yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Made some stylesheet endpoints available for document/media/member related actions (#17442)

Browse Source
This commit is contained in:
Sven Geusens
2024-11-08 12:18:13 +01:00
committed by nikolajlauridsen
parent 2d027ce9a1
commit 0acdd26850
7 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Umbraco.Cms.Api.Management/Controllers/Stylesheet/CreateStylesheetController.cs
View File

@@ -1,4 +1,5 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Extensions;
@@ -9,10 +10,12 @@ using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet;
[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessStylesheets)]
public class CreateStylesheetController : StylesheetControllerBase
{
private readonly IStylesheetService _stylesheetService;

3
src/Umbraco.Cms.Api.Management/Controllers/Stylesheet/DeleteStylesheetController.cs
View File

@@ -1,14 +1,17 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Extensions;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet;
[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessStylesheets)]
public class DeleteStylesheetController : StylesheetControllerBase
{
private readonly IStylesheetService _stylesheetService;

3
src/Umbraco.Cms.Api.Management/Controllers/Stylesheet/RenameStylesheetController.cs
View File

@@ -1,4 +1,5 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Extensions;
@@ -9,10 +10,12 @@ using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet;
[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessStylesheets)]
public class RenameStylesheetController : StylesheetControllerBase
{
private readonly IStylesheetService _stylesheetService;

2
src/Umbraco.Cms.Api.Management/Controllers/Stylesheet/StylesheetControllerBase.cs
View File

@@ -11,7 +11,7 @@ namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet;
[VersionedApiBackOfficeRoute($"{Constants.UdiEntityType.Stylesheet}")]
[ApiExplorerSettings(GroupName = "Stylesheet")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessStylesheets)]
[Authorize(Policy = AuthorizationPolicies.TreeAccessStylesheetsOrDocumentOrMediaOrMember)]
public class StylesheetControllerBase : FileSystemManagementControllerBase
{
protected IActionResult StylesheetOperationStatusResult(StylesheetOperationStatus status) =>

3
src/Umbraco.Cms.Api.Management/Controllers/Stylesheet/UpdateStylesheetController.cs
View File

@@ -1,4 +1,5 @@
using Asp.Versioning;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Umbraco.Cms.Api.Management.Extensions;
@@ -9,10 +10,12 @@ using Umbraco.Cms.Core.Models;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Core.Services;
using Umbraco.Cms.Core.Services.OperationStatus;
using Umbraco.Cms.Web.Common.Authorization;
namespace Umbraco.Cms.Api.Management.Controllers.Stylesheet;
[ApiVersion("1.0")]
[Authorize(Policy = AuthorizationPolicies.TreeAccessStylesheets)]
public class UpdateStylesheetController : StylesheetControllerBase
{
private readonly IStylesheetService _stylesheetService;

1
src/Umbraco.Cms.Api.Management/DependencyInjection/BackOfficeAuthPolicyBuilderExtensions.cs
View File

@@ -91,6 +91,7 @@ internal static class BackOfficeAuthPolicyBuilderExtensions
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessRelationTypes, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessScripts, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessStylesheets, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessStylesheetsOrDocumentOrMediaOrMember, Constants.Applications.Settings, Constants.Applications.Content, Constants.Applications.Media, Constants.Applications.Members);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessTemplates, Constants.Applications.Settings);
AddAllowedApplicationsPolicy(AuthorizationPolicies.TreeAccessWebhooks, Constants.Applications.Settings);

1
src/Umbraco.Web.Common/Authorization/AuthorizationPolicies.cs
View File

@@ -53,6 +53,7 @@ public static class AuthorizationPolicies
public const string TreeAccessMediaOrMediaTypes = nameof(TreeAccessMediaOrMediaTypes);
public const string TreeAccessDictionaryOrTemplates = nameof(TreeAccessDictionaryOrTemplates);
public const string TreeAccessDocumentOrMediaOrContentTypes = nameof(TreeAccessDocumentOrMediaOrContentTypes);
public const string TreeAccessStylesheetsOrDocumentOrMediaOrMember = nameof(TreeAccessStylesheetsOrDocumentOrMediaOrMember);
// other
public const string DictionaryPermissionByResource = nameof(DictionaryPermissionByResource);