Prevent MediaLibrary popup without permissions

If the user doesn't have ManageMedia permissions, the markdown editor will use a specific image editor.
2025-04-05 21:01:35 +08:00 · 2015-09-16 14:47:14 -07:00 · 2015-09-16 14:47:14 -07:00 · ba36eae848
commit ba36eae848
parent 0bf76dc7ac
3 changed files with 62 additions and 54 deletions
--- a/src/Orchard.Web/Modules/Markdown/Markdown.csproj
+++ b/src/Orchard.Web/Modules/Markdown/Markdown.csproj
@ -25,6 +25,7 @@
    <IISExpressAnonymousAuthentication />
    <IISExpressWindowsAuthentication />
    <IISExpressUseClassicPipelineMode />
    <UseGlobalApplicationHostFile />
  </PropertyGroup>
  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
    <DebugSymbols>true</DebugSymbols>
@ -71,6 +72,10 @@
      <Project>{9916839C-39FC-4CEB-A5AF-89CA7E87119F}</Project>
      <Name>Orchard.Core</Name>
    </ProjectReference>
    <ProjectReference Include="..\Orchard.MediaLibrary\Orchard.MediaLibrary.csproj">
      <Project>{73a7688a-5bd3-4f7e-adfa-ce36c5a10e3b}</Project>
      <Name>Orchard.MediaLibrary</Name>
    </ProjectReference>
  </ItemGroup>
  <ItemGroup>
    <Content Include="Content\Admin\Images\grippie.png" />
--- a/src/Orchard.Web/Modules/Markdown/Scripts/orchard-markdown-media-library.js
+++ b/src/Orchard.Web/Modules/Markdown/Scripts/orchard-markdown-media-library.js
@ -5,70 +5,72 @@
    editors.each(function() {
        var idPostfix = $(this).attr('id').substr('wmd-input'.length);
-
+        
        var editor = new Markdown.Editor(converter, idPostfix, {
            handler: function() { window.open("http://daringfireball.net/projects/markdown/syntax"); }
        });
-        editor.hooks.set("insertImageDialog", function(callback) {
+        if (Boolean($(this).data("manage-media"))) {
-            // see if there's an image selected that they intend on editing
+            editor.hooks.set("insertImageDialog", function (callback) {
-            var wmd = $('#wmd-input' + idPostfix);
+                // see if there's an image selected that they intend on editing
                var wmd = $('#wmd-input' + idPostfix);
-            var editImage, content = wmd.selection ? wmd.selection.createRange().text : null;
+                var editImage, content = wmd.selection ? wmd.selection.createRange().text : null;
-            var adminIndex = location.href.toLowerCase().indexOf("/admin/");
+                var adminIndex = location.href.toLowerCase().indexOf("/admin/");
-            if (adminIndex === -1) return;
+                if (adminIndex === -1) return;
-            var url = location.href.substr(0, adminIndex) + "/Admin/Orchard.MediaLibrary?dialog=true";
+                var url = location.href.substr(0, adminIndex) + "/Admin/Orchard.MediaLibrary?dialog=true";
-            $.colorbox({
+                $.colorbox({
-                href: url,
+                    href: url,
-                iframe: true,
+                    iframe: true,
-                reposition: true,
+                    reposition: true,
-                width: "90%",
+                    width: "90%",
-                height: "90%",
+                    height: "90%",
-                onLoad: function () {
+                    onLoad: function () {
-                    // hide the scrollbars from the main window
+                        // hide the scrollbars from the main window
-                    $('html, body').css('overflow', 'hidden');
+                        $('html, body').css('overflow', 'hidden');
-                },
+                    },
-                onClosed: function () {
+                    onClosed: function () {
-                    $('html, body').css('overflow', '');
+                        $('html, body').css('overflow', '');
-                    var selectedData = $.colorbox.selectedData;
+                        var selectedData = $.colorbox.selectedData;
-                    if (selectedData == null) // Dialog cancelled, do nothing
+                        if (selectedData == null) // Dialog cancelled, do nothing
-                        return;
+                            return;
-                    var newContent = '';
+                        var newContent = '';
-                    for (var i = 0; i < selectedData.length; i++) {
+                        for (var i = 0; i < selectedData.length; i++) {
-                        var renderMedia = location.href.substr(0, adminIndex) + "/Admin/Orchard.MediaLibrary/MediaItem/" + selectedData[i].id + "?displayType=Raw";
+                            var renderMedia = location.href.substr(0, adminIndex) + "/Admin/Orchard.MediaLibrary/MediaItem/" + selectedData[i].id + "?displayType=Raw";
-                        $.ajax({
+                            $.ajax({
-                            async: false,
+                                async: false,
-                            type: 'GET',
+                                type: 'GET',
-                            url: renderMedia,
+                                url: renderMedia,
-                            success: function (data) {
+                                success: function (data) {
-                                newContent += data;
+                                    newContent += data;
-                            }
+                                }
-                        });
+                            });
-                    }
+                        }
-
+
-                    var result = $.parseHTML(newContent);
+                        var result = $.parseHTML(newContent);
-                    var img = $(result).filter('img');
+                        var img = $(result).filter('img');
-                    // if this is an image, use the callback which will format it in markdown
+                        // if this is an image, use the callback which will format it in markdown
-                    if (img.length > 0 && img.attr('src')) {
+                        if (img.length > 0 && img.attr('src')) {
-                        callback(img.attr('src'));
+                            callback(img.attr('src'));
-                    }
+                        }
-                    
+
-                    // otherwise, insert the raw HTML
+                            // otherwise, insert the raw HTML
-                    else {
+                        else {
-                        if (wmd.selection) {
+                            if (wmd.selection) {
-                            wmd.selection.replace('.*', newContent);
+                                wmd.selection.replace('.*', newContent);
-                        } else {
+                            } else {
-                            wmd.text(newContent);
+                                wmd.text(newContent);
                            }
                            callback();
                        }
                        callback();
                    }
-                }
+                });
                return true;
            });
-            return true;
+        }
        });
        editor.run();
    });
--- a/src/Orchard.Web/Modules/Markdown/Views/Body-Markdown.Editor.cshtml
+++ b/src/Orchard.Web/Modules/Markdown/Views/Body-Markdown.Editor.cshtml
@ -21,7 +21,8 @@
        {"id", "wmd-input" + "-" + idPostfix},
        {"class", "wmd-input"},
        {"data-mediapicker-uploadpath", Model.AddMediaPath},
-        {"data-mediapicker-title", T("Insert/Update Media")}
+        {"data-mediapicker-title", T("Insert/Update Media")},
        {"data-manage-media", AuthorizedFor(Orchard.MediaLibrary.Permissions.ManageMediaContent) ? "true" : "false" }
    };
    // The markdown editor itself doesn't seem to (yet) support autofocus, but we'll set it on the textarea nonetheless.