ActionResult ApplyTemplate(int? templateId = null, string layoutData = null, int? contentId = null, string contentType = null) {
             var template = templateId != null ? _layoutManager.GetLayout(templateId.Value) : null;
             var templateElements = template != null ? _layoutManager.LoadElements(template).ToList() : default(IEnumerable<Element>);
             var describeContext = CreateDescribeElementsContext(contentId, contentType);

src/Orchard.Web/Modules/Orchard.Layouts/Migrations.cs

@@ -33,7 +33,6 @@ namespace Orchard.Layouts {
                 .WithPart("LayoutPart", p => p
                     .WithSetting("LayoutTypePartSettings.IsTemplate", "True"))
                 .DisplayedAs("Layout")
-                .Listable()
                 .Draftable());
 
             ContentDefinitionManager.AlterTypeDefinition("LayoutWidget", type => type

src/Orchard.Web/Modules/Orchard.Layouts/Orchard.Layouts.csproj

@@ -351,6 +351,7 @@
     <Compile Include="Helpers\PrefixHelper.cs" />
     <Compile Include="Helpers\JsonHelper.cs" />
     <Compile Include="Helpers\StringHelper.cs" />
+    <Compile Include="Permissions.cs" />
     <Compile Include="Providers\BlueprintElementHarvester.cs" />
     <Compile Include="ResourceManifest.cs" />
     <Compile Include="Services\CurrentControllerAccessor.cs" />

src/Orchard.Web/Modules/Orchard.Layouts/Permissions.cs

@@ -0,0 +1,40 @@
+using System.Collections.Generic;
+using Orchard.Environment.Extensions.Models;
+using Orchard.Security.Permissions;
+
+namespace Orchard.Layouts {
+    public class Permissions : IPermissionProvider {
+        public static readonly Permission ManageLayouts = new Permission { Description = "Managing Layouts", Name = "ManageLayouts" };
+
+        public virtual Feature Feature { get; set; }
+
+        public IEnumerable<Permission> GetPermissions() {
+            return new[] {
+                ManageLayouts,
+            };
+        }
+
+        public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
+            return new[] {
+                new PermissionStereotype {
+                    Name = "Administrator",
+                    Permissions = new[] { ManageLayouts }
+                },
+                new PermissionStereotype {
+                    Name = "Editor",
+                    Permissions = new[] { ManageLayouts }
+                },
+                new PermissionStereotype {
+                    Name = "Moderator",
+                },
+                new PermissionStereotype {
+                    Name = "Author"
+                },
+                new PermissionStereotype {
+                    Name = "Contributor",
+                },
+            };
+        }
+
+    }
+}