V14: Add authorization policies to new Backoffice API controllers - p1 (#14551)
* AuditLog policies * DataType policies * Dictionary policies * Document controllers policies * DocumentBlueprint controllers policies * DocumentType controllers policies * HealthCheck controllers policies * Language controllers policies * LogViewer controllers policies * Media controllers policies * MediaType controllers policies * Member controllers policies * MemberGroup controllers policies * MemberType controllers policies * ModelsBuilder controllers policies * Package controllers policies * PartialView controllers policies * Profiling controllers policies * PropertyType controllers policies * RedirectUrlManagement controllers policies * Relation controllers policies * RelationType controllers policies * Script controllers policies * Stylesheet controllers policies * Telemetry controllers policies * Template controllers policies * TrackedReference controllers policies * Upgrade controllers policies * User controllers policies * UserGroup controllers policies * Other controllers cleanup * Moved CreatePolicies to its own Extensions class * Added TreeAccessScripts and TreeAccessStylesheets policies * Remove comments * Forgotten "New" prefix * Duplicate Auth Policy * Removed comment since we are using reference tokens and this is no longer a problem * Fix AdminUserEditsRequireAdmin auth policy to use a constant * Revert change * Revery UpgradeControllerBase attribute * Removed AdminUserEditsRequireAdmin policy as it will be implemented later on * Adding RequireAdminAccess policy for Upgrade controller * Wrong claim type
This commit is contained in:
Elitsa Marinovska
committed by
GitHub
GitHub
parent
33f926853b
commit
036876f349
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.AuditLog;
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.ViewModels.Pagination;
|
||||
@@ -7,10 +8,12 @@ using Umbraco.Cms.Api.Management.ViewModels.AuditLogs;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.AuditLog;
|
||||
|
||||
[ApiVersion("1.0")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessContentOrMedia)]
|
||||
public class ByKeyAuditLogController : AuditLogControllerBase
|
||||
{
|
||||
private readonly IAuditService _auditService;
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Culture;
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DataType;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.DataType)]
|
||||
[ApiExplorerSettings(GroupName = "Data Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)]
|
||||
public abstract class DataTypeControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult DataTypeOperationStatusResult(DataTypeOperationStatus status) =>
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
@@ -8,12 +8,14 @@ using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Security;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DataType.Folder;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.DataType}/folder")]
|
||||
[ApiExplorerSettings(GroupName = "Data Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)]
|
||||
public abstract class DataTypeFolderControllerBase : FolderManagementControllerBase<DataTypeContainerOperationStatus>
|
||||
{
|
||||
private readonly IDataTypeContainerService _dataTypeContainerService;
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DataType.Items;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.DataType}")]
|
||||
[ApiExplorerSettings(GroupName = "Data Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)]
|
||||
public class DatatypeItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Models.Entities;
|
||||
@@ -6,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.DataType.Item;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DataType.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.DataType}")]
|
||||
[ApiExplorerSettings(GroupName = "Data Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDataTypes)]
|
||||
public class DataTypeTreeControllerBase : FolderTreeControllerBase<DataTypeTreeItemResponseModel>
|
||||
{
|
||||
private readonly IDataTypeService _dataTypeService;
|
||||
|
||||
@@ -1,16 +1,17 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Dictionary;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("dictionary")]
|
||||
[ApiExplorerSettings(GroupName = "Dictionary")]
|
||||
// TODO: Add authentication
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDictionary)]
|
||||
public abstract class DictionaryControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult DictionaryItemOperationStatusResult(DictionaryItemOperationStatus status) =>
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Dictionary.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("dictionary")]
|
||||
[ApiExplorerSettings(GroupName = "Dictionary")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDictionary)]
|
||||
public class DictionaryItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
@@ -6,12 +6,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Dictionary.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/dictionary")]
|
||||
[ApiExplorerSettings(GroupName = "Dictionary")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDictionaryOrTemplates)]
|
||||
// NOTE: at the moment dictionary items (renamed to dictionary tree) aren't supported by EntityService, so we have little use of the
|
||||
// tree controller base. We'll keep it though, in the hope that we can mend EntityService.
