diff --git a/DNN Platform/Library/Common/Utilities/DataCache.cs b/DNN Platform/Library/Common/Utilities/DataCache.cs index d6bf115449c..8113f8a4804 100644 --- a/DNN Platform/Library/Common/Utilities/DataCache.cs +++ b/DNN Platform/Library/Common/Utilities/DataCache.cs @@ -72,7 +72,11 @@ public class DataCache public const string PortalGroupsCacheKey = "PortalGroups"; public const CacheItemPriority PortalGroupsCachePriority = CacheItemPriority.High; - public const int PortalGroupsCacheTimeOut = 20; + public const int PortalGroupsCacheTimeOut = 20; + + public const string PortalPermissionCacheKey = "PortalPermission{0}"; + public const CacheItemPriority PortalPermissionCachePriority = CacheItemPriority.High; + public const int PortalPermissionCacheTimeOut = 20; // Tab cache keys public const string TabCacheKey = "Tab_Tabs{0}"; @@ -434,6 +438,11 @@ public static void ClearTabPermissionsCache(int PortalId) RemoveCache(string.Format(TabPermissionCacheKey, PortalId)); } + public static void ClearPortalPermissionsCache(int PortalId) + { + RemoveCache(string.Format(PortalPermissionCacheKey, PortalId)); + } + public static void ClearUserCache(int PortalId, string username) { RemoveCache(string.Format(UserCacheKey, PortalId, username)); diff --git a/DNN Platform/Library/Data/DataProvider.cs b/DNN Platform/Library/Data/DataProvider.cs index ca748cdb720..30bec43ae7c 100644 --- a/DNN Platform/Library/Data/DataProvider.cs +++ b/DNN Platform/Library/Data/DataProvider.cs @@ -1843,6 +1843,38 @@ public virtual int AddFolderPermission(int folderId, int permissionId, int roleI allowAccess, this.GetNull(userId), createdByUserID); + } + + public virtual IDataReader GetPortalPermissionsByPortal(int portalId) + { + return this.ExecuteReader("GetPortalPermissionsByPortal", this.GetNull(portalId)); + } + + public virtual int AddPortalPermission(int portalId, int permissionId, int roleId, bool allowAccess, int userId, int createdByUserId) + { + return this.ExecuteScalar( + "SaveTabPermission", + portalId, + permissionId, + this.GetRoleNull(roleId), + allowAccess, + this.GetNull(userId), + createdByUserId); + } + + public virtual void DeletePortalPermission(int portalPermissionId) + { + this.ExecuteNonQuery("DeletePortalPermission", portalPermissionId); + } + + public virtual void DeletePortalPermissionsByPortalID(int portalId) + { + this.ExecuteNonQuery("DeletePortalPermissionsByPortalID", portalId); + } + + public virtual void DeletePortalPermissionsByUserID(int portalId, int userId) + { + this.ExecuteNonQuery("DeletePortalPermissionsByUserID", portalId, userId); } public virtual void DeleteFolderPermission(int folderPermissionId) diff --git a/DNN Platform/Library/DotNetNuke.Library.csproj b/DNN Platform/Library/DotNetNuke.Library.csproj index af36fccf982..2db12df095e 100644 --- a/DNN Platform/Library/DotNetNuke.Library.csproj +++ b/DNN Platform/Library/DotNetNuke.Library.csproj @@ -681,8 +681,12 @@ + + + + diff --git a/DNN Platform/Library/Entities/Portals/PortalInfo.cs b/DNN Platform/Library/Entities/Portals/PortalInfo.cs index bc95fd9112a..a1da9cac9c9 100644 --- a/DNN Platform/Library/Entities/Portals/PortalInfo.cs +++ b/DNN Platform/Library/Entities/Portals/PortalInfo.cs @@ -14,6 +14,7 @@ namespace DotNetNuke.Entities.Portals using DotNetNuke.Entities.Modules; using DotNetNuke.Entities.Tabs; using DotNetNuke.Entities.Users; + using DotNetNuke.Security.Permissions; using DotNetNuke.Security.Roles; /// @@ -55,6 +56,7 @@ public class PortalInfo : BaseEntityInfo, IHydratable, IPortalInfo private string _administratorRoleName; private int _pages = Null.NullInteger; private string _registeredRoleName; + private PortalPermissionCollection permissions; private int _users; @@ -226,6 +228,17 @@ public int PortalID set => this.ThisAsInterface.PortalId = value; } + /// Gets the permissions collection for the portal. + [XmlArray("portalpermissions")] + [XmlArrayItem("permission")] + public PortalPermissionCollection PortalPermissions + { + get + { + return this.permissions ?? (this.permissions = new PortalPermissionCollection(PortalPermissionController.GetPortalPermissions(this.ThisAsInterface.PortalId))); + } + } + /// int IPortalInfo.PortalGroupId { get; set; } diff --git a/DNN Platform/Library/Obsolete/EventLogController.cs b/DNN Platform/Library/Obsolete/EventLogController.cs index 19aed9d5f45..b172b5b0099 100644 --- a/DNN Platform/Library/Obsolete/EventLogController.cs +++ b/DNN Platform/Library/Obsolete/EventLogController.cs @@ -181,7 +181,10 @@ public enum EventLogType WEBSERVER_DISABLED = 150, WEBSERVER_ENABLED = 151, WEBSERVER_PINGFAILED = 152, - FOLDER_MOVED = 153, + FOLDER_MOVED = 153, + PORTALPERMISSION_DELETED = 154, + PORTALPERMISSION_CREATED = 155, + PORTALPERMISSION_UPDATED = 156, } [Obsolete("Deprecated in 9.8.0. Use Dependency Injection to resolve 'DotNetNuke.Abstractions.Logging.IEventLogger' instead. Scheduled for removal in v11.0.0.")] diff --git a/DNN Platform/Library/Security/Permissions/ComparePortalPermissions.cs b/DNN Platform/Library/Security/Permissions/ComparePortalPermissions.cs new file mode 100644 index 00000000000..eb2c6fecedf --- /dev/null +++ b/DNN Platform/Library/Security/Permissions/ComparePortalPermissions.cs @@ -0,0 +1,26 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information +namespace DotNetNuke.Security.Permissions +{ + using System.Collections; + + /// ----------------------------------------------------------------------------- + /// Project : DotNetNuke + /// Namespace: DotNetNuke.Security.Permissions + /// Class : ComparePortalPermissions + /// ----------------------------------------------------------------------------- + /// + /// ComparePortalPermissions provides the a custom IComparer implementation for + /// PortalPermissionInfo objects. + /// + /// ----------------------------------------------------------------------------- + internal class ComparePortalPermissions : IComparer + { + /// + public int Compare(object x, object y) + { + return ((PortalPermissionInfo)x).PortalPermissionID.CompareTo(((PortalPermissionInfo)y).PortalPermissionID); + } + } +} diff --git a/DNN Platform/Library/Security/Permissions/PermissionProvider.cs b/DNN Platform/Library/Security/Permissions/PermissionProvider.cs index 34f530af235..ccb6fd853f2 100644 --- a/DNN Platform/Library/Security/Permissions/PermissionProvider.cs +++ b/DNN Platform/Library/Security/Permissions/PermissionProvider.cs @@ -1,6 +1,10 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information + +using System.Linq; +using DotNetNuke.Abstractions.Portals; + namespace DotNetNuke.Security.Permissions { using System; @@ -53,7 +57,12 @@ public class PermissionProvider private const string ImportPagePermissionKey = "EDIT"; private const string ManagePagePermissionKey = "EDIT"; private const string NavigatePagePermissionKey = "VIEW"; - private const string ViewPagePermissionKey = "VIEW"; + private const string ViewPagePermissionKey = "VIEW"; + + // Portal Permission Keys + private const string TopPagePermissionKey = "ADDTOPLEVELPAGE"; + private const string PageAdminPermissionKey = "PAGEADMIN"; + private static SharedDictionary _cacheDependencyDict = new SharedDictionary(); private readonly DataProvider dataProvider = DataProvider.Instance(); @@ -377,7 +386,17 @@ private bool HasPagePermission(TabInfo tab, string permissionKey) { return (PortalSecurity.IsInRoles(tab.TabPermissions.ToString(permissionKey)) || PortalSecurity.IsInRoles(tab.TabPermissions.ToString(AdminPagePermissionKey))) - && !PortalSecurity.IsDenied(tab.TabPermissions.ToString(permissionKey)); + && !PortalSecurity.IsDenied(tab.TabPermissions.ToString(permissionKey)); + + // Deny on Edit permission on page shouldn't take away any other explicitly Allowed + // &&!PortalSecurity.IsDenied(tab.TabPermissions.ToString(AdminPagePermissionKey)); + } + + private bool HasSitePermission(PortalInfo portal, string permissionKey) + { + return (PortalSecurity.IsInRoles(portal.PortalPermissions.ToString(permissionKey)) + || PortalSecurity.IsInRoles(portal.PortalPermissions.ToString(AdminPagePermissionKey))) + && !PortalSecurity.IsDenied(portal.PortalPermissions.ToString(permissionKey)); // Deny on Edit permission on page shouldn't take away any other explicitly Allowed // &&!PortalSecurity.IsDenied(tab.TabPermissions.ToString(AdminPagePermissionKey)); @@ -1014,7 +1033,7 @@ public virtual IEnumerable ImplicitRolesForFolders(int portalId) /// A flag indicating whether the user has permission. public virtual bool CanAddContentToPage(TabInfo tab) { - return this.HasPagePermission(tab, ContentPagePermissionKey); + return this.HasPagePermission(tab, ContentPagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1024,7 +1043,7 @@ public virtual bool CanAddContentToPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanAddPage(TabInfo tab) { - return this.HasPagePermission(tab, AddPagePermissionKey); + return this.HasPagePermission(tab, AddPagePermissionKey) || (tab.TabID == Null.NullInteger && this.CanAddTopLevel(tab.PortalID)) || this.IsPageAdmin(tab.PortalID); } /// @@ -1034,7 +1053,7 @@ public virtual bool CanAddPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanAdminPage(TabInfo tab) { - return PortalSecurity.IsInRoles(tab.TabPermissions.ToString(AdminPagePermissionKey)); + return PortalSecurity.IsInRoles(tab.TabPermissions.ToString(AdminPagePermissionKey)) || this.IsPageAdmin(tab.PortalID); } /// @@ -1044,7 +1063,7 @@ public virtual bool CanAdminPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanCopyPage(TabInfo tab) { - return this.HasPagePermission(tab, CopyPagePermissionKey); + return this.HasPagePermission(tab, CopyPagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1054,7 +1073,7 @@ public virtual bool CanCopyPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanDeletePage(TabInfo tab) { - return this.HasPagePermission(tab, DeletePagePermissionKey); + return this.HasPagePermission(tab, DeletePagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1064,7 +1083,7 @@ public virtual bool CanDeletePage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanExportPage(TabInfo tab) { - return this.HasPagePermission(tab, ExportPagePermissionKey); + return this.HasPagePermission(tab, ExportPagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1074,7 +1093,7 @@ public virtual bool CanExportPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanImportPage(TabInfo tab) { - return this.HasPagePermission(tab, ImportPagePermissionKey); + return this.HasPagePermission(tab, ImportPagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1084,7 +1103,7 @@ public virtual bool CanImportPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanManagePage(TabInfo tab) { - return this.HasPagePermission(tab, ManagePagePermissionKey); + return this.HasPagePermission(tab, ManagePagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1094,7 +1113,7 @@ public virtual bool CanManagePage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanNavigateToPage(TabInfo tab) { - return this.HasPagePermission(tab, NavigatePagePermissionKey) || this.HasPagePermission(tab, ViewPagePermissionKey); + return this.HasPagePermission(tab, NavigatePagePermissionKey) || this.HasPagePermission(tab, ViewPagePermissionKey) || this.IsPageAdmin(tab.PortalID); } /// @@ -1104,7 +1123,39 @@ public virtual bool CanNavigateToPage(TabInfo tab) /// A flag indicating whether the user has permission. public virtual bool CanViewPage(TabInfo tab) { - return this.HasPagePermission(tab, ViewPagePermissionKey); + return this.HasPagePermission(tab, ViewPagePermissionKey) || this.IsPageAdmin(tab.PortalID); + } + + /// + /// Returns a flag indicating whether the current user can add top level pages. + /// + /// The id of the portal. + /// A flag indicating whether the user has permission. + public virtual bool CanAddTopLevel(int portalId) + { + var portal = PortalController.Instance.GetPortal(portalId); + if (portal == null) + { + return false; + } + + return this.HasPortalPermission(portal.PortalPermissions, TopPagePermissionKey); + } + + /// + /// Returns a flag indicating whether the current user is a page admin. + /// + /// The id of the portal. + /// A flag indicating whether the user has permission. + public virtual bool IsPageAdmin(int portalId) + { + var portal = PortalController.Instance.GetPortal(portalId); + if (portal == null) + { + return false; + } + + return this.HasPortalPermission(portal.PortalPermissions, PageAdminPermissionKey); } /// ----------------------------------------------------------------------------- @@ -1263,5 +1314,172 @@ public virtual bool HasDesktopModulePermission(DesktopModulePermissionCollection { return PortalSecurity.IsInRoles(desktopModulePermissions.ToString(permissionKey)); } + + /// ----------------------------------------------------------------------------- + /// + /// DeletePortalPermissionsByUser deletes a user's Portal Permissions in the Database. + /// + /// The user. + /// ----------------------------------------------------------------------------- + public virtual void DeletePortalPermissionsByUser(UserInfo user) + { + this.dataProvider.DeletePortalPermissionsByUserID(user.PortalID, user.UserID); + DataCache.ClearPortalPermissionsCache(user.PortalID); + } + + /// ----------------------------------------------------------------------------- + /// + /// GetPortalPermissions gets a PortalPermissionCollection. + /// + /// The ID of the portal. + /// The ID of the portal. + /// + /// ----------------------------------------------------------------------------- + public virtual PortalPermissionCollection GetPortalPermissions(int portalId) + { + // Get the Portal PortalPermission Dictionary + var dicPortalPermissions = this.GetPortalPermissionsDic(portalId); + + // Get the Collection from the Dictionary + var bFound = dicPortalPermissions.TryGetValue(portalId, out PortalPermissionCollection portalPermissions); + if (!bFound) + { + // Return empty collection + portalPermissions = new PortalPermissionCollection(); + } + + return portalPermissions; + } + + /// ----------------------------------------------------------------------------- + /// + /// GetPortalPermissions gets a Dictionary of PortalPermissionCollections by + /// PortalId. + /// + /// The ID of the portal. + /// ----------------------------------------------------------------------------- + private Dictionary GetPortalPermissionsDic(int portalID) + { + string cacheKey = string.Format(DataCache.PortalPermissionCacheKey, portalID); + return CBO.GetCachedObject>( + new CacheItemArgs(cacheKey, DataCache.PortalPermissionCacheTimeOut, DataCache.PortalPermissionCachePriority, portalID), + this.GetPortalPermissionsCallBack); + } + + /// ----------------------------------------------------------------------------- + /// + /// GetPortalPermissionsCallBack gets a Dictionary of PortalPermissionCollections. + /// + /// The CacheItemArgs object that contains the parameters + /// needed for the database call. + /// ----------------------------------------------------------------------------- + private object GetPortalPermissionsCallBack(CacheItemArgs cacheItemArgs) + { + var portalID = (int)cacheItemArgs.ParamList[0]; + var dic = new Dictionary(); + + if (portalID > -1) + { + var dr = this.dataProvider.GetPortalPermissionsByPortal(portalID); + try + { + while (dr.Read()) + { + // fill business object + var portalPermissionInfo = CBO.FillObject(dr, false); + + // add Portal Permission to dictionary + if (dic.ContainsKey(portalPermissionInfo.PortalID)) + { + // Add TabPermission to TabPermission Collection already in dictionary for TabId + dic[portalPermissionInfo.PortalID].Add(portalPermissionInfo); + } + else + { + // Create new PortalPermission Collection for PortalId + var collection = new PortalPermissionCollection { portalPermissionInfo }; + + // Add Collection to Dictionary + dic.Add(portalPermissionInfo.PortalID, collection); + } + } + } + catch (Exception exc) + { + Exceptions.LogException(exc); + } + finally + { + // close datareader + CBO.CloseDataReader(dr, true); + } + } + + return dic; + } + + /// ----------------------------------------------------------------------------- + /// + /// HasPortalPermission checks whether the current user has a specific Portal Permission. + /// + /// The Permissions for the Portal. + /// The Permission to check. + /// + /// ----------------------------------------------------------------------------- + public virtual bool HasPortalPermission(PortalPermissionCollection portalPermissions, string permissionKey) + { + bool hasPermission = false; + if (permissionKey.Contains(",")) + { + if (permissionKey.Split(',').Any(permission => PortalSecurity.IsInRoles(portalPermissions.ToString(permission)))) + { + hasPermission = true; + } + } + else + { + hasPermission = PortalSecurity.IsInRoles(portalPermissions.ToString(permissionKey)); + } + + return hasPermission; + } + + /// ----------------------------------------------------------------------------- + /// + /// SavePortalPermissions saves a Portal's permissions. + /// + /// The Portal to update. + /// ----------------------------------------------------------------------------- + public virtual void SavePortalPermissions(PortalInfo portal) + { + var objCurrentPortalPermissions = this.GetPortalPermissions(portal.PortalID); + if (!objCurrentPortalPermissions.CompareTo(portal.PortalPermissions)) + { + var portalSettings = PortalController.Instance.GetCurrentPortalSettings(); + var userId = UserController.Instance.GetCurrentUserInfo().UserID; + + if (objCurrentPortalPermissions.Count > 0) + { + this.dataProvider.DeletePortalPermissionsByPortalID(portal.PortalID); + EventLogController.Instance.AddLog(portal, portalSettings, userId, string.Empty, EventLogController.EventLogType.PORTALPERMISSION_DELETED); + } + + if (portal.PortalPermissions != null && portal.PortalPermissions.Count > 0) + { + foreach (PortalPermissionInfo objPortalPermission in portal.PortalPermissions) + { + objPortalPermission.PortalPermissionID = this.dataProvider.AddPortalPermission( + portal.PortalID, + objPortalPermission.PermissionID, + objPortalPermission.RoleID, + objPortalPermission.AllowAccess, + objPortalPermission.UserID, + userId); + } + + EventLogController.Instance.AddLog(portal, portalSettings, userId, string.Empty, EventLogController.EventLogType.PORTALPERMISSION_CREATED); + } + } + } } } diff --git a/DNN Platform/Library/Security/Permissions/PortalPermissionCollection.cs b/DNN Platform/Library/Security/Permissions/PortalPermissionCollection.cs new file mode 100644 index 00000000000..103ec8ef7ed --- /dev/null +++ b/DNN Platform/Library/Security/Permissions/PortalPermissionCollection.cs @@ -0,0 +1,217 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information +namespace DotNetNuke.Security.Permissions +{ + using System; + using