lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-04-05 21:01:35 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Adding unit tests for dynamic content rights

Browse Source 
--HG--
branch : dev
This commit is contained in:
Sebastien Ros 2010-10-06 12:41:14 -07:00
parent aca883f54a
commit f06d553ae0
6 changed files with 525 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
src/Orchard.Specs/Bindings/ContentRights.cs Normal file
View File

@ -0,0 +1,108 @@
using System;
using NUnit.Framework;
using Orchard.ContentManagement;
using Orchard.ContentManagement.Aspects;
using Orchard.Core.Contents;
using Orchard.Data;
using Orchard.Roles.Models;
using Orchard.Roles.Services;
using Orchard.Security;
using Orchard.Security.Permissions;
using Orchard.Specs.Hosting.Orchard.Web;
using TechTalk.SpecFlow;
namespace Orchard.Specs.Bindings {
[Binding]
public class ContentRights : BindingBase {
[When(@"I have a role ""(.*)\"" with permissions ""(.*)\""")]
public void WhenIHaveARoleWithPermissions(string roleName, string permissions) {
var webApp = Binding<WebAppHosting>();
webApp.Host.Execute(() => {
using ( var environment = MvcApplication.CreateStandaloneEnvironment("Default") ) {
var roleService = environment.Resolve<IRoleService>();
roleService.CreateRole(roleName);
foreach ( var permissionName in permissions.Split(new[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries) ) {
roleService.CreatePermissionForRole(roleName, permissionName);
}
}
});
}
[When(@"I have a user ""(.*)\"" with roles ""(.*)\""")]
public void GivenIHaveCreatedAUser(string username, string roles) {
var webApp = Binding<WebAppHosting>();
webApp.Host.Execute(() => {
using ( var environment = MvcApplication.CreateStandaloneEnvironment("Default") ) {
var memberShipService = environment.Resolve<IMembershipService>();
var roleService = environment.Resolve<IRoleService>();
var userRoleRepository = environment.Resolve<IRepository<UserRolesPartRecord>>();
var user = memberShipService.CreateUser(new CreateUserParams(username, "qwerty123!", username + "@foo.com", "", "", true));
foreach ( var roleName in roles.Split(new[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries) ) {
var role = roleService.GetRoleByName(roleName);
userRoleRepository.Create(new UserRolesPartRecord { UserId = user.Id, Role = role });
}
}
});
}
[Then(@"""(.*)\"" should be able to ""(.*)\"" a ""(.*)\"" owned by ""(.*)\""")]
public void UserShouldBeAbleToForOthers(string username, string action, string contentType, string otherName) {
var webApp = Binding<WebAppHosting>();
webApp.Host.Execute(() => {
using ( var environment = MvcApplication.CreateStandaloneEnvironment("Default") ) {
var memberShipService = environment.Resolve<IMembershipService>();
var athorizationService = environment.Resolve<IAuthorizationService>();
var contentManager = environment.Resolve<IContentManager>();
var contentItem = contentManager.Create(contentType);
var user = memberShipService.GetUser(username);
var otherUser = memberShipService.GetUser(otherName);
contentItem.As<ICommonPart>().Owner = otherUser;
Assert.That(athorizationService.TryCheckAccess(GetPermissionForAction(action), user, contentItem), Is.True);
}
});
}
[Then(@"""(.*)\"" should not be able to ""(.*)\"" a ""(.*)\"" owned by ""(.*)\""")]
public void UserShouldNotBeAbleToForOthers(string username, string action, string contentType, string otherName) {
var webApp = Binding<WebAppHosting>();
webApp.Host.Execute(() => {
using ( var environment = MvcApplication.CreateStandaloneEnvironment("Default") ) {
var memberShipService = environment.Resolve<IMembershipService>();
var athorizationService = environment.Resolve<IAuthorizationService>();
var contentManager = environment.Resolve<IContentManager>();
var contentItem = contentManager.Create(contentType);
var user = memberShipService.GetUser(username);
var otherUser = memberShipService.GetUser(otherName);
contentItem.As<ICommonPart>().Owner = otherUser;
Assert.That(athorizationService.TryCheckAccess(GetPermissionForAction(action), user, contentItem), Is.False);
}
});
}
private static Permission GetPermissionForAction(string action) {
switch ( action ) {
case "publish":
return Permissions.PublishContent;
case "edit":
return Permissions.EditContent;
case "delete":
return Permissions.DeleteContent;
default:
return null;
}
}
}
}