|
||||
public class DictionaryTreeControllerBase : EntityTreeControllerBase<EntityTreeItemResponseModel>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.ViewModels.Pagination;
|
||||
@@ -8,9 +9,11 @@ using Umbraco.Cms.Core.Mapping;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Document;
|
||||
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)]
|
||||
public class AllowedChildrenByKeyDocumentController : DocumentControllerBase
|
||||
{
|
||||
private readonly IUmbracoMapper _umbracoMapper;
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.ViewModels.Pagination;
|
||||
@@ -6,9 +7,11 @@ using Umbraco.Cms.Api.Management.ViewModels.DocumentType;
|
||||
using Umbraco.Cms.Core.Mapping;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Document;
|
||||
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes)]
|
||||
public class AllowedChildrenOfRootDocumentController : DocumentControllerBase
|
||||
{
|
||||
private readonly IContentTypeService _contentTypeService;
|
||||
|
||||
@@ -1,13 +1,16 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Content;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Document;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.Document)]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Document))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocuments)]
|
||||
public abstract class DocumentControllerBase : ContentControllerBase
|
||||
{
|
||||
protected IActionResult DocumentNotFound() => NotFound("The requested Document could not be found");
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Document.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.Document)]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Document))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocuments)]
|
||||
public class DocumentItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
@@ -9,6 +9,7 @@ using Umbraco.Cms.Api.Management.Controllers.RecycleBin;
|
||||
using Umbraco.Cms.Api.Management.Filters;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.RecycleBin;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Document.RecycleBin;
|
||||
|
||||
@@ -17,6 +18,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.Document.RecycleBin;
|
||||
[RequireDocumentTreeRootAccess]
|
||||
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Document))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocuments)]
|
||||
public class DocumentRecycleBinControllerBase : RecycleBinControllerBase<RecycleBinItemResponseModel>
|
||||
{
|
||||
public DocumentRecycleBinControllerBase(IEntityService entityService)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Cache;
|
||||
@@ -11,12 +11,14 @@ using Umbraco.Cms.Api.Management.Services.Entities;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Extensions;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Document.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.Document}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Document))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessForContentTree)]
|
||||
public abstract class DocumentTreeControllerBase : UserStartNodeTreeControllerBase<DocumentTreeItemResponseModel>
|
||||
{
|
||||
private readonly IPublicAccessService _publicAccessService;
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DocumentBlueprint.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.DocumentBlueprint}")]
|
||||
[ApiExplorerSettings(GroupName = "Document Blueprint")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessContent)]
|
||||
public class DocumentBlueprintItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
@@ -7,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DocumentBlueprint.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.DocumentBlueprint}")]
|
||||
[ApiExplorerSettings(GroupName = "Document Blueprint")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessContent)]
|
||||
public class DocumentBlueprintTreeControllerBase : EntityTreeControllerBase<DocumentBlueprintTreeItemResponseModel>
|
||||
{
|
||||
private readonly IContentTypeService _contentTypeService;
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DocumentType;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.DocumentType)]
|
||||
[ApiExplorerSettings(GroupName = "Document Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentTypes)]
|
||||
public abstract class DocumentTypeControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DocumentType.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.DocumentType)]
|
||||
[ApiExplorerSettings(GroupName = "Document Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentTypes)]
|
||||
public class DocumentTypeItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
@@ -7,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.DocumentType.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.DocumentType}")]
|
||||
[ApiExplorerSettings(GroupName = "Document Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentTypes)]
|
||||
public class DocumentTypeTreeControllerBase : FolderTreeControllerBase<DocumentTypeTreeItemResponseModel>
|
||||
{
|
||||
private readonly IContentTypeService _contentTypeService;
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
using Constants = Umbraco.Cms.Core.Constants;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.HealthCheck.Group;
|
||||
@@ -8,6 +9,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.HealthCheck.Group;
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.HealthChecks.RoutePath.HealthCheck}-group")]
|
||||
[ApiExplorerSettings(GroupName = "Health Check")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessSettings)]
|
||||
public abstract class HealthCheckGroupControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
using Constants = Umbraco.Cms.Core.Constants;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.HealthCheck;
|
||||
@@ -8,6 +9,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.HealthCheck;
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.HealthChecks.RoutePath.HealthCheck}")]
|
||||
[ApiExplorerSettings(GroupName = "Health Check")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessSettings)]
|
||||
public abstract class HealthCheckControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Help;
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Language;
|
||||