System.Collections; + using System.Collections.Generic; + using System.Linq; + using System.Xml.Serialization; + + using DotNetNuke.Common.Utilities; + + /// ----------------------------------------------------------------------------- + /// Project : DotNetNuke + /// Namespace: DotNetNuke.Security.Permissions + /// Class : PortalPermissionCollection + /// ----------------------------------------------------------------------------- + /// + /// PortalPermissionCollection provides the a custom collection for PortalPermissionInfo + /// objects. + /// + /// ----------------------------------------------------------------------------- + [Serializable] + [XmlRoot("portalpermissions")] + public class PortalPermissionCollection : CollectionBase + { + /// + /// Initializes a new instance of the class. + /// + public PortalPermissionCollection() + { + } + + /// + /// Initializes a new instance of the class. + /// + /// + public PortalPermissionCollection(ArrayList portalPermissions) + { + this.AddRange(portalPermissions); + } + + /// + /// Initializes a new instance of the class. + /// + /// + public PortalPermissionCollection(PortalPermissionCollection portalPermissions) + { + this.AddRange(portalPermissions); + } + + /// + /// Initializes a new instance of the class. + /// + /// + /// + public PortalPermissionCollection(ArrayList portalPermissions, int PortalId) + { + foreach (PortalPermissionInfo permission in portalPermissions) + { + if (permission.PortalID == PortalId) + { + this.Add(permission); + } + } + } + + public PortalPermissionInfo this[int index] + { + get + { + return (PortalPermissionInfo)this.List[index]; + } + + set + { + this.List[index] = value; + } + } + + public int Add(PortalPermissionInfo value) + { + return this.List.Add(value); + } + + public int Add(PortalPermissionInfo value, bool checkForDuplicates) + { + int id = Null.NullInteger; + + if (!checkForDuplicates) + { + id = this.Add(value); + } + else + { + bool isMatch = false; + foreach (PermissionInfoBase permission in this.List) + { + if (permission.PermissionID == value.PermissionID && permission.UserID == value.UserID && permission.RoleID == value.RoleID) + { + isMatch = true; + break; + } + } + + if (!isMatch) + { + id = this.Add(value); + } + } + + return id; + } + + public void AddRange(ArrayList portalPermissions) + { + foreach (PortalPermissionInfo permission in portalPermissions) + { + this.Add(permission); + } + } + + public void AddRange(IEnumerable portalPermissions) + { + foreach (PortalPermissionInfo permission in portalPermissions) + { + this.Add(permission); + } + } + + public void AddRange(PortalPermissionCollection portalPermissions) + { + foreach (PortalPermissionInfo permission in portalPermissions) + { + this.Add(permission); + } + } + + public bool CompareTo(PortalPermissionCollection objPortalPermissionCollection) + { + if (objPortalPermissionCollection.Count != this.Count) + { + return false; + } + + this.InnerList.Sort(new ComparePortalPermissions()); + objPortalPermissionCollection.InnerList.Sort(new ComparePortalPermissions()); + for (int i = 0; i <= this.Count - 1; i++) + { + if (objPortalPermissionCollection[i].PortalPermissionID != this[i].PortalPermissionID + || objPortalPermissionCollection[i].PermissionID != this[i].PermissionID + || objPortalPermissionCollection[i].RoleID != this[i].RoleID + || objPortalPermissionCollection[i].UserID != this[i].UserID + || objPortalPermissionCollection[i].AllowAccess != this[i].AllowAccess) + { + return false; + } + } + + return true; + } + + public bool Contains(PortalPermissionInfo value) + { + return this.List.Contains(value); + } + + public int IndexOf(PortalPermissionInfo value) + { + return this.List.IndexOf(value); + } + + public void Insert(int index, PortalPermissionInfo value) + { + this.List.Insert(index, value); + } + + public void Remove(PortalPermissionInfo value) + { + this.List.Remove(value); + } + + public void Remove(int permissionID, int roleID, int userID) + { + foreach (PermissionInfoBase permission in this.List) + { + if (permission.PermissionID == permissionID && permission.UserID == userID && permission.RoleID == roleID) + { + this.List.Remove(permission); + break; + } + } + } + + public List ToList() + { + var list = new List(); + foreach (PermissionInfoBase permission in this.List) + { + list.Add(permission); + } + + return list; + } + + public string ToString(string key) + { + return PermissionController.BuildPermissions(this.List, key); + } + + public IEnumerable Where(Func predicate) + { + return this.Cast().Where(predicate); + } + } +} diff --git a/DNN Platform/Library/Security/Permissions/PortalPermissionController.cs b/DNN Platform/Library/Security/Permissions/PortalPermissionController.cs new file mode 100644 index 00000000000..c7c7b299f62 --- /dev/null +++ b/DNN Platform/Library/Security/Permissions/PortalPermissionController.cs @@ -0,0 +1,141 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information + +using System; + +namespace DotNetNuke.Security.Permissions +{ + using System.Collections.Generic; + + using DotNetNuke.Common.Utilities; + using DotNetNuke.Entities.Portals; + using DotNetNuke.Entities.Users; + using DotNetNuke.Security.Roles; + using DotNetNuke.Services.Log.EventLog; + + /// ----------------------------------------------------------------------------- + /// Project : DotNetNuke + /// Namespace: DotNetNuke.Security.Permissions + /// Class : PortalPermissionController + /// ----------------------------------------------------------------------------- + /// + /// PortalPermissionController provides the Business Layer for Portal Permissions. + /// + /// ----------------------------------------------------------------------------- + public class PortalPermissionController + { + private static readonly PermissionProvider _provider = PermissionProvider.Instance(); + + /// + /// Returns a flag indicating whether the current user can add top level pages on the current portal. + /// + /// A flag indicating whether the user has permission. + public static bool CanAddTopLevel() + { + return CanAddTopLevel(PortalController.Instance.GetCurrentSettings().PortalId); + } + + /// + /// Returns a flag indicating whether the current user can add top level pages on a