mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-04-05 21:01:35 +08:00
Merge pull request #5831 from OrchardCMS/feature/ownmedia
Implementing own media management
This commit is contained in:
Sébastien Ros
commit
bb41f1f559
@ -45,6 +45,15 @@ namespace Orchard.ImageEditor.Controllers {
|
||||
|
||||
[Themed(false)]
|
||||
public ActionResult Edit(string folderPath, string filename) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Check permission.
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
var media = Services.ContentManager.Query<MediaPart, MediaPartRecord>().Where(x => x.FolderPath == folderPath && x.FileName == filename).Slice(0, 1).FirstOrDefault();
|
||||
|
||||
if (media == null) {
|
||||
@ -64,12 +73,21 @@ namespace Orchard.ImageEditor.Controllers {
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult Upload(int id, string content, int width, int height) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var media = Services.ContentManager.Get(id).As<MediaPart>();
|
||||
|
||||
if (media == null) {
|
||||
return HttpNotFound();
|
||||
}
|
||||
|
||||
// Check permission.
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(media.FolderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
const string signature = "data:image/jpeg;base64,";
|
||||
|
||||
if (!content.StartsWith(signature, StringComparison.OrdinalIgnoreCase)) {
|
||||
@ -96,7 +114,7 @@ namespace Orchard.ImageEditor.Controllers {
|
||||
}
|
||||
|
||||
public ActionResult Proxy(string url) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia))
|
||||
return HttpNotFound();
|
||||
|
||||
var sslFailureCallback = new RemoteCertificateValidationCallback((o, cert, chain, errors) => true);
|
||||
|
||||
@ -15,7 +15,7 @@ namespace Orchard.MediaLibrary {
|
||||
builder.AddImageSet("media-library")
|
||||
.Add(T("Media"), "6",
|
||||
menu => menu.Add(T("Media"), "0", item => item.Action("Index", "Admin", new { area = "Orchard.MediaLibrary" })
|
||||
.Permission(Permissions.ManageMediaContent)));
|
||||
.Permission(Permissions.ManageOwnMedia)));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -14,6 +14,7 @@ using Orchard.Themes;
|
||||
using Orchard.UI.Navigation;
|
||||
using Orchard.ContentManagement.MetaData;
|
||||
using Orchard.Validation;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace Orchard.MediaLibrary.Controllers {
|
||||
[ValidateInput(false)]
|
||||
@ -41,17 +42,21 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
public ILogger Logger { get; set; }
|
||||
|
||||
public ActionResult Index(string folderPath = "", bool dialog = false) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Cannot view media")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Cannot view media")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// If the user is trying to access a folder above his boundaries, redirect him to his home folder
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return RedirectToAction("Index", new { folderPath = rootMediaFolder.MediaPath, dialog });
|
||||
}
|
||||
|
||||
// let other modules enhance the ui by providing custom navigation and actions
|
||||
var explorer = Services.ContentManager.New("MediaLibraryExplorer");
|
||||
explorer.Weld(new MediaLibraryExplorerPart());
|
||||
|
||||
var explorerShape = Services.ContentManager.BuildDisplay(explorer);
|
||||
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
|
||||
var viewModel = new MediaManagerIndexViewModel {
|
||||
DialogMode = dialog,
|
||||
FolderPath = folderPath,
|
||||
@ -73,7 +78,7 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
}
|
||||
|
||||
public ActionResult Import(string folderPath) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Cannot import media")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Cannot import media")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var mediaProviderMenu = _navigationManager.BuildMenu("mediaproviders");
|
||||
@ -91,9 +96,20 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[Themed(false)]
|
||||
public ActionResult MediaItems(string folderPath, int skip = 0, int count = 0, string order = "created", string mediaType = "") {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Cannot view media")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Cannot view media")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Check permission.var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
var model = new MediaManagerMediaItemsViewModel {
|
||||
MediaItems = new List<MediaManagerMediaItemViewModel>(),
|
||||
MediaItemsCount = 0,
|
||||
FolderPath = folderPath
|
||||
};
|
||||
|
||||
return View(model);
|
||||
}
|
||||
|
||||
var mediaParts = _mediaLibraryService.GetMediaContentItems(folderPath, skip, count, order, mediaType, VersionOptions.Latest);
|
||||
var mediaPartsCount = _mediaLibraryService.GetMediaContentItemsCount(folderPath, mediaType, VersionOptions.Latest);
|
||||
|
||||
@ -113,9 +129,19 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[Themed(false)]
|
||||
public ActionResult ChildFolders(string folderPath = null) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Cannot get child folder listing")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Cannot get child folder listing")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Check permission.