@@ -8,10 +9,12 @@ using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Security;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Language;
|
||||
|
||||
[ApiVersion("1.0")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessLanguages)]
|
||||
public class CreateLanguageController : LanguageControllerBase
|
||||
{
|
||||
private readonly ILanguageService _languageService;
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
@@ -6,10 +7,12 @@ using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Security;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Language;
|
||||
|
||||
[ApiVersion("1.0")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessLanguages)]
|
||||
public class DeleteLanguageController : LanguageControllerBase
|
||||
{
|
||||
private readonly ILanguageService _languageService;
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Language.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Language}")]
|
||||
[ApiExplorerSettings(GroupName = "Language")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessLanguages)]
|
||||
public class LanguageEntityControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Language;
|
||||
@@ -8,10 +9,12 @@ using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Security;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Language;
|
||||
|
||||
[ApiVersion("1.0")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessLanguages)]
|
||||
public class UpdateLanguageController : LanguageControllerBase
|
||||
{
|
||||
private readonly ILanguageService _languageService;
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.LogViewer;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("log-viewer")]
|
||||
[ApiExplorerSettings(GroupName = "Log Viewer")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessSettings)]
|
||||
public abstract class LogViewerControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult LogViewerOperationStatusResult(LogViewerOperationStatus status) =>
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Media.Item;
|
||||
|
||||
@@ -9,6 +11,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.Media.Item;
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Media}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Media))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessForMediaTree)]
|
||||
public class MediaItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Content;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Media;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.Media)]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Media))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessMedia)]
|
||||
public class MediaControllerBase : ContentControllerBase
|
||||
{
|
||||
protected IActionResult MediaNotFound() => NotFound("The requested Media could not be found");
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
@@ -9,6 +9,7 @@ using Umbraco.Cms.Api.Management.Controllers.RecycleBin;
|
||||
using Umbraco.Cms.Api.Management.Filters;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.RecycleBin;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Media.RecycleBin;
|
||||
|
||||
@@ -17,6 +18,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.Media.RecycleBin;
|
||||
[RequireMediaTreeRootAccess]
|
||||
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Media))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessMedia)]
|
||||
public class MediaRecycleBinControllerBase : RecycleBinControllerBase<RecycleBinItemResponseModel>
|
||||
{
|
||||
public MediaRecycleBinControllerBase(IEntityService entityService)
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Cache;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
@@ -9,12 +10,14 @@ using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.Services.Entities;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Media.Item;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Media.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.Media}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Media))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessForMediaTree)]
|
||||
public class MediaTreeControllerBase : UserStartNodeTreeControllerBase<MediaTreeItemResponseModel>
|
||||
{
|
||||
private readonly AppCaches _appCaches;
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MediaType.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.MediaType)]
|
||||
[ApiExplorerSettings(GroupName = "Media Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMediaTypes)]
|
||||
public class MediaTypeItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MediaType;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.MediaType)]
|
||||
[ApiExplorerSettings(GroupName = "Media Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMediaTypes)]
|
||||
public abstract class MediaTypeControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Models.Entities;
|
||||
@@ -6,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.MediaType.Item;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MediaType.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.MediaType}")]
|
||||
[ApiExplorerSettings(GroupName = "Media Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMediaTypes)]
|
||||
public class MediaTypeTreeControllerBase : FolderTreeControllerBase<MediaTypeTreeItemResponseModel>
|
||||
{
|
||||
private readonly IMediaTypeService _mediaTypeService;
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Member.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Member}")]
|
||||
[ApiExplorerSettings(GroupName = "Member")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessForMemberTree)]
|
||||
public class MemberItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MemberGroup.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.MemberGroup}")]
|
||||
[ApiExplorerSettings(GroupName = "Member Group")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMemberGroups)]
|
||||
public class MemberGroupItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Models.Entities;
|
||||
@@ -6,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MemberGroup.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.MemberGroup}")]
|
||||
[ApiExplorerSettings(GroupName = "Member Group")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMemberGroups)]
|
||||
public class MemberGroupTreeControllerBase : EntityTreeControllerBase<EntityTreeItemResponseModel>