portal. + /// + /// The portal id. + /// A flag indicating whether the user has permission. + public static bool CanAddTopLevel(int portalId) + { + return _provider.CanAddTopLevel(portalId); + } + + /// + /// Returns a flag indicating whether the current user is a page admin for the current portal. + /// + /// A flag indicating whether the user has permission. + public static bool CanAdminPages() + { + return CanAdminPages(PortalController.Instance.GetCurrentSettings().PortalId); + } + + /// + /// Returns a flag indicating whether the current user is a page admin for a portal. + /// + /// The portal id. + /// A flag indicating whether the user has permission. + public static bool CanAdminPages(int portalId) + { + return _provider.IsPageAdmin(portalId); + } + + /// ----------------------------------------------------------------------------- + /// + /// DeletePortalPermissionsByUser deletes a user's Portal Permissions in the Database. + /// + /// The user. + /// ----------------------------------------------------------------------------- + public static void DeletePortalPermissionsByUser(UserInfo user) + { + _provider.DeletePortalPermissionsByUser(user); + EventLogController.Instance.AddLog(user, PortalController.Instance.GetCurrentPortalSettings(), UserController.Instance.GetCurrentUserInfo().UserID, string.Empty, EventLogController.EventLogType.PORTALPERMISSION_DELETED); + DataCache.ClearPortalPermissionsCache(user.PortalID); + } + + /// ----------------------------------------------------------------------------- + /// + /// GetPortalPermissions gets a PortalPermissionCollection. + /// + /// The ID of the portal. + /// + /// ----------------------------------------------------------------------------- + public static PortalPermissionCollection GetPortalPermissions(int portalId) + { + return _provider.GetPortalPermissions(portalId); + } + + /// ----------------------------------------------------------------------------- + /// + /// HasPortalPermission checks whether the current user has a specific Portal Permission. + /// + /// If you pass in a comma delimited list of permissions (eg "ADD,DELETE", this will return + /// true if the user has any one of the permissions. + /// The Permission to check. + /// + /// ----------------------------------------------------------------------------- + public static bool HasPortalPermission(string permissionKey) + { + return HasPortalPermission(PortalController.Instance.GetPortal(PortalController.Instance.GetCurrentSettings().PortalId).PortalPermissions, permissionKey); + } + + /// ----------------------------------------------------------------------------- + /// + /// HasPortalPermission checks whether the current user has a specific Portal Permission. + /// + /// If you pass in a comma delimited list of permissions (eg "ADD,DELETE", this will return + /// true if the user has any one of the permissions. + /// The Permissions for the Portal. + /// The Permission(s) to check. + /// + /// ----------------------------------------------------------------------------- + public static bool HasPortalPermission(PortalPermissionCollection portalPermissions, string permissionKey) + { + return _provider.HasPortalPermission(portalPermissions, permissionKey); + } + + /// ----------------------------------------------------------------------------- + /// + /// SavePortalPermissions saves a Portal's permissions. + /// + /// The Portal to update. + /// ----------------------------------------------------------------------------- + public static void SavePortalPermissions(PortalInfo portal) + { + _provider.SavePortalPermissions(portal); + EventLogController.Instance.AddLog(portal, PortalController.Instance.GetCurrentPortalSettings(), UserController.Instance.GetCurrentUserInfo().UserID, string.Empty, EventLogController.EventLogType.PORTALPERMISSION_UPDATED); + DataCache.ClearPortalPermissionsCache(portal.PortalID); + } + + private static void ClearPermissionCache(int portalId) + { + var objPortal = PortalController.Instance.GetPortal(portalId); + DataCache.ClearPortalPermissionsCache(objPortal.PortalID); + } + } +} diff --git a/DNN Platform/Library/Security/Permissions/PortalPermissionInfo.cs b/DNN Platform/Library/Security/Permissions/PortalPermissionInfo.cs new file mode 100644 index 00000000000..cf5a703184b --- /dev/null +++ b/DNN Platform/Library/Security/Permissions/PortalPermissionInfo.cs @@ -0,0 +1,134 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information +namespace DotNetNuke.Security.Permissions +{ + using System; + using System.Data; + using System.Xml.Serialization; + + using DotNetNuke.Common.Utilities; + using DotNetNuke.Entities.Modules; + + /// ----------------------------------------------------------------------------- + /// Project : DotNetNuke + /// Namespace: DotNetNuke.Security.Permissions + /// Class : PortalPermissionInfo + /// ----------------------------------------------------------------------------- + /// + /// PortalPermissionInfo provides the Entity Layer for Portal Permissions. + /// + /// ----------------------------------------------------------------------------- + [Serializable] + [XmlRoot("permission")] + public class PortalPermissionInfo : PermissionInfoBase, IHydratable + { + private int _PortalID; + + // local property declarations + private int _PortalPermissionID; + + /// ----------------------------------------------------------------------------- + /// + /// Initializes a new instance of the class. + /// Constructs a new PortalPermissionInfo. + /// + /// ----------------------------------------------------------------------------- + public PortalPermissionInfo() + { + this._PortalPermissionID = Null.NullInteger; + this._PortalID = Null.NullInteger; + } + + /// ----------------------------------------------------------------------------- + /// + /// Initializes a new instance of the class. + /// Constructs a new PortalPermissionInfo. + /// + /// A PermissionInfo object. + /// ----------------------------------------------------------------------------- + public PortalPermissionInfo(PermissionInfo permission) + : this() + { + this.ModuleDefID = permission.ModuleDefID; + this.PermissionCode = permission.PermissionCode; + this.PermissionID = permission.PermissionID; + this.PermissionKey = permission.PermissionKey; + this.PermissionName = permission.PermissionName; + } + + /// ----------------------------------------------------------------------------- + /// + /// Gets or sets and sets the Portal Permission ID. + /// + /// An Integer. + /// ----------------------------------------------------------------------------- + [XmlElement("portalpermissionid")] + public int PortalPermissionID + { + get + { + return this._PortalPermissionID; + } + + set + { + this._PortalPermissionID = value; + } + } + + /// ----------------------------------------------------------------------------- + /// + /// Gets or sets the Portal ID. + /// + /// An Integer. + /// ----------------------------------------------------------------------------- + [XmlElement("portalid")] + public int PortalID + { + get + { + return this._PortalID; + } + + set + { + this._PortalID = value; + } + } + + /// ----------------------------------------------------------------------------- + /// + /// Gets or sets the Key ID. + /// + /// An Integer. + /// ----------------------------------------------------------------------------- + [XmlIgnore] + public int KeyID + { + get + { + return this.PortalPermissionID; + } + + set + { + this.PortalPermissionID = value; + } + } + + /// ----------------------------------------------------------------------------- + /// + /// Fills a PortalPermissionInfo from a Data Reader. + /// + /// The Data Reader to use. + /// ----------------------------------------------------------------------------- + public void Fill(IDataReader dr) + { + // Call the base classes fill method to populate base class properties + this.FillInternal(dr); + this.PortalPermissionID = Null.SetNullInteger(dr["PortalPermissionID"]); + this.PortalID = Null.SetNullInteger(dr["PortalID"]); + } + } +} diff --git a/DNN Platform/Library/Security/Permissions/TabPermissionInfo.cs b/DNN Platform/Library/Security/Permissions/TabPermissionInfo.cs index 14cb7854352..3135ce6cf46 100644 --- a/DNN Platform/Library/Security/Permissions/TabPermissionInfo.cs +++ b/DNN Platform/Library/Security/Permissions/TabPermissionInfo.cs @@ -125,7 +125,7 @@ public int KeyID /// ----------------------------------------------------------------------------- public void Fill(IDataReader dr) { - // Call the base classes fill method to ppoulate base class proeprties + // Call the base classes fill method to populate base class properties this.FillInternal(dr); this.TabPermissionID = Null.SetNullInteger(dr["TabPermissionID"]); this.TabID = Null.SetNullInteger(dr["TabID"]); diff --git a/DNN Platform/Library/Security/PortalSecurity.cs b/DNN Platform/Library/Security/PortalSecurity.cs index d695f39ca4d..f0f9e966716 100644 --- a/DNN Platform/Library/Security/PortalSecurity.cs +++ b/DNN Platform/Library/Security/PortalSecurity.cs @@ -819,7 +819,9 @@ private static void ProcessSecurityRole(UserInfo user, PortalSettings settings, } } } - else // Grant permission + + // Grant permission + else { if (roleName == Globals.glbRoleAllUsersName || user.IsInRole(roleName)) { diff --git a/DNN Platform/Website/DotNetNuke.Website.csproj b/DNN Platform/Website/DotNetNuke.Website.csproj index a70f0113283..5388598e0d8 100644 --- a/DNN Platform/Website/DotNetNuke.Website.csproj +++ b/DNN Platform/Website/DotNetNuke.Website.csproj @@ -3364,6 +3364,7 @@ + diff --git a/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/09.11.00.SqlDataProvider b/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/09.11.00.SqlDataProvider new file mode 100644 index 00000000000..fe68bb8de9e --- /dev/null +++ b/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/09.11.00.SqlDataProvider @@ -0,0 +1,192 @@ + +IF NOT EXISTS (SELECT * FROM dbo.sysobjects WHERE id = object_id(N'{databaseOwner}{objectQualifier}PortalPermission') AND OBJECTPROPERTY(id, N'IsTable') = 1) +BEGIN + CREATE TABLE {databaseOwner}[{objectQualifier}PortalPermission]( + [PortalPermissionId] [INT] IDENTITY(1,1) NOT NULL, + [PortalId] [INT] NULL, + [PermissionId] [INT] NOT NULL, + [AllowAccess] [BIT] NOT NULL, + [RoleID] [INT] NULL, + [UserID] [INT] NULL, + [CreatedByUserID] [INT] NULL, + [CreatedOnDate] [DATETIME] NULL, + [LastModifiedByUserID] [INT] NULL, + [LastModifiedOnDate] [DATETIME] NULL, + CONSTRAINT [PK_{objectQualifier}PortalPermission] PRIMARY KEY CLUSTERED ([PortalPermissionId] ASC), + CONSTRAINT [FK_{objectQualifier}PortalPermission_PortalId] FOREIGN KEY([PortalId]) REFERENCES {databaseOwner}[{objectQualifier}Portals] ([PortalId]), + CONSTRAINT [FK_{objectQualifier}PortalPermission_PermissionId] FOREIGN KEY([PermissionId]) REFERENCES {databaseOwner}[{objectQualifier}Permission] ([PermissionId]), + CONSTRAINT [FK_{objectQualifier}PortalPermission_RoleId] FOREIGN KEY([RoleId]) REFERENCES {databaseOwner}[{objectQualifier}Roles] ([RoleId]), + CONSTRAINT [FK_{objectQualifier}PortalPermission_UserId] FOREIGN KEY([UserId]) REFERENCES {databaseOwner}[{objectQualifier}Users] ([UserId]) + ) +END +GO + +CREATE UNIQUE NONCLUSTERED INDEX [IX_{objectQualifier}PortalPermission_Roles] ON {databaseOwner}[{objectQualifier}PortalPermission] ([RoleID] ASC,[PortalID] ASC,[PermissionID] ASC) INCLUDE([AllowAccess]) WHERE ([RoleID] IS NOT NULL) +CREATE UNIQUE NONCLUSTERED INDEX [IX_{objectQualifier}PortalPermission_Users] ON {databaseOwner}[{objectQualifier}PortalPermission] ([UserID] ASC,[PortalID] ASC,[PermissionID] ASC) INCLUDE([AllowAccess]) WHERE ([UserID] IS NOT NULL) +CREATE UNIQUE NONCLUSTERED INDEX [IX_{objectQualifier}PortalPermission_Portals] ON {databaseOwner}[{objectQualifier}PortalPermission] ([PortalID] ASC,[PermissionID] ASC, [RoleID] ASC, [UserID] ASC) INCLUDE([AllowAccess]) +CREATE NONCLUSTERED INDEX [IX_{objectQualifier}PortalPermission_Permission] ON {databaseOwner}[{objectQualifier}PortalPermission] ([PermissionID] ASC) + +GO + +CREATE VIEW [dbo].[vw_PortalPermissions] +AS +SELECT PP.PortalPermissionID, + PP.PortalId, + P.PermissionID, + PP.RoleID, + R.RoleName, + PP.AllowAccess, + PP.UserID, + U.Username, + U.DisplayName, + P.PermissionCode, + P.ModuleDefID, + P.PermissionKey, + P.PermissionName, + PP.CreatedByUserID, + PP.CreatedOnDate, + PP.LastModifiedByUserID, + PP.LastModifiedOnDate +FROM dbo.[PortalPermission] AS PP + INNER JOIN dbo.[Permission] AS P ON PP.PermissionID = P.PermissionID + LEFT JOIN dbo.