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
var model = new MediaManagerChildFoldersViewModel {
|
||||
Children = new IMediaFolder[0]
|
||||
};
|
||||
|
||||
return View(model);
|
||||
}
|
||||
|
||||
var viewModel = new MediaManagerChildFoldersViewModel {
|
||||
Children = _mediaLibraryService.GetMediaFolders(folderPath)
|
||||
};
|
||||
@ -127,11 +153,13 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[Themed(false)]
|
||||
public ActionResult RecentMediaItems(int skip = 0, int count = 0, string order = "created", string mediaType = "") {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Cannot view media")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Cannot view media")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var mediaParts = _mediaLibraryService.GetMediaContentItems(skip, count, order, mediaType);
|
||||
var mediaPartsCount = _mediaLibraryService.GetMediaContentItemsCount(mediaType);
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder().MediaPath;
|
||||
|
||||
var mediaParts = _mediaLibraryService.GetMediaContentItems(rootMediaFolder, skip, count, order, mediaType);
|
||||
var mediaPartsCount = _mediaLibraryService.GetMediaContentItemsCount(rootMediaFolder, mediaType);
|
||||
|
||||
|
||||
var mediaItems = mediaParts.Select(x => new MediaManagerMediaItemViewModel {
|
||||
@ -149,12 +177,13 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[Themed(false)]
|
||||
public ActionResult MediaItem(int id, string displayType = "SummaryAdmin") {
|
||||
var contentItem = Services.ContentManager.Get(id, VersionOptions.Latest);
|
||||
var contentItem = Services.ContentManager.Get<MediaPart>(id, VersionOptions.Latest);
|
||||
|
||||
if (contentItem == null)
|
||||
return HttpNotFound();
|
||||
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, contentItem, T("Cannot view media")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, contentItem, T("Cannot view media"))
|
||||
|| !_mediaLibraryService.CanManageMediaFolder(contentItem.FolderPath))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
dynamic model = Services.ContentManager.BuildDisplay(contentItem, displayType);
|
||||
@ -164,13 +193,20 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult Delete(int[] mediaItemIds) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't delete media items")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't delete media items")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var mediaItems = Services.ContentManager
|
||||
.Query(VersionOptions.Latest)
|
||||
.ForContentItems(mediaItemIds)
|
||||
.List()
|
||||
.Select(x => x.As<MediaPart>())
|
||||
.Where(x => x != null);
|
||||
|
||||
try {
|
||||
foreach (var media in Services.ContentManager.Query(VersionOptions.Latest).ForContentItems(mediaItemIds).List()) {
|
||||
if (media != null) {
|
||||
Services.ContentManager.Remove(media);
|
||||
foreach (var media in mediaItems) {
|
||||
if (_mediaLibraryService.CanManageMediaFolder(media.FolderPath)) {
|
||||
Services.ContentManager.Remove(media.ContentItem);
|
||||
}
|
||||
}
|
||||
|
||||
@ -184,12 +220,16 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult Clone(int mediaItemId) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't clone media items")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't clone media items")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
try {
|
||||
var media = Services.ContentManager.Get(mediaItemId).As<MediaPart>();
|
||||
|
||||
if(!_mediaLibraryService.CanManageMediaFolder(media.FolderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
var newFileName = Path.GetFileNameWithoutExtension(media.FileName) + " Copy" + Path.GetExtension(media.FileName);
|
||||
|
||||
_mediaLibraryService.CopyFile(media.FolderPath, media.FileName, media.FolderPath, newFileName);
|
||||
|
||||
@ -15,11 +15,17 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
private readonly IMediaLibraryService _mediaLibraryService;
|
||||
private readonly IContentManager _contentManager;
|
||||
|
||||
public ClientStorageController(IMediaLibraryService mediaManagerService, IContentManager contentManager) {
|
||||
public ClientStorageController(
|
||||
IMediaLibraryService mediaManagerService,
|
||||
IContentManager contentManager,
|
||||
IOrchardServices orchardServices) {
|
||||
_mediaLibraryService = mediaManagerService;
|
||||
_contentManager = contentManager;
|
||||
Services = orchardServices;
|
||||
}
|
||||
|
||||
public IOrchardServices Services { get; set; }
|
||||
|
||||
public ActionResult Index(string folderPath, string type) {
|
||||
|
||||
var viewModel = new ImportMediaViewModel {
|
||||
@ -32,6 +38,15 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult Upload(string folderPath, string type) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Check permission.