88
src/Orchard.Specs/ContentRights.feature Normal file
View File

@ -0,0 +1,88 @@
Feature: Content rights management
In order to ensure security
As a root Orchard system operator
I want only the allowed users to edit the content
Scenario: Administrators can manage a Page
Given I have installed Orchard
When I have a user "user1" with roles "Administrator"
Then "user1" should be able to "publish" a "Page" owned by "user1"
And "user1" should be able to "edit" a "Page" owned by "user1"
Scenario: Users can't create a Page if they don't have the PublishContent permission
Given I have installed Orchard
When I have a role "CustomRole" with permissions "EditContent, DeleteContent"
And I have a user "user1" with roles "CustomRole"
Then "user1" should not be able to "publish" a "Page" owned by "user1"
And "user1" should be able to "edit" a "Page" owned by "user1"
And "user1" should be able to "delete" a "Page" owned by "user1"
Scenario: Users can't edit a Page if they don't have the EditContent permission
Given I have installed Orchard
When I have a role "CustomRole" with permissions "DeleteContent"
And I have a user "user1" with roles "CustomRole"
Then "user1" should not be able to "publish" a "Page" owned by "user1"
And "user1" should not be able to "edit" a "Page" owned by "user1"
And "user1" should be able to "delete" a "Page" owned by "user1"
Scenario: Users can create and edit a Page even if they only have the PublishContent permission
Given I have installed Orchard
When I have a role "CustomRole" with permissions "PublishContent"
And I have a user "user1" with roles "CustomRole"
Then "user1" should be able to "publish" a "Page" owned by "user1"
And "user1" should be able to "edit" a "Page" owned by "user1"
And "user1" should not be able to "delete" a "Page" owned by "user1"
Scenario: Users can create a Page if they have PublishContent for Page
Given I have installed Orchard
When I have a role "CustomRole" with permissions "Publish_Page"
And I have a user "user1" with roles "CustomRole"
Then "user1" should be able to "publish" a "Page" owned by "user1"
And "user1" should be able to "edit" a "Page" owned by "user1"
And "user1" should not be able to "delete" a "Page" owned by "user1"
Scenario: Users can't create a Page for others if they only have PublishContent
Given I have installed Orchard
When I have a role "CustomRole" with permissions "PublishContent"
And I have a user "user1" with roles "CustomRole"
And I have a user "user2" with roles "Administrator"
Then "user1" should not be able to "publish" a "Page" owned by "user2"
And "user1" should not be able to "edit" a "Page" owned by "user2"
And "user1" should not be able to "delete" a "Page" owned by "user2"
Scenario: Users can create a Page for others if they have PublishOthersContent
Given I have installed Orchard
When I have a role "CustomRole" with permissions "PublishOthersContent"
And I have a user "user1" with roles "CustomRole"
And I have a user "user2" with roles "Administrator"
Then "user1" should be able to "publish" a "Page" owned by "user2"
And "user1" should be able to "edit" a "Page" owned by "user2"
And "user1" should not be able to "delete" a "Page" owned by "user2"
Scenario: Users can't create a Page for others if they only have Publish_Page
Given I have installed Orchard
When I have a role "CustomRole" with permissions "Publish_Page"
And I have a user "user1" with roles "CustomRole"
And I have a user "user2" with roles "Administrator"
Then "user1" should be able to "publish" a "Page" owned by "user2"
And "user1" should be able to "edit" a "Page" owned by "user2"
And "user1" should not be able to "delete" a "Page" owned by "user2"
Scenario: Users can create a Page for others if they only have PublishOthers_Page
Given I have installed Orchard
When I have a role "CustomRole" with permissions "PublishOthers_Page"
And I have a user "user1" with roles "CustomRole"
And I have a user "user2" with roles "Administrator"
Then "user1" should be able to "publish" a "Page" owned by "user2"
And "user1" should be able to "edit" a "Page" owned by "user2"
And "user1" should not be able to "delete" a "Page" owned by "user2"
Scenario: Users can delete a Page for others if they only have DeleteOthers_Page
Given I have installed Orchard
When I have a role "CustomRole" with permissions "DeleteOthers_Page"
And I have a user "user1" with roles "CustomRole"
And I have a user "user2" with roles "Administrator"
Then "user1" should not be able to "publish" a "Page" owned by "user2"
And "user1" should not be able to "edit" a "Page" owned by "user2"
And "user1" should be able to "delete" a "Page" owned by "user2"