|
||||
{
|
||||
public MemberGroupTreeControllerBase(IEntityService entityService)
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MemberType.Items;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.MemberType}")]
|
||||
[ApiExplorerSettings(GroupName = "Member Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMemberTypes)]
|
||||
public class MemberTypeItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Models.Entities;
|
||||
@@ -6,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.MemberType.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.MemberType}")]
|
||||
[ApiExplorerSettings(GroupName = "Member Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessMemberTypes)]
|
||||
public class MemberTypeTreeControllerBase : EntityTreeControllerBase<EntityTreeItemResponseModel>
|
||||
{
|
||||
public MemberTypeTreeControllerBase(IEntityService entityService)
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.ModelsBuilder;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("models-builder")]
|
||||
[ApiExplorerSettings(GroupName = "Models Builder")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessSettings)]
|
||||
public class ModelsBuilderControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.ObjectTypes;
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Package;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("package")]
|
||||
[ApiExplorerSettings(GroupName = "Package")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessPackages)]
|
||||
public abstract class PackageControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult PackageOperationStatusResult(PackageOperationStatus status) =>
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
@@ -8,12 +8,14 @@ using Umbraco.Cms.Core.Mapping;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.PartialView.Folder;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.PartialView}/folder")]
|
||||
[ApiExplorerSettings(GroupName = "Partial View")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessPartialViews)]
|
||||
public class PartialViewFolderControllerBase : PathFolderManagementControllerBase<PartialViewFolderOperationStatus>
|
||||
{
|
||||
private readonly IPartialViewFolderService _partialViewFolderService;
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.PartialView.Items;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.PartialView}")]
|
||||
[ApiExplorerSettings(GroupName = "Partial View")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessPartialViews)]
|
||||
public class PartialViewItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.PartialView;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.PartialView}")]
|
||||
[ApiExplorerSettings(GroupName = "Partial View")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessPartialViews)]
|
||||
public class PartialViewControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult PartialViewOperationStatusResult(PartialViewOperationStatus status) =>
|
||||
|
||||
@@ -1,14 +1,17 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.IO;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.PartialView.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.PartialView}")]
|
||||
[ApiExplorerSettings(GroupName = "Partial View")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessPartialViews)]
|
||||
public class PartialViewTreeControllerBase : FileSystemTreeControllerBase
|
||||
{
|
||||
public PartialViewTreeControllerBase(FileSystems fileSystems)
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Profiling;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("profiling")]
|
||||
[ApiExplorerSettings(GroupName = "Profiling")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessSettings)]
|
||||
public class ProfilingControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.PropertyType;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("property-type")]
|
||||
[ApiExplorerSettings(GroupName = "Property Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessDocumentTypes)]
|
||||
public abstract class PropertyTypeControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult PropertyTypeOperationStatusResult(PropertyTypeOperationStatus status) =>
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.PublishedCache;
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.RedirectUrlManagement;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("redirect-management")]
|
||||
[ApiExplorerSettings(GroupName = "Redirect Management")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessContent)]
|
||||
public class RedirectUrlManagementControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,15 +1,16 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Relation;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("relation")]
|
||||
[ApiExplorerSettings(GroupName = "Relation")]
|
||||
// TODO: Implement Authentication
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessContent)]
|
||||
public abstract class RelationControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult RelationOperationStatusResult(RelationOperationStatus status) =>
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.RelationType.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.RelationType}")]
|
||||
[ApiExplorerSettings(GroupName = "Relation Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessRelationTypes)]
|
||||
public class RelationTypeItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.RelationType.Query;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.RelationType}")]
|
||||
[ApiExplorerSettings(GroupName = "Relation Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessRelationTypes)]
|
||||
public class RelationTypeControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult RelationTypeOperationStatusResult(RelationTypeOperationStatus status) =>
|
||||
|
||||
@@ -1,16 +1,19 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.RelationType.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.RelationType}")]
|
||||
[ApiExplorerSettings(GroupName = "Relation Type")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessRelationTypes)]
|
||||
// NOTE: at the moment relation types aren't supported by EntityService, so we have little use of the
|
||||
// tree controller base. We'll keep it though, in the hope that we can mend EntityService.
