yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V14: Add authorization policies to new Backoffice API controllers - p1 (#14551)

Browse Source 
* AuditLog policies

* DataType policies

* Dictionary policies

* Document controllers policies

* DocumentBlueprint controllers policies

* DocumentType controllers policies

* HealthCheck controllers policies

* Language controllers policies

* LogViewer controllers policies

* Media controllers policies

* MediaType controllers policies

* Member controllers policies

* MemberGroup controllers policies

* MemberType controllers policies

* ModelsBuilder controllers policies

* Package controllers policies

* PartialView controllers policies

* Profiling controllers policies

* PropertyType controllers policies

* RedirectUrlManagement controllers policies

* Relation controllers policies

* RelationType controllers policies

* Script controllers policies

* Stylesheet controllers policies

* Telemetry controllers policies

* Template controllers policies

* TrackedReference controllers policies

* Upgrade controllers policies

* User controllers policies

* UserGroup controllers policies

* Other controllers cleanup

* Moved CreatePolicies to its own Extensions class

* Added TreeAccessScripts and TreeAccessStylesheets policies

* Remove comments

* Forgotten "New" prefix

* Duplicate Auth Policy

* Removed comment since we are using reference tokens and this is no longer a problem

* Fix AdminUserEditsRequireAdmin auth policy to use a constant

* Revert change

* Revery UpgradeControllerBase attribute

* Removed AdminUserEditsRequireAdmin policy as it will be implemented later on

* Adding RequireAdminAccess policy for Upgrade controller

* Wrong claim type
This commit is contained in:
Elitsa Marinovska
2023-07-19 09:02:51 +03:00
committed by GitHub
parent 33f926853b
commit 036876f349
84 changed files with 308 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Umbraco.Cms.Api.Management/Controllers/Script/Tree/ScriptTreeControllerBase.cs
View File

@@ -1,14 +1,17 @@
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Controllers.Tree;
using Umbraco.Cms.Api.Management.Routing;
using Umbraco.Cms.Core;
using Umbraco.Cms.Core.IO;
using Umbraco.Cms.Web.Common.Authorization;
namespace Umbraco.Cms.Api.Management.Controllers.Script.Tree;
[ApiController]
[VersionedApiBackOfficeRoute($"{Constants.Web.RoutePath.Tree}/{Constants.UdiEntityType.Script}")]
[ApiExplorerSettings(GroupName = nameof(Constants.UdiEntityType.Script))]
[Authorize(Policy = "New" + AuthorizationPolicies.TreeAccessScripts)]
public class ScriptTreeControllerBase : FileSystemTreeControllerBase
{
public ScriptTreeControllerBase(FileSystems fileSystems)