295
src/Orchard.Specs/ContentRights.feature.cs generated Normal file
View File

@ -0,0 +1,295 @@
// ------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by SpecFlow (http://www.specflow.org/).
// SpecFlow Version:1.3.0.0
// Runtime Version:4.0.30319.1
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
// </auto-generated>
// ------------------------------------------------------------------------------
#region Designer generated code
namespace Orchard.Specs
{
using TechTalk.SpecFlow;
[System.CodeDom.Compiler.GeneratedCodeAttribute("TechTalk.SpecFlow", "1.3.0.0")]
[System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
[NUnit.Framework.TestFixtureAttribute()]
[NUnit.Framework.DescriptionAttribute("Content rights management")]
public partial class ContentRightsManagementFeature
{
private static TechTalk.SpecFlow.ITestRunner testRunner;
#line 1 "ContentRights.feature"
#line hidden
[NUnit.Framework.TestFixtureSetUpAttribute()]
public virtual void FeatureSetup()
{
testRunner = TechTalk.SpecFlow.TestRunnerManager.GetTestRunner();
TechTalk.SpecFlow.FeatureInfo featureInfo = new TechTalk.SpecFlow.FeatureInfo(new System.Globalization.CultureInfo("en-US"), "Content rights management", "In order to ensure security\r\nAs a root Orchard system operator\r\nI want only the a" +
"llowed users to edit the content", ((string[])(null)));
testRunner.OnFeatureStart(featureInfo);
}
[NUnit.Framework.TestFixtureTearDownAttribute()]
public virtual void FeatureTearDown()
{
testRunner.OnFeatureEnd();
testRunner = null;
}
public virtual void ScenarioSetup(TechTalk.SpecFlow.ScenarioInfo scenarioInfo)
{
testRunner.OnScenarioStart(scenarioInfo);
}
[NUnit.Framework.TearDownAttribute()]
public virtual void ScenarioTearDown()
{
testRunner.OnScenarioEnd();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Administrators can manage a Page")]
public virtual void AdministratorsCanManageAPage()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Administrators can manage a Page", ((string[])(null)));
#line 6
this.ScenarioSetup(scenarioInfo);
#line 7
testRunner.Given("I have installed Orchard");
#line 8
testRunner.When("I have a user \"user1\" with roles \"Administrator\"");
#line 9
testRunner.Then("\"user1\" should be able to \"publish\" a \"Page\" owned by \"user1\"");
#line 10
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user1\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can\'t create a Page if they don\'t have the PublishContent permission")]
public virtual void UsersCanTCreateAPageIfTheyDonTHaveThePublishContentPermission()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can\'t create a Page if they don\'t have the PublishContent permission", ((string[])(null)));
#line 12
this.ScenarioSetup(scenarioInfo);
#line 13
testRunner.Given("I have installed Orchard");
#line 14
testRunner.When("I have a role \"CustomRole\" with permissions \"EditContent, DeleteContent\"");
#line 15
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 16
testRunner.Then("\"user1\" should not be able to \"publish\" a \"Page\" owned by \"user1\"");
#line 17
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user1\"");
#line 18
testRunner.And("\"user1\" should be able to \"delete\" a \"Page\" owned by \"user1\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can\'t edit a Page if they don\'t have the EditContent permission")]
public virtual void UsersCanTEditAPageIfTheyDonTHaveTheEditContentPermission()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can\'t edit a Page if they don\'t have the EditContent permission", ((string[])(null)));