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
var statuses = new List<object>();
|
||||
|
||||
// Loop through each file in the request
|
||||
|
||||
@ -32,9 +32,15 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
public Localizer T { get; set; }
|
||||
|
||||
public ActionResult Create(string folderPath) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't create media folder")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't create media folder")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// If the user is trying to access a folder above his boundaries, redirect him to his home folder
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return RedirectToAction("Create", new { folderPath = rootMediaFolder.MediaPath });
|
||||
}
|
||||
|
||||
var viewModel = new MediaManagerFolderCreateViewModel {
|
||||
Hierarchy = _mediaLibraryService.GetMediaFolders(folderPath),
|
||||
FolderPath = folderPath
|
||||
@ -45,12 +51,16 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[HttpPost, ActionName("Create")]
|
||||
public ActionResult Create() {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't create media folder")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't create media folder")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var viewModel = new MediaManagerFolderCreateViewModel();
|
||||
UpdateModel(viewModel);
|
||||
|
||||
if (!_mediaLibraryService.CanManageMediaFolder(viewModel.FolderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
try {
|
||||
_mediaLibraryService.CreateFolder(viewModel.FolderPath, viewModel.Name);
|
||||
Services.Notifier.Information(T("Media folder created"));
|
||||
@ -66,9 +76,13 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
}
|
||||
|
||||
public ActionResult Edit(string folderPath) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't edit media folder")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't edit media folder")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
|
||||
if (!_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
var viewModel = new MediaManagerFolderEditViewModel {
|
||||
FolderPath = folderPath,
|
||||
Name = folderPath.Split(Path.DirectorySeparatorChar, Path.AltDirectorySeparatorChar).Last()
|
||||
@ -80,12 +94,16 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
[HttpPost, ActionName("Edit")]
|
||||
[FormValueRequired("submit.Save")]
|
||||
public ActionResult Edit() {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't edit media folder")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't edit media folder")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var viewModel = new MediaManagerFolderEditViewModel();
|
||||
UpdateModel(viewModel);
|
||||
|
||||
if (!_mediaLibraryService.CanManageMediaFolder(viewModel.FolderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
try {
|
||||
_mediaLibraryService.RenameFolder(viewModel.FolderPath, viewModel.Name);
|
||||
Services.Notifier.Information(T("Media folder renamed"));
|
||||
@ -101,12 +119,16 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
[HttpPost, ActionName("Edit")]
|
||||
[FormValueRequired("submit.Delete")]
|
||||
public ActionResult Delete() {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't delete media folder")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't delete media folder")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
var viewModel = new MediaManagerFolderEditViewModel();
|
||||
UpdateModel(viewModel);
|
||||
|
||||
if (!_mediaLibraryService.CanManageMediaFolder(viewModel.FolderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
}
|
||||
try {
|
||||
_mediaLibraryService.DeleteFolder(viewModel.FolderPath);
|
||||
Services.Notifier.Information(T("Media folder deleted"));
|
||||
@ -122,9 +144,13 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult Move(string folderPath, int[] mediaItemIds) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent, T("Couldn't move media items")))
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia, T("Couldn't move media items")))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
if (!_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
foreach (var media in Services.ContentManager.Query().ForPart<MediaPart>().ForContentItems(mediaItemIds).List()) {
|
||||
|
||||
// don't try to rename the file if there is no associated media file
|
||||
|
||||
@ -9,12 +9,18 @@ using Orchard.MediaLibrary.ViewModels;
|
||||
using Orchard.Themes;
|
||||
using Orchard.UI.Admin;
|
||||
using Orchard.ContentManagement;
|
||||
using Orchard.MediaLibrary.Services;
|
||||
|
||||
namespace Orchard.MediaLibrary.Controllers {
|
||||
[Admin, Themed(false)]
|
||||
public class OEmbedController : Controller {
|
||||
public OEmbedController(IOrchardServices services) {
|
||||
private readonly IMediaLibraryService _mediaLibraryService;
|
||||
|
||||
public OEmbedController(
|
||||
IOrchardServices services,
|
||||
IMediaLibraryService mediaManagerService) {
|
||||
Services = services;
|
||||
_mediaLibraryService = mediaManagerService;
|
||||
}
|
||||
|
||||
public IOrchardServices Services { get; set; }
|
||||
@ -32,6 +38,15 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
[ActionName("Index")]
|
||||
[ValidateInput(false)]
|
||||
public ActionResult IndexPOST(string folderPath, string url, string type, string title, string html, string thumbnail, string width, string height, string description) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Check permission.