|
||||
public class RelationTypeTreeControllerBase : EntityTreeControllerBase<EntityTreeItemResponseModel>
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
@@ -8,12 +8,14 @@ using Umbraco.Cms.Core.Mapping;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Script.Folder;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Script}/folder")]
|
||||
[ApiExplorerSettings(GroupName = "Script")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessScripts)]
|
||||
public class ScriptFolderControllerBase : PathFolderManagementControllerBase<ScriptFolderOperationStatus>
|
||||
{
|
||||
private readonly IScriptFolderService _scriptFolderService;
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Script.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Script}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Script))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessScripts)]
|
||||
public class ScriptItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Script;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Script}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Script))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessScripts)]
|
||||
public class ScriptControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult ScriptOperationStatusResult(ScriptOperationStatus status) =>
|
||||
|
||||
@@ -1,14 +1,17 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.IO;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Script.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.Script}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Script))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessScripts)]
|
||||
public class ScriptTreeControllerBase : FileSystemTreeControllerBase
|
||||
{
|
||||
public ScriptTreeControllerBase(FileSystems fileSystems)
|
||||
|
||||
@@ -151,10 +151,6 @@ public class BackOfficeController : ManagementApiControllerBase
|
||||
ClaimsPrincipal backOfficePrincipal = await _backOfficeSignInManager.CreateUserPrincipalAsync(backOfficeUser);
|
||||
backOfficePrincipal.SetClaim(OpenIddictConstants.Claims.Subject, backOfficeUser.Key.ToString());
|
||||
|
||||
// TODO: it is not optimal to append all claims to the token.
|
||||
// the token size grows with each claim, although it is still smaller than the old cookie.
|
||||
// see if we can find a better way so we do not risk leaking sensitive data in bearer tokens.
|
||||
// maybe work with scopes instead?
|
||||
Claim[] backOfficeClaims = backOfficePrincipal.Claims.ToArray();
|
||||
foreach (Claim backOfficeClaim in backOfficeClaims)
|
||||
{
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.StaticFile.Item;
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
@@ -8,12 +8,14 @@ using Umbraco.Cms.Core.Mapping;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet.Folder;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Stylesheet}/folder")]
|
||||
[ApiExplorerSettings(GroupName = "Stylesheet")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessStylesheets)]
|
||||
public class StylesheetFolderControllerBase : PathFolderManagementControllerBase<StylesheetFolderOperationStatus>
|
||||
{
|
||||
private readonly IStylesheetFolderService _stylesheetFolderService;
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Stylesheet}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Stylesheet))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessStylesheets)]
|
||||
public class StylesheetItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Stylesheet}")]
|
||||
[ApiExplorerSettings(GroupName = "Stylesheet")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessStylesheets)]
|
||||
public class StylesheetControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult StylesheetOperationStatusResult(StylesheetOperationStatus status) =>
|
||||
|
||||
@@ -1,14 +1,17 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.IO;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.Stylesheet}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Stylesheet))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessStylesheets)]
|
||||
public class StylesheetTreeControllerBase : FileSystemTreeControllerBase
|
||||
{
|
||||
public StylesheetTreeControllerBase(FileSystems fileSystems)
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Tag;
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Telemetry;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("telemetry")]
|
||||
[ApiExplorerSettings(GroupName = "Telemetry")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessSettings)]
|
||||
public abstract class TelemetryControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Template.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Template}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Template))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessTemplates)]
|
||||
public class TemplateItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Template;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute(Constants.UdiEntityType.Template)]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Template))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessTemplates)]
|
||||
public class TemplateControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult TemplateOperationStatusResult(TemplateOperationStatus status) =>
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.Models;
|
||||
@@ -7,12 +7,14 @@ using Umbraco.Cms.Core.Services;
|
||||
using Umbraco.Cms.Api.Management.Controllers.Tree;
|
||||
using Umbraco.Cms.Api.Management.ViewModels.Tree;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Template.Tree;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.Template}")]
|
||||
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Template))]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessTemplates)]
|
||||
public class TemplateTreeControllerBase : EntityTreeControllerBase<EntityTreeItemResponseModel>
|
||||
{
|
||||
public TemplateTreeControllerBase(IEntityService entityService)
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.TrackedReference;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("tracked-reference")]
|
||||
[ApiExplorerSettings(GroupName = "Tracked Reference")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessContentOrMedia)]
|
||||
public abstract class TrackedReferenceControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,16 +1,17 @@
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Api.Management.Filters;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.Upgrade;
|
||||
|
||||
// TODO: This needs to be an authorized controller.
