From 46ce73582a527695cf03e8077246955e712b866c Mon Sep 17 00:00:00 2001 From: iJungleboy Date: Mon, 3 Jun 2024 15:14:00 +0200 Subject: [PATCH] change show-draft permissions to be configurable https://github.com/2sic/2sxc/issues/3394 --- ToSic.Eav.Apps/Eav.Context/Internal/ContextOfApp.cs | 4 ++-- ToSic.Eav.Apps/Eav.Context/Internal/ContextOfSite.cs | 5 +++-- ToSic.Eav.Core/Context/ContextOfUserPermissions.cs | 8 ++++---- .../Context/ContextResolverUserPermissions.cs | 2 +- .../{AdminPermissions.cs => EffectivePermissions.cs} | 12 +++++++----- ToSic.Eav.Core/Context/IContextOfUserPermissions.cs | 2 +- .../Context/IContextResolverUserPermissions.cs | 2 +- .../DataSources/Security/PublishingFilter.cs | 6 ++++-- 8 files changed, 23 insertions(+), 18 deletions(-) rename ToSic.Eav.Core/Context/{AdminPermissions.cs => EffectivePermissions.cs} (59%) diff --git a/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfApp.cs b/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfApp.cs index a8d02629a..0e6b18353 100644 --- a/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfApp.cs +++ b/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfApp.cs @@ -77,8 +77,8 @@ protected virtual IAppIdentity AppIdentity #region User Permissions / May Edit - AdminPermissions IContextOfUserPermissions.Permissions => _permissions ??= new(UserMayEdit || User.IsContentAdmin, UserMayAdmin); - private AdminPermissions _permissions; + EffectivePermissions IContextOfUserPermissions.Permissions => _permissions ??= new(isSiteAdmin: UserMayAdmin, isContentAdmin: UserMayEdit || User.IsContentAdmin); + private EffectivePermissions _permissions; private bool UserMayEdit => _userMayEditGet.Get(() => Log.GetterM(() => { diff --git a/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfSite.cs b/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfSite.cs index a1b80ce25..90c51e735 100644 --- a/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfSite.cs +++ b/ToSic.Eav.Apps/Eav.Context/Internal/ContextOfSite.cs @@ -51,8 +51,9 @@ protected ContextOfSite(MyServicesBase services, string logName) : b return u.IsSystemAdmin || u.IsSiteAdmin || u.IsSiteDeveloper; }); - AdminPermissions IContextOfUserPermissions.Permissions => _permissions ??= UserMayAdmin.Map(mayAdmin => new AdminPermissions(mayAdmin || (User?.IsContentAdmin ?? false), mayAdmin)); - private AdminPermissions _permissions; + EffectivePermissions IContextOfUserPermissions.Permissions => _permissions + ??= UserMayAdmin.Map(mayAdmin => new EffectivePermissions(isSiteAdmin: mayAdmin, isContentAdmin: mayAdmin || (User?.IsContentAdmin ?? false))); + private EffectivePermissions _permissions; /// public IContextOfSite Clone(ILog parentLog) => new ContextOfSite(Services, Log.NameId).LinkLog(parentLog); diff --git a/ToSic.Eav.Core/Context/ContextOfUserPermissions.cs b/ToSic.Eav.Core/Context/ContextOfUserPermissions.cs index 72ffb88b0..b0b55e64c 100644 --- a/ToSic.Eav.Core/Context/ContextOfUserPermissions.cs +++ b/ToSic.Eav.Core/Context/ContextOfUserPermissions.cs @@ -8,14 +8,14 @@ namespace ToSic.Eav.Context; /// internal class ContextOfUserPermissions(IUser user) : ServiceBase("Eav.CtxSec"), IContextOfUserPermissions { - AdminPermissions IContextOfUserPermissions.Permissions => _permissions ??= GetPermissions(); - private AdminPermissions _permissions; + EffectivePermissions IContextOfUserPermissions.Permissions => _permissions ??= GetPermissions(); + private EffectivePermissions _permissions; - private AdminPermissions GetPermissions() + private EffectivePermissions GetPermissions() { var userIsSiteAdmin = UserMayAdmin(); var isContentAdmin = userIsSiteAdmin || (user?.IsContentAdmin ?? false); - return new(isContentAdmin, userIsSiteAdmin); + return new(isSiteAdmin: userIsSiteAdmin, isContentAdmin: isContentAdmin); } private bool UserMayAdmin() diff --git a/ToSic.Eav.Core/Context/ContextResolverUserPermissions.cs b/ToSic.Eav.Core/Context/ContextResolverUserPermissions.cs index 867746c71..2b024b6a6 100644 --- a/ToSic.Eav.Core/Context/ContextResolverUserPermissions.cs +++ b/ToSic.Eav.Core/Context/ContextResolverUserPermissions.cs @@ -3,5 +3,5 @@ internal class ContextResolverUserPermissions(IContextOfUserPermissions