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
var viewModel = new OEmbedViewModel {
|
||||
Url = url,
|
||||
FolderPath = folderPath
|
||||
|
||||
@ -13,12 +13,19 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
public class WebSearchController : Controller {
|
||||
private readonly IMediaLibraryService _mediaLibraryService;
|
||||
private readonly IContentManager _contentManager;
|
||||
|
||||
public WebSearchController(IMediaLibraryService mediaManagerService, IContentManager contentManager) {
|
||||
|
||||
public WebSearchController(
|
||||
IMediaLibraryService mediaManagerService,
|
||||
IContentManager contentManager,
|
||||
IOrchardServices orchardServices) {
|
||||
_mediaLibraryService = mediaManagerService;
|
||||
_contentManager = contentManager;
|
||||
|
||||
Services = orchardServices;
|
||||
}
|
||||
|
||||
public IOrchardServices Services { get; set; }
|
||||
|
||||
public ActionResult Index(string folderPath, string type) {
|
||||
var viewModel = new ImportMediaViewModel {
|
||||
FolderPath = folderPath,
|
||||
@ -30,7 +37,15 @@ namespace Orchard.MediaLibrary.Controllers {
|
||||
|
||||
|
||||
[HttpPost]
|
||||
public JsonResult ImagePost(string folderPath, string type, string url) {
|
||||
public ActionResult ImagePost(string folderPath, string type, string url) {
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageOwnMedia))
|
||||
return new HttpUnauthorizedResult();
|
||||
|
||||
// Check permission.
|
||||
var rootMediaFolder = _mediaLibraryService.GetRootMediaFolder();
|
||||
if (!Services.Authorizer.Authorize(Permissions.ManageMediaContent) && !_mediaLibraryService.CanManageMediaFolder(folderPath)) {
|
||||
return new HttpUnauthorizedResult();
|
||||
}
|
||||
|
||||
try {
|
||||
var buffer = new WebClient().DownloadData(url);
|
||||
|
||||
@ -174,6 +174,7 @@
|
||||
<Compile Include="Providers\OEmbedMenu.cs" />
|
||||
<Compile Include="Providers\WebSearchMenu.cs" />
|
||||
<Compile Include="ResourceManifest.cs" />
|
||||
<Compile Include="Security\MediaAuthorizationEventHandler.cs" />
|
||||
<Compile Include="Services\IMediaLibraryService.cs" />
|
||||
<Compile Include="Services\MediaLibraryService.cs" />
|
||||
<Compile Include="Services\Shapes.cs" />
|
||||
|
||||
@ -4,13 +4,15 @@ using Orchard.Security.Permissions;
|
||||
|
||||
namespace Orchard.MediaLibrary {
|
||||
public class Permissions : IPermissionProvider {
|
||||
public static readonly Permission ManageMediaContent = new Permission { Description = "Managing Media", Name = "ManageMediaContent" };
|
||||
public static readonly Permission ManageMediaContent = new Permission { Description = "Manage Media", Name = "ManageMediaContent" };
|
||||
public static readonly Permission ManageOwnMedia = new Permission { Description = "Manage Own Media", Name = "ManageOwnMedia", ImpliedBy = new[] { ManageMediaContent } };
|
||||
|
||||
public virtual Feature Feature { get; set; }
|
||||
|
||||
public IEnumerable<Permission> GetPermissions() {
|
||||
return new[] {
|
||||
ManageMediaContent,
|
||||
ManageOwnMedia,
|
||||
};
|
||||
}
|
||||
|
||||
@ -33,6 +35,7 @@ namespace Orchard.MediaLibrary {
|
||||
},
|
||||
new PermissionStereotype {
|
||||
Name = "Contributor",
|
||||
Permissions = new[] {ManageOwnMedia}
|
||||
},
|
||||
};
|
||||
}
|
||||
|
||||
@ -15,7 +15,7 @@ namespace Orchard.MediaLibrary.Providers {
|
||||
