Fixed permission check for Meta-Files editing.

2011-06-06 15:24:25 +02:00 · 2011-06-06 15:24:25 +02:00 · 17d01657a7
commit 17d01657a7
parent 86354487c9
3 changed files with 15 additions and 4 deletions
--- a/AssemblyVersion.cs
+++ b/AssemblyVersion.cs
@ -16,5 +16,5 @@ using System.Reflection;
 //
 // You can specify all the values or you can default the Revision and Build Numbers 
 // by using the '*' as shown below:
-[assembly: AssemblyVersion("3.0.4.572")]
-[assembly: AssemblyFileVersion("3.0.4.572")]
+[assembly: AssemblyVersion("3.0.4.573")]
+[assembly: AssemblyFileVersion("3.0.4.573")]
--- a/WebApplication/Admin.master.cs
+++ b/WebApplication/Admin.master.cs
@ -94,7 +94,7 @@ namespace ScrewTurn.Wiki {
 			lnkSelectConfig.Visible = CanManageConfiguration(currentUser, currentGroups);

 			// Content (can manage config)
-			lnkSelectContent.Visible = CanManageConfiguration(currentUser, currentGroups);
+			lnkSelectContent.Visible = CanManageMetaFiles(currentUser, currentGroups);

 			// Groups (can manage groups)
 			lnkSelectGroups.Visible = CanManageGroups(currentUser, currentGroups);
@ -135,6 +135,17 @@ namespace ScrewTurn.Wiki {
 			return canManageConfiguration;
 		}

+		/// <summary>
+		/// Determines whether a user can manage the Meta-Files (Content).
+		/// </summary>
+		/// <param name="username">The username.</param>
+		/// <param name="groups">The groups.</param>
+		/// <returns><c>true</c> if the user can manage the Meta-Files (Content), <c>false</c> otherwise.</returns>
+		public static bool CanManageMetaFiles(string username, string[] groups) {
+			bool canManageMetaFiles = AuthChecker.CheckActionForGlobals(Actions.ForGlobals.ManageMetaFiles, username, groups);
+			return canManageMetaFiles;
+		}
+
 		/// <summary>
 		/// Determines whether a user can manage categories in at least one namespace.
 		/// </summary>
--- a/WebApplication/AdminContent.aspx.cs
+++ b/WebApplication/AdminContent.aspx.cs
@ -13,7 +13,7 @@ namespace ScrewTurn.Wiki {
 		protected void Page_Load(object sender, EventArgs e) {
 			AdminMaster.RedirectToLoginIfNeeded();

-			if(!AdminMaster.CanManageConfiguration(SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames())) UrlTools.Redirect("AccessDenied.aspx");
+			if(!AdminMaster.CanManageMetaFiles(SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames())) UrlTools.Redirect("AccessDenied.aspx");

 			if(!Page.IsPostBack) {
 				// Load namespaces