src/Umbraco.Core/Security/IBackofficeSecurity.cs

using Umbraco.Cms.Core.Models.Membership;

namespace Umbraco.Cms.Core.Security
{
    public interface IBackOfficeSecurity
    {
        /// <summary>
        /// Gets the current user.
        /// </summary>
        /// <returns>The current user that has been authenticated for the request.</returns>
        /// <remarks>If authentication hasn't taken place this will be null.</remarks>
        // TODO: This is used a lot but most of it can be refactored to not use this at all since the IUser instance isn't
        // needed in most cases. Where an IUser is required this could be an ext method on the ClaimsIdentity/ClaimsPrincipal that passes in
        // an IUserService, like HttpContext.User.GetUmbracoUser(_userService);
        // This one isn't as easy to remove as the others below.
        IUser CurrentUser { get; }

        /// <summary>
        /// Gets the current user's id.
        /// </summary>
        /// <returns>The current user's Id that has been authenticated for the request.</returns>
        /// <remarks>If authentication hasn't taken place this will be unsuccessful.</remarks>
        // TODO: This should just be an extension method on ClaimsIdentity
        Attempt<int> GetUserId();

        /// <summary>
        /// Checks if the specified user as access to the app
        /// </summary>
        /// <param name="section"></param>
        /// <param name="user"></param>
        /// <returns></returns>
        /// <remarks>If authentication hasn't taken place this will be unsuccessful.</remarks>
        // TODO: Should be part of IBackOfficeUserManager
        bool UserHasSectionAccess(string section, IUser user);

        /// <summary>
        /// Ensures that a back office user is logged in
        /// </summary>
        /// <returns></returns>
        /// <remarks>This does not force authentication, that must be done before calls to this are made.</remarks>
        // TODO: Should be removed, this should not be necessary
        bool IsAuthenticated();
    }
}
Netcore: Align namespaces (#9801) * Rename Umbraco.Core namespace to Umbraco.Cms.Core * Move extension methods in core project to Umbraco.Extensions * Move extension methods in core project to Umbraco.Extensions * Rename Umbraco.Examine namespace to Umbraco.Cms.Examine * Move examine extensions to Umbraco.Extensions namespace * Reflect changed namespaces in Builder and fix unit tests * Adjust namespace in Umbraco.ModelsBuilder.Embedded * Adjust namespace in Umbraco.Persistence.SqlCe * Adjust namespace in Umbraco.PublishedCache.NuCache * Align namespaces in Umbraco.Web.BackOffice * Align namespaces in Umbraco.Web.Common * Ensure that SqlCeSupport is still enabled after changing the namespace * Align namespaces in Umbraco.Web.Website * Align namespaces in Umbraco.Web.UI.NetCore * Align namespaces in Umbraco.Tests.Common * Align namespaces in Umbraco.Tests.UnitTests * Align namespaces in Umbraco.Tests.Integration * Fix errors caused by changed namespaces * Fix integration tests * Undo the Umbraco.Examine.Lucene namespace change This breaks integration tests on linux, since the namespace wont exists there because it's only used on windows. * Fix merge * Fix Merge 2021-02-18 11:06:02 +01:00			`using Umbraco.Cms.Core.Models.Membership;`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00
Netcore: Align namespaces (#9801) * Rename Umbraco.Core namespace to Umbraco.Cms.Core * Move extension methods in core project to Umbraco.Extensions * Move extension methods in core project to Umbraco.Extensions * Rename Umbraco.Examine namespace to Umbraco.Cms.Examine * Move examine extensions to Umbraco.Extensions namespace * Reflect changed namespaces in Builder and fix unit tests * Adjust namespace in Umbraco.ModelsBuilder.Embedded * Adjust namespace in Umbraco.Persistence.SqlCe * Adjust namespace in Umbraco.PublishedCache.NuCache * Align namespaces in Umbraco.Web.BackOffice * Align namespaces in Umbraco.Web.Common * Ensure that SqlCeSupport is still enabled after changing the namespace * Align namespaces in Umbraco.Web.Website * Align namespaces in Umbraco.Web.UI.NetCore * Align namespaces in Umbraco.Tests.Common * Align namespaces in Umbraco.Tests.UnitTests * Align namespaces in Umbraco.Tests.Integration * Fix errors caused by changed namespaces * Fix integration tests * Undo the Umbraco.Examine.Lucene namespace change This breaks integration tests on linux, since the namespace wont exists there because it's only used on windows. * Fix merge * Fix Merge 2021-02-18 11:06:02 +01:00			`namespace Umbraco.Cms.Core.Security`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00			`{`
Migrates remaining backofficecontroller but still a bunch of work to do , streamlines Backoffice to BackOffice (but is that what we want?) 2020-10-21 16:51:00 +11:00			`public interface IBackOfficeSecurity`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00			`{`
			`/// <summary>`
			`/// Gets the current user.`
			`/// </summary>`
Cleans up IBackofficeSecurity, ensures authn for the AuthenticationController/BackOfficeController 2020-12-02 14:28:16 +11:00			`/// <returns>The current user that has been authenticated for the request.</returns>`
			`/// <remarks>If authentication hasn't taken place this will be null.</remarks>`
			`// TODO: This is used a lot but most of it can be refactored to not use this at all since the IUser instance isn't`
			`// needed in most cases. Where an IUser is required this could be an ext method on the ClaimsIdentity/ClaimsPrincipal that passes in`
			`// an IUserService, like HttpContext.User.GetUmbracoUser(_userService);`
			`// This one isn't as easy to remove as the others below.`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00			`IUser CurrentUser { get; }`

			`/// <summary>`
			`/// Gets the current user's id.`
			`/// </summary>`
Cleans up IBackofficeSecurity, ensures authn for the AuthenticationController/BackOfficeController 2020-12-02 14:28:16 +11:00			`/// <returns>The current user's Id that has been authenticated for the request.</returns>`
			`/// <remarks>If authentication hasn't taken place this will be unsuccessful.</remarks>`
			`// TODO: This should just be an extension method on ClaimsIdentity`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00			`Attempt<int> GetUserId();`

			`/// <summary>`
			`/// Checks if the specified user as access to the app`
			`/// </summary>`
			`/// <param name="section"></param>`
			`/// <param name="user"></param>`
			`/// <returns></returns>`
Cleans up IBackofficeSecurity, ensures authn for the AuthenticationController/BackOfficeController 2020-12-02 14:28:16 +11:00			`/// <remarks>If authentication hasn't taken place this will be unsuccessful.</remarks>`
			`// TODO: Should be part of IBackOfficeUserManager`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00			`bool UserHasSectionAccess(string section, IUser user);`

			`/// <summary>`
			`/// Ensures that a back office user is logged in`
			`/// </summary>`
			`/// <returns></returns>`
Cleans up IBackofficeSecurity, ensures authn for the AuthenticationController/BackOfficeController 2020-12-02 14:28:16 +11:00			`/// <remarks>This does not force authentication, that must be done before calls to this are made.</remarks>`
			`// TODO: Should be removed, this should not be necessary`
Introduced interface on WebSecurity 2020-02-09 19:14:19 +01:00			`bool IsAuthenticated();`
			`}`
			`}`