userPermissions) : IContextResolverUserPermissions { - public AdminPermissions UserPermissions() => userPermissions.Permissions; + public EffectivePermissions UserPermissions() => userPermissions.Permissions; } \ No newline at end of file diff --git a/ToSic.Eav.Core/Context/AdminPermissions.cs b/ToSic.Eav.Core/Context/EffectivePermissions.cs similarity index 59% rename from ToSic.Eav.Core/Context/AdminPermissions.cs rename to ToSic.Eav.Core/Context/EffectivePermissions.cs index 10920aff2..e6e4ad586 100644 --- a/ToSic.Eav.Core/Context/AdminPermissions.cs +++ b/ToSic.Eav.Core/Context/EffectivePermissions.cs @@ -6,21 +6,23 @@ /// and this object is used to provide them. /// /// For better understanding: the user itself has these permissions, but sometimes -/// additional information (eg. an App containing more configuration) +/// additional information (e.g. an App containing more configuration) /// can extend the permissions. So a provider would then combine that with the user to get more permissions. /// /// /// [System.ComponentModel.EditorBrowsable(System.ComponentModel.EditorBrowsableState.Never)] -public class AdminPermissions(bool isContentAdmin, bool isSiteAdmin) +public class EffectivePermissions(bool isSiteAdmin, bool isContentAdmin, bool isContentEditor, bool showDrafts) { - public AdminPermissions(bool both) : this(both, both) { } + public EffectivePermissions(bool all) : this(all, all, all, all) { } + + public EffectivePermissions(bool isSiteAdmin, bool isContentAdmin) : this(isSiteAdmin, isContentAdmin, isContentAdmin, isContentAdmin) { } public bool IsContentAdmin { get; } = isContentAdmin; - public bool IsContentEditor { get; } = isContentAdmin; + public bool IsContentEditor { get; } = isContentEditor; public bool IsSiteAdmin { get; } = isSiteAdmin; - public bool ShowDraftData => IsContentAdmin; + public bool ShowDraftData => showDrafts; } \ No newline at end of file diff --git a/ToSic.Eav.Core/Context/IContextOfUserPermissions.cs b/ToSic.Eav.Core/Context/IContextOfUserPermissions.cs index ecb11fab7..3706b5840 100644 --- a/ToSic.Eav.Core/Context/IContextOfUserPermissions.cs +++ b/ToSic.Eav.Core/Context/IContextOfUserPermissions.cs @@ -9,5 +9,5 @@ public interface IContextOfUserPermissions { [System.ComponentModel.EditorBrowsable(System.ComponentModel.EditorBrowsableState.Never)] - AdminPermissions Permissions { get; } + EffectivePermissions Permissions { get; } } \ No newline at end of file diff --git a/ToSic.Eav.Core/Context/IContextResolverUserPermissions.cs b/ToSic.Eav.Core/Context/IContextResolverUserPermissions.cs index 60dcd318c..470bee246 100644 --- a/ToSic.Eav.Core/Context/IContextResolverUserPermissions.cs +++ b/ToSic.Eav.Core/Context/IContextResolverUserPermissions.cs @@ -9,5 +9,5 @@ [System.ComponentModel.EditorBrowsable(System.ComponentModel.EditorBrowsableState.Never)] public interface IContextResolverUserPermissions { - AdminPermissions UserPermissions(); + EffectivePermissions UserPermissions(); } \ No newline at end of file diff --git a/ToSic.Eav.DataSources/DataSources/Security/PublishingFilter.cs b/ToSic.Eav.DataSources/DataSources/Security/PublishingFilter.cs index fad096c8a..cb13d71b7 100644 --- a/ToSic.Eav.DataSources/DataSources/Security/PublishingFilter.cs +++ b/ToSic.Eav.DataSources/DataSources/Security/PublishingFilter.cs @@ -21,7 +21,7 @@ namespace ToSic.Eav.DataSources; DynamicOut = false, HelpLink = "https://go.2sxc.org/DsPublishingFilter")] -public class PublishingFilter : Eav.DataSource.DataSourceBase +public class PublishingFilter : DataSourceBase { #region Configuration-properties @@ -54,7 +54,9 @@ private IImmutableList PublishingFilterList() { var showDraftsAsSet = ShowDrafts; var l = Log.Fn>(); - var finalShowDrafts = showDraftsAsSet ?? _userPermissions.UserPermissions()?.IsContentAdmin ?? QueryConstants.ParamsShowDraftsDefault; + var finalShowDrafts = showDraftsAsSet + ?? _userPermissions.UserPermissions()?.ShowDraftData + ?? QueryConstants.ParamsShowDraftsDefault; var outStreamName = finalShowDrafts ? StreamDraftsName : StreamPublishedName; var result = In[outStreamName].List.ToImmutableList(); return l.Return(result, $"showDraftSet:'{showDraftsAsSet}'; final:{finalShowDrafts}; stream: {outStreamName}; count: {result.Count}");