[Roles] AS R ON PP.RoleID = R.RoleID + LEFT JOIN dbo.[Users] AS U ON PP.UserID = U.UserID +GO + +IF EXISTS (SELECT * FROM dbo.sysobjects where id = object_id(N'{databaseOwner}{objectQualifier}GetPortalPermission') and OBJECTPROPERTY(id, N'IsProcedure') = 1) + DROP PROCEDURE {databaseOwner}{objectQualifier}GetPortalPermission +GO + +CREATE PROCEDURE {databaseOwner}[{objectQualifier}GetPortalPermission] + + @PortalPermissionId INT + +AS +SELECT * +FROM {databaseOwner}{objectQualifier}vw_PortalPermissions +WHERE PortalPermissionId = @PortalPermissionId + +GO + +IF EXISTS (SELECT * FROM dbo.sysobjects WHERE id = object_id(N'{databaseOwner}[{objectQualifier}GetPortalPermissionsByPortal]') AND OBJECTPROPERTY(id, N'IsPROCEDURE') = 1) + DROP PROCEDURE {databaseOwner}{objectQualifier}GetPortalPermissionsByPortal +GO + +CREATE procedure {databaseOwner}{objectQualifier}GetPortalPermissionsByPortal + + @PortalID int + +AS + + IF @PortalID is not null + BEGIN + SELECT * + FROM {databaseOwner}{objectQualifier}vw_PortalPermissions + WHERE PortalID = @PortalID + END + ELSE + BEGIN + SELECT * + FROM {databaseOwner}{objectQualifier}vw_PortalPermissions + WHERE PortalID IS NULL + END +GO + +IF EXISTS (SELECT * FROM dbo.sysobjects where id = object_id(N'{databaseOwner}{objectQualifier}SavePortalPermission') and OBJECTPROPERTY(id, N'IsProcedure') = 1) + DROP PROCEDURE {databaseOwner}{objectQualifier}SavePortalPermission +GO + +CREATE PROCEDURE {databaseOwner}{objectQualifier}SavePortalPermission + @PortalId INT, + @PermissionKey VARCHAR(50), + @RoleId INT, + @UserId INT, + @AllowAccess BIT, + @CurrentUserId INT +AS + DECLARE @PortalPermissionId INT; + SELECT @PortalPermissionId = PortalPermissionId FROM {databaseOwner}[{objectQualifier}vw_PortalPermissions] + WHERE ((@PortalId IS NULL AND PortalId IS NULL) OR PortalId = @PortalId) AND PermissionKey = @PermissionKey AND ((@RoleId IS NULL AND RoleId IS NULL) OR RoleId = @RoleId) AND ((@UserId IS NULL AND UserId IS NULL) OR UserId = @UserId) + IF (@PortalPermissionId IS NOT NULL) + BEGIN + UPDATE {databaseOwner}[{objectQualifier}PortalPermission] SET + [AllowAccess] = @AllowAccess, + [LastModifiedByUserID] = @CurrentUserId, + [LastModifiedOnDate] = GETDATE() + WHERE ((@PortalId IS NULL AND PortalId IS NULL) OR PortalId = @PortalId) AND PortalPermissionId = @PortalPermissionId AND ((@RoleId IS NULL AND RoleId IS NULL) OR RoleId = @RoleId) AND ((@UserId IS NULL AND UserId IS NULL) OR UserId = @UserId) + + SELECT PortalPermissionId FROM {databaseOwner}[{objectQualifier}PortalPermission] + WHERE ((@PortalId IS NULL AND PortalId IS NULL) OR PortalId = @PortalId) AND PortalPermissionId = @PortalPermissionId AND ((@RoleId IS NULL AND RoleId IS NULL) OR RoleId = @RoleId) AND ((@UserId IS NULL AND UserId IS NULL) OR UserId = @UserId) + END + ELSE + BEGIN + DECLARE @PermissionId INT; + SELECT @PermissionId = PermissionId FROM {databaseOwner}[{objectQualifier}Permission] + WHERE PermissionKey = @PermissionKey + IF (@PermissionId IS NOT NULL) + BEGIN + INSERT INTO {databaseOwner}[{objectQualifier}PortalPermission] ( + [PortalId], + [PermissionId], + [AllowAccess], + [RoleId], + [UserId], + [CreatedByUserID], + [CreatedOnDate], + [LastModifiedByUserID], + [LastModifiedOnDate] + ) VALUES ( + @PortalId, + @PermissionId, + @AllowAccess, + @RoleId, + @UserId, + @CurrentUserId, + GETDATE(), + @CurrentUserId, + GETDATE() + ) + + SELECT SCOPE_IDENTITY() + END + END +GO + +IF EXISTS (SELECT * FROM dbo.sysobjects where id = object_id(N'{databaseOwner}{objectQualifier}DeletePortalPermission') and OBJECTPROPERTY(id, N'IsProcedure') = 1) + DROP PROCEDURE {databaseOwner}{objectQualifier}DeletePortalPermission +GO + +CREATE PROCEDURE {databaseOwner}[{objectQualifier}DeletePortalPermission] + @PortalPermissionId INT +AS + DELETE FROM {databaseOwner}[{objectQualifier}PortalPermission] + WHERE PortalPermissionId = @PortalPermissionId +GO + +IF EXISTS (SELECT * FROM dbo.sysobjects where id = object_id(N'{databaseOwner}{objectQualifier}DeletePortalPermissionsByPortalID') and OBJECTPROPERTY(id, N'IsProcedure') = 1) + DROP PROCEDURE {databaseOwner}{objectQualifier}DeletePortalPermissionsByPortalID +GO + +CREATE PROCEDURE {databaseOwner}[{objectQualifier}DeletePortalPermissionsByPortalID] + @PortalId INT +AS + DELETE FROM {databaseOwner}[{objectQualifier}PortalPermission] + WHERE PortalId = @PortalId +GO + +IF EXISTS (SELECT * FROM dbo.sysobjects where id = object_id(N'{databaseOwner}{objectQualifier}DeletePortalPermissionsByUserID') and OBJECTPROPERTY(id, N'IsProcedure') = 1) + DROP PROCEDURE {databaseOwner}{objectQualifier}DeletePortalPermissionsByUserID +GO + +CREATE PROCEDURE {databaseOwner}[{objectQualifier}DeletePortalPermissionsByUserID] + @PortalId INT, + @UserId INT +AS + DELETE FROM {databaseOwner}[{objectQualifier}PortalPermission] + WHERE PortalId = @PortalId AND UserId = @UserId +GO + +INSERT INTO {databaseOwner}[{objectQualifier}Permission] ([PermissionCode], [ModuleDefID], [PermissionKey], [PermissionName], [ViewOrder], [CreatedByUserID], [CreatedOnDate], [LastModifiedByUserID], [LastModifiedOnDate]) VALUES ('SYSTEM_PORTAL', -1, 'ADDTOPLEVELPAGE', 'Add Top Level Page', 9999, -1, GETDATE(), -1, GETDATE()) +INSERT INTO {databaseOwner}[{objectQualifier}Permission] ([PermissionCode], [ModuleDefID], [PermissionKey], [PermissionName], [ViewOrder], [CreatedByUserID], [CreatedOnDate], [LastModifiedByUserID], [LastModifiedOnDate]) VALUES ('SYSTEM_PORTAL', -1, 'PAGEADMIN', 'Page Admin', 9999, -1, GETDATE(), -1, GETDATE()) + +GO \ No newline at end of file diff --git a/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/UnInstall.SqlDataProvider b/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/UnInstall.SqlDataProvider index 643df1328c2..e76ec7a2e19 100644 --- a/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/UnInstall.SqlDataProvider +++ b/DNN Platform/Website/Providers/DataProviders/SqlDataProvider/UnInstall.SqlDataProvider @@ -395,6 +395,14 @@ GO DROP INDEX {databaseOwner}[{objectQualifier}UserRoles].[IX_{objectQualifier}UserRoles] GO DROP INDEX {databaseOwner}[{objectQualifier}VendorClassification].[IX_{objectQualifier}VendorClassification_1] +GO +DROP PROCEDURE {databaseOwner}[{objectQualifier}GetPortalPermission] +GO +DROP PROCEDURE {databaseOwner}[{objectQualifier}SavePortalPermission] +GO +DROP PROCEDURE {databaseOwner}[{objectQualifier}DeletePortalPermission] +GO +DROP TABLE {databaseOwner}[{objectQualifier}PortalPermission] GO DROP PROCEDURE {databaseOwner}[{objectQualifier}GetCurrencies] GO diff --git a/Dnn.AdminExperience/ClientSide/Pages.Web/src/components/App.jsx b/Dnn.AdminExperience/ClientSide/Pages.Web/src/components/App.jsx index 532d5f77292..b63a04fc7c9 100644 --- a/Dnn.AdminExperience/ClientSide/Pages.Web/src/components/App.jsx +++ b/Dnn.AdminExperience/ClientSide/Pages.Web/src/components/App.jsx @@ -1561,7 +1561,7 @@ class App extends Component { { isListPagesAllowed && - {securityService.isSuperUser() && + {securityService.canAddPages() &&
