Skip to content

Commit 884bb88

Browse files
committed
Switching to more granular permissions (in progress)
1 parent c8d74f6 commit 884bb88

7 files changed

Lines changed: 562 additions & 766 deletions

File tree

src/Libraries/SmartStore.Core/Security/Permissions.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,7 @@ public static class Attribute
7575
public const string Update = "catalog.attribute.update";
7676
public const string Create = "catalog.attribute.create";
7777
public const string Delete = "catalog.attribute.delete";
78+
public const string EditOption = "catalog.attribute.edit-option";
7879
}
7980
}
8081

src/Libraries/SmartStore.Data/Migrations/201907221803421_GranularPermissions.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,7 @@ public void MigrateLocaleResources(LocaleResourcesBuilder builder)
8585
builder.AddOrUpdate("Permissions.DisplayName.EditVariant", "Edit variants", "Varianten bearbeiten");
8686
builder.AddOrUpdate("Permissions.DisplayName.EditTierPrice", "Edit tier prices", "Staffelpreise bearbeiten");
8787
builder.AddOrUpdate("Permissions.DisplayName.EditRecurringPayment", "Edit recurring payment", "Wiederkehrende Zahlungen bearbeiten");
88+
builder.AddOrUpdate("Permissions.DisplayName.EditOption", "Edit options", "Optionen bearbeiten");
8889
}
8990
}
9091
}

src/Presentation/SmartStore.Web/Administration/Controllers/SecurityController.cs

Lines changed: 7 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
using SmartStore.Admin.Models.Security;
66
using SmartStore.Core;
77
using SmartStore.Core.Logging;
8+
using SmartStore.Core.Security;
89
using SmartStore.Services.Customers;
910
using SmartStore.Services.Security;
1011
using SmartStore.Web.Framework.Controllers;
@@ -15,16 +16,10 @@ namespace SmartStore.Admin.Controllers
1516
[AdminAuthorize]
1617
public class SecurityController : AdminControllerBase
1718
{
18-
#region Fields
19-
2019
private readonly IWorkContext _workContext;
2120
private readonly IPermissionService _permissionService;
2221
private readonly ICustomerService _customerService;
2322

24-
#endregion
25-
26-
#region Constructors
27-
2823
public SecurityController(
2924
IWorkContext workContext,
3025
IPermissionService permissionService,
@@ -35,31 +30,9 @@ public SecurityController(
3530
_customerService = customerService;
3631
}
3732

38-
#endregion
39-
40-
#region Methods
41-
42-
//GP: remove and use method AllAccessPermissions2 below.
4333
// Ajax.
34+
[Permission(Core.Security.Permissions.Configuration.Acl.Read)]
4435
public ActionResult AllAccessPermissions(string selected)
45-
{
46-
var permissions = _permissionService.GetAllPermissionRecords();
47-
var selectedArr = selected.SplitSafe(",");
48-
49-
var data = permissions
50-
.Select(x => new
51-
{
52-
id = x.SystemName,
53-
text = x.Name,
54-
selected = selectedArr.Contains(x.SystemName)
55-
})
56-
.ToList();
57-
58-
return new JsonResult { Data = data, JsonRequestBehavior = JsonRequestBehavior.AllowGet };
59-
}
60-
61-
// Ajax.
62-
public ActionResult AllAccessPermissions2(string selected)
6336
{
6437
var systemNames = Services.Permissions2.GetAllSystemNames();
6538
var selectedArr = selected.SplitSafe(",");
@@ -78,25 +51,23 @@ public ActionResult AllAccessPermissions2(string selected)
7851

7952
public ActionResult AccessDenied(string pageUrl)
8053
{
81-
var currentCustomer = _workContext.CurrentCustomer;
54+
var customer = _workContext.CurrentCustomer;
8255

83-
if (currentCustomer == null || currentCustomer.IsGuest())
56+
if (customer == null || customer.IsGuest())
8457
{
8558
Logger.Info(T("Admin.System.Warnings.AccessDeniedToAnonymousRequest", pageUrl.NaIfEmpty()));
8659
return View();
8760
}
8861

8962
Logger.Info(T("Admin.System.Warnings.AccessDeniedToUser",
90-
currentCustomer.Email.NaIfEmpty(), currentCustomer.Email.NaIfEmpty(), pageUrl.NaIfEmpty()));
63+
customer.Email.NaIfEmpty(), customer.Email.NaIfEmpty(), pageUrl.NaIfEmpty()));
9164

9265
return View();
9366
}
9467

68+
//GP: remove (old permission list).
9569
public ActionResult Permissions()
9670
{
97-
if (!_permissionService.Authorize(StandardPermissionProvider.ManageAcl))
98-
return AccessDeniedView();
99-
10071
var model = new PermissionMappingModel();
10172

10273
var permissionRecords = _permissionService.GetAllPermissionRecords();
@@ -137,12 +108,10 @@ public ActionResult Permissions()
137108
return View(model);
138109
}
139110

111+
//GP: remove (old permission list).
140112
[HttpPost, ActionName("Permissions")]
141113
public ActionResult PermissionsSave(FormCollection form)
142114
{
143-
if (!_permissionService.Authorize(StandardPermissionProvider.ManageAcl))
144-
return AccessDeniedView();
145-
146115
var permissionRecords = _permissionService.GetAllPermissionRecords();
147116
var customerRoles = _customerService.GetAllCustomerRoles(true);
148117

@@ -177,7 +146,5 @@ public ActionResult PermissionsSave(FormCollection form)
177146

178147
return RedirectToAction("Permissions");
179148
}
180-
181-
#endregion
182149
}
183150
}

0 commit comments

Comments
 (0)