|
||||
|
||||
[ApiController]
|
||||
[RequireRuntimeLevel(RuntimeLevel.Upgrade)]
|
||||
[VersionedApiBackOfficeRoute("upgrade")]
|
||||
[ApiExplorerSettings(GroupName = "Upgrade")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.RequireAdminAccess)]
|
||||
public abstract class UpgradeControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.User.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("user")]
|
||||
[ApiExplorerSettings(GroupName = "User")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessUsers)]
|
||||
public class UserItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,15 +1,18 @@
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Models.Membership;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.User;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("user")]
|
||||
[ApiExplorerSettings(GroupName = "User")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessUsers)]
|
||||
public abstract class UserControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult UserOperationStatusResult(UserOperationStatus status, ErrorMessageResult? errorMessageResult = null) =>
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.UserGroup.Item;
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("user-group")]
|
||||
[ApiExplorerSettings(GroupName = "User Group")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessUsers)]
|
||||
public class UserGroupItemControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,17 +1,17 @@
|
||||
using Asp.Versioning;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Umbraco.Cms.Api.Common.Builders;
|
||||
using Umbraco.Cms.Api.Management.Routing;
|
||||
using Umbraco.Cms.Core.Services.OperationStatus;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.Controllers.UserGroup;
|
||||
|
||||
// TODO: This needs to be an authorized controller.
|
||||
|
||||
[ApiController]
|
||||
[VersionedApiBackOfficeRoute("user-group")]
|
||||
[ApiExplorerSettings(GroupName = "User Group")]
|
||||
[Authorize(Policy = "New" + AuthorizationPolicies.SectionAccessUsers)]
|
||||
public class UserGroupControllerBase : ManagementApiControllerBase
|
||||
{
|
||||
protected IActionResult UserGroupOperationStatusResult(UserGroupOperationStatus status) =>
|
||||
|
||||
@@ -1,12 +1,9 @@
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using OpenIddict.Validation.AspNetCore;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.DependencyInjection;
|
||||
using Umbraco.Cms.Api.Management.Middleware;
|
||||
using Umbraco.Cms.Api.Management.Security;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
using Umbraco.Cms.Infrastructure.HostedServices;
|
||||
using Umbraco.Cms.Infrastructure.Security;
|
||||
using Umbraco.Cms.Web.Common.ApplicationBuilder;
|
||||
@@ -27,7 +24,7 @@ public static class BackOfficeAuthBuilderExtensions
|
||||
private static IUmbracoBuilder AddOpenIddict(this IUmbracoBuilder builder)
|
||||
{
|
||||
builder.Services.AddAuthentication();
|
||||
builder.Services.AddAuthorization(CreatePolicies);
|
||||
builder.AddAuthorizationPolicies();
|
||||
|
||||
builder.Services.AddOpenIddict()
|
||||
// Register the OpenIddict server components.
|
||||
@@ -112,32 +109,6 @@ public static class BackOfficeAuthBuilderExtensions
|
||||
|
||||
return builder;
|
||||
}
|
||||
|
||||
|
||||
// TODO: move this to an appropriate location and implement the policy scheme that should be used for the new management APIs
|
||||
private static void CreatePolicies(AuthorizationOptions options)
|
||||
{
|
||||
void AddPolicy(string policyName, string claimType, params string[] allowedClaimValues)
|
||||
{
|
||||
options.AddPolicy($"New{policyName}", policy =>
|
||||
{
|
||||
policy.AuthenticationSchemes.Add(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
|
||||
policy.RequireClaim(claimType, allowedClaimValues);
|
||||
});
|
||||
}
|
||||
|
||||
options.AddPolicy($"New{AuthorizationPolicies.BackOfficeAccess}", policy =>
|
||||
{
|
||||
policy.AuthenticationSchemes.Add(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
|
||||
policy.RequireAuthenticatedUser();
|
||||
});
|
||||
// NOTE: these are ONLY sample policies that allow us to test the new management APIs
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessContent, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessForContentTree, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessForMediaTree, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Media);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessMedia, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Media);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessContentOrMedia, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content, Constants.Applications.Media);
|
||||
}
|
||||
}
|
||||
|
||||
internal class BackofficePipelineFilter : UmbracoPipelineFilter
|
||||
|
||||
@@ -0,0 +1,69 @@
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using OpenIddict.Validation.AspNetCore;
|
||||
using Umbraco.Cms.Core;
|
||||
using Umbraco.Cms.Core.DependencyInjection;
|
||||
using Umbraco.Cms.Web.Common.Authorization;
|
||||
|
||||
namespace Umbraco.Cms.Api.Management.DependencyInjection;
|
||||
|
||||
internal static class BackOfficeAuthPolicyBuilderExtensions
|
||||
{
|
||||
internal static IUmbracoBuilder AddAuthorizationPolicies(this IUmbracoBuilder builder)
|
||||
{
|
||||
builder.Services.AddAuthorization(CreatePolicies);
|
||||
return builder;
|