builder.AddImageSet("clientstorage")
|
||||
.Add(T("My Computer"), "5",
|
||||
menu => menu.Action("Index", "ClientStorage", new { area = "Orchard.MediaLibrary" })
|
||||
.Permission(Permissions.ManageMediaContent));
|
||||
.Permission(Permissions.ManageOwnMedia));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -15,7 +15,7 @@ namespace Orchard.MediaLibrary.Providers {
|
||||
builder.AddImageSet("oembed")
|
||||
.Add(T("Media Url"), "10",
|
||||
menu => menu.Action("Index", "OEmbed", new { area = "Orchard.MediaLibrary" })
|
||||
.Permission(Permissions.ManageMediaContent));
|
||||
.Permission(Permissions.ManageOwnMedia));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -15,7 +15,7 @@ namespace Orchard.MediaLibrary.Providers {
|
||||
builder.AddImageSet("websearch")
|
||||
.Add(T("Web Search"), "7",
|
||||
menu => menu.Action("Index", "WebSearch", new { area = "Orchard.MediaLibrary" })
|
||||
.Permission(Permissions.ManageMediaContent));
|
||||
.Permission(Permissions.ManageOwnMedia));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,35 @@
|
||||
using Orchard.ContentManagement;
|
||||
using Orchard.MediaLibrary.Models;
|
||||
using Orchard.MediaLibrary.Services;
|
||||
using Orchard.Security;
|
||||
|
||||
namespace Orchard.MediaLibrary.Security {
|
||||
public class MediaAuthorizationEventHandler : IAuthorizationServiceEventHandler {
|
||||
private readonly IAuthorizer _authorizer;
|
||||
private readonly IMediaLibraryService _mediaLibraryService;
|
||||
|
||||
public MediaAuthorizationEventHandler(
|
||||
IAuthorizer authorizer,
|
||||
IMediaLibraryService mediaLibraryService) {
|
||||
_authorizer = authorizer;
|
||||
_mediaLibraryService = mediaLibraryService;
|
||||
}
|
||||
|
||||
public void Checking(CheckAccessContext context) { }
|
||||
public void Complete(CheckAccessContext context) { }
|
||||
|
||||
public void Adjust(CheckAccessContext context) {
|
||||
var mediaPart = context.Content.As<MediaPart>();
|
||||
if (mediaPart != null) {
|
||||
if(_authorizer.Authorize(Permissions.ManageMediaContent)) {
|
||||
context.Granted = true;
|
||||
return;
|
||||
}
|
||||
|
||||
if(_authorizer.Authorize(Permissions.ManageOwnMedia)) {
|
||||
context.Granted = _mediaLibraryService.CanManageMediaFolder(mediaPart.FolderPath);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,4 +1,5 @@
|
||||
using System.Collections.Generic;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Web;
|
||||
using Orchard.ContentManagement;
|
||||
@ -36,7 +37,7 @@ namespace Orchard.MediaLibrary.Services {
|
||||
/// <returns>The public URL for the media.</returns>
|
||||
string GetMediaPublicUrl(string mediaPath, string fileName);
|
||||
|
||||
MediaFolder GetRootMediaFolder();
|
||||
IMediaFolder GetRootMediaFolder();
|
||||
|
||||
/// <summary>
|
||||
/// Retrieves the media folders within a given relative path.
|
||||
@ -131,4 +132,30 @@ namespace Orchard.MediaLibrary.Services {
|
||||
/// <returns>The path to the uploaded file.</returns>
|
||||
string UploadMediaFile(string folderPath, string fileName, Stream inputStream);
|
||||
}
|
||||
|
||||
public static class MediaLibrayServiceExtensions {
|
||||
public static bool CanManageMediaFolder(this IMediaLibraryService service, string folderPath) {
|
||||
// The current user can manage a media if he has access to the whole hierarchy
|
||||
// or the media is under his personal storage folder.