#line 20
this.ScenarioSetup(scenarioInfo);
#line 21
testRunner.Given("I have installed Orchard");
#line 22
testRunner.When("I have a role \"CustomRole\" with permissions \"DeleteContent\"");
#line 23
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 24
testRunner.Then("\"user1\" should not be able to \"publish\" a \"Page\" owned by \"user1\"");
#line 25
testRunner.And("\"user1\" should not be able to \"edit\" a \"Page\" owned by \"user1\"");
#line 26
testRunner.And("\"user1\" should be able to \"delete\" a \"Page\" owned by \"user1\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can create and edit a Page even if they only have the PublishContent permis" +
"sion")]
public virtual void UsersCanCreateAndEditAPageEvenIfTheyOnlyHaveThePublishContentPermission()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can create and edit a Page even if they only have the PublishContent permis" +
"sion", ((string[])(null)));
#line 28
this.ScenarioSetup(scenarioInfo);
#line 29
testRunner.Given("I have installed Orchard");
#line 30
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishContent\"");
#line 31
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 32
testRunner.Then("\"user1\" should be able to \"publish\" a \"Page\" owned by \"user1\"");
#line 33
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user1\"");
#line 34
testRunner.And("\"user1\" should not be able to \"delete\" a \"Page\" owned by \"user1\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can create a Page if they have PublishContent for Page")]
public virtual void UsersCanCreateAPageIfTheyHavePublishContentForPage()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can create a Page if they have PublishContent for Page", ((string[])(null)));
#line 36
this.ScenarioSetup(scenarioInfo);
#line 37
testRunner.Given("I have installed Orchard");
#line 38
testRunner.When("I have a role \"CustomRole\" with permissions \"Publish_Page\"");
#line 39
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 40
testRunner.Then("\"user1\" should be able to \"publish\" a \"Page\" owned by \"user1\"");
#line 41
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user1\"");
#line 42
testRunner.And("\"user1\" should not be able to \"delete\" a \"Page\" owned by \"user1\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can\'t create a Page for others if they only have PublishContent")]
public virtual void UsersCanTCreateAPageForOthersIfTheyOnlyHavePublishContent()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can\'t create a Page for others if they only have PublishContent", ((string[])(null)));
#line 44
this.ScenarioSetup(scenarioInfo);
#line 45
testRunner.Given("I have installed Orchard");
#line 46
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishContent\"");
#line 47
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 48
testRunner.And("I have a user \"user2\" with roles \"Administrator\"");
#line 49
testRunner.Then("\"user1\" should not be able to \"publish\" a \"Page\" owned by \"user2\"");
#line 50
testRunner.And("\"user1\" should not be able to \"edit\" a \"Page\" owned by \"user2\"");
#line 51
testRunner.And("\"user1\" should not be able to \"delete\" a \"Page\" owned by \"user2\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can create a Page for others if they have PublishOthersContent")]
public virtual void UsersCanCreateAPageForOthersIfTheyHavePublishOthersContent()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can create a Page for others if they have PublishOthersContent", ((string[])(null)));