||||
}
|
||||
|
||||
private static void CreatePolicies(AuthorizationOptions options)
|
||||
{
|
||||
void AddPolicy(string policyName, string claimType, params string[] allowedClaimValues)
|
||||
{
|
||||
options.AddPolicy($"New{policyName}", policy =>
|
||||
{
|
||||
policy.AuthenticationSchemes.Add(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
|
||||
policy.RequireClaim(claimType, allowedClaimValues);
|
||||
});
|
||||
}
|
||||
|
||||
options.AddPolicy($"New{AuthorizationPolicies.BackOfficeAccess}", policy =>
|
||||
{
|
||||
policy.AuthenticationSchemes.Add(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
|
||||
policy.RequireAuthenticatedUser();
|
||||
});
|
||||
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessContent, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessContentOrMedia, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content, Constants.Applications.Media);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessForContentTree, Constants.Security.AllowedApplicationsClaimType,
|
||||
Constants.Applications.Content, Constants.Applications.Media, Constants.Applications.Users,
|
||||
Constants.Applications.Settings, Constants.Applications.Packages, Constants.Applications.Members);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessForMediaTree, Constants.Security.AllowedApplicationsClaimType,
|
||||
Constants.Applications.Content, Constants.Applications.Media, Constants.Applications.Users,
|
||||
Constants.Applications.Settings, Constants.Applications.Packages, Constants.Applications.Members);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessForMemberTree, Constants.Security.AllowedApplicationsClaimType,
|
||||
Constants.Applications.Content, Constants.Applications.Media, Constants.Applications.Members);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessMedia, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Media);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessPackages, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Packages);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessSettings, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.SectionAccessUsers, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Users);
|
||||
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessDataTypes, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessDictionary, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Translation);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessDictionaryOrTemplates, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Translation, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessDocuments, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessDocumentsOrDocumentTypes, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Content, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessDocumentTypes, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessLanguages, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessMediaTypes, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessMemberGroups, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Members);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessMemberTypes, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessPartialViews, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessRelationTypes, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessScripts, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessStylesheets, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
AddPolicy(AuthorizationPolicies.TreeAccessTemplates, Constants.Security.AllowedApplicationsClaimType, Constants.Applications.Settings);
|
||||
|
||||
AddPolicy(AuthorizationPolicies.RequireAdminAccess, ClaimsIdentity.DefaultRoleClaimType, Constants.Security.AdminGroupAlias);
|
||||
}
|
||||
}
|
||||
@@ -32,7 +32,6 @@ public static partial class Constants
|
||||
/// </summary>
|
||||
public const string UnknownUserName = "SYSTEM";
|
||||
|
||||
[Obsolete("Use AdminGroupKey instead. Scheduled for removal in V15.")]
|
||||
public const string AdminGroupAlias = "admin";
|
||||
|
||||
[Obsolete("Use EditorGroupKey instead. Scheduled for removal in V15.")]
|
||||
|
||||
@@ -12,6 +12,7 @@ public static class AuthorizationPolicies
|
||||
public const string UserBelongsToUserGroupInRequest = nameof(UserBelongsToUserGroupInRequest);
|
||||
public const string AdminUserEditsRequireAdmin = nameof(AdminUserEditsRequireAdmin);
|
||||
public const string DenyLocalLoginIfConfigured = nameof(DenyLocalLoginIfConfigured);
|
||||
public const string RequireAdminAccess = nameof(RequireAdminAccess);
|
||||
|
||||
// Content permission access
|
||||
public const string ContentPermissionByResource = nameof(ContentPermissionByResource);
|
||||
@@ -59,6 +60,8 @@ public static class AuthorizationPolicies
|
||||
public const string TreeAccessMemberGroups = nameof(TreeAccessMemberGroups);
|
||||
public const string TreeAccessDocumentTypes = nameof(TreeAccessDocumentTypes);
|
||||
public const string TreeAccessMemberTypes = nameof(TreeAccessMemberTypes);
|
||||
public const string TreeAccessScripts = nameof(TreeAccessScripts);
|
||||
public const string TreeAccessStylesheets = nameof(TreeAccessStylesheets);
|
||||
|
||||
// Custom access based on multiple trees
|
||||
public const string TreeAccessDocumentsOrDocumentTypes = nameof(TreeAccessDocumentsOrDocumentTypes);
|
||||
|
||||
Reference in New Issue
Block a user