|
||||
|
||||
var rootMediaFolder = service.GetRootMediaFolder();
|
||||
if (rootMediaFolder == null) {
|
||||
return true;
|
||||
}
|
||||
|
||||
var mediaPath = folderPath + "\\";
|
||||
var rootPath = rootMediaFolder.MediaPath + "\\";
|
||||
|
||||
return mediaPath.StartsWith(rootPath, StringComparison.OrdinalIgnoreCase);
|
||||
}
|
||||
|
||||
public static string GetRootedFolderPath(this IMediaLibraryService service, string folderPath) {
|
||||
var rootMediaFolder = service.GetRootMediaFolder();
|
||||
if (rootMediaFolder != null) {
|
||||
return Path.Combine(rootMediaFolder.MediaPath, folderPath ?? "");
|
||||
}
|
||||
|
||||
return folderPath;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -210,7 +210,21 @@ namespace Orchard.MediaLibrary.Services {
|
||||
return GetPublicUrl(Path.Combine(mediaPath, fileName));
|
||||
}
|
||||
|
||||
public MediaFolder GetRootMediaFolder() {
|
||||
public IMediaFolder GetRootMediaFolder() {
|
||||
if (_orchardServices.Authorizer.Authorize(Permissions.ManageMediaContent)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if (_orchardServices.Authorizer.Authorize(Permissions.ManageOwnMedia)) {
|
||||
var currentUser = _orchardServices.WorkContext.CurrentUser;
|
||||
var userPath = _storageProvider.Combine("Users", currentUser.UserName);
|
||||
|
||||
return new MediaFolder() {
|
||||
Name = currentUser.UserName,
|
||||
MediaPath = userPath
|
||||
};
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@ -60,7 +60,7 @@ namespace Orchard.MediaLibrary.Services {
|
||||
UrlHelper url) {
|
||||
|
||||
var user = _membershipService.ValidateUser(userName, password);
|
||||
if (!_authorizationService.TryCheckAccess(Permissions.ManageMediaContent, user, null)) {
|
||||
if (!_authorizationService.TryCheckAccess(Permissions.ManageOwnMedia, user, null)) {
|
||||
throw new OrchardCoreException(T("Access denied"));
|
||||
}
|
||||
|
||||
@ -72,6 +72,11 @@ namespace Orchard.MediaLibrary.Services {
|
||||
directoryName = "media";
|
||||
}
|
||||
|
||||
// If the user only has access to his own folder, rewrite the folder name
|
||||
if (!_authorizationService.TryCheckAccess(Permissions.ManageMediaContent, user, null)) {
|
||||
directoryName = Path.Combine(_mediaLibraryService.GetRootedFolderPath(directoryName));
|
||||
}
|
||||
|
||||
try {
|
||||
// delete the file if it already exists, e.g. an updated image in a blog post
|
||||
// it's safe to delete the file as each content item gets a specific folder
|
||||
|
||||
@ -112,7 +112,7 @@ var mediaLibrarySettings = {
|
||||
<div class="media-library-folder-title" data-bind="click: folderClicked, attr: { 'data-media-path': folderPath() }, css: {selected: isSelected()}">
|
||||
<a href="#" class="media-library-navigation-folder-link"><i data-bind=" css: {'icon-folder-open-alt': isExpanded(), 'icon-folder-close-alt': !isExpanded()}"></i><span data-bind=" text: name"></span></a>
|
||||
</div>
|
||||
<ul data-bind="template: { name: 'media-folder-template', foreach: childFolders, afterRender: afterRenderMediaFolderTemplate}, visible: isExpanded()">
|
||||
<ul data-bind="template: { name: 'media-folder-template', foreach: childFolders, afterRender: afterRenderMediaFolderTemplate}, visible: isExpanded()">
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
|
||||
@ -6,10 +6,12 @@
|
||||
<div class="breadCrumbs">
|
||||
<p>@Html.ActionLink(T("Media Library").ToString(), "Index", "Admin", new { area = "Orchard.MediaLibrary" }, new {}) >
|
||||
@if (Model.FolderPath != null) {
|
||||
foreach (var folder in Model.FolderPath.Split('/')) {
|
||||
if (!String.IsNullOrEmpty(folder)) {
|
||||
@Html.ActionLink(folder, "Edit", new {folderPath = folder})
|
||||
<text>></text>
|
||||
var fullPath = "";
|
||||
foreach (var folder in Model.FolderPath.Split(new[] { Path.DirectorySeparatorChar, Path.AltDirectorySeparatorChar })) {
|
||||
if (!String.IsNullOrEmpty(folder)) {
|
||||
fullPath = Path.Combine(fullPath, folder);
|
||||
@Html.ActionLink(folder, "Index", "Admin", new {folderPath = fullPath }, null)
|
||||
<text>></text>
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user