#line 53
this.ScenarioSetup(scenarioInfo);
#line 54
testRunner.Given("I have installed Orchard");
#line 55
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishOthersContent\"");
#line 56
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 57
testRunner.And("I have a user \"user2\" with roles \"Administrator\"");
#line 58
testRunner.Then("\"user1\" should be able to \"publish\" a \"Page\" owned by \"user2\"");
#line 59
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user2\"");
#line 60
testRunner.And("\"user1\" should not be able to \"delete\" a \"Page\" owned by \"user2\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can\'t create a Page for others if they only have Publish_Page")]
public virtual void UsersCanTCreateAPageForOthersIfTheyOnlyHavePublish_Page()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can\'t create a Page for others if they only have Publish_Page", ((string[])(null)));
#line 63
this.ScenarioSetup(scenarioInfo);
#line 64
testRunner.Given("I have installed Orchard");
#line 65
testRunner.When("I have a role \"CustomRole\" with permissions \"Publish_Page\"");
#line 66
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 67
testRunner.And("I have a user \"user2\" with roles \"Administrator\"");
#line 68
testRunner.Then("\"user1\" should be able to \"publish\" a \"Page\" owned by \"user2\"");
#line 69
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user2\"");
#line 70
testRunner.And("\"user1\" should not be able to \"delete\" a \"Page\" owned by \"user2\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can create a Page for others if they only have PublishOthers_Page")]
public virtual void UsersCanCreateAPageForOthersIfTheyOnlyHavePublishOthers_Page()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can create a Page for others if they only have PublishOthers_Page", ((string[])(null)));
#line 72
this.ScenarioSetup(scenarioInfo);
#line 73
testRunner.Given("I have installed Orchard");
#line 74
testRunner.When("I have a role \"CustomRole\" with permissions \"PublishOthers_Page\"");
#line 75
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 76
testRunner.And("I have a user \"user2\" with roles \"Administrator\"");
#line 77
testRunner.Then("\"user1\" should be able to \"publish\" a \"Page\" owned by \"user2\"");
#line 78
testRunner.And("\"user1\" should be able to \"edit\" a \"Page\" owned by \"user2\"");
#line 79
testRunner.And("\"user1\" should not be able to \"delete\" a \"Page\" owned by \"user2\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("Users can delete a Page for others if they only have DeleteOthers_Page")]
public virtual void UsersCanDeleteAPageForOthersIfTheyOnlyHaveDeleteOthers_Page()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("Users can delete a Page for others if they only have DeleteOthers_Page", ((string[])(null)));
#line 81
this.ScenarioSetup(scenarioInfo);
#line 82
testRunner.Given("I have installed Orchard");
#line 83
testRunner.When("I have a role \"CustomRole\" with permissions \"DeleteOthers_Page\"");
#line 84
testRunner.And("I have a user \"user1\" with roles \"CustomRole\"");
#line 85
testRunner.And("I have a user \"user2\" with roles \"Administrator\"");
#line 86
testRunner.Then("\"user1\" should not be able to \"publish\" a \"Page\" owned by \"user2\"");
#line 87
testRunner.And("\"user1\" should not be able to \"edit\" a \"Page\" owned by \"user2\"");
#line 88
testRunner.And("\"user1\" should be able to \"delete\" a \"Page\" owned by \"user2\"");
#line hidden
testRunner.CollectScenarioErrors();
}
}
}
#endregion