diff --git a/Dnn.AdminExperience/ClientSide/Pages.Web/src/services/securityService.js b/Dnn.AdminExperience/ClientSide/Pages.Web/src/services/securityService.js index 1ba0a82c213..5a62a5d73b5 100644 --- a/Dnn.AdminExperience/ClientSide/Pages.Web/src/services/securityService.js +++ b/Dnn.AdminExperience/ClientSide/Pages.Web/src/services/securityService.js @@ -19,6 +19,9 @@ const securityService = { }, canSeePagesList() { return utils.canSeePagesList(); - } + }, + canAddPages() { + return utils.canAddPages(); + }, }; export default securityService; \ No newline at end of file diff --git a/Dnn.AdminExperience/ClientSide/Pages.Web/src/utils.js b/Dnn.AdminExperience/ClientSide/Pages.Web/src/utils.js index 8be784f5700..a4097948d5c 100644 --- a/Dnn.AdminExperience/ClientSide/Pages.Web/src/utils.js +++ b/Dnn.AdminExperience/ClientSide/Pages.Web/src/utils.js @@ -150,6 +150,11 @@ function canSeePagesList() { return settings.isHost || settings.isAdmin || settings.canSeePagesList; } +function canAddPages() { + checkInit(); + return settings.isHost || settings.isAdmin || settings.canAddPages; +} + function getCurrentPagePermissions() { checkInit(); return settings.currentPagePermissions; @@ -230,6 +235,7 @@ const utils = { getTemplateFolder, getIsSuperUser, canSeePagesList, + canAddPages, getCurrentPagePermissions, getCurrentParentHasChildren, getCurrentPageName, diff --git a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/PagesControllerImpl.cs b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/PagesControllerImpl.cs index 0abadfdabfc..d3daa6c6464 100644 --- a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/PagesControllerImpl.cs +++ b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/PagesControllerImpl.cs @@ -865,15 +865,15 @@ public void SavePagePermissions(TabInfo tab, PagePermissions permissions) public virtual PageSettings GetDefaultSettings(int pageId = 0) { + var portalSettings = PortalController.Instance.GetCurrentPortalSettings(); var pageSettings = new PageSettings { Templates = this._templateController.GetTemplates(), - Permissions = this.GetPermissionsData(pageId), + Permissions = pageId == 0 ? this.GetPermissionsData(portalSettings.HomeTabId) : this.GetPermissionsData(pageId), }; pageSettings.TemplateId = this._templateController.GetDefaultTemplateId(pageSettings.Templates); - var portalSettings = PortalController.Instance.GetCurrentPortalSettings(); if (PortalController.GetPortalSettingAsBoolean("SSLEnabled", portalSettings.PortalId, false) && PortalController.GetPortalSettingAsBoolean("SSLEnforced", portalSettings.PortalId, false)) { diff --git a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/Security/SecurityService.cs b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/Security/SecurityService.cs index d788ecb7c25..1cb18bc69b9 100644 --- a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/Security/SecurityService.cs +++ b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Components/Pages/Security/SecurityService.cs @@ -173,7 +173,7 @@ private bool IsPageAdmin() private TabInfo GetTabById(int pageId) { var portalSettings = PortalController.Instance.GetCurrentPortalSettings(); - return pageId <= 0 ? new TabInfo() : this._tabController.GetTab(pageId, portalSettings.PortalId, false); + return pageId <= 0 ? new TabInfo { PortalID = portalSettings.PortalId } : this._tabController.GetTab(pageId, portalSettings.PortalId, false); } } } diff --git a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/MenuControllers/PagesMenuController.cs b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/MenuControllers/PagesMenuController.cs index 886d0621384..fa0227cfcb4 100644 --- a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/MenuControllers/PagesMenuController.cs +++ b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/MenuControllers/PagesMenuController.cs @@ -1,17 +1,18 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information - +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information + namespace Dnn.PersonaBar.Pages.MenuControllers { using System.Collections.Generic; - + using Dnn.PersonaBar.Library.Controllers; using Dnn.PersonaBar.Library.Model; using Dnn.PersonaBar.Pages.Components.Security; using DotNetNuke.Application; + using DotNetNuke.Common.Utilities; using DotNetNuke.Entities.Portals; - + /// /// Controls the pages menu. /// @@ -44,6 +45,7 @@ public IDictionary GetSettings(MenuItem menuItem) var settings = new Dictionary { { "canSeePagesList", this.securityService.CanViewPageList(menuItem.MenuId) }, + { "canAddPages", this.securityService.CanAddPage(PortalSettings.Current.PortalId) }, { "portalName", PortalSettings.Current.PortalName }, { "currentPagePermissions", this.securityService.GetCurrentPagePermissions() }, { "currentPageName", PortalSettings.Current?.ActiveTab?.TabName }, diff --git a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Services/PagesController.cs b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Services/PagesController.cs index 34ed49641c9..f09c6de1293 100644 --- a/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Services/PagesController.cs +++ b/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Services/PagesController.cs @@ -268,7 +268,7 @@ public HttpResponseMessage SearchPages( /// Gets the pages hierarchy. ///
/// The page (tab) id. - /// The page hyerarchy. + /// The page hierarchy. [HttpGet] [AdvancedPermission(MenuName = "Dnn.Pages", Permission = "Edit")] public HttpResponseMessage GetPageHierarchy(int pageId)