4
src/Orchard.Specs/Media.feature.cs generated
View File

@ -1,7 +1,7 @@
// ------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by SpecFlow (http://www.specflow.org/).
// SpecFlow Version:1.3.2.0
// SpecFlow Version:1.3.0.0
// Runtime Version:4.0.30319.1
//
// Changes to this file may cause incorrect behavior and will be lost if
@ -14,7 +14,7 @@ namespace Orchard.Specs
using TechTalk.SpecFlow;
[System.CodeDom.Compiler.GeneratedCodeAttribute("TechTalk.SpecFlow", "1.3.2.0")]
[System.CodeDom.Compiler.GeneratedCodeAttribute("TechTalk.SpecFlow", "1.3.0.0")]
[System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
[NUnit.Framework.TestFixtureAttribute()]
[NUnit.Framework.DescriptionAttribute("Media management")]

10
src/Orchard.Specs/Orchard.Specs.csproj
View File

@ -125,7 +125,13 @@
<ItemGroup>
<Compile Include="Bindings\BindingBase.cs" />
<Compile Include="Bindings\CommandLine.cs" />
<Compile Include="Bindings\ContentRights.cs" />
<Compile Include="Bindings\OrchardSiteFactory.cs" />
<Compile Include="ContentRights.feature.cs">
<DependentUpon>ContentRights.feature</DependentUpon>
<AutoGen>True</AutoGen>
<DesignTime>True</DesignTime>
</Compile>
<Compile Include="Hosting\MessageSink.cs" />
<Compile Include="Hosting\HostingTraceListener.cs" />
<Compile Include="Hosting\TraceEnabledDataServicesProviderFactory.cs" />
@ -189,6 +195,10 @@
<Content Include="Hosting\Orchard.Web\Config\Sites.config">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
<None Include="ContentRights.feature">
<Generator>SpecFlowSingleFileGenerator</Generator>
<LastGenOutput>ContentRights.feature.cs</LastGenOutput>
</None>
<None Include="Hosting\Orchard.Web\Config\Diagnostics.config">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</None>

27
src/Orchard.Web/Core/Contents/AuthorizationEventHandler.cs
View File

@ -6,8 +6,7 @@ using Orchard.Core.Contents.Settings;
using Orchard.Security;
using Orchard.Security.Permissions;
namespace Orchard.Core.Contents
{
namespace Orchard.Core.Contents {
[UsedImplicitly]
public class AuthorizationEventHandler : IAuthorizationServiceEventHandler {
public void Checking(CheckAccessContext context) { }
@ -21,14 +20,21 @@ namespace Orchard.Core.Contents
// replace permission if more specific version exists
if ( typeDefinition.Settings.GetModel<ContentTypeSettings>().Creatable ) {
Permission permission = context.Permission;
var permission = context.Permission;
if ( context.Permission.Name == Permissions.PublishContent.Name )
permission = DynamicPermissions.CreateDynamicPersion(DynamicPermissions.PublishContent, typeDefinition);
if ( context.Permission.Name == Permissions.EditContent.Name)
if ( context.Permission.Name == Permissions.EditContent.Name )
permission = DynamicPermissions.CreateDynamicPersion(DynamicPermissions.EditContent, typeDefinition);
if ( context.Permission.Name == Permissions.DeleteContent.Name)
if ( context.Permission.Name == Permissions.DeleteContent.Name )
permission = DynamicPermissions.CreateDynamicPersion(DynamicPermissions.DeleteContent, typeDefinition);
if ( context.Permission.Name == Permissions.PublishOthersContent.Name )
permission = DynamicPermissions.CreateDynamicPersion(DynamicPermissions.PublishOthersContent, typeDefinition);
if ( context.Permission.Name == Permissions.EditOthersContent.Name )
permission = DynamicPermissions.CreateDynamicPersion(DynamicPermissions.EditOthersContent, typeDefinition);
if ( context.Permission.Name == Permissions.DeleteOthersContent.Name )
permission = DynamicPermissions.CreateDynamicPersion(DynamicPermissions.DeleteOthersContent, typeDefinition);
// converts the permission if the owner is someone else
if ( HasOtherOwner(context.User, context.Content) ) {
@ -57,6 +63,17 @@ namespace Orchard.Core.Contents
return false;
return user.Id != common.Owner.Id;
}
private static Permission GetOwnerVariation(Permission permission)
{
if (permission.Name == Contents.Permissions.PublishOthersContent.Name)
return Contents.Permissions.PublishContent;
if (permission.Name == Contents.Permissions.EditOthersContent.Name)
return Contents.Permissions.EditContent;
if (permission.Name == Contents.Permissions.DeleteOthersContent.Name)
return Contents.Permissions.DeleteContent;
return null;
}
}
}